{ "name": "aws", "version": "v2.10.0", "description": "A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.", "keywords": [ "pulumi", "aws" ], "homepage": "https://pulumi.io", "license": "Apache-2.0", "attribution": "This Pulumi package is based on the [`aws` Terraform Provider](https://github.com/terraform-providers/terraform-provider-aws).", "repository": "https://github.com/pulumi/pulumi-aws", "meta": { "moduleFormat": "(.*)(?:/[^/]*)" }, "config": { "variables": { "accessKey": { "type": "string", "description": "The access key for API operations. You can retrieve this from the 'Security \u0026 Credentials' section of the AWS console.\n" }, "allowedAccountIds": { "type": "array", "items": { "type": "string" } }, "assumeRole": { "$ref": "#/types/aws:config/assumeRole:assumeRole" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:config/endpoints:endpoints" } }, "forbiddenAccountIds": { "type": "array", "items": { "type": "string" } }, "ignoreTags": { "$ref": "#/types/aws:config/ignoreTags:ignoreTags", "description": "Configuration block with settings to ignore resource tags across all resources.\n" }, "insecure": { "type": "boolean", "description": "Explicitly allow the provider to perform \"insecure\" SSL requests. If omitted,default value is `false`\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.\n" }, "profile": { "type": "string", "description": "The profile for API operations. If not set, the default profile created with `aws configure` will be used.\n", "defaultInfo": { "environment": [ "AWS_PROFILE" ] } }, "region": { "type": "string", "$ref": "#/types/aws:index/region:Region", "description": "The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc.\n", "defaultInfo": { "environment": [ "AWS_REGION", "AWS_DEFAULT_REGION" ] } }, "s3ForcePathStyle": { "type": "boolean", "description": "Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By\ndefault, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY).\nSpecific to the Amazon S3 service.\n" }, "secretKey": { "type": "string", "description": "The secret key for API operations. You can retrieve this from the 'Security \u0026 Credentials' section of the AWS console.\n" }, "sharedCredentialsFile": { "type": "string", "description": "The path to the shared credentials file. If not set this defaults to ~/.aws/credentials.\n" }, "skipCredentialsValidation": { "type": "boolean", "description": "Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS\navailable/implemented.\n" }, "skipGetEc2Platforms": { "type": "boolean", "description": "Skip getting the supported EC2 platforms. Used by users that don't have ec2:DescribeAccountAttributes permissions.\n" }, "skipMetadataApiCheck": { "type": "boolean" }, "skipRegionValidation": { "type": "boolean", "description": "Skip static validation of region name. Used by users of alternative AWS-like APIs or users w/ access to regions that are\nnot public (yet).\n" }, "skipRequestingAccountId": { "type": "boolean", "description": "Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.\n" }, "token": { "type": "string", "description": "session token. A session token is only required if you are using temporary security credentials.\n" } }, "defaults": [ "region" ] }, "types": { "aws:/getAmiBlockDeviceMapping:getAmiBlockDeviceMapping": { "properties": { "deviceName": { "type": "string", "language": { "python": { "mapCase": false } } }, "ebs": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "noDevice": { "type": "string", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName", "ebs", "noDevice", "virtualName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:/getAmiFilter:getAmiFilter": { "properties": { "name": { "type": "string", "description": "The name of the AMI that was provided during image creation.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:/getAmiIdsFilter:getAmiIdsFilter": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:/getAmiProductCode:getAmiProductCode": { "properties": { "productCodeId": { "type": "string", "language": { "python": { "mapCase": false } } }, "productCodeType": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "productCodeId", "productCodeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:/getAutoscalingGroupsFilter:getAutoscalingGroupsFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter. The valid values are: `auto-scaling-group`, `key`, `value`, and `propagate-at-launch`.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "The value of the filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:/getAvailabilityZoneFilter:getAvailabilityZoneFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:/getAvailabilityZonesFilter:getAvailabilityZonesFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:/getElasticIpFilter:getElasticIpFilter": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:/getPrefixListFilter:getPrefixListFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribePrefixLists API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrefixLists.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:/getRegionsFilter:getRegionsFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [describe-regions AWS CLI Reference][1].\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:acm/CertificateDomainValidationOption:CertificateDomainValidationOption": { "properties": { "domainName": { "type": "string", "description": "A domain name for which the certificate should be issued\n", "language": { "python": { "mapCase": false } } }, "resourceRecordName": { "type": "string", "description": "The name of the DNS record to create to validate the certificate\n", "language": { "python": { "mapCase": false } } }, "resourceRecordType": { "type": "string", "description": "The type of DNS record to create\n", "language": { "python": { "mapCase": false } } }, "resourceRecordValue": { "type": "string", "description": "The value the DNS record needs to have\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "domainName", "resourceRecordName", "resourceRecordType", "resourceRecordValue" ] } } }, "aws:acm/CertificateOptions:CertificateOptions": { "properties": { "certificateTransparencyLoggingPreference": { "type": "string", "description": "Specifies whether certificate details should be added to a certificate transparency log. Valid values are `ENABLED` or `DISABLED`. See https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency for more details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:acmpca/CertificateAuthorityCertificateAuthorityConfiguration:CertificateAuthorityCertificateAuthorityConfiguration": { "properties": { "keyAlgorithm": { "type": "string", "description": "Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CertificateAuthorityConfiguration.html).\n", "language": { "python": { "mapCase": false } } }, "signingAlgorithm": { "type": "string", "description": "Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CertificateAuthorityConfiguration.html).\n", "language": { "python": { "mapCase": false } } }, "subject": { "$ref": "#/types/aws:acmpca/CertificateAuthorityCertificateAuthorityConfigurationSubject:CertificateAuthorityCertificateAuthorityConfigurationSubject", "description": "Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "keyAlgorithm", "signingAlgorithm", "subject" ] }, "aws:acmpca/CertificateAuthorityCertificateAuthorityConfigurationSubject:CertificateAuthorityCertificateAuthorityConfigurationSubject": { "properties": { "commonName": { "type": "string", "description": "Fully qualified domain name (FQDN) associated with the certificate subject.\n", "language": { "python": { "mapCase": false } } }, "country": { "type": "string", "description": "Two digit code that specifies the country in which the certificate subject located.\n", "language": { "python": { "mapCase": false } } }, "distinguishedNameQualifier": { "type": "string", "description": "Disambiguating information for the certificate subject.\n", "language": { "python": { "mapCase": false } } }, "generationQualifier": { "type": "string", "description": "Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.\n", "language": { "python": { "mapCase": false } } }, "givenName": { "type": "string", "description": "First name.\n", "language": { "python": { "mapCase": false } } }, "initials": { "type": "string", "description": "Concatenation that typically contains the first letter of the `given_name`, the first letter of the middle name if one exists, and the first letter of the `surname`.\n", "language": { "python": { "mapCase": false } } }, "locality": { "type": "string", "description": "The locality (such as a city or town) in which the certificate subject is located.\n", "language": { "python": { "mapCase": false } } }, "organization": { "type": "string", "description": "Legal name of the organization with which the certificate subject is affiliated.\n", "language": { "python": { "mapCase": false } } }, "organizationalUnit": { "type": "string", "description": "A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.\n", "language": { "python": { "mapCase": false } } }, "pseudonym": { "type": "string", "description": "Typically a shortened version of a longer `given_name`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.\n", "language": { "python": { "mapCase": false } } }, "state": { "type": "string", "description": "State in which the subject of the certificate is located.\n", "language": { "python": { "mapCase": false } } }, "surname": { "type": "string", "description": "Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.\n", "language": { "python": { "mapCase": false } } }, "title": { "type": "string", "description": "A title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:acmpca/CertificateAuthorityRevocationConfiguration:CertificateAuthorityRevocationConfiguration": { "properties": { "crlConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityRevocationConfigurationCrlConfiguration:CertificateAuthorityRevocationConfigurationCrlConfiguration", "description": "Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:acmpca/CertificateAuthorityRevocationConfigurationCrlConfiguration:CertificateAuthorityRevocationConfigurationCrlConfiguration": { "properties": { "customCname": { "type": "string", "description": "Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "expirationInDays": { "type": "integer", "description": "Number of days until a certificate expires. Must be between 1 and 5000.\n", "language": { "python": { "mapCase": false } } }, "s3BucketName": { "type": "string", "description": "Name of the S3 bucket that contains the CRL. If you do not provide a value for the `custom_cname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "expirationInDays" ] }, "aws:acmpca/getCertificateAuthorityRevocationConfiguration:getCertificateAuthorityRevocationConfiguration": { "properties": { "crlConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:acmpca/getCertificateAuthorityRevocationConfigurationCrlConfiguration:getCertificateAuthorityRevocationConfigurationCrlConfiguration" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "crlConfigurations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:acmpca/getCertificateAuthorityRevocationConfigurationCrlConfiguration:getCertificateAuthorityRevocationConfigurationCrlConfiguration": { "properties": { "customCname": { "type": "string", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "expirationInDays": { "type": "integer", "language": { "python": { "mapCase": false } } }, "s3BucketName": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "customCname", "enabled", "expirationInDays", "s3BucketName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/ListenerDefaultAction:ListenerDefaultAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:alb/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito", "language": { "python": { "mapCase": false } } }, "authenticateOidc": { "$ref": "#/types/aws:alb/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc", "language": { "python": { "mapCase": false } } }, "fixedResponse": { "$ref": "#/types/aws:alb/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n", "language": { "python": { "mapCase": false } } }, "forward": { "$ref": "#/types/aws:alb/ListenerDefaultActionForward:ListenerDefaultActionForward", "description": "Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `target_group_arn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `target_group_arn`.\n", "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirect": { "$ref": "#/types/aws:alb/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect", "description": "Information for creating a redirect action. Required if `type` is `redirect`.\n", "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "description": "The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:alb/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "description": "The ARN of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "description": "The ID of the Cognito user pool client.\n", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "description": "The domain prefix or fully-qualified domain name of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:alb/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "description": "The authorization endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "description": "The OAuth 2.0 client identifier.\n", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "description": "The OAuth 2.0 client secret.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "The OIDC issuer identifier of the IdP.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "description": "The token endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "description": "The user info endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:alb/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "description": "The message body.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:alb/ListenerDefaultActionForward:ListenerDefaultActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:alb/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness", "description": "The target group stickiness for the rule.\n", "language": { "python": { "mapCase": false } } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup" }, "description": "One or more target groups block.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetGroups" ] }, "aws:alb/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether target group stickiness is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "duration" ] }, "aws:alb/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The weight. The range is 0 to 999.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn" ] }, "aws:alb/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect": { "properties": { "host": { "type": "string", "description": "The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "statusCode" ] }, "aws:alb/ListenerRuleAction:ListenerRuleAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:alb/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito", "description": "Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`.\n", "language": { "python": { "mapCase": false } } }, "authenticateOidc": { "$ref": "#/types/aws:alb/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc", "description": "Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } }, "fixedResponse": { "$ref": "#/types/aws:alb/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n", "language": { "python": { "mapCase": false } } }, "forward": { "$ref": "#/types/aws:alb/ListenerRuleActionForward:ListenerRuleActionForward", "description": "Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `target_group_arn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `target_group_arn`.\n", "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirect": { "$ref": "#/types/aws:alb/ListenerRuleActionRedirect:ListenerRuleActionRedirect", "description": "Information for creating a redirect action. Required if `type` is `redirect`.\n", "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "description": "The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:alb/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "description": "The ARN of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "description": "The ID of the Cognito user pool client.\n", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "description": "The domain prefix or fully-qualified domain name of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:alb/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "description": "The authorization endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "description": "The OAuth 2.0 client identifier.\n", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "description": "The OAuth 2.0 client secret.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "The OIDC issuer identifier of the IdP.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "description": "The token endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "description": "The user info endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:alb/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "description": "The message body.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:alb/ListenerRuleActionForward:ListenerRuleActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:alb/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness", "description": "The target group stickiness for the rule.\n", "language": { "python": { "mapCase": false } } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup" }, "description": "One or more target groups block.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetGroups" ] }, "aws:alb/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether target group stickiness is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "duration" ] }, "aws:alb/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The weight. The range is 0 to 999.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn" ] }, "aws:alb/ListenerRuleActionRedirect:ListenerRuleActionRedirect": { "properties": { "host": { "type": "string", "description": "The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "statusCode" ] }, "aws:alb/ListenerRuleCondition:ListenerRuleCondition": { "properties": { "field": { "type": "string", "description": "The type of condition. Valid values are `host-header` or `path-pattern`. Must also set `values`.\n", "deprecationMessage": "use 'host_header' or 'path_pattern' attribute instead", "language": { "python": { "mapCase": false } } }, "hostHeader": { "$ref": "#/types/aws:alb/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader", "description": "Contains a single `values` item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.\n", "language": { "python": { "mapCase": false } } }, "httpHeader": { "$ref": "#/types/aws:alb/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader", "description": "HTTP headers to match. HTTP Header block fields documented below.\n", "language": { "python": { "mapCase": false } } }, "httpRequestMethod": { "$ref": "#/types/aws:alb/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod", "description": "Contains a single `values` item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (\\_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.\n", "language": { "python": { "mapCase": false } } }, "pathPattern": { "$ref": "#/types/aws:alb/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern", "description": "Contains a single `values` item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a `query_string` condition.\n", "language": { "python": { "mapCase": false } } }, "queryStrings": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString" }, "description": "Query strings to match. Query String block fields documented below.\n", "language": { "python": { "mapCase": false } } }, "sourceIp": { "$ref": "#/types/aws:alb/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp", "description": "Contains a single `values` item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the `X-Forwarded-For` header, use `http_header` condition instead.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "string", "description": "List of exactly one pattern to match. Required when `field` is set.\n", "deprecationMessage": "use 'host_header' or 'path_pattern' attribute instead", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "field", "hostHeader", "pathPattern", "values" ] } } }, "aws:alb/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "values" ] } } }, "aws:alb/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader": { "properties": { "httpHeaderName": { "type": "string", "description": "Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a `host-header` condition instead.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "httpHeaderName", "values" ] }, "aws:alb/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "values" ] }, "aws:alb/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "values" ] } } }, "aws:alb/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString": { "properties": { "key": { "type": "string", "description": "Query string key pattern to match.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "Query string value pattern to match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "value" ] }, "aws:alb/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "values" ] }, "aws:alb/LoadBalancerAccessLogs:LoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "description": "The S3 bucket name to store the logs in.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `access_logs`. Defaults to `false`, even when `bucket` is specified.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "The S3 bucket prefix. Logs are stored in the root if not configured.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket" ] }, "aws:alb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string", "description": "The allocation ID of the Elastic IP address.\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "The id of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetId" ] }, "aws:alb/TargetGroupHealthCheck:TargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean", "description": "Boolean to enable / disable `stickiness`. Default is `true`\n", "language": { "python": { "mapCase": false } } }, "healthyThreshold": { "type": "integer", "description": "The number of consecutive health checks successes required before considering an unhealthy target healthy. Defaults to 3.\n", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "description": "The approximate amount of time, in seconds, between health checks of an individual target. Minimum value 5 seconds, Maximum value 300 seconds. For `lambda` target groups, it needs to be greater as the `timeout` of the underlying `lambda`. Default 30 seconds.\n", "language": { "python": { "mapCase": false } } }, "matcher": { "type": "string", "description": "The HTTP codes to use when checking for a successful response from a target. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\"). Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The destination for the health check request. Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "description": "The amount of time, in seconds, during which no response means a failed health check. For Application Load Balancers, the range is 2 to 120 seconds, and the default is 5 seconds for the `instance` target type and 30 seconds for the `lambda` target type. For Network Load Balancers, you cannot set a custom value, and the default is 10 seconds for TCP and HTTPS health checks and 6 seconds for HTTP health checks.\n", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "description": "The number of consecutive health check failures required before considering the target unhealthy . For Network Load Balancers, this value must be the same as the `healthy_threshold`. Defaults to 3.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "matcher", "path", "timeout" ] } } }, "aws:alb/TargetGroupStickiness:TargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether health checks are enabled. Defaults to true.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of sticky sessions. The only current possible value is `lb_cookie`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:alb/getListenerDefaultAction:getListenerDefaultAction": { "properties": { "authenticateCognitos": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito" }, "language": { "python": { "mapCase": false } } }, "authenticateOidcs": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc" }, "language": { "python": { "mapCase": false } } }, "fixedResponses": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse" }, "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirects": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect" }, "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticateCognitos", "authenticateOidcs", "fixedResponses", "order", "redirects", "targetGroupArn", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticationRequestExtraParams", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticationRequestExtraParams", "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType", "messageBody", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect": { "properties": { "host": { "type": "string", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port of the listener. Required if `arn` is not set.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "host", "path", "port", "protocol", "query", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket", "enabled", "prefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getTargetGroupHealthCheck:getTargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "healthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "language": { "python": { "mapCase": false } } }, "matcher": { "type": "string", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled", "healthyThreshold", "interval", "matcher", "path", "port", "protocol", "timeout", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getTargetGroupStickiness:getTargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cookieDuration", "enabled", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:apigateway/AccountThrottleSettings:AccountThrottleSettings": { "properties": { "burstLimit": { "type": "integer", "description": "The absolute maximum number of times API Gateway allows the API to be called per second (RPS).\n", "language": { "python": { "mapCase": false } } }, "rateLimit": { "type": "number", "description": "The number of times API Gateway allows the API to be called per second on average (RPS).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "burstLimit", "rateLimit" ] } } }, "aws:apigateway/DocumentationPartLocation:DocumentationPartLocation": { "properties": { "method": { "type": "string", "description": "The HTTP verb of a method. The default value is `*` for any method.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the targeted API entity.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The URL path of the target. The default value is `/` for the root resource.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP status code of a response. The default value is `*` for any status code.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of API entity to which the documentation content applies. e.g. `API`, `METHOD` or `REQUEST_BODY`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:apigateway/DomainNameEndpointConfiguration:DomainNameEndpointConfiguration": { "properties": { "types": { "type": "string", "description": "A list of endpoint types. This resource currently only supports managing a single value. Valid values: `EDGE` or `REGIONAL`. If unspecified, defaults to `EDGE`. Must be declared as `REGIONAL` in non-Commercial partitions. Refer to the [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/create-regional-api.html) for more information on the difference between edge-optimized and regional APIs.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "types" ] }, "aws:apigateway/MethodSettingsSettings:MethodSettingsSettings": { "properties": { "cacheDataEncrypted": { "type": "boolean", "description": "Specifies whether the cached responses are encrypted.\n", "language": { "python": { "mapCase": false } } }, "cacheTtlInSeconds": { "type": "integer", "description": "Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached.\n", "language": { "python": { "mapCase": false } } }, "cachingEnabled": { "type": "boolean", "description": "Specifies whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached.\n", "language": { "python": { "mapCase": false } } }, "dataTraceEnabled": { "type": "boolean", "description": "Specifies whether data trace logging is enabled for this method, which effects the log entries pushed to Amazon CloudWatch Logs.\n", "language": { "python": { "mapCase": false } } }, "loggingLevel": { "type": "string", "description": "Specifies the logging level for this method, which effects the log entries pushed to Amazon CloudWatch Logs. The available levels are `OFF`, `ERROR`, and `INFO`.\n", "language": { "python": { "mapCase": false } } }, "metricsEnabled": { "type": "boolean", "description": "Specifies whether Amazon CloudWatch metrics are enabled for this method.\n", "language": { "python": { "mapCase": false } } }, "requireAuthorizationForCacheControl": { "type": "boolean", "description": "Specifies whether authorization is required for a cache invalidation request.\n", "language": { "python": { "mapCase": false } } }, "throttlingBurstLimit": { "type": "integer", "description": "Specifies the throttling burst limit.\n", "language": { "python": { "mapCase": false } } }, "throttlingRateLimit": { "type": "number", "description": "Specifies the throttling rate limit.\n", "language": { "python": { "mapCase": false } } }, "unauthorizedCacheControlHeaderStrategy": { "type": "string", "description": "Specifies how to handle unauthorized requests for cache invalidation. The available values are `FAIL_WITH_403`, `SUCCEED_WITH_RESPONSE_HEADER`, `SUCCEED_WITHOUT_RESPONSE_HEADER`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cacheDataEncrypted", "cacheTtlInSeconds", "cachingEnabled", "dataTraceEnabled", "loggingLevel", "metricsEnabled", "requireAuthorizationForCacheControl", "throttlingBurstLimit", "throttlingRateLimit", "unauthorizedCacheControlHeaderStrategy" ] } } }, "aws:apigateway/RestApiEndpointConfiguration:RestApiEndpointConfiguration": { "properties": { "types": { "type": "string", "description": "A list of endpoint types. This resource currently only supports managing a single value. Valid values: `EDGE`, `REGIONAL` or `PRIVATE`. If unspecified, defaults to `EDGE`. Must be declared as `REGIONAL` in non-Commercial partitions. Refer to the [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/create-regional-api.html) for more information on the difference between edge-optimized and regional APIs.\n", "language": { "python": { "mapCase": false } } }, "vpcEndpointIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC Endpoint Ids. It is only supported for PRIVATE endpoint type.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "types" ] }, "aws:apigateway/StageAccessLogSettings:StageAccessLogSettings": { "properties": { "destinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with `amazon-apigateway-`. Automatically removes trailing `:*` if present.\n", "language": { "python": { "mapCase": false } } }, "format": { "type": "string", "description": "The formatting and values recorded in the logs. \nFor more information on configuring the log format rules visit the AWS [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html)\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "destinationArn", "format" ] }, "aws:apigateway/UsagePlanApiStage:UsagePlanApiStage": { "properties": { "apiId": { "type": "string", "description": "API Id of the associated API stage in a usage plan.\n", "language": { "python": { "mapCase": false } } }, "stage": { "type": "string", "description": "API stage name of the associated API stage in a usage plan.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "apiId", "stage" ] }, "aws:apigateway/UsagePlanQuotaSettings:UsagePlanQuotaSettings": { "properties": { "limit": { "type": "integer", "description": "The maximum number of requests that can be made in a given time period.\n", "language": { "python": { "mapCase": false } } }, "offset": { "type": "integer", "description": "The number of requests subtracted from the given limit in the initial time period.\n", "language": { "python": { "mapCase": false } } }, "period": { "type": "string", "description": "The time period in which the limit applies. Valid values are \"DAY\", \"WEEK\" or \"MONTH\".\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "limit", "period" ] }, "aws:apigateway/UsagePlanThrottleSettings:UsagePlanThrottleSettings": { "properties": { "burstLimit": { "type": "integer", "description": "The API request burst limit, the maximum rate limit over a time ranging from one to a few seconds, depending upon whether the underlying token bucket is at its full capacity.\n", "language": { "python": { "mapCase": false } } }, "rateLimit": { "type": "number", "description": "The API request steady-state rate limit.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:apigateway/getRestApiEndpointConfiguration:getRestApiEndpointConfiguration": { "properties": { "types": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "vpcEndpointIds": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "types", "vpcEndpointIds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:apigatewayv2/ApiCorsConfiguration:ApiCorsConfiguration": { "properties": { "allowCredentials": { "type": "boolean", "description": "Whether credentials are included in the CORS request.\n", "language": { "python": { "mapCase": false } } }, "allowHeaders": { "type": "array", "items": { "type": "string" }, "description": "The set of allowed HTTP headers.\n", "language": { "python": { "mapCase": false } } }, "allowMethods": { "type": "array", "items": { "type": "string" }, "description": "The set of allowed HTTP methods.\n", "language": { "python": { "mapCase": false } } }, "allowOrigins": { "type": "array", "items": { "type": "string" }, "description": "The set of allowed origins.\n", "language": { "python": { "mapCase": false } } }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "The set of exposed HTTP headers.\n", "language": { "python": { "mapCase": false } } }, "maxAge": { "type": "integer", "description": "The number of seconds that the browser should cache preflight request results.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:apigatewayv2/AuthorizerJwtConfiguration:AuthorizerJwtConfiguration": { "properties": { "audiences": { "type": "array", "items": { "type": "string" }, "description": "A list of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "The base domain of the identity provider that issues JSON Web Tokens, such as the `endpoint` attribute of the `aws.cognito.UserPool` resource.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:apigatewayv2/DomainNameDomainNameConfiguration:DomainNameDomainNameConfiguration": { "properties": { "certificateArn": { "type": "string", "description": "The ARN of an AWS-managed certificate that will be used by the endpoint for the domain name. AWS Certificate Manager is the only supported source.\nUse the `aws.acm.Certificate` resource to configure an ACM certificate.\n", "language": { "python": { "mapCase": false } } }, "endpointType": { "type": "string", "description": "The endpoint type. Valid values: `REGIONAL`.\n", "language": { "python": { "mapCase": false } } }, "hostedZoneId": { "type": "string", "description": "The Amazon Route 53 Hosted Zone ID of the endpoint.\n", "language": { "python": { "mapCase": false } } }, "securityPolicy": { "type": "string", "description": "The Transport Layer Security (TLS) version of the [security policy](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html) for the domain name. Valid values: `TLS_1_2`.\n", "language": { "python": { "mapCase": false } } }, "targetDomainName": { "type": "string", "description": "The target domain name.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "certificateArn", "endpointType", "securityPolicy" ], "language": { "nodejs": { "requiredOutputs": [ "certificateArn", "endpointType", "hostedZoneId", "securityPolicy", "targetDomainName" ] } } }, "aws:apigatewayv2/StageAccessLogSettings:StageAccessLogSettings": { "properties": { "destinationArn": { "type": "string", "description": "The ARN of the CloudWatch Logs log group to receive access logs. Any trailing `:*` is trimmed from the ARN.\n", "language": { "python": { "mapCase": false } } }, "format": { "type": "string", "description": "A single line [format](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html#apigateway-cloudwatch-log-formats) of the access logs of data, as specified by [selected $context variables](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-logging.html).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "destinationArn", "format" ] }, "aws:apigatewayv2/StageDefaultRouteSettings:StageDefaultRouteSettings": { "properties": { "dataTraceEnabled": { "type": "boolean", "description": "Whether data trace logging is enabled for the default route. Affects the log entries pushed to Amazon CloudWatch Logs.\nDefaults to `false`. Supported only for WebSocket APIs.\n", "language": { "python": { "mapCase": false } } }, "detailedMetricsEnabled": { "type": "boolean", "description": "Whether detailed metrics are enabled for the default route. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "loggingLevel": { "type": "string", "description": "The logging level for the default route. Affects the log entries pushed to Amazon CloudWatch Logs.\nValid values: `ERROR`, `INFO`, `OFF`. Defaults to `OFF`. Supported only for WebSocket APIs.\n", "language": { "python": { "mapCase": false } } }, "throttlingBurstLimit": { "type": "integer", "description": "The throttling burst limit for the default route.\n", "language": { "python": { "mapCase": false } } }, "throttlingRateLimit": { "type": "number", "description": "The throttling rate limit for the default route.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:apigatewayv2/StageRouteSetting:StageRouteSetting": { "properties": { "dataTraceEnabled": { "type": "boolean", "description": "Whether data trace logging is enabled for the route. Affects the log entries pushed to Amazon CloudWatch Logs.\nDefaults to `false`. Supported only for WebSocket APIs.\n", "language": { "python": { "mapCase": false } } }, "detailedMetricsEnabled": { "type": "boolean", "description": "Whether detailed metrics are enabled for the route. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "loggingLevel": { "type": "string", "description": "The logging level for the route. Affects the log entries pushed to Amazon CloudWatch Logs.\nValid values: `ERROR`, `INFO`, `OFF`. Defaults to `OFF`. Supported only for WebSocket APIs.\n", "language": { "python": { "mapCase": false } } }, "routeKey": { "type": "string", "description": "Route key.\n", "language": { "python": { "mapCase": false } } }, "throttlingBurstLimit": { "type": "integer", "description": "The throttling burst limit for the route.\n", "language": { "python": { "mapCase": false } } }, "throttlingRateLimit": { "type": "number", "description": "The throttling rate limit for the route.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "routeKey" ] }, "aws:appautoscaling/PolicyStepScalingPolicyConfiguration:PolicyStepScalingPolicyConfiguration": { "properties": { "adjustmentType": { "type": "string", "description": "Specifies whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are `ChangeInCapacity`, `ExactCapacity`, and `PercentChangeInCapacity`.\n", "language": { "python": { "mapCase": false } } }, "cooldown": { "type": "integer", "description": "The amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start.\n", "language": { "python": { "mapCase": false } } }, "metricAggregationType": { "type": "string", "description": "The aggregation type for the policy's metrics. Valid values are \"Minimum\", \"Maximum\", and \"Average\". Without a value, AWS will treat the aggregation type as \"Average\".\n", "language": { "python": { "mapCase": false } } }, "minAdjustmentMagnitude": { "type": "integer", "description": "The minimum number to adjust your scalable dimension as a result of a scaling activity. If the adjustment type is PercentChangeInCapacity, the scaling policy changes the scalable dimension of the scalable target by this amount.\n", "language": { "python": { "mapCase": false } } }, "stepAdjustments": { "type": "array", "items": { "$ref": "#/types/aws:appautoscaling/PolicyStepScalingPolicyConfigurationStepAdjustment:PolicyStepScalingPolicyConfigurationStepAdjustment" }, "description": "A set of adjustments that manage scaling. These have the following structure:\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appautoscaling/PolicyStepScalingPolicyConfigurationStepAdjustment:PolicyStepScalingPolicyConfigurationStepAdjustment": { "properties": { "metricIntervalLowerBound": { "type": "string", "description": "The lower bound for the difference between the alarm threshold and the CloudWatch metric. Without a value, AWS will treat this bound as negative infinity.\n", "language": { "python": { "mapCase": false } } }, "metricIntervalUpperBound": { "type": "string", "description": "The upper bound for the difference between the alarm threshold and the CloudWatch metric. Without a value, AWS will treat this bound as infinity. The upper bound must be greater than the lower bound.\n", "language": { "python": { "mapCase": false } } }, "scalingAdjustment": { "type": "integer", "description": "The number of members by which to scale, when the adjustment bounds are breached. A positive value scales up. A negative value scales down.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "scalingAdjustment" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfiguration:PolicyTargetTrackingScalingPolicyConfiguration": { "properties": { "customizedMetricSpecification": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification", "description": "A custom CloudWatch metric. Documentation can be found at: [AWS Customized Metric Specification](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_CustomizedMetricSpecification.html). See supported fields below.\n", "language": { "python": { "mapCase": false } } }, "disableScaleIn": { "type": "boolean", "description": "Indicates whether scale in by the target tracking policy is disabled. If the value is true, scale in is disabled and the target tracking policy won't remove capacity from the scalable resource. Otherwise, scale in is enabled and the target tracking policy can remove capacity from the scalable resource. The default value is `false`.\n", "language": { "python": { "mapCase": false } } }, "predefinedMetricSpecification": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification:PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification", "description": "A predefined metric. See supported fields below.\n", "language": { "python": { "mapCase": false } } }, "scaleInCooldown": { "type": "integer", "description": "The amount of time, in seconds, after a scale in activity completes before another scale in activity can start.\n", "language": { "python": { "mapCase": false } } }, "scaleOutCooldown": { "type": "integer", "description": "The amount of time, in seconds, after a scale out activity completes before another scale out activity can start.\n", "language": { "python": { "mapCase": false } } }, "targetValue": { "type": "number", "description": "The target value for the metric.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetValue" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification": { "properties": { "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationDimension:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationDimension" }, "description": "Configuration block(s) with the dimensions of the metric if the metric was published with dimensions. Detailed below.\n", "language": { "python": { "mapCase": false } } }, "metricName": { "type": "string", "description": "The name of the metric.\n", "language": { "python": { "mapCase": false } } }, "namespace": { "type": "string", "description": "The namespace of the metric.\n", "language": { "python": { "mapCase": false } } }, "statistic": { "type": "string", "description": "The statistic of the metric. Valid values: `Average`, `Minimum`, `Maximum`, `SampleCount`, and `Sum`.\n", "language": { "python": { "mapCase": false } } }, "unit": { "type": "string", "description": "The unit of the metric.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "metricName", "namespace", "statistic" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationDimension:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationDimension": { "properties": { "name": { "type": "string", "description": "The name of the policy.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "Value of the dimension.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification:PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification": { "properties": { "predefinedMetricType": { "type": "string", "description": "The metric type.\n", "language": { "python": { "mapCase": false } } }, "resourceLabel": { "type": "string", "description": "Reserved for future use.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "predefinedMetricType" ] }, "aws:appautoscaling/ScheduledActionScalableTargetAction:ScheduledActionScalableTargetAction": { "properties": { "maxCapacity": { "type": "integer", "description": "The maximum capacity.\n", "language": { "python": { "mapCase": false } } }, "minCapacity": { "type": "integer", "description": "The minimum capacity.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:applicationloadbalancing/ListenerDefaultAction:ListenerDefaultAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:applicationloadbalancing/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito", "language": { "python": { "mapCase": false } } }, "authenticateOidc": { "$ref": "#/types/aws:applicationloadbalancing/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc", "language": { "python": { "mapCase": false } } }, "fixedResponse": { "$ref": "#/types/aws:applicationloadbalancing/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n", "language": { "python": { "mapCase": false } } }, "forward": { "$ref": "#/types/aws:applicationloadbalancing/ListenerDefaultActionForward:ListenerDefaultActionForward", "description": "Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `target_group_arn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `target_group_arn`.\n", "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirect": { "$ref": "#/types/aws:applicationloadbalancing/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect", "description": "Information for creating a redirect action. Required if `type` is `redirect`.\n", "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "description": "The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:applicationloadbalancing/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "description": "The ARN of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "description": "The ID of the Cognito user pool client.\n", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "description": "The domain prefix or fully-qualified domain name of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:applicationloadbalancing/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "description": "The authorization endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "description": "The OAuth 2.0 client identifier.\n", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "description": "The OAuth 2.0 client secret.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "The OIDC issuer identifier of the IdP.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "description": "The token endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "description": "The user info endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:applicationloadbalancing/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "description": "The message body.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:applicationloadbalancing/ListenerDefaultActionForward:ListenerDefaultActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:applicationloadbalancing/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness", "description": "The target group stickiness for the rule.\n", "language": { "python": { "mapCase": false } } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup" }, "description": "One or more target groups block.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetGroups" ] }, "aws:applicationloadbalancing/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether target group stickiness is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "duration" ] }, "aws:applicationloadbalancing/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The weight. The range is 0 to 999.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn" ] }, "aws:applicationloadbalancing/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect": { "properties": { "host": { "type": "string", "description": "The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "statusCode" ] }, "aws:applicationloadbalancing/ListenerRuleAction:ListenerRuleAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito", "description": "Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`.\n", "language": { "python": { "mapCase": false } } }, "authenticateOidc": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc", "description": "Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } }, "fixedResponse": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n", "language": { "python": { "mapCase": false } } }, "forward": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleActionForward:ListenerRuleActionForward", "description": "Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `target_group_arn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `target_group_arn`.\n", "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirect": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleActionRedirect:ListenerRuleActionRedirect", "description": "Information for creating a redirect action. Required if `type` is `redirect`.\n", "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "description": "The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:applicationloadbalancing/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "description": "The ARN of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "description": "The ID of the Cognito user pool client.\n", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "description": "The domain prefix or fully-qualified domain name of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:applicationloadbalancing/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "description": "The authorization endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "description": "The OAuth 2.0 client identifier.\n", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "description": "The OAuth 2.0 client secret.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "The OIDC issuer identifier of the IdP.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "description": "The token endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "description": "The user info endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:applicationloadbalancing/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "description": "The message body.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:applicationloadbalancing/ListenerRuleActionForward:ListenerRuleActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness", "description": "The target group stickiness for the rule.\n", "language": { "python": { "mapCase": false } } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup" }, "description": "One or more target groups block.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetGroups" ] }, "aws:applicationloadbalancing/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether target group stickiness is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "duration" ] }, "aws:applicationloadbalancing/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The weight. The range is 0 to 999.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn" ] }, "aws:applicationloadbalancing/ListenerRuleActionRedirect:ListenerRuleActionRedirect": { "properties": { "host": { "type": "string", "description": "The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "statusCode" ] }, "aws:applicationloadbalancing/ListenerRuleCondition:ListenerRuleCondition": { "properties": { "field": { "type": "string", "description": "The type of condition. Valid values are `host-header` or `path-pattern`. Must also set `values`.\n", "deprecationMessage": "use 'host_header' or 'path_pattern' attribute instead", "language": { "python": { "mapCase": false } } }, "hostHeader": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader", "description": "Contains a single `values` item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.\n", "language": { "python": { "mapCase": false } } }, "httpHeader": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader", "description": "HTTP headers to match. HTTP Header block fields documented below.\n", "language": { "python": { "mapCase": false } } }, "httpRequestMethod": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod", "description": "Contains a single `values` item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (\\_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.\n", "language": { "python": { "mapCase": false } } }, "pathPattern": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern", "description": "Contains a single `values` item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a `query_string` condition.\n", "language": { "python": { "mapCase": false } } }, "queryStrings": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString" }, "description": "Query strings to match. Query String block fields documented below.\n", "language": { "python": { "mapCase": false } } }, "sourceIp": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp", "description": "Contains a single `values` item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the `X-Forwarded-For` header, use `http_header` condition instead.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "string", "description": "List of exactly one pattern to match. Required when `field` is set.\n", "deprecationMessage": "use 'host_header' or 'path_pattern' attribute instead", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "field", "hostHeader", "pathPattern", "values" ] } } }, "aws:applicationloadbalancing/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "values" ] } } }, "aws:applicationloadbalancing/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader": { "properties": { "httpHeaderName": { "type": "string", "description": "Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a `host-header` condition instead.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "httpHeaderName", "values" ] }, "aws:applicationloadbalancing/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "values" ] }, "aws:applicationloadbalancing/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "values" ] } } }, "aws:applicationloadbalancing/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString": { "properties": { "key": { "type": "string", "description": "Query string key pattern to match.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "Query string value pattern to match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "value" ] }, "aws:applicationloadbalancing/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "values" ] }, "aws:applicationloadbalancing/LoadBalancerAccessLogs:LoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "description": "The S3 bucket name to store the logs in.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `access_logs`. Defaults to `false`, even when `bucket` is specified.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "The S3 bucket prefix. Logs are stored in the root if not configured.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket" ] }, "aws:applicationloadbalancing/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string", "description": "The allocation ID of the Elastic IP address.\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "The id of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetId" ] }, "aws:applicationloadbalancing/TargetGroupHealthCheck:TargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean", "description": "Boolean to enable / disable `stickiness`. Default is `true`\n", "language": { "python": { "mapCase": false } } }, "healthyThreshold": { "type": "integer", "description": "The number of consecutive health checks successes required before considering an unhealthy target healthy. Defaults to 3.\n", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "description": "The approximate amount of time, in seconds, between health checks of an individual target. Minimum value 5 seconds, Maximum value 300 seconds. For `lambda` target groups, it needs to be greater as the `timeout` of the underlying `lambda`. Default 30 seconds.\n", "language": { "python": { "mapCase": false } } }, "matcher": { "type": "string", "description": "The HTTP codes to use when checking for a successful response from a target. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\"). Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The destination for the health check request. Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "description": "The amount of time, in seconds, during which no response means a failed health check. For Application Load Balancers, the range is 2 to 120 seconds, and the default is 5 seconds for the `instance` target type and 30 seconds for the `lambda` target type. For Network Load Balancers, you cannot set a custom value, and the default is 10 seconds for TCP and HTTPS health checks and 6 seconds for HTTP health checks.\n", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "description": "The number of consecutive health check failures required before considering the target unhealthy . For Network Load Balancers, this value must be the same as the `healthy_threshold`. Defaults to 3.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "matcher", "path", "timeout" ] } } }, "aws:applicationloadbalancing/TargetGroupStickiness:TargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether health checks are enabled. Defaults to true.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of sticky sessions. The only current possible value is `lb_cookie`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:applicationloadbalancing/getListenerDefaultAction:getListenerDefaultAction": { "properties": { "authenticateCognitos": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito" }, "language": { "python": { "mapCase": false } } }, "authenticateOidcs": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc" }, "language": { "python": { "mapCase": false } } }, "fixedResponses": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse" }, "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirects": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect" }, "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticateCognitos", "authenticateOidcs", "fixedResponses", "order", "redirects", "targetGroupArn", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:applicationloadbalancing/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticationRequestExtraParams", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:applicationloadbalancing/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticationRequestExtraParams", "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:applicationloadbalancing/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType", "messageBody", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:applicationloadbalancing/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect": { "properties": { "host": { "type": "string", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port of the listener. Required if `arn` is not set.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "host", "path", "port", "protocol", "query", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:applicationloadbalancing/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket", "enabled", "prefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:applicationloadbalancing/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:applicationloadbalancing/getTargetGroupHealthCheck:getTargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "healthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "language": { "python": { "mapCase": false } } }, "matcher": { "type": "string", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled", "healthyThreshold", "interval", "matcher", "path", "port", "protocol", "timeout", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:applicationloadbalancing/getTargetGroupStickiness:getTargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cookieDuration", "enabled", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/MeshSpec:MeshSpec": { "properties": { "egressFilter": { "$ref": "#/types/aws:appmesh/MeshSpecEgressFilter:MeshSpecEgressFilter", "description": "The egress filter rules for the service mesh.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/MeshSpecEgressFilter:MeshSpecEgressFilter": { "properties": { "type": { "type": "string", "description": "The egress filter type. By default, the type is `DROP_ALL`.\nValid values are `ALLOW_ALL` and `DROP_ALL`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/RouteSpec:RouteSpec": { "properties": { "httpRoute": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRoute:RouteSpecHttpRoute", "description": "The HTTP routing information for the route.\n", "language": { "python": { "mapCase": false } } }, "priority": { "type": "integer", "description": "The priority for the route, between `0` and `1000`.\nRoutes are matched based on the specified value, where `0` is the highest priority.\n", "language": { "python": { "mapCase": false } } }, "tcpRoute": { "$ref": "#/types/aws:appmesh/RouteSpecTcpRoute:RouteSpecTcpRoute", "description": "The TCP routing information for the route.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/RouteSpecHttpRoute:RouteSpecHttpRoute": { "properties": { "action": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteAction:RouteSpecHttpRouteAction", "description": "The action to take if a match is determined.\n", "language": { "python": { "mapCase": false } } }, "match": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatch:RouteSpecHttpRouteMatch", "description": "The criteria for determining an HTTP request match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "action", "match" ] }, "aws:appmesh/RouteSpecHttpRouteAction:RouteSpecHttpRouteAction": { "properties": { "weightedTargets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteActionWeightedTarget:RouteSpecHttpRouteActionWeightedTarget" }, "description": "The targets that traffic is routed to when a request matches the route.\nYou can specify one or more targets and their relative weights with which to distribute traffic.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "weightedTargets" ] }, "aws:appmesh/RouteSpecHttpRouteActionWeightedTarget:RouteSpecHttpRouteActionWeightedTarget": { "properties": { "virtualNode": { "type": "string", "description": "The virtual node to associate with the weighted target.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The relative weight of the weighted target. An integer between 0 and 100.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "virtualNode", "weight" ] }, "aws:appmesh/RouteSpecHttpRouteMatch:RouteSpecHttpRouteMatch": { "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatchHeader:RouteSpecHttpRouteMatchHeader" }, "description": "The client request headers to match on.\n", "language": { "python": { "mapCase": false } } }, "method": { "type": "string", "description": "The client request header method to match on. Valid values: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "Specifies the path with which to match requests.\nThis parameter must always start with /, which by itself matches all requests to the virtual router service name.\n", "language": { "python": { "mapCase": false } } }, "scheme": { "type": "string", "description": "The client request header scheme to match on. Valid values: `http`, `https`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "prefix" ] }, "aws:appmesh/RouteSpecHttpRouteMatchHeader:RouteSpecHttpRouteMatchHeader": { "properties": { "invert": { "type": "boolean", "description": "If `true`, the match is on the opposite of the `match` method and value. Default is `false`.\n", "language": { "python": { "mapCase": false } } }, "match": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatchHeaderMatch:RouteSpecHttpRouteMatchHeaderMatch", "description": "The method and value to match the header value sent with a request. Specify one match method.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "A name for the HTTP header in the client request that will be matched on.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name" ] }, "aws:appmesh/RouteSpecHttpRouteMatchHeaderMatch:RouteSpecHttpRouteMatchHeaderMatch": { "properties": { "exact": { "type": "string", "description": "The header value sent by the client must match the specified value exactly.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "Specifies the path with which to match requests.\nThis parameter must always start with /, which by itself matches all requests to the virtual router service name.\n", "language": { "python": { "mapCase": false } } }, "range": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatchHeaderMatchRange:RouteSpecHttpRouteMatchHeaderMatchRange", "description": "The object that specifies the range of numbers that the header value sent by the client must be included in.\n", "language": { "python": { "mapCase": false } } }, "regex": { "type": "string", "description": "The header value sent by the client must include the specified characters.\n", "language": { "python": { "mapCase": false } } }, "suffix": { "type": "string", "description": "The header value sent by the client must end with the specified characters.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/RouteSpecHttpRouteMatchHeaderMatchRange:RouteSpecHttpRouteMatchHeaderMatchRange": { "properties": { "end": { "type": "integer", "description": "The end of the range.\n", "language": { "python": { "mapCase": false } } }, "start": { "type": "integer", "description": "The start of the range.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "end", "start" ] }, "aws:appmesh/RouteSpecTcpRoute:RouteSpecTcpRoute": { "properties": { "action": { "$ref": "#/types/aws:appmesh/RouteSpecTcpRouteAction:RouteSpecTcpRouteAction", "description": "The action to take if a match is determined.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "action" ] }, "aws:appmesh/RouteSpecTcpRouteAction:RouteSpecTcpRouteAction": { "properties": { "weightedTargets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecTcpRouteActionWeightedTarget:RouteSpecTcpRouteActionWeightedTarget" }, "description": "The targets that traffic is routed to when a request matches the route.\nYou can specify one or more targets and their relative weights with which to distribute traffic.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "weightedTargets" ] }, "aws:appmesh/RouteSpecTcpRouteActionWeightedTarget:RouteSpecTcpRouteActionWeightedTarget": { "properties": { "virtualNode": { "type": "string", "description": "The virtual node to associate with the weighted target.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The relative weight of the weighted target. An integer between 0 and 100.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "virtualNode", "weight" ] }, "aws:appmesh/VirtualNodeSpec:VirtualNodeSpec": { "properties": { "backends": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackend:VirtualNodeSpecBackend" }, "description": "The backends to which the virtual node is expected to send outbound traffic.\n", "language": { "python": { "mapCase": false } } }, "listener": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListener:VirtualNodeSpecListener", "description": "The listeners from which the virtual node is expected to receive inbound traffic.\n", "language": { "python": { "mapCase": false } } }, "logging": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecLogging:VirtualNodeSpecLogging", "description": "The inbound and outbound access logging information for the virtual node.\n", "language": { "python": { "mapCase": false } } }, "serviceDiscovery": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecServiceDiscovery:VirtualNodeSpecServiceDiscovery", "description": "The service discovery information for the virtual node.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecBackend:VirtualNodeSpecBackend": { "properties": { "virtualService": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualService:VirtualNodeSpecBackendVirtualService", "description": "Specifies a virtual service to use as a backend for a virtual node.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecBackendVirtualService:VirtualNodeSpecBackendVirtualService": { "properties": { "virtualServiceName": { "type": "string", "description": "The name of the virtual service that is acting as a virtual node backend.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "virtualServiceName" ] }, "aws:appmesh/VirtualNodeSpecListener:VirtualNodeSpecListener": { "properties": { "healthCheck": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerHealthCheck:VirtualNodeSpecListenerHealthCheck", "description": "The health check information for the listener.\n", "language": { "python": { "mapCase": false } } }, "portMapping": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerPortMapping:VirtualNodeSpecListenerPortMapping", "description": "The port mapping information for the listener.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "portMapping" ] }, "aws:appmesh/VirtualNodeSpecListenerHealthCheck:VirtualNodeSpecListenerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer", "description": "The number of consecutive successful health checks that must occur before declaring listener healthy.\n", "language": { "python": { "mapCase": false } } }, "intervalMillis": { "type": "integer", "description": "The time period in milliseconds between each health check execution.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The destination path for the health check request. This is only required if the specified protocol is `http`.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "integer", "description": "The destination port for the health check request. This port must match the port defined in the `port_mapping` for the listener.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol for the health check request. Valid values are `http` and `tcp`.\n", "language": { "python": { "mapCase": false } } }, "timeoutMillis": { "type": "integer", "description": "The amount of time to wait when receiving a response from the health check, in milliseconds.\n", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "description": "The number of consecutive failed health checks that must occur before declaring a virtual node unhealthy.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "healthyThreshold", "intervalMillis", "protocol", "timeoutMillis", "unhealthyThreshold" ], "language": { "nodejs": { "requiredOutputs": [ "healthyThreshold", "intervalMillis", "port", "protocol", "timeoutMillis", "unhealthyThreshold" ] } } }, "aws:appmesh/VirtualNodeSpecListenerPortMapping:VirtualNodeSpecListenerPortMapping": { "properties": { "port": { "type": "integer", "description": "The port used for the port mapping.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol used for the port mapping. Valid values are `http` and `tcp`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "port", "protocol" ] }, "aws:appmesh/VirtualNodeSpecLogging:VirtualNodeSpecLogging": { "properties": { "accessLog": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecLoggingAccessLog:VirtualNodeSpecLoggingAccessLog", "description": "The access log configuration for a virtual node.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecLoggingAccessLog:VirtualNodeSpecLoggingAccessLog": { "properties": { "file": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecLoggingAccessLogFile:VirtualNodeSpecLoggingAccessLogFile", "description": "The file object to send virtual node access logs to.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecLoggingAccessLogFile:VirtualNodeSpecLoggingAccessLogFile": { "properties": { "path": { "type": "string", "description": "The file path to write access logs to. You can use `/dev/stdout` to send access logs to standard out.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "path" ] }, "aws:appmesh/VirtualNodeSpecServiceDiscovery:VirtualNodeSpecServiceDiscovery": { "properties": { "awsCloudMap": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecServiceDiscoveryAwsCloudMap:VirtualNodeSpecServiceDiscoveryAwsCloudMap", "description": "Specifies any AWS Cloud Map information for the virtual node.\n", "language": { "python": { "mapCase": false } } }, "dns": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecServiceDiscoveryDns:VirtualNodeSpecServiceDiscoveryDns", "description": "Specifies the DNS service name for the virtual node.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecServiceDiscoveryAwsCloudMap:VirtualNodeSpecServiceDiscoveryAwsCloudMap": { "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A string map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance. Only instances that match all of the specified key/value pairs will be returned.\n", "language": { "python": { "mapCase": false } } }, "namespaceName": { "type": "string", "description": "The name of the AWS Cloud Map namespace to use.\nUse the `aws.servicediscovery.HttpNamespace` resource to configure a Cloud Map namespace.\n", "language": { "python": { "mapCase": false } } }, "serviceName": { "type": "string", "description": "The name of the AWS Cloud Map service to use. Use the `aws.servicediscovery.Service` resource to configure a Cloud Map service.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "namespaceName", "serviceName" ] }, "aws:appmesh/VirtualNodeSpecServiceDiscoveryDns:VirtualNodeSpecServiceDiscoveryDns": { "properties": { "hostname": { "type": "string", "description": "The DNS host name for your virtual node.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "hostname" ] }, "aws:appmesh/VirtualRouterSpec:VirtualRouterSpec": { "properties": { "listener": { "$ref": "#/types/aws:appmesh/VirtualRouterSpecListener:VirtualRouterSpecListener", "description": "The listeners that the virtual router is expected to receive inbound traffic from.\nCurrently only one listener is supported per virtual router.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "listener" ] }, "aws:appmesh/VirtualRouterSpecListener:VirtualRouterSpecListener": { "properties": { "portMapping": { "$ref": "#/types/aws:appmesh/VirtualRouterSpecListenerPortMapping:VirtualRouterSpecListenerPortMapping", "description": "The port mapping information for the listener.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "portMapping" ] }, "aws:appmesh/VirtualRouterSpecListenerPortMapping:VirtualRouterSpecListenerPortMapping": { "properties": { "port": { "type": "integer", "description": "The port used for the port mapping.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol used for the port mapping. Valid values are `http` and `tcp`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "port", "protocol" ] }, "aws:appmesh/VirtualServiceSpec:VirtualServiceSpec": { "properties": { "provider": { "$ref": "#/types/aws:appmesh/VirtualServiceSpecProvider:VirtualServiceSpecProvider", "description": "The App Mesh object that is acting as the provider for a virtual service. You can specify a single virtual node or virtual router.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/VirtualServiceSpecProvider:VirtualServiceSpecProvider": { "properties": { "virtualNode": { "$ref": "#/types/aws:appmesh/VirtualServiceSpecProviderVirtualNode:VirtualServiceSpecProviderVirtualNode", "description": "The virtual node associated with a virtual service.\n", "language": { "python": { "mapCase": false } } }, "virtualRouter": { "$ref": "#/types/aws:appmesh/VirtualServiceSpecProviderVirtualRouter:VirtualServiceSpecProviderVirtualRouter", "description": "The virtual router associated with a virtual service.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appmesh/VirtualServiceSpecProviderVirtualNode:VirtualServiceSpecProviderVirtualNode": { "properties": { "virtualNodeName": { "type": "string", "description": "The name of the virtual node that is acting as a service provider.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "virtualNodeName" ] }, "aws:appmesh/VirtualServiceSpecProviderVirtualRouter:VirtualServiceSpecProviderVirtualRouter": { "properties": { "virtualRouterName": { "type": "string", "description": "The name of the virtual router that is acting as a service provider.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "virtualRouterName" ] }, "aws:appsync/DataSourceDynamodbConfig:DataSourceDynamodbConfig": { "properties": { "region": { "type": "string", "description": "AWS region of Elasticsearch domain. Defaults to current region.\n", "language": { "python": { "mapCase": false } } }, "tableName": { "type": "string", "description": "Name of the DynamoDB table.\n", "language": { "python": { "mapCase": false } } }, "useCallerCredentials": { "type": "boolean", "description": "Set to `true` to use Amazon Cognito credentials with this data source.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "tableName" ], "language": { "nodejs": { "requiredOutputs": [ "region", "tableName" ] } } }, "aws:appsync/DataSourceElasticsearchConfig:DataSourceElasticsearchConfig": { "properties": { "endpoint": { "type": "string", "description": "HTTP URL.\n", "language": { "python": { "mapCase": false } } }, "region": { "type": "string", "description": "AWS region of Elasticsearch domain. Defaults to current region.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "endpoint" ], "language": { "nodejs": { "requiredOutputs": [ "endpoint", "region" ] } } }, "aws:appsync/DataSourceHttpConfig:DataSourceHttpConfig": { "properties": { "endpoint": { "type": "string", "description": "HTTP URL.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "endpoint" ] }, "aws:appsync/DataSourceLambdaConfig:DataSourceLambdaConfig": { "properties": { "functionArn": { "type": "string", "description": "The ARN for the Lambda function.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "functionArn" ] }, "aws:appsync/GraphQLApiAdditionalAuthenticationProvider:GraphQLApiAdditionalAuthenticationProvider": { "properties": { "authenticationType": { "type": "string", "description": "The authentication type. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`\n", "language": { "python": { "mapCase": false } } }, "openidConnectConfig": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig:GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig", "description": "Nested argument containing OpenID Connect configuration. Defined below.\n", "language": { "python": { "mapCase": false } } }, "userPoolConfig": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProviderUserPoolConfig:GraphQLApiAdditionalAuthenticationProviderUserPoolConfig", "description": "The Amazon Cognito User Pool configuration. Defined below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticationType" ] }, "aws:appsync/GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig:GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig": { "properties": { "authTtl": { "type": "integer", "description": "Number of milliseconds a token is valid after being authenticated.\n", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "description": "Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.\n", "language": { "python": { "mapCase": false } } }, "iatTtl": { "type": "integer", "description": "Number of milliseconds a token is valid after being issued to a user.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "issuer" ] }, "aws:appsync/GraphQLApiAdditionalAuthenticationProviderUserPoolConfig:GraphQLApiAdditionalAuthenticationProviderUserPoolConfig": { "properties": { "appIdClientRegex": { "type": "string", "description": "A regular expression for validating the incoming Amazon Cognito User Pool app client ID.\n", "language": { "python": { "mapCase": false } } }, "awsRegion": { "type": "string", "description": "The AWS region in which the user pool was created.\n", "language": { "python": { "mapCase": false } } }, "userPoolId": { "type": "string", "description": "The user pool ID.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "userPoolId" ], "language": { "nodejs": { "requiredOutputs": [ "awsRegion", "userPoolId" ] } } }, "aws:appsync/GraphQLApiLogConfig:GraphQLApiLogConfig": { "properties": { "cloudwatchLogsRoleArn": { "type": "string", "description": "Amazon Resource Name of the service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.\n", "language": { "python": { "mapCase": false } } }, "excludeVerboseContent": { "type": "boolean", "description": "Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. Valid values: `true`, `false`. Default value: `false`\n", "language": { "python": { "mapCase": false } } }, "fieldLogLevel": { "type": "string", "description": "Field logging level. Valid values: `ALL`, `ERROR`, `NONE`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cloudwatchLogsRoleArn", "fieldLogLevel" ] }, "aws:appsync/GraphQLApiOpenidConnectConfig:GraphQLApiOpenidConnectConfig": { "properties": { "authTtl": { "type": "integer", "description": "Number of milliseconds a token is valid after being authenticated.\n", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "description": "Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.\n", "language": { "python": { "mapCase": false } } }, "iatTtl": { "type": "integer", "description": "Number of milliseconds a token is valid after being issued to a user.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "issuer" ] }, "aws:appsync/GraphQLApiUserPoolConfig:GraphQLApiUserPoolConfig": { "properties": { "appIdClientRegex": { "type": "string", "description": "A regular expression for validating the incoming Amazon Cognito User Pool app client ID.\n", "language": { "python": { "mapCase": false } } }, "awsRegion": { "type": "string", "description": "The AWS region in which the user pool was created.\n", "language": { "python": { "mapCase": false } } }, "defaultAction": { "type": "string", "description": "The action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration. Valid: `ALLOW` and `DENY`\n", "language": { "python": { "mapCase": false } } }, "userPoolId": { "type": "string", "description": "The user pool ID.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "defaultAction", "userPoolId" ], "language": { "nodejs": { "requiredOutputs": [ "awsRegion", "defaultAction", "userPoolId" ] } } }, "aws:appsync/ResolverCachingConfig:ResolverCachingConfig": { "properties": { "cachingKeys": { "type": "array", "items": { "type": "string" }, "description": "The list of caching key.\n", "language": { "python": { "mapCase": false } } }, "ttl": { "type": "integer", "description": "The TTL in seconds.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:appsync/ResolverPipelineConfig:ResolverPipelineConfig": { "properties": { "functions": { "type": "array", "items": { "type": "string" }, "description": "The list of Function ID.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:athena/DatabaseEncryptionConfiguration:DatabaseEncryptionConfiguration": { "properties": { "encryptionOption": { "type": "string", "description": "The type of key; one of `SSE_S3`, `SSE_KMS`, `CSE_KMS`\n", "language": { "python": { "mapCase": false } } }, "kmsKey": { "type": "string", "description": "The KMS key ARN or ID; required for key types `SSE_KMS` and `CSE_KMS`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "encryptionOption" ] }, "aws:athena/WorkgroupConfiguration:WorkgroupConfiguration": { "properties": { "bytesScannedCutoffPerQuery": { "type": "integer", "description": "Integer for the upper data usage limit (cutoff) for the amount of bytes a single query in a workgroup is allowed to scan. Must be at least `10485760`.\n", "language": { "python": { "mapCase": false } } }, "enforceWorkgroupConfiguration": { "type": "boolean", "description": "Boolean whether the settings for the workgroup override client-side settings. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html). Defaults to `true`.\n", "language": { "python": { "mapCase": false } } }, "publishCloudwatchMetricsEnabled": { "type": "boolean", "description": "Boolean whether Amazon CloudWatch metrics are enabled for the workgroup. Defaults to `true`.\n", "language": { "python": { "mapCase": false } } }, "resultConfiguration": { "$ref": "#/types/aws:athena/WorkgroupConfigurationResultConfiguration:WorkgroupConfigurationResultConfiguration", "description": "Configuration block with result settings. Documented below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:athena/WorkgroupConfigurationResultConfiguration:WorkgroupConfigurationResultConfiguration": { "properties": { "encryptionConfiguration": { "$ref": "#/types/aws:athena/WorkgroupConfigurationResultConfigurationEncryptionConfiguration:WorkgroupConfigurationResultConfigurationEncryptionConfiguration", "description": "Configuration block with encryption settings. Documented below.\n", "language": { "python": { "mapCase": false } } }, "outputLocation": { "type": "string", "description": "The location in Amazon S3 where your query results are stored, such as `s3://path/to/query/bucket/`. For more information, see [Queries and Query Result Files](https://docs.aws.amazon.com/athena/latest/ug/querying.html).\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:athena/WorkgroupConfigurationResultConfigurationEncryptionConfiguration:WorkgroupConfigurationResultConfigurationEncryptionConfiguration": { "properties": { "encryptionOption": { "type": "string", "description": "Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys (`SSE_S3`), server-side encryption with KMS-managed keys (`SSE_KMS`), or client-side encryption with KMS-managed keys (`CSE_KMS`) is used. If a query runs in a workgroup and the workgroup overrides client-side settings, then the workgroup's setting for encryption is used. It specifies whether query results must be encrypted, for all queries that run in this workgroup.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "description": "For `SSE_KMS` and `CSE_KMS`, this is the KMS key Amazon Resource Name (ARN).\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:autoscaling/GroupInitialLifecycleHook:GroupInitialLifecycleHook": { "properties": { "defaultResult": { "type": "string", "language": { "python": { "mapCase": false } } }, "heartbeatTimeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "lifecycleTransition": { "type": "string", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the auto scaling group. By default generated by this provider.\n", "language": { "python": { "mapCase": false } } }, "notificationMetadata": { "type": "string", "language": { "python": { "mapCase": false } } }, "notificationTargetArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "lifecycleTransition", "name" ], "language": { "nodejs": { "requiredOutputs": [ "defaultResult", "lifecycleTransition", "name" ] } } }, "aws:autoscaling/GroupLaunchTemplate:GroupLaunchTemplate": { "properties": { "id": { "type": "string", "description": "The ID of the launch template. Conflicts with `name`.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the auto scaling group. By default generated by this provider.\n", "language": { "python": { "mapCase": false } } }, "version": { "type": "string", "description": "Template version. Can be version number, `$Latest`, or `$Default`. (Default: `$Default`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "name" ] } } }, "aws:autoscaling/GroupMixedInstancesPolicy:GroupMixedInstancesPolicy": { "properties": { "instancesDistribution": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyInstancesDistribution:GroupMixedInstancesPolicyInstancesDistribution", "description": "Nested argument containing settings on how to mix on-demand and Spot instances in the Auto Scaling group. Defined below.\n", "language": { "python": { "mapCase": false } } }, "launchTemplate": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplate:GroupMixedInstancesPolicyLaunchTemplate", "description": "Nested argument containing launch template settings along with the overrides to specify multiple instance types and weights. Defined below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "launchTemplate" ], "language": { "nodejs": { "requiredOutputs": [ "instancesDistribution", "launchTemplate" ] } } }, "aws:autoscaling/GroupMixedInstancesPolicyInstancesDistribution:GroupMixedInstancesPolicyInstancesDistribution": { "properties": { "onDemandAllocationStrategy": { "type": "string", "description": "Strategy to use when launching on-demand instances. Valid values: `prioritized`. Default: `prioritized`.\n", "language": { "python": { "mapCase": false } } }, "onDemandBaseCapacity": { "type": "integer", "description": "Absolute minimum amount of desired capacity that must be fulfilled by on-demand instances. Default: `0`.\n", "language": { "python": { "mapCase": false } } }, "onDemandPercentageAboveBaseCapacity": { "type": "integer", "description": "Percentage split between on-demand and Spot instances above the base on-demand capacity. Default: `100`.\n", "language": { "python": { "mapCase": false } } }, "spotAllocationStrategy": { "type": "string", "description": "How to allocate capacity across the Spot pools. Valid values: `lowest-price`, `capacity-optimized`. Default: `lowest-price`.\n", "language": { "python": { "mapCase": false } } }, "spotInstancePools": { "type": "integer", "description": "Number of Spot pools per availability zone to allocate capacity. EC2 Auto Scaling selects the cheapest Spot pools and evenly allocates Spot capacity across the number of Spot pools that you specify. Default: `2`.\n", "language": { "python": { "mapCase": false } } }, "spotMaxPrice": { "type": "string", "description": "Maximum price per unit hour that the user is willing to pay for the Spot instances. Default: an empty string which means the on-demand price.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "onDemandAllocationStrategy", "onDemandBaseCapacity", "onDemandPercentageAboveBaseCapacity", "spotAllocationStrategy", "spotInstancePools" ] } } }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplate:GroupMixedInstancesPolicyLaunchTemplate": { "properties": { "launchTemplateSpecification": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification:GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification", "description": "Nested argument defines the Launch Template. Defined below.\n", "language": { "python": { "mapCase": false } } }, "overrides": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverride:GroupMixedInstancesPolicyLaunchTemplateOverride" }, "description": "List of nested arguments provides the ability to specify multiple instance types. This will override the same parameter in the launch template. For on-demand instances, Auto Scaling considers the order of preference of instance types to launch based on the order specified in the overrides list. Defined below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "launchTemplateSpecification" ] }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification:GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification": { "properties": { "launchTemplateId": { "type": "string", "description": "The ID of the launch template. Conflicts with `launch_template_name`.\n", "language": { "python": { "mapCase": false } } }, "launchTemplateName": { "type": "string", "description": "The name of the launch template. Conflicts with `launch_template_id`.\n", "language": { "python": { "mapCase": false } } }, "version": { "type": "string", "description": "Template version. Can be version number, `$Latest`, or `$Default`. (Default: `$Default`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "launchTemplateId", "launchTemplateName" ] } } }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverride:GroupMixedInstancesPolicyLaunchTemplateOverride": { "properties": { "instanceType": { "type": "string", "description": "Override the instance type in the Launch Template.\n", "language": { "python": { "mapCase": false } } }, "weightedCapacity": { "type": "string", "description": "The number of capacity units, which gives the instance type a proportional weight to other instance types.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:autoscaling/GroupTag:GroupTag": { "properties": { "key": { "type": "string", "description": "Key\n", "language": { "python": { "mapCase": false } } }, "propagateAtLaunch": { "type": "boolean", "description": "Enables propagation of the tag to\nAmazon EC2 instances launched via this ASG\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "Value\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "propagateAtLaunch", "value" ] }, "aws:autoscaling/PolicyStepAdjustment:PolicyStepAdjustment": { "properties": { "metricIntervalLowerBound": { "type": "string", "description": "The lower bound for the\ndifference between the alarm threshold and the CloudWatch metric.\nWithout a value, AWS will treat this bound as infinity.\n", "language": { "python": { "mapCase": false } } }, "metricIntervalUpperBound": { "type": "string", "description": "The upper bound for the\ndifference between the alarm threshold and the CloudWatch metric.\nWithout a value, AWS will treat this bound as infinity. The upper bound\nmust be greater than the lower bound.\n", "language": { "python": { "mapCase": false } } }, "scalingAdjustment": { "type": "integer", "description": "The number of members by which to\nscale, when the adjustment bounds are breached. A positive value scales\nup. A negative value scales down.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "scalingAdjustment" ] }, "aws:autoscaling/PolicyTargetTrackingConfiguration:PolicyTargetTrackingConfiguration": { "properties": { "customizedMetricSpecification": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecification:PolicyTargetTrackingConfigurationCustomizedMetricSpecification", "description": "A customized metric. Conflicts with `predefined_metric_specification`.\n", "language": { "python": { "mapCase": false } } }, "disableScaleIn": { "type": "boolean", "description": "Indicates whether scale in by the target tracking policy is disabled.\n", "language": { "python": { "mapCase": false } } }, "predefinedMetricSpecification": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfigurationPredefinedMetricSpecification:PolicyTargetTrackingConfigurationPredefinedMetricSpecification", "description": "A predefined metric. Conflicts with `customized_metric_specification`.\n", "language": { "python": { "mapCase": false } } }, "targetValue": { "type": "number", "description": "The target value for the metric.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetValue" ] }, "aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecification:PolicyTargetTrackingConfigurationCustomizedMetricSpecification": { "properties": { "metricDimensions": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricDimension:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricDimension" }, "description": "The dimensions of the metric.\n", "language": { "python": { "mapCase": false } } }, "metricName": { "type": "string", "description": "The name of the metric.\n", "language": { "python": { "mapCase": false } } }, "namespace": { "type": "string", "description": "The namespace of the metric.\n", "language": { "python": { "mapCase": false } } }, "statistic": { "type": "string", "description": "The statistic of the metric.\n", "language": { "python": { "mapCase": false } } }, "unit": { "type": "string", "description": "The unit of the metric.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "metricName", "namespace", "statistic" ] }, "aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricDimension:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricDimension": { "properties": { "name": { "type": "string", "description": "The name of the dimension.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the dimension.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:autoscaling/PolicyTargetTrackingConfigurationPredefinedMetricSpecification:PolicyTargetTrackingConfigurationPredefinedMetricSpecification": { "properties": { "predefinedMetricType": { "type": "string", "description": "The metric type.\n", "language": { "python": { "mapCase": false } } }, "resourceLabel": { "type": "string", "description": "Identifies the resource associated with the metric type.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "predefinedMetricType" ] }, "aws:backup/PlanRule:PlanRule": { "properties": { "completionWindow": { "type": "integer", "description": "The amount of time AWS Backup attempts a backup before canceling the job and returning an error.\n", "language": { "python": { "mapCase": false } } }, "copyActions": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanRuleCopyAction:PlanRuleCopyAction" }, "description": "Configuration block(s) with copy operation settings. Detailed below.\n", "language": { "python": { "mapCase": false } } }, "lifecycle": { "$ref": "#/types/aws:backup/PlanRuleLifecycle:PlanRuleLifecycle", "description": "The lifecycle defines when a protected resource is copied over to a backup vault and when it expires. Fields documented above.\n", "language": { "python": { "mapCase": false } } }, "recoveryPointTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create.\n", "language": { "python": { "mapCase": false } } }, "ruleName": { "type": "string", "description": "An display name for a backup rule.\n", "language": { "python": { "mapCase": false } } }, "schedule": { "type": "string", "description": "A CRON expression specifying when AWS Backup initiates a backup job.\n", "language": { "python": { "mapCase": false } } }, "startWindow": { "type": "integer", "description": "The amount of time in minutes before beginning a backup.\n", "language": { "python": { "mapCase": false } } }, "targetVaultName": { "type": "string", "description": "The name of a logical container where backups are stored.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "ruleName", "targetVaultName" ] }, "aws:backup/PlanRuleCopyAction:PlanRuleCopyAction": { "properties": { "destinationVaultArn": { "type": "string", "description": "An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup.\n", "language": { "python": { "mapCase": false } } }, "lifecycle": { "$ref": "#/types/aws:backup/PlanRuleCopyActionLifecycle:PlanRuleCopyActionLifecycle", "description": "The lifecycle defines when a protected resource is copied over to a backup vault and when it expires. Fields documented above.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "destinationVaultArn" ] }, "aws:backup/PlanRuleCopyActionLifecycle:PlanRuleCopyActionLifecycle": { "properties": { "coldStorageAfter": { "type": "integer", "description": "Specifies the number of days after creation that a recovery point is moved to cold storage.\n", "language": { "python": { "mapCase": false } } }, "deleteAfter": { "type": "integer", "description": "Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than `cold_storage_after`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:backup/PlanRuleLifecycle:PlanRuleLifecycle": { "properties": { "coldStorageAfter": { "type": "integer", "description": "Specifies the number of days after creation that a recovery point is moved to cold storage.\n", "language": { "python": { "mapCase": false } } }, "deleteAfter": { "type": "integer", "description": "Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than `cold_storage_after`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:backup/SelectionSelectionTag:SelectionSelectionTag": { "properties": { "key": { "type": "string", "description": "The key in a key-value pair.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "An operation, such as `StringEquals`, that is applied to a key-value pair used to filter resources in a selection.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value in a key-value pair.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "type", "value" ] }, "aws:batch/ComputeEnvironmentComputeResources:ComputeEnvironmentComputeResources": { "properties": { "allocationStrategy": { "type": "string", "description": "The allocation strategy to use for the compute resource in case not enough instances of the best fitting instance type can be allocated. Valid items are `BEST_FIT_PROGRESSIVE`, `SPOT_CAPACITY_OPTIMIZED` or `BEST_FIT`. Defaults to `BEST_FIT`. See [AWS docs](https://docs.aws.amazon.com/batch/latest/userguide/allocation-strategies.html) for details.\n", "language": { "python": { "mapCase": false } } }, "bidPercentage": { "type": "integer", "description": "Integer of minimum percentage that a Spot Instance price must be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20% (`20`), then the Spot price must be below 20% of the current On-Demand price for that EC2 instance. This parameter is required for SPOT compute environments.\n", "language": { "python": { "mapCase": false } } }, "desiredVcpus": { "type": "integer", "description": "The desired number of EC2 vCPUS in the compute environment.\n", "language": { "python": { "mapCase": false } } }, "ec2KeyPair": { "type": "string", "description": "The EC2 key pair that is used for instances launched in the compute environment.\n", "language": { "python": { "mapCase": false } } }, "imageId": { "type": "string", "description": "The Amazon Machine Image (AMI) ID used for instances launched in the compute environment.\n", "language": { "python": { "mapCase": false } } }, "instanceRole": { "type": "string", "description": "The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment.\n", "language": { "python": { "mapCase": false } } }, "instanceTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of instance types that may be launched.\n", "language": { "python": { "mapCase": false } } }, "launchTemplate": { "$ref": "#/types/aws:batch/ComputeEnvironmentComputeResourcesLaunchTemplate:ComputeEnvironmentComputeResourcesLaunchTemplate", "description": "The launch template to use for your compute resources. See details below.\n", "language": { "python": { "mapCase": false } } }, "maxVcpus": { "type": "integer", "description": "The maximum number of EC2 vCPUs that an environment can reach.\n", "language": { "python": { "mapCase": false } } }, "minVcpus": { "type": "integer", "description": "The minimum number of EC2 vCPUs that an environment should maintain.\n", "language": { "python": { "mapCase": false } } }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 security group that are associated with instances launched in the compute environment.\n", "language": { "python": { "mapCase": false } } }, "spotIamFleetRole": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment. This parameter is required for SPOT compute environments.\n", "language": { "python": { "mapCase": false } } }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnets into which the compute resources are launched.\n", "language": { "python": { "mapCase": false } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pair tags to be applied to resources that are launched in the compute environment.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of compute environment. Valid items are `EC2` or `SPOT`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "instanceRole", "instanceTypes", "maxVcpus", "minVcpus", "securityGroupIds", "subnets", "type" ], "language": { "nodejs": { "requiredOutputs": [ "desiredVcpus", "instanceRole", "instanceTypes", "maxVcpus", "minVcpus", "securityGroupIds", "subnets", "type" ] } } }, "aws:batch/ComputeEnvironmentComputeResourcesLaunchTemplate:ComputeEnvironmentComputeResourcesLaunchTemplate": { "properties": { "launchTemplateId": { "type": "string", "description": "ID of the launch template. You must specify either the launch template ID or launch template name in the request, but not both.\n", "language": { "python": { "mapCase": false } } }, "launchTemplateName": { "type": "string", "description": "Name of the launch template.\n", "language": { "python": { "mapCase": false } } }, "version": { "type": "string", "description": "The version number of the launch template. Default: The default version of the launch template.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:batch/JobDefinitionRetryStrategy:JobDefinitionRetryStrategy": { "properties": { "attempts": { "type": "integer", "description": "The number of times to move a job to the `RUNNABLE` status. You may specify between `1` and `10` attempts.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:batch/JobDefinitionTimeout:JobDefinitionTimeout": { "properties": { "attemptDurationSeconds": { "type": "integer", "description": "The time duration in seconds after which AWS Batch terminates your jobs if they have not finished. The minimum value for the timeout is `60` seconds.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:batch/getJobQueueComputeEnvironmentOrder:getJobQueueComputeEnvironmentOrder": { "properties": { "computeEnvironment": { "type": "string", "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "computeEnvironment", "order" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:budgets/BudgetCostTypes:BudgetCostTypes": { "properties": { "includeCredit": { "type": "boolean", "description": "A boolean value whether to include credits in the cost budget. Defaults to `true`\n", "language": { "python": { "mapCase": false } } }, "includeDiscount": { "type": "boolean", "description": "Specifies whether a budget includes discounts. Defaults to `true`\n", "language": { "python": { "mapCase": false } } }, "includeOtherSubscription": { "type": "boolean", "description": "A boolean value whether to include other subscription costs in the cost budget. Defaults to `true`\n", "language": { "python": { "mapCase": false } } }, "includeRecurring": { "type": "boolean", "description": "A boolean value whether to include recurring costs in the cost budget. Defaults to `true`\n", "language": { "python": { "mapCase": false } } }, "includeRefund": { "type": "boolean", "description": "A boolean value whether to include refunds in the cost budget. Defaults to `true`\n", "language": { "python": { "mapCase": false } } }, "includeSubscription": { "type": "boolean", "description": "A boolean value whether to include subscriptions in the cost budget. Defaults to `true`\n", "language": { "python": { "mapCase": false } } }, "includeSupport": { "type": "boolean", "description": "A boolean value whether to include support costs in the cost budget. Defaults to `true`\n", "language": { "python": { "mapCase": false } } }, "includeTax": { "type": "boolean", "description": "A boolean value whether to include tax in the cost budget. Defaults to `true`\n", "language": { "python": { "mapCase": false } } }, "includeUpfront": { "type": "boolean", "description": "A boolean value whether to include upfront costs in the cost budget. Defaults to `true`\n", "language": { "python": { "mapCase": false } } }, "useAmortized": { "type": "boolean", "description": "Specifies whether a budget uses the amortized rate. Defaults to `false`\n", "language": { "python": { "mapCase": false } } }, "useBlended": { "type": "boolean", "description": "A boolean value whether to use blended costs in the cost budget. Defaults to `false`\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:budgets/BudgetNotification:BudgetNotification": { "properties": { "comparisonOperator": { "type": "string", "description": "(Required) Comparison operator to use to evaluate the condition. Can be `LESS_THAN`, `EQUAL_TO` or `GREATER_THAN`.\n", "language": { "python": { "mapCase": false } } }, "notificationType": { "type": "string", "description": "(Required) What kind of budget value to notify on. Can be `ACTUAL` or `FORECASTED`\n", "language": { "python": { "mapCase": false } } }, "subscriberEmailAddresses": { "type": "array", "items": { "type": "string" }, "description": "(Optional) E-Mail addresses to notify. Either this or `subscriber_sns_topic_arns` is required.\n", "language": { "python": { "mapCase": false } } }, "subscriberSnsTopicArns": { "type": "array", "items": { "type": "string" }, "description": "(Optional) SNS topics to notify. Either this or `subscriber_email_addresses` is required.\n", "language": { "python": { "mapCase": false } } }, "threshold": { "type": "number", "description": "(Required) Threshold when the notification should be sent.\n", "language": { "python": { "mapCase": false } } }, "thresholdType": { "type": "string", "description": "(Required) What kind of threshold is defined. Can be `PERCENTAGE` OR `ABSOLUTE_VALUE`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "comparisonOperator", "notificationType", "threshold", "thresholdType" ] }, "aws:cfg/ConfigurationAggregatorAccountAggregationSource:ConfigurationAggregatorAccountAggregationSource": { "properties": { "accountIds": { "type": "array", "items": { "type": "string" }, "description": "List of 12-digit account IDs of the account(s) being aggregated.\n", "language": { "python": { "mapCase": false } } }, "allRegions": { "type": "boolean", "description": "If true, aggregate existing AWS Config regions and future regions.\n", "language": { "python": { "mapCase": false } } }, "regions": { "type": "array", "items": { "type": "string" }, "description": "List of source regions being aggregated.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "accountIds" ] }, "aws:cfg/ConfigurationAggregatorOrganizationAggregationSource:ConfigurationAggregatorOrganizationAggregationSource": { "properties": { "allRegions": { "type": "boolean", "description": "If true, aggregate existing AWS Config regions and future regions.\n", "language": { "python": { "mapCase": false } } }, "regions": { "type": "array", "items": { "type": "string" }, "description": "List of source regions being aggregated.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn" ] }, "aws:cfg/DeliveryChannelSnapshotDeliveryProperties:DeliveryChannelSnapshotDeliveryProperties": { "properties": { "deliveryFrequency": { "type": "string", "description": "- The frequency with which AWS Config recurringly delivers configuration snapshots.\ne.g. `One_Hour` or `Three_Hours`.\nValid values are listed [here](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html#API_ConfigSnapshotDeliveryProperties_Contents).\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cfg/RecorderRecordingGroup:RecorderRecordingGroup": { "properties": { "allSupported": { "type": "boolean", "description": "Specifies whether AWS Config records configuration changes\nfor every supported type of regional resource (which includes any new type that will become supported in the future).\nConflicts with `resource_types`. Defaults to `true`.\n", "language": { "python": { "mapCase": false } } }, "includeGlobalResourceTypes": { "type": "boolean", "description": "Specifies whether AWS Config includes all supported types of *global resources*\nwith the resources that it records. Requires `all_supported = true`. Conflicts with `resource_types`.\n", "language": { "python": { "mapCase": false } } }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "A list that specifies the types of AWS resources for which\nAWS Config records configuration changes (for example, `AWS::EC2::Instance` or `AWS::CloudTrail::Trail`).\nSee [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cfg/RuleScope:RuleScope": { "properties": { "complianceResourceId": { "type": "string", "description": "The IDs of the only AWS resource that you want to trigger an evaluation for the rule.\nIf you specify a resource ID, you must specify one resource type for `compliance_resource_types`.\n", "language": { "python": { "mapCase": false } } }, "complianceResourceTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of resource types of only those AWS resources that you want to trigger an\nevaluation for the rule. e.g. `AWS::EC2::Instance`. You can only specify one type if you also specify\na resource ID for `compliance_resource_id`. See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types.\n", "language": { "python": { "mapCase": false } } }, "tagKey": { "type": "string", "description": "The tag key that is applied to only those AWS resources that you want you\nwant to trigger an evaluation for the rule.\n", "language": { "python": { "mapCase": false } } }, "tagValue": { "type": "string", "description": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cfg/RuleSource:RuleSource": { "properties": { "owner": { "type": "string", "description": "Indicates whether AWS or the customer owns and manages the AWS Config rule. Valid values are `AWS` or `CUSTOM_LAMBDA`. For more information about managed rules, see the [AWS Config Managed Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). For more information about custom rules, see the [AWS Config Custom Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html). Custom Lambda Functions require permissions to allow the AWS Config service to invoke them, e.g. via the `aws.lambda.Permission` resource.\n", "language": { "python": { "mapCase": false } } }, "sourceDetails": { "type": "array", "items": { "$ref": "#/types/aws:cfg/RuleSourceSourceDetail:RuleSourceSourceDetail" }, "description": "Provides the source and type of the event that causes AWS Config to evaluate your AWS resources. Only valid if `owner` is `CUSTOM_LAMBDA`.\n", "language": { "python": { "mapCase": false } } }, "sourceIdentifier": { "type": "string", "description": "For AWS Config managed rules, a predefined identifier, e.g `IAM_PASSWORD_POLICY`. For custom Lambda rules, the identifier is the ARN of the Lambda Function, such as `arn:aws:lambda:us-east-1:123456789012:function:custom_rule_name` or the `arn` attribute of the `aws.lambda.Function` resource.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "owner", "sourceIdentifier" ] }, "aws:cfg/RuleSourceSourceDetail:RuleSourceSourceDetail": { "properties": { "eventSource": { "type": "string", "description": "The source of the event, such as an AWS service, that triggers AWS Config\nto evaluate your AWS resources. This defaults to `aws.config` and is the only valid value.\n", "language": { "python": { "mapCase": false } } }, "maximumExecutionFrequency": { "type": "string", "description": "The frequency that you want AWS Config to run evaluations for a rule that\nis triggered periodically. If specified, requires `message_type` to be `ScheduledNotification`.\n", "language": { "python": { "mapCase": false } } }, "messageType": { "type": "string", "description": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cloudfront/DistributionCustomErrorResponse:DistributionCustomErrorResponse": { "properties": { "errorCachingMinTtl": { "type": "integer", "description": "The minimum amount of time you want\nHTTP error codes to stay in CloudFront caches before CloudFront queries your\norigin to see whether the object has been updated.\n", "language": { "python": { "mapCase": false } } }, "errorCode": { "type": "integer", "description": "The 4xx or 5xx HTTP status code that you want to\ncustomize.\n", "language": { "python": { "mapCase": false } } }, "responseCode": { "type": "integer", "description": "The HTTP status code that you want CloudFront\nto return with the custom error page to the viewer.\n", "language": { "python": { "mapCase": false } } }, "responsePagePath": { "type": "string", "description": "The path of the custom error page (for\nexample, `/custom_404.html`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "errorCode" ] }, "aws:cloudfront/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior": { "properties": { "allowedMethods": { "type": "array", "items": { "type": "string" }, "description": "Controls which HTTP methods CloudFront\nprocesses and forwards to your Amazon S3 bucket or your custom origin.\n", "language": { "python": { "mapCase": false } } }, "cachedMethods": { "type": "array", "items": { "type": "string" }, "description": "Controls whether CloudFront caches the\nresponse to requests using the specified HTTP methods.\n", "language": { "python": { "mapCase": false } } }, "compress": { "type": "boolean", "description": "Whether you want CloudFront to automatically\ncompress content for web requests that include `Accept-Encoding: gzip` in\nthe request header (default: `false`).\n", "language": { "python": { "mapCase": false } } }, "defaultTtl": { "type": "integer", "description": "The default amount of time (in seconds) that an\nobject is in a CloudFront cache before CloudFront forwards another request\nin the absence of an `Cache-Control max-age` or `Expires` header. Defaults to\n1 day.\n", "language": { "python": { "mapCase": false } } }, "fieldLevelEncryptionId": { "type": "string", "description": "Field level encryption configuration ID\n", "language": { "python": { "mapCase": false } } }, "forwardedValues": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehaviorForwardedValues:DistributionDefaultCacheBehaviorForwardedValues", "description": "The forwarded values configuration that specifies how CloudFront\nhandles query strings, cookies and headers (maximum one).\n", "language": { "python": { "mapCase": false } } }, "lambdaFunctionAssociations": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehaviorLambdaFunctionAssociation:DistributionDefaultCacheBehaviorLambdaFunctionAssociation" }, "description": "A config block that triggers a lambda function with\nspecific actions. Defined below, maximum 4.\n", "language": { "python": { "mapCase": false } } }, "maxTtl": { "type": "integer", "description": "The maximum amount of time (in seconds) that an\nobject is in a CloudFront cache before CloudFront forwards another request\nto your origin to determine whether the object has been updated. Only\neffective in the presence of `Cache-Control max-age`, `Cache-Control\ns-maxage`, and `Expires` headers. Defaults to 365 days.\n", "language": { "python": { "mapCase": false } } }, "minTtl": { "type": "integer", "description": "The minimum amount of time that you want objects to\nstay in CloudFront caches before CloudFront queries your origin to see\nwhether the object has been updated. Defaults to 0 seconds.\n", "language": { "python": { "mapCase": false } } }, "smoothStreaming": { "type": "boolean", "description": "Indicates whether you want to distribute\nmedia files in Microsoft Smooth Streaming format using the origin that is\nassociated with this cache behavior.\n", "language": { "python": { "mapCase": false } } }, "targetOriginId": { "type": "string", "description": "The value of ID for the origin that you want\nCloudFront to route requests to when a request matches the path pattern\neither for a cache behavior or for the default cache behavior.\n", "language": { "python": { "mapCase": false } } }, "trustedSigners": { "type": "array", "items": { "type": "string" }, "description": "The AWS accounts, if any, that you want to\nallow to create signed URLs for private content.\n", "language": { "python": { "mapCase": false } } }, "viewerProtocolPolicy": { "type": "string", "description": "Use this element to specify the\nprotocol that users can use to access the files in the origin specified by\nTargetOriginId when a request matches the path pattern in PathPattern. One\nof `allow-all`, `https-only`, or `redirect-to-https`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "allowedMethods", "cachedMethods", "forwardedValues", "targetOriginId", "viewerProtocolPolicy" ] }, "aws:cloudfront/DistributionDefaultCacheBehaviorForwardedValues:DistributionDefaultCacheBehaviorForwardedValues": { "properties": { "cookies": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehaviorForwardedValuesCookies:DistributionDefaultCacheBehaviorForwardedValuesCookies", "description": "The forwarded values cookies\nthat specifies how CloudFront handles cookies (maximum one).\n", "language": { "python": { "mapCase": false } } }, "headers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the Headers, if any, that you want\nCloudFront to vary upon for this cache behavior. Specify `*` to include all\nheaders.\n", "language": { "python": { "mapCase": false } } }, "queryString": { "type": "boolean", "description": "Indicates whether you want CloudFront to forward\nquery strings to the origin that is associated with this cache behavior.\n", "language": { "python": { "mapCase": false } } }, "queryStringCacheKeys": { "type": "array", "items": { "type": "string" }, "description": "When specified, along with a value of\n`true` for `query_string`, all query strings are forwarded, however only the\nquery string keys listed in this argument are cached. When omitted with a\nvalue of `true` for `query_string`, all query string keys are cached.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cookies", "queryString" ] }, "aws:cloudfront/DistributionDefaultCacheBehaviorForwardedValuesCookies:DistributionDefaultCacheBehaviorForwardedValuesCookies": { "properties": { "forward": { "type": "string", "description": "Specifies whether you want CloudFront to forward\ncookies to the origin that is associated with this cache behavior. You can\nspecify `all`, `none` or `whitelist`. If `whitelist`, you must include the\nsubsequent `whitelisted_names`\n", "language": { "python": { "mapCase": false } } }, "whitelistedNames": { "type": "array", "items": { "type": "string" }, "description": "If you have specified `whitelist` to\n`forward`, the whitelisted cookies that you want CloudFront to forward to\nyour origin.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "forward" ] }, "aws:cloudfront/DistributionDefaultCacheBehaviorLambdaFunctionAssociation:DistributionDefaultCacheBehaviorLambdaFunctionAssociation": { "properties": { "eventType": { "type": "string", "description": "The specific event to trigger this function.\nValid values: `viewer-request`, `origin-request`, `viewer-response`,\n`origin-response`\n", "language": { "python": { "mapCase": false } } }, "includeBody": { "type": "boolean", "description": "When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: `true`, `false`.\n", "language": { "python": { "mapCase": false } } }, "lambdaArn": { "type": "string", "description": "ARN of the Lambda function.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "eventType", "lambdaArn" ] }, "aws:cloudfront/DistributionLoggingConfig:DistributionLoggingConfig": { "properties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket to store the access logs in, for\nexample, `myawslogbucket.s3.amazonaws.com`.\n", "language": { "python": { "mapCase": false } } }, "includeCookies": { "type": "boolean", "description": "Specifies whether you want CloudFront to\ninclude cookies in access logs (default: `false`).\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "An optional string that you want CloudFront to prefix\nto the access log filenames for this distribution, for example, `myprefix/`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket" ] }, "aws:cloudfront/DistributionOrderedCacheBehavior:DistributionOrderedCacheBehavior": { "properties": { "allowedMethods": { "type": "array", "items": { "type": "string" }, "description": "Controls which HTTP methods CloudFront\nprocesses and forwards to your Amazon S3 bucket or your custom origin.\n", "language": { "python": { "mapCase": false } } }, "cachedMethods": { "type": "array", "items": { "type": "string" }, "description": "Controls whether CloudFront caches the\nresponse to requests using the specified HTTP methods.\n", "language": { "python": { "mapCase": false } } }, "compress": { "type": "boolean", "description": "Whether you want CloudFront to automatically\ncompress content for web requests that include `Accept-Encoding: gzip` in\nthe request header (default: `false`).\n", "language": { "python": { "mapCase": false } } }, "defaultTtl": { "type": "integer", "description": "The default amount of time (in seconds) that an\nobject is in a CloudFront cache before CloudFront forwards another request\nin the absence of an `Cache-Control max-age` or `Expires` header. Defaults to\n1 day.\n", "language": { "python": { "mapCase": false } } }, "fieldLevelEncryptionId": { "type": "string", "description": "Field level encryption configuration ID\n", "language": { "python": { "mapCase": false } } }, "forwardedValues": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehaviorForwardedValues:DistributionOrderedCacheBehaviorForwardedValues", "description": "The forwarded values configuration that specifies how CloudFront\nhandles query strings, cookies and headers (maximum one).\n", "language": { "python": { "mapCase": false } } }, "lambdaFunctionAssociations": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehaviorLambdaFunctionAssociation:DistributionOrderedCacheBehaviorLambdaFunctionAssociation" }, "description": "A config block that triggers a lambda function with\nspecific actions. Defined below, maximum 4.\n", "language": { "python": { "mapCase": false } } }, "maxTtl": { "type": "integer", "description": "The maximum amount of time (in seconds) that an\nobject is in a CloudFront cache before CloudFront forwards another request\nto your origin to determine whether the object has been updated. Only\neffective in the presence of `Cache-Control max-age`, `Cache-Control\ns-maxage`, and `Expires` headers. Defaults to 365 days.\n", "language": { "python": { "mapCase": false } } }, "minTtl": { "type": "integer", "description": "The minimum amount of time that you want objects to\nstay in CloudFront caches before CloudFront queries your origin to see\nwhether the object has been updated. Defaults to 0 seconds.\n", "language": { "python": { "mapCase": false } } }, "pathPattern": { "type": "string", "description": "The pattern (for example, `images/*.jpg)` that\nspecifies which requests you want this cache behavior to apply to.\n", "language": { "python": { "mapCase": false } } }, "smoothStreaming": { "type": "boolean", "description": "Indicates whether you want to distribute\nmedia files in Microsoft Smooth Streaming format using the origin that is\nassociated with this cache behavior.\n", "language": { "python": { "mapCase": false } } }, "targetOriginId": { "type": "string", "description": "The value of ID for the origin that you want\nCloudFront to route requests to when a request matches the path pattern\neither for a cache behavior or for the default cache behavior.\n", "language": { "python": { "mapCase": false } } }, "trustedSigners": { "type": "array", "items": { "type": "string" }, "description": "The AWS accounts, if any, that you want to\nallow to create signed URLs for private content.\n", "language": { "python": { "mapCase": false } } }, "viewerProtocolPolicy": { "type": "string", "description": "Use this element to specify the\nprotocol that users can use to access the files in the origin specified by\nTargetOriginId when a request matches the path pattern in PathPattern. One\nof `allow-all`, `https-only`, or `redirect-to-https`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "allowedMethods", "cachedMethods", "forwardedValues", "pathPattern", "targetOriginId", "viewerProtocolPolicy" ] }, "aws:cloudfront/DistributionOrderedCacheBehaviorForwardedValues:DistributionOrderedCacheBehaviorForwardedValues": { "properties": { "cookies": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehaviorForwardedValuesCookies:DistributionOrderedCacheBehaviorForwardedValuesCookies", "description": "The forwarded values cookies\nthat specifies how CloudFront handles cookies (maximum one).\n", "language": { "python": { "mapCase": false } } }, "headers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the Headers, if any, that you want\nCloudFront to vary upon for this cache behavior. Specify `*` to include all\nheaders.\n", "language": { "python": { "mapCase": false } } }, "queryString": { "type": "boolean", "description": "Indicates whether you want CloudFront to forward\nquery strings to the origin that is associated with this cache behavior.\n", "language": { "python": { "mapCase": false } } }, "queryStringCacheKeys": { "type": "array", "items": { "type": "string" }, "description": "When specified, along with a value of\n`true` for `query_string`, all query strings are forwarded, however only the\nquery string keys listed in this argument are cached. When omitted with a\nvalue of `true` for `query_string`, all query string keys are cached.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cookies", "queryString" ] }, "aws:cloudfront/DistributionOrderedCacheBehaviorForwardedValuesCookies:DistributionOrderedCacheBehaviorForwardedValuesCookies": { "properties": { "forward": { "type": "string", "description": "Specifies whether you want CloudFront to forward\ncookies to the origin that is associated with this cache behavior. You can\nspecify `all`, `none` or `whitelist`. If `whitelist`, you must include the\nsubsequent `whitelisted_names`\n", "language": { "python": { "mapCase": false } } }, "whitelistedNames": { "type": "array", "items": { "type": "string" }, "description": "If you have specified `whitelist` to\n`forward`, the whitelisted cookies that you want CloudFront to forward to\nyour origin.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "forward" ] }, "aws:cloudfront/DistributionOrderedCacheBehaviorLambdaFunctionAssociation:DistributionOrderedCacheBehaviorLambdaFunctionAssociation": { "properties": { "eventType": { "type": "string", "description": "The specific event to trigger this function.\nValid values: `viewer-request`, `origin-request`, `viewer-response`,\n`origin-response`\n", "language": { "python": { "mapCase": false } } }, "includeBody": { "type": "boolean", "description": "When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: `true`, `false`.\n", "language": { "python": { "mapCase": false } } }, "lambdaArn": { "type": "string", "description": "ARN of the Lambda function.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "eventType", "lambdaArn" ] }, "aws:cloudfront/DistributionOrigin:DistributionOrigin": { "properties": { "customHeaders": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOriginCustomHeader:DistributionOriginCustomHeader" }, "description": "One or more sub-resources with `name` and\n`value` parameters that specify header data that will be sent to the origin\n(multiples allowed).\n", "language": { "python": { "mapCase": false } } }, "customOriginConfig": { "$ref": "#/types/aws:cloudfront/DistributionOriginCustomOriginConfig:DistributionOriginCustomOriginConfig", "description": "The CloudFront custom\norigin configuration information. If an S3\norigin is required, use `s3_origin_config` instead.\n", "language": { "python": { "mapCase": false } } }, "domainName": { "type": "string", "description": "The DNS domain name of either the S3 bucket, or\nweb site of your custom origin.\n", "language": { "python": { "mapCase": false } } }, "originId": { "type": "string", "description": "The unique identifier of the member origin\n", "language": { "python": { "mapCase": false } } }, "originPath": { "type": "string", "description": "An optional element that causes CloudFront to\nrequest your content from a directory in your Amazon S3 bucket or your\ncustom origin.\n", "language": { "python": { "mapCase": false } } }, "s3OriginConfig": { "$ref": "#/types/aws:cloudfront/DistributionOriginS3OriginConfig:DistributionOriginS3OriginConfig", "description": "The CloudFront S3 origin\nconfiguration information. If a custom origin is required, use\n`custom_origin_config` instead.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "domainName", "originId" ] }, "aws:cloudfront/DistributionOriginCustomHeader:DistributionOriginCustomHeader": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:cloudfront/DistributionOriginCustomOriginConfig:DistributionOriginCustomOriginConfig": { "properties": { "httpPort": { "type": "integer", "description": "The HTTP port the custom origin listens on.\n", "language": { "python": { "mapCase": false } } }, "httpsPort": { "type": "integer", "description": "The HTTPS port the custom origin listens on.\n", "language": { "python": { "mapCase": false } } }, "originKeepaliveTimeout": { "type": "integer", "description": "The Custom KeepAlive timeout, in seconds. By default, AWS enforces a limit of `60`. But you can request an [increase](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#request-custom-request-timeout).\n", "language": { "python": { "mapCase": false } } }, "originProtocolPolicy": { "type": "string", "description": "The origin protocol policy to apply to\nyour origin. One of `http-only`, `https-only`, or `match-viewer`.\n", "language": { "python": { "mapCase": false } } }, "originReadTimeout": { "type": "integer", "description": "The Custom Read timeout, in seconds. By default, AWS enforces a limit of `60`. But you can request an [increase](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#request-custom-request-timeout).\n", "language": { "python": { "mapCase": false } } }, "originSslProtocols": { "type": "array", "items": { "type": "string" }, "description": "The SSL/TLS protocols that you want\nCloudFront to use when communicating with your origin over HTTPS. A list of\none or more of `SSLv3`, `TLSv1`, `TLSv1.1`, and `TLSv1.2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "httpPort", "httpsPort", "originProtocolPolicy", "originSslProtocols" ] }, "aws:cloudfront/DistributionOriginGroup:DistributionOriginGroup": { "properties": { "failoverCriteria": { "$ref": "#/types/aws:cloudfront/DistributionOriginGroupFailoverCriteria:DistributionOriginGroupFailoverCriteria", "description": "The failover criteria for when to failover to the secondary origin\n", "language": { "python": { "mapCase": false } } }, "members": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOriginGroupMember:DistributionOriginGroupMember" }, "description": "Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.\n", "language": { "python": { "mapCase": false } } }, "originId": { "type": "string", "description": "The unique identifier of the member origin\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "failoverCriteria", "members", "originId" ] }, "aws:cloudfront/DistributionOriginGroupFailoverCriteria:DistributionOriginGroupFailoverCriteria": { "properties": { "statusCodes": { "type": "array", "items": { "type": "integer" }, "description": "A list of HTTP status codes for the origin group\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "statusCodes" ] }, "aws:cloudfront/DistributionOriginGroupMember:DistributionOriginGroupMember": { "properties": { "originId": { "type": "string", "description": "The unique identifier of the member origin\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "originId" ] }, "aws:cloudfront/DistributionOriginS3OriginConfig:DistributionOriginS3OriginConfig": { "properties": { "originAccessIdentity": { "type": "string", "description": "The [CloudFront origin access\nidentity][5] to associate with the origin.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "originAccessIdentity" ] }, "aws:cloudfront/DistributionRestrictions:DistributionRestrictions": { "properties": { "geoRestriction": { "$ref": "#/types/aws:cloudfront/DistributionRestrictionsGeoRestriction:DistributionRestrictionsGeoRestriction", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "geoRestriction" ] }, "aws:cloudfront/DistributionRestrictionsGeoRestriction:DistributionRestrictionsGeoRestriction": { "properties": { "locations": { "type": "array", "items": { "type": "string" }, "description": "The [ISO 3166-1-alpha-2 codes][4] for which you\nwant CloudFront either to distribute your content (`whitelist`) or not\ndistribute your content (`blacklist`).\n", "language": { "python": { "mapCase": false } } }, "restrictionType": { "type": "string", "description": "The method that you want to use to restrict\ndistribution of your content by country: `none`, `whitelist`, or\n`blacklist`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "restrictionType" ] }, "aws:cloudfront/DistributionViewerCertificate:DistributionViewerCertificate": { "properties": { "acmCertificateArn": { "type": "string", "description": "The ARN of the [AWS Certificate Manager](https://aws.amazon.com/certificate-manager/)\ncertificate that you wish to use with this distribution. Specify this,\n`cloudfront_default_certificate`, or `iam_certificate_id`. The ACM\ncertificate must be in US-EAST-1.\n", "language": { "python": { "mapCase": false } } }, "cloudfrontDefaultCertificate": { "type": "boolean", "description": "`true` if you want viewers to use HTTPS\nto request your objects and you're using the CloudFront domain name for your\ndistribution. Specify this, `acm_certificate_arn`, or `iam_certificate_id`.\n", "language": { "python": { "mapCase": false } } }, "iamCertificateId": { "type": "string", "description": "The IAM certificate identifier of the custom viewer\ncertificate for this distribution if you are using a custom domain. Specify\nthis, `acm_certificate_arn`, or `cloudfront_default_certificate`.\n", "language": { "python": { "mapCase": false } } }, "minimumProtocolVersion": { "type": "string", "description": "The minimum version of the SSL protocol that\nyou want CloudFront to use for HTTPS connections. Can only be set if\n`cloudfront_default_certificate = false`. One of `SSLv3`, `TLSv1`,\n`TLSv1_2016`, `TLSv1.1_2016` or `TLSv1.2_2018`. Default: `TLSv1`. **NOTE**:\nIf you are using a custom certificate (specified with `acm_certificate_arn`\nor `iam_certificate_id`), and have specified `sni-only` in\n`ssl_support_method`, `TLSv1` or later must be specified. If you have\nspecified `vip` in `ssl_support_method`, only `SSLv3` or `TLSv1` can be\nspecified. If you have specified `cloudfront_default_certificate`, `TLSv1`\nmust be specified.\n", "language": { "python": { "mapCase": false } } }, "sslSupportMethod": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cloudhsmv2/ClusterClusterCertificate:ClusterClusterCertificate": { "properties": { "awsHardwareCertificate": { "type": "string", "language": { "python": { "mapCase": false } } }, "clusterCertificate": { "type": "string", "language": { "python": { "mapCase": false } } }, "clusterCsr": { "type": "string", "language": { "python": { "mapCase": false } } }, "hsmCertificate": { "type": "string", "language": { "python": { "mapCase": false } } }, "manufacturerHardwareCertificate": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "awsHardwareCertificate", "clusterCertificate", "clusterCsr", "hsmCertificate", "manufacturerHardwareCertificate" ] } } }, "aws:cloudhsmv2/getClusterClusterCertificates:getClusterClusterCertificates": { "properties": { "awsHardwareCertificate": { "type": "string", "language": { "python": { "mapCase": false } } }, "clusterCertificate": { "type": "string", "language": { "python": { "mapCase": false } } }, "clusterCsr": { "type": "string", "language": { "python": { "mapCase": false } } }, "hsmCertificate": { "type": "string", "language": { "python": { "mapCase": false } } }, "manufacturerHardwareCertificate": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "awsHardwareCertificate", "clusterCertificate", "clusterCsr", "hsmCertificate", "manufacturerHardwareCertificate" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudtrail/TrailEventSelector:TrailEventSelector": { "properties": { "dataResources": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailEventSelectorDataResource:TrailEventSelectorDataResource" }, "description": "Specifies logging data events. Fields documented below.\n", "language": { "python": { "mapCase": false } } }, "includeManagementEvents": { "type": "boolean", "description": "Specify if you want your event selector to include management events for your trail.\n", "language": { "python": { "mapCase": false } } }, "readWriteType": { "type": "string", "description": "Specify if you want your trail to log read-only events, write-only events, or all. By default, the value is All. You can specify only the following value: \"ReadOnly\", \"WriteOnly\", \"All\". Defaults to `All`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cloudtrail/TrailEventSelectorDataResource:TrailEventSelectorDataResource": { "properties": { "type": { "type": "string", "description": "The resource type in which you want to log data events. You can specify only the following value: \"AWS::S3::Object\", \"AWS::Lambda::Function\"\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "A list of ARN for the specified S3 buckets and object prefixes..\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type", "values" ] }, "aws:cloudwatch/EventPermissionCondition:EventPermissionCondition": { "properties": { "key": { "type": "string", "description": "Key for the condition. Valid values: `aws:PrincipalOrgID`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "Type of condition. Value values: `StringEquals`.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "Value for the key.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "type", "value" ] }, "aws:cloudwatch/EventTargetBatchTarget:EventTargetBatchTarget": { "properties": { "arraySize": { "type": "integer", "description": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.\n", "language": { "python": { "mapCase": false } } }, "jobAttempts": { "type": "integer", "description": "The number of times to attempt to retry, if the job fails. Valid values are 1 to 10.\n", "language": { "python": { "mapCase": false } } }, "jobDefinition": { "type": "string", "description": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.\n", "language": { "python": { "mapCase": false } } }, "jobName": { "type": "string", "description": "The name to use for this execution of the job, if the target is an AWS Batch job.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "jobDefinition", "jobName" ] }, "aws:cloudwatch/EventTargetEcsTarget:EventTargetEcsTarget": { "properties": { "group": { "type": "string", "description": "Specifies an ECS task group for the task. The maximum length is 255 characters.\n", "language": { "python": { "mapCase": false } } }, "launchType": { "type": "string", "description": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. Valid values are EC2 or FARGATE.\n", "language": { "python": { "mapCase": false } } }, "networkConfiguration": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTargetNetworkConfiguration:EventTargetEcsTargetNetworkConfiguration", "description": "Use this if the ECS task uses the awsvpc network mode. This specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. Required if launch_type is FARGATE because the awsvpc mode is required for Fargate tasks.\n", "language": { "python": { "mapCase": false } } }, "platformVersion": { "type": "string", "description": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0. This is used only if LaunchType is FARGATE. For more information about valid platform versions, see [AWS Fargate Platform Versions](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n", "language": { "python": { "mapCase": false } } }, "taskCount": { "type": "integer", "description": "The number of tasks to create based on the TaskDefinition. The default is 1.\n", "language": { "python": { "mapCase": false } } }, "taskDefinitionArn": { "type": "string", "description": "The ARN of the task definition to use if the event target is an Amazon ECS cluster.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "taskDefinitionArn" ] }, "aws:cloudwatch/EventTargetEcsTargetNetworkConfiguration:EventTargetEcsTargetNetworkConfiguration": { "properties": { "assignPublicIp": { "type": "boolean", "description": "Assign a public IP address to the ENI (Fargate launch type only). Valid values are `true` or `false`. Default `false`.\n", "language": { "python": { "mapCase": false } } }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.\n", "language": { "python": { "mapCase": false } } }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "The subnets associated with the task or service.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnets" ] }, "aws:cloudwatch/EventTargetInputTransformer:EventTargetInputTransformer": { "properties": { "inputPaths": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs specified in the form of JSONPath (for example, time = $.time)\n", "language": { "python": { "mapCase": false } } }, "inputTemplate": { "type": "string", "description": "Structure containing the template body.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "inputTemplate" ] }, "aws:cloudwatch/EventTargetKinesisTarget:EventTargetKinesisTarget": { "properties": { "partitionKeyPath": { "type": "string", "description": "The JSON path to be extracted from the event and used as the partition key.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cloudwatch/EventTargetRunCommandTarget:EventTargetRunCommandTarget": { "properties": { "key": { "type": "string", "description": "Can be either `tag:tag-key` or `InstanceIds`.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "If Key is `tag:tag-key`, Values is a list of tag values. If Key is `InstanceIds`, Values is a list of Amazon EC2 instance IDs.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "values" ] }, "aws:cloudwatch/EventTargetSqsTarget:EventTargetSqsTarget": { "properties": { "messageGroupId": { "type": "string", "description": "The FIFO message group ID to use as the target.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cloudwatch/LogMetricFilterMetricTransformation:LogMetricFilterMetricTransformation": { "properties": { "defaultValue": { "type": "string", "description": "The value to emit when a filter pattern does not match a log event.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the CloudWatch metric to which the monitored log information should be published (e.g. `ErrorCount`)\n", "language": { "python": { "mapCase": false } } }, "namespace": { "type": "string", "description": "The destination namespace of the CloudWatch metric.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "What to publish to the metric. For example, if you're counting the occurrences of a particular term like \"Error\", the value will be \"1\" for each occurrence. If you're counting the bytes transferred the published value will be the value in the log event.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "namespace", "value" ] }, "aws:cloudwatch/MetricAlarmMetricQuery:MetricAlarmMetricQuery": { "properties": { "expression": { "type": "string", "description": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the id of the other metrics to refer to those metrics, and can also use the id of other expressions to use the result of those expressions. For more information about metric math expressions, see Metric Math Syntax and Functions in the [Amazon CloudWatch User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax).\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "A short name used to tie this object to the results in the response. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.\n", "language": { "python": { "mapCase": false } } }, "label": { "type": "string", "description": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents.\n", "language": { "python": { "mapCase": false } } }, "metric": { "$ref": "#/types/aws:cloudwatch/MetricAlarmMetricQueryMetric:MetricAlarmMetricQueryMetric", "description": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n", "language": { "python": { "mapCase": false } } }, "returnData": { "type": "boolean", "description": "Specify exactly one `metric_query` to be `true` to use that `metric_query` result as the alarm.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "id" ] }, "aws:cloudwatch/MetricAlarmMetricQueryMetric:MetricAlarmMetricQueryMetric": { "properties": { "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The dimensions for this metric. For the list of available dimensions see the AWS documentation [here](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n", "language": { "python": { "mapCase": false } } }, "metricName": { "type": "string", "description": "The name for this metric.\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n", "language": { "python": { "mapCase": false } } }, "namespace": { "type": "string", "description": "The namespace for this metric. See docs for the [list of namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html).\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n", "language": { "python": { "mapCase": false } } }, "period": { "type": "integer", "description": "The period in seconds over which the specified `stat` is applied.\n", "language": { "python": { "mapCase": false } } }, "stat": { "type": "string", "description": "The statistic to apply to this metric.\nEither of the following is supported: `SampleCount`, `Average`, `Sum`, `Minimum`, `Maximum`\n", "language": { "python": { "mapCase": false } } }, "unit": { "type": "string", "description": "The unit for this metric.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "metricName", "period", "stat" ] }, "aws:codebuild/ProjectArtifacts:ProjectArtifacts": { "properties": { "artifactIdentifier": { "type": "string", "description": "The artifact identifier. Must be the same specified inside AWS CodeBuild buildspec.\n", "language": { "python": { "mapCase": false } } }, "encryptionDisabled": { "type": "boolean", "description": "If set to true, output artifacts will not be encrypted. If `type` is set to `NO_ARTIFACTS` then this value will be ignored. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "location": { "type": "string", "description": "Information about the build output artifact location. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS` then this value will be ignored. If `type` is set to `S3`, this is the name of the output bucket.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the project. If `type` is set to `S3`, this is the name of the output artifact object\n", "language": { "python": { "mapCase": false } } }, "namespaceType": { "type": "string", "description": "The namespace to use in storing build artifacts. If `type` is set to `S3`, then valid values for this parameter are: `BUILD_ID` or `NONE`.\n", "language": { "python": { "mapCase": false } } }, "overrideArtifactName": { "type": "boolean", "description": "If set to true, a name specified in the build spec file overrides the artifact name.\n", "language": { "python": { "mapCase": false } } }, "packaging": { "type": "string", "description": "The type of build output artifact to create. If `type` is set to `S3`, valid values for this parameter are: `NONE` or `ZIP`\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "If `type` is set to `S3`, this is the path to the output artifact\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The build output artifact's type. Valid values for this parameter are: `CODEPIPELINE`, `NO_ARTIFACTS` or `S3`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:codebuild/ProjectCache:ProjectCache": { "properties": { "location": { "type": "string", "description": "The location where the AWS CodeBuild project stores cached resources. For type `S3` the value must be a valid S3 bucket name/prefix.\n", "language": { "python": { "mapCase": false } } }, "modes": { "type": "array", "items": { "type": "string" }, "description": "Specifies settings that AWS CodeBuild uses to store and reuse build dependencies. Valid values: `LOCAL_SOURCE_CACHE`, `LOCAL_DOCKER_LAYER_CACHE`, and `LOCAL_CUSTOM_CACHE`\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of storage that will be used for the AWS CodeBuild project cache. Valid values: `NO_CACHE`, `LOCAL`, and `S3`. Defaults to `NO_CACHE`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codebuild/ProjectEnvironment:ProjectEnvironment": { "properties": { "certificate": { "type": "string", "description": "The ARN of the S3 bucket, path prefix and object key that contains the PEM-encoded certificate.\n", "language": { "python": { "mapCase": false } } }, "computeType": { "type": "string", "description": "Information about the compute resources the build project will use. Available values for this parameter are: `BUILD_GENERAL1_SMALL`, `BUILD_GENERAL1_MEDIUM`, `BUILD_GENERAL1_LARGE` or `BUILD_GENERAL1_2XLARGE`. `BUILD_GENERAL1_SMALL` is only valid if `type` is set to `LINUX_CONTAINER`. When `type` is set to `LINUX_GPU_CONTAINER`, `compute_type` need to be `BUILD_GENERAL1_LARGE`.\n", "language": { "python": { "mapCase": false } } }, "environmentVariables": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectEnvironmentEnvironmentVariable:ProjectEnvironmentEnvironmentVariable" }, "description": "A set of environment variables to make available to builds for this build project.\n", "language": { "python": { "mapCase": false } } }, "image": { "type": "string", "description": "The Docker image to use for this build project. Valid values include [Docker images provided by CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html) (e.g `aws/codebuild/standard:2.0`), [Docker Hub images](https://hub.docker.com/) (e.g. `nginx:latest`), and full Docker repository URIs such as those for ECR (e.g. `137112412989.dkr.ecr.us-west-2.amazonaws.com/amazonlinux:latest`).\n", "language": { "python": { "mapCase": false } } }, "imagePullCredentialsType": { "type": "string", "description": "The type of credentials AWS CodeBuild uses to pull images in your build. Available values for this parameter are `CODEBUILD` or `SERVICE_ROLE`. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials. Default to `CODEBUILD`\n", "language": { "python": { "mapCase": false } } }, "privilegedMode": { "type": "boolean", "description": "If set to true, enables running the Docker daemon inside a Docker container. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "registryCredential": { "$ref": "#/types/aws:codebuild/ProjectEnvironmentRegistryCredential:ProjectEnvironmentRegistryCredential", "description": "Information about credentials for access to a private Docker registry. Registry Credential config blocks are documented below.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of build environment to use for related builds. Available values are: `LINUX_CONTAINER`, `LINUX_GPU_CONTAINER`, `WINDOWS_CONTAINER` or `ARM_CONTAINER`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "computeType", "image", "type" ] }, "aws:codebuild/ProjectEnvironmentEnvironmentVariable:ProjectEnvironmentEnvironmentVariable": { "properties": { "name": { "type": "string", "description": "The environment variable's name or key.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of environment variable. Valid values: `PARAMETER_STORE`, `PLAINTEXT`.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The environment variable's value.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:codebuild/ProjectEnvironmentRegistryCredential:ProjectEnvironmentRegistryCredential": { "properties": { "credential": { "type": "string", "description": "The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager.\n", "language": { "python": { "mapCase": false } } }, "credentialProvider": { "type": "string", "description": "The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "credential", "credentialProvider" ] }, "aws:codebuild/ProjectLogsConfig:ProjectLogsConfig": { "properties": { "cloudwatchLogs": { "$ref": "#/types/aws:codebuild/ProjectLogsConfigCloudwatchLogs:ProjectLogsConfigCloudwatchLogs", "description": "Configuration for the builds to store logs to CloudWatch\n", "language": { "python": { "mapCase": false } } }, "s3Logs": { "$ref": "#/types/aws:codebuild/ProjectLogsConfigS3Logs:ProjectLogsConfigS3Logs", "description": "Configuration for the builds to store logs to S3.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codebuild/ProjectLogsConfigCloudwatchLogs:ProjectLogsConfigCloudwatchLogs": { "properties": { "groupName": { "type": "string", "description": "The group name of the logs in CloudWatch Logs.\n", "language": { "python": { "mapCase": false } } }, "status": { "type": "string", "description": "Current status of logs in S3 for a build project. Valid values: `ENABLED`, `DISABLED`. Defaults to `DISABLED`.\n", "language": { "python": { "mapCase": false } } }, "streamName": { "type": "string", "description": "The stream name of the logs in CloudWatch Logs.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codebuild/ProjectLogsConfigS3Logs:ProjectLogsConfigS3Logs": { "properties": { "encryptionDisabled": { "type": "boolean", "description": "If set to true, output artifacts will not be encrypted. If `type` is set to `NO_ARTIFACTS` then this value will be ignored. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "location": { "type": "string", "description": "Information about the build output artifact location. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS` then this value will be ignored. If `type` is set to `S3`, this is the name of the output bucket.\n", "language": { "python": { "mapCase": false } } }, "status": { "type": "string", "description": "Current status of logs in CloudWatch Logs for a build project. Valid values: `ENABLED`, `DISABLED`. Defaults to `ENABLED`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codebuild/ProjectSecondaryArtifact:ProjectSecondaryArtifact": { "properties": { "artifactIdentifier": { "type": "string", "description": "The artifact identifier. Must be the same specified inside AWS CodeBuild buildspec.\n", "language": { "python": { "mapCase": false } } }, "encryptionDisabled": { "type": "boolean", "description": "If set to true, output artifacts will not be encrypted. If `type` is set to `NO_ARTIFACTS` then this value will be ignored. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "location": { "type": "string", "description": "Information about the build output artifact location. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS` then this value will be ignored. If `type` is set to `S3`, this is the name of the output bucket. If `path` is not also specified, then `location` can also specify the path of the output artifact in the output bucket.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the project. If `type` is set to `S3`, this is the name of the output artifact object\n", "language": { "python": { "mapCase": false } } }, "namespaceType": { "type": "string", "description": "The namespace to use in storing build artifacts. If `type` is set to `S3`, then valid values for this parameter are: `BUILD_ID` or `NONE`.\n", "language": { "python": { "mapCase": false } } }, "overrideArtifactName": { "type": "boolean", "description": "If set to true, a name specified in the build spec file overrides the artifact name.\n", "language": { "python": { "mapCase": false } } }, "packaging": { "type": "string", "description": "The type of build output artifact to create. If `type` is set to `S3`, valid values for this parameter are: `NONE` or `ZIP`\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "If `type` is set to `S3`, this is the path to the output artifact\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The build output artifact's type. Valid values for this parameter are: `CODEPIPELINE`, `NO_ARTIFACTS` or `S3`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "artifactIdentifier", "type" ] }, "aws:codebuild/ProjectSecondarySource:ProjectSecondarySource": { "properties": { "auths": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondarySourceAuth:ProjectSecondarySourceAuth" }, "description": "Information about the authorization settings for AWS CodeBuild to access the source code to be built. Auth blocks are documented below.\n", "language": { "python": { "mapCase": false } } }, "buildspec": { "type": "string", "description": "The build spec declaration to use for this build project's related builds.\n", "language": { "python": { "mapCase": false } } }, "gitCloneDepth": { "type": "integer", "description": "Truncate git history to this many commits.\n", "language": { "python": { "mapCase": false } } }, "gitSubmodulesConfig": { "$ref": "#/types/aws:codebuild/ProjectSecondarySourceGitSubmodulesConfig:ProjectSecondarySourceGitSubmodulesConfig", "description": "Information about the Git submodules configuration for an AWS CodeBuild build project. Git submodules config blocks are documented below. This option is only valid when the `type` is `CODECOMMIT`, `GITHUB` or `GITHUB_ENTERPRISE`.\n", "language": { "python": { "mapCase": false } } }, "insecureSsl": { "type": "boolean", "description": "Ignore SSL warnings when connecting to source control.\n", "language": { "python": { "mapCase": false } } }, "location": { "type": "string", "description": "The location of the source code from git or s3.\n", "language": { "python": { "mapCase": false } } }, "reportBuildStatus": { "type": "boolean", "description": "Set to `true` to report the status of a build's start and finish to your source provider. This option is only valid when your source provider is `GITHUB`, `BITBUCKET`, or `GITHUB_ENTERPRISE`.\n", "language": { "python": { "mapCase": false } } }, "sourceIdentifier": { "type": "string", "description": "The source identifier. Source data will be put inside a folder named as this parameter inside AWS CodeBuild source directory\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of repository that contains the source code to be built. Valid values for this parameter are: `CODECOMMIT`, `CODEPIPELINE`, `GITHUB`, `GITHUB_ENTERPRISE`, `BITBUCKET` or `S3`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "sourceIdentifier", "type" ] }, "aws:codebuild/ProjectSecondarySourceAuth:ProjectSecondarySourceAuth": { "properties": { "resource": { "type": "string", "description": "The resource value that applies to the specified authorization type.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The authorization type to use. The only valid value is `OAUTH`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:codebuild/ProjectSecondarySourceGitSubmodulesConfig:ProjectSecondarySourceGitSubmodulesConfig": { "properties": { "fetchSubmodules": { "type": "boolean", "description": "If set to true, fetches Git submodules for the AWS CodeBuild build project.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fetchSubmodules" ] }, "aws:codebuild/ProjectSource:ProjectSource": { "properties": { "auths": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSourceAuth:ProjectSourceAuth" }, "description": "Information about the authorization settings for AWS CodeBuild to access the source code to be built. Auth blocks are documented below.\n", "language": { "python": { "mapCase": false } } }, "buildspec": { "type": "string", "description": "The build spec declaration to use for this build project's related builds. This must be set when `type` is `NO_SOURCE`.\n", "language": { "python": { "mapCase": false } } }, "gitCloneDepth": { "type": "integer", "description": "Truncate git history to this many commits.\n", "language": { "python": { "mapCase": false } } }, "gitSubmodulesConfig": { "$ref": "#/types/aws:codebuild/ProjectSourceGitSubmodulesConfig:ProjectSourceGitSubmodulesConfig", "description": "Information about the Git submodules configuration for an AWS CodeBuild build project. Git submodules config blocks are documented below. This option is only valid when the `type` is `CODECOMMIT`, `GITHUB` or `GITHUB_ENTERPRISE`.\n", "language": { "python": { "mapCase": false } } }, "insecureSsl": { "type": "boolean", "description": "Ignore SSL warnings when connecting to source control.\n", "language": { "python": { "mapCase": false } } }, "location": { "type": "string", "description": "The location of the source code from git or s3.\n", "language": { "python": { "mapCase": false } } }, "reportBuildStatus": { "type": "boolean", "description": "Set to `true` to report the status of a build's start and finish to your source provider. This option is only valid when the `type` is `BITBUCKET` or `GITHUB`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of repository that contains the source code to be built. Valid values for this parameter are: `CODECOMMIT`, `CODEPIPELINE`, `GITHUB`, `GITHUB_ENTERPRISE`, `BITBUCKET`, `S3` or `NO_SOURCE`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:codebuild/ProjectSourceAuth:ProjectSourceAuth": { "properties": { "resource": { "type": "string", "description": "The resource value that applies to the specified authorization type.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The authorization type to use. The only valid value is `OAUTH`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:codebuild/ProjectSourceGitSubmodulesConfig:ProjectSourceGitSubmodulesConfig": { "properties": { "fetchSubmodules": { "type": "boolean", "description": "If set to true, fetches Git submodules for the AWS CodeBuild build project.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fetchSubmodules" ] }, "aws:codebuild/ProjectVpcConfig:ProjectVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The security group IDs to assign to running builds.\n", "language": { "python": { "mapCase": false } } }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "The subnet IDs within which to run builds.\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "description": "The ID of the VPC within which to run builds.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "securityGroupIds", "subnets", "vpcId" ] }, "aws:codebuild/WebhookFilterGroup:WebhookFilterGroup": { "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/WebhookFilterGroupFilter:WebhookFilterGroupFilter" }, "description": "A webhook filter for the group. Filter blocks are documented below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codebuild/WebhookFilterGroupFilter:WebhookFilterGroupFilter": { "properties": { "excludeMatchedPattern": { "type": "boolean", "description": "If set to `true`, the specified filter does *not* trigger a build. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "pattern": { "type": "string", "description": "For a filter that uses `EVENT` type, a comma-separated string that specifies one event: `PUSH`, `PULL_REQUEST_CREATED`, `PULL_REQUEST_UPDATED`, `PULL_REQUEST_REOPENED`. `PULL_REQUEST_MERGED` works with GitHub \u0026 GitHub Enterprise only. For a filter that uses any of the other filter types, a regular expression.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The webhook filter group's type. Valid values for this parameter are: `EVENT`, `BASE_REF`, `HEAD_REF`, `ACTOR_ACCOUNT_ID`, `FILE_PATH`. At least one filter group must specify `EVENT` as its type.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "pattern", "type" ] }, "aws:codecommit/TriggerTrigger:TriggerTrigger": { "properties": { "branches": { "type": "array", "items": { "type": "string" }, "description": "The branches that will be included in the trigger configuration. If no branches are specified, the trigger will apply to all branches.\n", "language": { "python": { "mapCase": false } } }, "customData": { "type": "string", "description": "Any custom data associated with the trigger that will be included in the information sent to the target of the trigger.\n", "language": { "python": { "mapCase": false } } }, "destinationArn": { "type": "string", "description": "The ARN of the resource that is the target for a trigger. For example, the ARN of a topic in Amazon Simple Notification Service (SNS).\n", "language": { "python": { "mapCase": false } } }, "events": { "type": "array", "items": { "type": "string" }, "description": "The repository events that will cause the trigger to run actions in another service, such as sending a notification through Amazon Simple Notification Service (SNS). If no events are specified, the trigger will run for all repository events. Event types include: `all`, `updateReference`, `createReference`, `deleteReference`.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the trigger.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "destinationArn", "events", "name" ] }, "aws:codedeploy/DeploymentConfigMinimumHealthyHosts:DeploymentConfigMinimumHealthyHosts": { "properties": { "type": { "type": "string", "description": "The type can either be `FLEET_PERCENT` or `HOST_COUNT`.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "integer", "description": "The value when the type is `FLEET_PERCENT` represents the minimum number of healthy instances as\na percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the\ndeployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\nWhen the type is `HOST_COUNT`, the value represents the minimum number of healthy instances as an absolute value.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentConfigTrafficRoutingConfig:DeploymentConfigTrafficRoutingConfig": { "properties": { "timeBasedCanary": { "$ref": "#/types/aws:codedeploy/DeploymentConfigTrafficRoutingConfigTimeBasedCanary:DeploymentConfigTrafficRoutingConfigTimeBasedCanary", "description": "The time based canary configuration information. If `type` is `TimeBasedLinear`, use `time_based_linear` instead.\n", "language": { "python": { "mapCase": false } } }, "timeBasedLinear": { "$ref": "#/types/aws:codedeploy/DeploymentConfigTrafficRoutingConfigTimeBasedLinear:DeploymentConfigTrafficRoutingConfigTimeBasedLinear", "description": "The time based linear configuration information. If `type` is `TimeBasedCanary`, use `time_based_canary` instead.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "Type of traffic routing config. One of `TimeBasedCanary`, `TimeBasedLinear`, `AllAtOnce`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentConfigTrafficRoutingConfigTimeBasedCanary:DeploymentConfigTrafficRoutingConfigTimeBasedCanary": { "properties": { "interval": { "type": "integer", "description": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.\n", "language": { "python": { "mapCase": false } } }, "percentage": { "type": "integer", "description": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentConfigTrafficRoutingConfigTimeBasedLinear:DeploymentConfigTrafficRoutingConfigTimeBasedLinear": { "properties": { "interval": { "type": "integer", "description": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.\n", "language": { "python": { "mapCase": false } } }, "percentage": { "type": "integer", "description": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupAlarmConfiguration:DeploymentGroupAlarmConfiguration": { "properties": { "alarms": { "type": "array", "items": { "type": "string" }, "description": "A list of alarms configured for the deployment group. _A maximum of 10 alarms can be added to a deployment group_.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether the alarm configuration is enabled. This option is useful when you want to temporarily deactivate alarm monitoring for a deployment group without having to add the same alarms again later.\n", "language": { "python": { "mapCase": false } } }, "ignorePollAlarmFailure": { "type": "boolean", "description": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from CloudWatch. The default value is `false`.\n* `true`: The deployment will proceed even if alarm status information can't be retrieved.\n* `false`: The deployment will stop if alarm status information can't be retrieved.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupAutoRollbackConfiguration:DeploymentGroupAutoRollbackConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Indicates whether a defined automatic rollback configuration is currently enabled for this Deployment Group. If you enable automatic rollback, you must specify at least one event type.\n", "language": { "python": { "mapCase": false } } }, "events": { "type": "array", "items": { "type": "string" }, "description": "The event type or types that trigger a rollback. Supported types are `DEPLOYMENT_FAILURE` and `DEPLOYMENT_STOP_ON_ALARM`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfig:DeploymentGroupBlueGreenDeploymentConfig": { "properties": { "deploymentReadyOption": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOption:DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOption", "description": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment (documented below).\n", "language": { "python": { "mapCase": false } } }, "greenFleetProvisioningOption": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOption:DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOption", "description": "Information about how instances are provisioned for a replacement environment in a blue/green deployment (documented below).\n", "language": { "python": { "mapCase": false } } }, "terminateBlueInstancesOnDeploymentSuccess": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccess:DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccess", "description": "Information about whether to terminate instances in the original fleet during a blue/green deployment (documented below).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "greenFleetProvisioningOption" ] } } }, "aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOption:DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOption": { "properties": { "actionOnTimeout": { "type": "string", "description": "When to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n* `CONTINUE_DEPLOYMENT`: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n* `STOP_DEPLOYMENT`: Do not register new instances with load balancer unless traffic is rerouted manually. If traffic is not rerouted manually before the end of the specified wait period, the deployment status is changed to Stopped.\n", "language": { "python": { "mapCase": false } } }, "waitTimeInMinutes": { "type": "integer", "description": "The number of minutes to wait before the status of a blue/green deployment changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `action_on_timeout`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOption:DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOption": { "properties": { "action": { "type": "string", "description": "The method used to add instances to a replacement environment.\n* `DISCOVER_EXISTING`: Use instances that already exist or will be created manually.\n* `COPY_AUTO_SCALING_GROUP`: Use settings from a specified **Auto Scaling** group to define and create instances in a new Auto Scaling group. _Exactly one Auto Scaling group must be specified_ when selecting `COPY_AUTO_SCALING_GROUP`. Use `autoscaling_groups` to specify the Auto Scaling group.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccess:DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccess": { "properties": { "action": { "type": "string", "description": "The action to take on instances in the original environment after a successful blue/green deployment.\n* `TERMINATE`: Instances are terminated after a specified wait time.\n* `KEEP_ALIVE`: Instances are left running after they are deregistered from the load balancer and removed from the deployment group.\n", "language": { "python": { "mapCase": false } } }, "terminationWaitTimeInMinutes": { "type": "integer", "description": "The number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupDeploymentStyle:DeploymentGroupDeploymentStyle": { "properties": { "deploymentOption": { "type": "string", "description": "Indicates whether to route deployment traffic behind a load balancer. Valid Values are `WITH_TRAFFIC_CONTROL` or `WITHOUT_TRAFFIC_CONTROL`. Default is `WITHOUT_TRAFFIC_CONTROL`.\n", "language": { "python": { "mapCase": false } } }, "deploymentType": { "type": "string", "description": "Indicates whether to run an in-place deployment or a blue/green deployment. Valid Values are `IN_PLACE` or `BLUE_GREEN`. Default is `IN_PLACE`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupEc2TagFilter:DeploymentGroupEc2TagFilter": { "properties": { "key": { "type": "string", "description": "The key of the tag filter.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the tag filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupEc2TagSet:DeploymentGroupEc2TagSet": { "properties": { "ec2TagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagSetEc2TagFilter:DeploymentGroupEc2TagSetEc2TagFilter" }, "description": "Tag filters associated with the deployment group. See the AWS docs for details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupEc2TagSetEc2TagFilter:DeploymentGroupEc2TagSetEc2TagFilter": { "properties": { "key": { "type": "string", "description": "The key of the tag filter.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the tag filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupEcsService:DeploymentGroupEcsService": { "properties": { "clusterName": { "type": "string", "description": "The name of the ECS cluster.\n", "language": { "python": { "mapCase": false } } }, "serviceName": { "type": "string", "description": "The name of the ECS service.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "clusterName", "serviceName" ] }, "aws:codedeploy/DeploymentGroupLoadBalancerInfo:DeploymentGroupLoadBalancerInfo": { "properties": { "elbInfos": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoElbInfo:DeploymentGroupLoadBalancerInfoElbInfo" }, "description": "The Classic Elastic Load Balancer to use in a deployment. Conflicts with `target_group_info` and `target_group_pair_info`.\n", "language": { "python": { "mapCase": false } } }, "targetGroupInfos": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupInfo:DeploymentGroupLoadBalancerInfoTargetGroupInfo" }, "description": "The (Application/Network Load Balancer) target group to use in a deployment. Conflicts with `elb_info` and `target_group_pair_info`.\n", "language": { "python": { "mapCase": false } } }, "targetGroupPairInfo": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfo:DeploymentGroupLoadBalancerInfoTargetGroupPairInfo", "description": "The (Application/Network Load Balancer) target group pair to use in a deployment. Conflicts with `elb_info` and `target_group_info`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoElbInfo:DeploymentGroupLoadBalancerInfoElbInfo": { "properties": { "name": { "type": "string", "description": "The name of the load balancer that will be used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment completes.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupInfo:DeploymentGroupLoadBalancerInfoTargetGroupInfo": { "properties": { "name": { "type": "string", "description": "The name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfo:DeploymentGroupLoadBalancerInfoTargetGroupPairInfo": { "properties": { "prodTrafficRoute": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRoute:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRoute", "description": "Configuration block for the production traffic route (documented below).\n", "language": { "python": { "mapCase": false } } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroup:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroup" }, "description": "Configuration blocks for a target group within a target group pair (documented below).\n", "language": { "python": { "mapCase": false } } }, "testTrafficRoute": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTestTrafficRoute:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTestTrafficRoute", "description": "Configuration block for the test traffic route (documented below).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "prodTrafficRoute", "targetGroups" ] }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRoute:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRoute": { "properties": { "listenerArns": { "type": "array", "items": { "type": "string" }, "description": "List of Amazon Resource Names (ARNs) of the load balancer listeners.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "listenerArns" ] }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroup:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroup": { "properties": { "name": { "type": "string", "description": "Name of the target group.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name" ] }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTestTrafficRoute:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTestTrafficRoute": { "properties": { "listenerArns": { "type": "array", "items": { "type": "string" }, "description": "List of Amazon Resource Names (ARNs) of the load balancer listeners.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "listenerArns" ] }, "aws:codedeploy/DeploymentGroupOnPremisesInstanceTagFilter:DeploymentGroupOnPremisesInstanceTagFilter": { "properties": { "key": { "type": "string", "description": "The key of the tag filter.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the tag filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codedeploy/DeploymentGroupTriggerConfiguration:DeploymentGroupTriggerConfiguration": { "properties": { "triggerEvents": { "type": "array", "items": { "type": "string" }, "description": "The event type or types for which notifications are triggered. Some values that are supported: `DeploymentStart`, `DeploymentSuccess`, `DeploymentFailure`, `DeploymentStop`, `DeploymentRollback`, `InstanceStart`, `InstanceSuccess`, `InstanceFailure`. See [the CodeDeploy documentation](http://docs.aws.amazon.com/codedeploy/latest/userguide/monitoring-sns-event-notifications-create-trigger.html) for all possible values.\n", "language": { "python": { "mapCase": false } } }, "triggerName": { "type": "string", "description": "The name of the notification trigger.\n", "language": { "python": { "mapCase": false } } }, "triggerTargetArn": { "type": "string", "description": "The ARN of the SNS topic through which notifications are sent.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "triggerEvents", "triggerName", "triggerTargetArn" ] }, "aws:codepipeline/PipelineArtifactStore:PipelineArtifactStore": { "properties": { "encryptionKey": { "$ref": "#/types/aws:codepipeline/PipelineArtifactStoreEncryptionKey:PipelineArtifactStoreEncryptionKey", "description": "The encryption key block AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3). An `encryption_key` block is documented below.\n", "language": { "python": { "mapCase": false } } }, "location": { "type": "string", "description": "The location where AWS CodePipeline stores artifacts for a pipeline; currently only `S3` is supported.\n", "language": { "python": { "mapCase": false } } }, "region": { "type": "string", "description": "The region where the artifact store is located. Required for a cross-region CodePipeline, do not provide for a single-region CodePipeline.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of the artifact store, such as Amazon S3\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "location", "type" ], "language": { "nodejs": { "requiredOutputs": [ "location", "region", "type" ] } } }, "aws:codepipeline/PipelineArtifactStoreEncryptionKey:PipelineArtifactStoreEncryptionKey": { "properties": { "id": { "type": "string", "description": "The KMS key ARN or ID\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of key; currently only `KMS` is supported\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "id", "type" ] }, "aws:codepipeline/PipelineStage:PipelineStage": { "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineStageAction:PipelineStageAction" }, "description": "The action(s) to include in the stage. Defined as an `action` block below\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the stage.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "actions", "name" ] }, "aws:codepipeline/PipelineStageAction:PipelineStageAction": { "properties": { "category": { "type": "string", "description": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Possible values are `Approval`, `Build`, `Deploy`, `Invoke`, `Source` and `Test`.\n", "language": { "python": { "mapCase": false } } }, "configuration": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A Map of the action declaration's configuration. Find out more about configuring action configurations in the [Reference Pipeline Structure documentation](http://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements).\n", "language": { "python": { "mapCase": false } } }, "inputArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of artifact names to be worked on.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The action declaration's name.\n", "language": { "python": { "mapCase": false } } }, "namespace": { "type": "string", "description": "The namespace all output variables will be accessed from.\n", "language": { "python": { "mapCase": false } } }, "outputArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of artifact names to output. Output artifact names must be unique within a pipeline.\n", "language": { "python": { "mapCase": false } } }, "owner": { "type": "string", "description": "The creator of the action being called. Possible values are `AWS`, `Custom` and `ThirdParty`.\n", "language": { "python": { "mapCase": false } } }, "provider": { "type": "string", "description": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of AWS CodeDeploy, which would be specified as CodeDeploy.\n", "language": { "python": { "mapCase": false } } }, "region": { "type": "string", "description": "The region in which to run the action.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM service role that will perform the declared action. This is assumed through the roleArn for the pipeline.\n", "language": { "python": { "mapCase": false } } }, "runOrder": { "type": "integer", "description": "The order in which actions are run.\n", "language": { "python": { "mapCase": false } } }, "version": { "type": "string", "description": "A string that identifies the action type.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "category", "name", "owner", "provider", "version" ], "language": { "nodejs": { "requiredOutputs": [ "category", "name", "owner", "provider", "region", "runOrder", "version" ] } } }, "aws:codepipeline/WebhookAuthenticationConfiguration:WebhookAuthenticationConfiguration": { "properties": { "allowedIpRange": { "type": "string", "description": "A valid CIDR block for `IP` filtering. Required for `IP`.\n", "language": { "python": { "mapCase": false } } }, "secretToken": { "type": "string", "description": "The shared secret for the GitHub repository webhook. Set this as `secret` in your `github_repository_webhook`'s `configuration` block. Required for `GITHUB_HMAC`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:codepipeline/WebhookFilter:WebhookFilter": { "properties": { "jsonPath": { "type": "string", "description": "The [JSON path](https://github.com/json-path/JsonPath) to filter on.\n", "language": { "python": { "mapCase": false } } }, "matchEquals": { "type": "string", "description": "The value to match on (e.g. `refs/heads/{Branch}`). See [AWS docs](https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_WebhookFilterRule.html) for details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "jsonPath", "matchEquals" ] }, "aws:codestarnotifications/NotificationRuleTarget:NotificationRuleTarget": { "properties": { "address": { "type": "string", "description": "The ARN of notification rule target. For example, a SNS Topic ARN.\n", "language": { "python": { "mapCase": false } } }, "status": { "type": "string", "description": "The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of the notification target. Default value is `SNS`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "address" ], "language": { "nodejs": { "requiredOutputs": [ "address", "status" ] } } }, "aws:cognito/IdentityPoolCognitoIdentityProvider:IdentityPoolCognitoIdentityProvider": { "properties": { "clientId": { "type": "string", "description": "The client ID for the Amazon Cognito Identity User Pool.\n", "language": { "python": { "mapCase": false } } }, "providerName": { "type": "string", "description": "The provider name for an Amazon Cognito Identity User Pool.\n", "language": { "python": { "mapCase": false } } }, "serverSideTokenCheck": { "type": "boolean", "description": "Whether server-side token validation is enabled for the identity provider’s token or not.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cognito/IdentityPoolRoleAttachmentRoleMapping:IdentityPoolRoleAttachmentRoleMapping": { "properties": { "ambiguousRoleResolution": { "type": "string", "description": "Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no cognito:preferred_role claim and there are multiple cognito:roles matches for the Token type. `Required` if you specify Token or Rules as the Type.\n", "language": { "python": { "mapCase": false } } }, "identityProvider": { "type": "string", "description": "A string identifying the identity provider, for example, \"graph.facebook.com\" or \"cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id\".\n", "language": { "python": { "mapCase": false } } }, "mappingRules": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolRoleAttachmentRoleMappingMappingRule:IdentityPoolRoleAttachmentRoleMappingMappingRule" }, "description": "The Rules Configuration to be used for mapping users to roles. You can specify up to 25 rules per identity provider. Rules are evaluated in order. The first one to match specifies the role.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The role mapping type.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "identityProvider", "type" ] }, "aws:cognito/IdentityPoolRoleAttachmentRoleMappingMappingRule:IdentityPoolRoleAttachmentRoleMappingMappingRule": { "properties": { "claim": { "type": "string", "description": "The claim name that must be present in the token, for example, \"isAdmin\" or \"paid\".\n", "language": { "python": { "mapCase": false } } }, "matchType": { "type": "string", "description": "The match condition that specifies how closely the claim value in the IdP token must match Value.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The role ARN.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "A brief string that the claim must match, for example, \"paid\" or \"yes\".\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "claim", "matchType", "roleArn", "value" ] }, "aws:cognito/ResourceServerScope:ResourceServerScope": { "properties": { "scopeDescription": { "type": "string", "description": "The scope description.\n", "language": { "python": { "mapCase": false } } }, "scopeName": { "type": "string", "description": "The scope name.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "scopeDescription", "scopeName" ] }, "aws:cognito/UserPoolAdminCreateUserConfig:UserPoolAdminCreateUserConfig": { "properties": { "allowAdminCreateUserOnly": { "type": "boolean", "description": "Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app.\n", "language": { "python": { "mapCase": false } } }, "inviteMessageTemplate": { "$ref": "#/types/aws:cognito/UserPoolAdminCreateUserConfigInviteMessageTemplate:UserPoolAdminCreateUserConfigInviteMessageTemplate", "description": "The invite message template structure.\n", "language": { "python": { "mapCase": false } } }, "unusedAccountValidityDays": { "type": "integer", "description": "**DEPRECATED** Use password_policy.temporary_password_validity_days instead - The user account expiration limit, in days, after which the account is no longer usable.\n", "deprecationMessage": "Use password_policy.temporary_password_validity_days instead", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "unusedAccountValidityDays" ] } } }, "aws:cognito/UserPoolAdminCreateUserConfigInviteMessageTemplate:UserPoolAdminCreateUserConfigInviteMessageTemplate": { "properties": { "emailMessage": { "type": "string", "description": "The email message template. Must contain the `{####}` placeholder. Conflicts with `email_verification_message` argument.\n", "language": { "python": { "mapCase": false } } }, "emailSubject": { "type": "string", "description": "The subject line for the email message template. Conflicts with `email_verification_subject` argument.\n", "language": { "python": { "mapCase": false } } }, "smsMessage": { "type": "string", "description": "The SMS message template. Must contain the `{####}` placeholder. Conflicts with `sms_verification_message` argument.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cognito/UserPoolClientAnalyticsConfiguration:UserPoolClientAnalyticsConfiguration": { "properties": { "applicationId": { "type": "string", "description": "The application ID for an Amazon Pinpoint application.\n", "language": { "python": { "mapCase": false } } }, "externalId": { "type": "string", "description": "An ID for the Analytics Configuration.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics.\n", "language": { "python": { "mapCase": false } } }, "userDataShared": { "type": "boolean", "description": "If set to `true`, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "applicationId", "externalId", "roleArn" ] }, "aws:cognito/UserPoolDeviceConfiguration:UserPoolDeviceConfiguration": { "properties": { "challengeRequiredOnNewDevice": { "type": "boolean", "description": "Indicates whether a challenge is required on a new device. Only applicable to a new device.\n", "language": { "python": { "mapCase": false } } }, "deviceOnlyRememberedOnUserPrompt": { "type": "boolean", "description": "If true, a device is only remembered on user prompt.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cognito/UserPoolEmailConfiguration:UserPoolEmailConfiguration": { "properties": { "emailSendingAccount": { "type": "string", "description": "The email delivery method to use. `COGNITO_DEFAULT` for the default email functionality built into Cognito or `DEVELOPER` to use your Amazon SES configuration.\n", "language": { "python": { "mapCase": false } } }, "fromEmailAddress": { "type": "string", "description": "Sender’s email address or sender’s display name with their email address (e.g. `john@example.com`, `John Smith \u003cjohn@example.com\u003e` or `\\\"John Smith Ph.D.\\\" \u003cjohn@example.com\u003e`). Escaped double quotes are required around display names that contain certain characters as specified in [RFC 5322](https://tools.ietf.org/html/rfc5322).\n", "language": { "python": { "mapCase": false } } }, "replyToEmailAddress": { "type": "string", "description": "The REPLY-TO email address.\n", "language": { "python": { "mapCase": false } } }, "sourceArn": { "type": "string", "description": "The ARN of the SES verified email identity to to use. Required if `email_sending_account` is set to `DEVELOPER`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cognito/UserPoolLambdaConfig:UserPoolLambdaConfig": { "properties": { "createAuthChallenge": { "type": "string", "description": "The ARN of the lambda creating an authentication challenge.\n", "language": { "python": { "mapCase": false } } }, "customMessage": { "type": "string", "description": "A custom Message AWS Lambda trigger.\n", "language": { "python": { "mapCase": false } } }, "defineAuthChallenge": { "type": "string", "description": "Defines the authentication challenge.\n", "language": { "python": { "mapCase": false } } }, "postAuthentication": { "type": "string", "description": "A post-authentication AWS Lambda trigger.\n", "language": { "python": { "mapCase": false } } }, "postConfirmation": { "type": "string", "description": "A post-confirmation AWS Lambda trigger.\n", "language": { "python": { "mapCase": false } } }, "preAuthentication": { "type": "string", "description": "A pre-authentication AWS Lambda trigger.\n", "language": { "python": { "mapCase": false } } }, "preSignUp": { "type": "string", "description": "A pre-registration AWS Lambda trigger.\n", "language": { "python": { "mapCase": false } } }, "preTokenGeneration": { "type": "string", "description": "Allow to customize identity token claims before token generation.\n", "language": { "python": { "mapCase": false } } }, "userMigration": { "type": "string", "description": "The user migration Lambda config type.\n", "language": { "python": { "mapCase": false } } }, "verifyAuthChallengeResponse": { "type": "string", "description": "Verifies the authentication challenge response.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cognito/UserPoolPasswordPolicy:UserPoolPasswordPolicy": { "properties": { "minimumLength": { "type": "integer", "description": "The minimum length of the password policy that you have set.\n", "language": { "python": { "mapCase": false } } }, "requireLowercase": { "type": "boolean", "description": "Whether you have required users to use at least one lowercase letter in their password.\n", "language": { "python": { "mapCase": false } } }, "requireNumbers": { "type": "boolean", "description": "Whether you have required users to use at least one number in their password.\n", "language": { "python": { "mapCase": false } } }, "requireSymbols": { "type": "boolean", "description": "Whether you have required users to use at least one symbol in their password.\n", "language": { "python": { "mapCase": false } } }, "requireUppercase": { "type": "boolean", "description": "Whether you have required users to use at least one uppercase letter in their password.\n", "language": { "python": { "mapCase": false } } }, "temporaryPasswordValidityDays": { "type": "integer", "description": "In the password policy you have set, refers to the number of days a temporary password is valid. If the user does not sign-in during this time, their password will need to be reset by an administrator.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cognito/UserPoolSchema:UserPoolSchema": { "properties": { "attributeDataType": { "type": "string", "description": "The attribute data type. Must be one of `Boolean`, `Number`, `String`, `DateTime`.\n", "language": { "python": { "mapCase": false } } }, "developerOnlyAttribute": { "type": "boolean", "description": "Specifies whether the attribute type is developer only.\n", "language": { "python": { "mapCase": false } } }, "mutable": { "type": "boolean", "description": "Specifies whether the attribute can be changed once it has been created.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the attribute.\n", "language": { "python": { "mapCase": false } } }, "numberAttributeConstraints": { "$ref": "#/types/aws:cognito/UserPoolSchemaNumberAttributeConstraints:UserPoolSchemaNumberAttributeConstraints", "description": "Specifies the constraints for an attribute of the number type.\n", "language": { "python": { "mapCase": false } } }, "required": { "type": "boolean", "description": "Specifies whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail.\n", "language": { "python": { "mapCase": false } } }, "stringAttributeConstraints": { "$ref": "#/types/aws:cognito/UserPoolSchemaStringAttributeConstraints:UserPoolSchemaStringAttributeConstraints", "description": "-Specifies the constraints for an attribute of the string type.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "attributeDataType", "name" ] }, "aws:cognito/UserPoolSchemaNumberAttributeConstraints:UserPoolSchemaNumberAttributeConstraints": { "properties": { "maxValue": { "type": "string", "description": "The maximum value of an attribute that is of the number data type.\n", "language": { "python": { "mapCase": false } } }, "minValue": { "type": "string", "description": "The minimum value of an attribute that is of the number data type.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cognito/UserPoolSchemaStringAttributeConstraints:UserPoolSchemaStringAttributeConstraints": { "properties": { "maxLength": { "type": "string", "description": "The maximum length of an attribute value of the string type.\n", "language": { "python": { "mapCase": false } } }, "minLength": { "type": "string", "description": "The minimum length of an attribute value of the string type.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:cognito/UserPoolSmsConfiguration:UserPoolSmsConfiguration": { "properties": { "externalId": { "type": "string", "description": "The external ID used in IAM role trust relationships. For more information about using external IDs, see [How to Use an External ID When Granting Access to Your AWS Resources to a Third Party](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html).\n", "language": { "python": { "mapCase": false } } }, "snsCallerArn": { "type": "string", "description": "The ARN of the Amazon SNS caller. This is usually the IAM role that you've given Cognito permission to assume.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "externalId", "snsCallerArn" ] }, "aws:cognito/UserPoolSoftwareTokenMfaConfiguration:UserPoolSoftwareTokenMfaConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Boolean whether to enable software token Multi-Factor (MFA) tokens, such as Time-based One-Time Password (TOTP). To disable software token MFA when `sms_configuration` is not present, the `mfa_configuration` argument must be set to `OFF` and the `software_token_mfa_configuration` configuration block must be fully removed.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ] }, "aws:cognito/UserPoolUserPoolAddOns:UserPoolUserPoolAddOns": { "properties": { "advancedSecurityMode": { "type": "string", "description": "The mode for advanced security, must be one of `OFF`, `AUDIT` or `ENFORCED`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "advancedSecurityMode" ] }, "aws:cognito/UserPoolUsernameConfiguration:UserPoolUsernameConfiguration": { "properties": { "caseSensitive": { "type": "boolean", "description": "Specifies whether username case sensitivity will be applied for all users in the user pool through Cognito APIs.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "caseSensitive" ] }, "aws:cognito/UserPoolVerificationMessageTemplate:UserPoolVerificationMessageTemplate": { "properties": { "defaultEmailOption": { "type": "string", "description": "The default email option. Must be either `CONFIRM_WITH_CODE` or `CONFIRM_WITH_LINK`. Defaults to `CONFIRM_WITH_CODE`.\n", "language": { "python": { "mapCase": false } } }, "emailMessage": { "type": "string", "description": "The email message template. Must contain the `{####}` placeholder. Conflicts with `email_verification_message` argument.\n", "language": { "python": { "mapCase": false } } }, "emailMessageByLink": { "type": "string", "description": "The email message template for sending a confirmation link to the user, it must contain the `{##Click Here##}` placeholder.\n", "language": { "python": { "mapCase": false } } }, "emailSubject": { "type": "string", "description": "The subject line for the email message template. Conflicts with `email_verification_subject` argument.\n", "language": { "python": { "mapCase": false } } }, "emailSubjectByLink": { "type": "string", "description": "The subject line for the email message template for sending a confirmation link to the user.\n", "language": { "python": { "mapCase": false } } }, "smsMessage": { "type": "string", "description": "The SMS message template. Must contain the `{####}` placeholder. Conflicts with `sms_verification_message` argument.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "emailMessage", "emailMessageByLink", "emailSubject", "emailSubjectByLink", "smsMessage" ] } } }, "aws:config/assumeRole:assumeRole": { "properties": { "externalId": { "type": "string" }, "policy": { "type": "string" }, "roleArn": { "type": "string" }, "sessionName": { "type": "string" } }, "type": "object" }, "aws:config/endpoints:endpoints": { "properties": { "accessanalyzer": { "type": "string" }, "acm": { "type": "string" }, "acmpca": { "type": "string" }, "amplify": { "type": "string" }, "apigateway": { "type": "string" }, "applicationautoscaling": { "type": "string" }, "applicationinsights": { "type": "string" }, "appmesh": { "type": "string" }, "appstream": { "type": "string" }, "appsync": { "type": "string" }, "athena": { "type": "string" }, "autoscaling": { "type": "string" }, "autoscalingplans": { "type": "string" }, "backup": { "type": "string" }, "batch": { "type": "string" }, "budgets": { "type": "string" }, "cloud9": { "type": "string" }, "cloudformation": { "type": "string" }, "cloudfront": { "type": "string" }, "cloudhsm": { "type": "string" }, "cloudsearch": { "type": "string" }, "cloudtrail": { "type": "string" }, "cloudwatch": { "type": "string" }, "cloudwatchevents": { "type": "string" }, "cloudwatchlogs": { "type": "string" }, "codeartifact": { "type": "string" }, "codebuild": { "type": "string" }, "codecommit": { "type": "string" }, "codedeploy": { "type": "string" }, "codepipeline": { "type": "string" }, "cognitoidentity": { "type": "string" }, "cognitoidp": { "type": "string" }, "configservice": { "type": "string" }, "cur": { "type": "string" }, "dataexchange": { "type": "string" }, "datapipeline": { "type": "string" }, "datasync": { "type": "string" }, "dax": { "type": "string" }, "devicefarm": { "type": "string" }, "directconnect": { "type": "string" }, "dlm": { "type": "string" }, "dms": { "type": "string" }, "docdb": { "type": "string" }, "ds": { "type": "string" }, "dynamodb": { "type": "string" }, "ec2": { "type": "string" }, "ecr": { "type": "string" }, "ecs": { "type": "string" }, "efs": { "type": "string" }, "eks": { "type": "string" }, "elasticache": { "type": "string" }, "elasticbeanstalk": { "type": "string" }, "elastictranscoder": { "type": "string" }, "elb": { "type": "string" }, "emr": { "type": "string" }, "es": { "type": "string" }, "firehose": { "type": "string" }, "fms": { "type": "string" }, "forecast": { "type": "string" }, "fsx": { "type": "string" }, "gamelift": { "type": "string" }, "glacier": { "type": "string" }, "globalaccelerator": { "type": "string" }, "glue": { "type": "string" }, "greengrass": { "type": "string" }, "guardduty": { "type": "string" }, "iam": { "type": "string" }, "imagebuilder": { "type": "string" }, "inspector": { "type": "string" }, "iot": { "type": "string" }, "iotanalytics": { "type": "string" }, "iotevents": { "type": "string" }, "kafka": { "type": "string" }, "kinesis": { "type": "string" }, "kinesisAnalytics": { "type": "string", "deprecationMessage": "use `endpoints` configuration block `kinesisanalytics` argument instead" }, "kinesisanalytics": { "type": "string" }, "kinesisanalyticsv2": { "type": "string" }, "kinesisvideo": { "type": "string" }, "kms": { "type": "string" }, "lakeformation": { "type": "string" }, "lambda": { "type": "string" }, "lexmodels": { "type": "string" }, "licensemanager": { "type": "string" }, "lightsail": { "type": "string" }, "macie": { "type": "string" }, "managedblockchain": { "type": "string" }, "marketplacecatalog": { "type": "string" }, "mediaconnect": { "type": "string" }, "mediaconvert": { "type": "string" }, "medialive": { "type": "string" }, "mediapackage": { "type": "string" }, "mediastore": { "type": "string" }, "mediastoredata": { "type": "string" }, "mq": { "type": "string" }, "neptune": { "type": "string" }, "networkmanager": { "type": "string" }, "opsworks": { "type": "string" }, "organizations": { "type": "string" }, "outposts": { "type": "string" }, "personalize": { "type": "string" }, "pinpoint": { "type": "string" }, "pricing": { "type": "string" }, "qldb": { "type": "string" }, "quicksight": { "type": "string" }, "r53": { "type": "string", "deprecationMessage": "use `endpoints` configuration block `route53` argument instead" }, "ram": { "type": "string" }, "rds": { "type": "string" }, "redshift": { "type": "string" }, "resourcegroups": { "type": "string" }, "resourcegroupstaggingapi": { "type": "string" }, "route53": { "type": "string" }, "route53domains": { "type": "string" }, "route53resolver": { "type": "string" }, "s3": { "type": "string" }, "s3control": { "type": "string" }, "sagemaker": { "type": "string" }, "sdb": { "type": "string" }, "secretsmanager": { "type": "string" }, "securityhub": { "type": "string" }, "serverlessrepo": { "type": "string" }, "servicecatalog": { "type": "string" }, "servicediscovery": { "type": "string" }, "servicequotas": { "type": "string" }, "ses": { "type": "string" }, "shield": { "type": "string" }, "sns": { "type": "string" }, "sqs": { "type": "string" }, "ssm": { "type": "string" }, "stepfunctions": { "type": "string" }, "storagegateway": { "type": "string" }, "sts": { "type": "string" }, "swf": { "type": "string" }, "synthetics": { "type": "string" }, "transfer": { "type": "string" }, "waf": { "type": "string" }, "wafregional": { "type": "string" }, "wafv2": { "type": "string" }, "worklink": { "type": "string" }, "workmail": { "type": "string" }, "workspaces": { "type": "string" }, "xray": { "type": "string" } }, "type": "object" }, "aws:config/ignoreTags:ignoreTags": { "properties": { "keyPrefixes": { "type": "array", "items": { "type": "string" } }, "keys": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:datasync/EfsLocationEc2Config:EfsLocationEc2Config": { "properties": { "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "List of Amazon Resource Names (ARNs) of the EC2 Security Groups that are associated with the EFS Mount Target.\n", "language": { "python": { "mapCase": false } } }, "subnetArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EC2 Subnet that is associated with the EFS Mount Target.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "securityGroupArns", "subnetArn" ] }, "aws:datasync/LocationSmbMountOptions:LocationSmbMountOptions": { "properties": { "version": { "type": "string", "description": "The specific SMB version that you want DataSync to use for mounting your SMB share. Valid values: `AUTOMATIC`, `SMB2`, and `SMB3`. Default: `AUTOMATIC`\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:datasync/NfsLocationOnPremConfig:NfsLocationOnPremConfig": { "properties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "List of Amazon Resource Names (ARNs) of the DataSync Agents used to connect to the NFS server.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "agentArns" ] }, "aws:datasync/S3LocationS3Config:S3LocationS3Config": { "properties": { "bucketAccessRoleArn": { "type": "string", "description": "Amazon Resource Names (ARN) of the IAM Role used to connect to the S3 Bucket.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketAccessRoleArn" ] }, "aws:datasync/TaskOptions:TaskOptions": { "properties": { "atime": { "type": "string", "description": "A file metadata that shows the last time a file was accessed (that is when the file was read or written to). If set to `BEST_EFFORT`, the DataSync Task attempts to preserve the original (that is, the version before sync `PREPARING` phase) `atime` attribute on all source files. Valid values: `BEST_EFFORT`, `NONE`. Default: `BEST_EFFORT`.\n", "language": { "python": { "mapCase": false } } }, "bytesPerSecond": { "type": "integer", "description": "Limits the bandwidth utilized. For example, to set a maximum of 1 MB, set this value to `1048576`. Value values: `-1` or greater. Default: `-1` (unlimited).\n", "language": { "python": { "mapCase": false } } }, "gid": { "type": "string", "description": "Group identifier of the file's owners. Valid values: `BOTH`, `INT_VALUE`, `NAME`, `NONE`. Default: `INT_VALUE` (preserve integer value of the ID).\n", "language": { "python": { "mapCase": false } } }, "mtime": { "type": "string", "description": "A file metadata that indicates the last time a file was modified (written to) before the sync `PREPARING` phase. Value values: `NONE`, `PRESERVE`. Default: `PRESERVE`.\n", "language": { "python": { "mapCase": false } } }, "posixPermissions": { "type": "string", "description": "Determines which users or groups can access a file for a specific purpose such as reading, writing, or execution of the file. Valid values: `NONE`, `PRESERVE`. Default: `PRESERVE`.\n", "language": { "python": { "mapCase": false } } }, "preserveDeletedFiles": { "type": "string", "description": "Whether files deleted in the source should be removed or preserved in the destination file system. Valid values: `PRESERVE`, `REMOVE`. Default: `PRESERVE`.\n", "language": { "python": { "mapCase": false } } }, "preserveDevices": { "type": "string", "description": "Whether the DataSync Task should preserve the metadata of block and character devices in the source files system, and recreate the files with that device name and metadata on the destination. The DataSync Task can’t sync the actual contents of such devices, because many of the devices are non-terminal and don’t return an end of file (EOF) marker. Valid values: `NONE`, `PRESERVE`. Default: `NONE` (ignore special devices).\n", "language": { "python": { "mapCase": false } } }, "uid": { "type": "string", "description": "User identifier of the file's owners. Valid values: `BOTH`, `INT_VALUE`, `NAME`, `NONE`. Default: `INT_VALUE` (preserve integer value of the ID).\n", "language": { "python": { "mapCase": false } } }, "verifyMode": { "type": "string", "description": "Whether a data integrity verification should be performed at the end of a task execution after all data and metadata have been transferred. Valid values: `NONE`, `POINT_IN_TIME_CONSISTENT`, `ONLY_FILES_TRANSFERRED`. Default: `POINT_IN_TIME_CONSISTENT`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:dax/ClusterNode:ClusterNode": { "properties": { "address": { "type": "string", "language": { "python": { "mapCase": false } } }, "availabilityZone": { "type": "string", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "integer", "description": "The port used by the configuration endpoint\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "address", "availabilityZone", "id", "port" ] } } }, "aws:dax/ClusterServerSideEncryption:ClusterServerSideEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Whether to enable encryption at rest. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:dax/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "name": { "type": "string", "description": "The name of the parameter.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value for the parameter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:directoryservice/DirectoryConnectSettings:DirectoryConnectSettings": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "connectIps": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses of the AD Connector servers.\n", "language": { "python": { "mapCase": false } } }, "customerDnsIps": { "type": "array", "items": { "type": "string" }, "description": "The DNS IP addresses of the domain to connect to.\n", "language": { "python": { "mapCase": false } } }, "customerUsername": { "type": "string", "description": "The username corresponding to the password provided.\n", "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs).\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "description": "The identifier of the VPC that the directory is in.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "customerDnsIps", "customerUsername", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredOutputs": [ "availabilityZones", "connectIps", "customerDnsIps", "customerUsername", "subnetIds", "vpcId" ] } } }, "aws:directoryservice/DirectoryVpcSettings:DirectoryVpcSettings": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs).\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "description": "The identifier of the VPC that the directory is in.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredOutputs": [ "availabilityZones", "subnetIds", "vpcId" ] } } }, "aws:directoryservice/getDirectoryConnectSetting:getDirectoryConnectSetting": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "connectIps": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses of the AD Connector servers.\n", "language": { "python": { "mapCase": false } } }, "customerDnsIps": { "type": "array", "items": { "type": "string" }, "description": "The DNS IP addresses of the domain to connect to.\n", "language": { "python": { "mapCase": false } } }, "customerUsername": { "type": "string", "description": "The username corresponding to the password provided.\n", "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets for the connector servers (2 subnets in 2 different AZs).\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "description": "The ID of the VPC that the connector is in.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "availabilityZones", "connectIps", "customerDnsIps", "customerUsername", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:directoryservice/getDirectoryVpcSetting:getDirectoryVpcSetting": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets for the connector servers (2 subnets in 2 different AZs).\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "description": "The ID of the VPC that the connector is in.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "availabilityZones", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dlm/LifecyclePolicyPolicyDetails:LifecyclePolicyPolicyDetails": { "properties": { "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of resource types that should be targeted by the lifecycle policy. `VOLUME` is currently the only allowed value.\n", "language": { "python": { "mapCase": false } } }, "schedules": { "type": "array", "items": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsSchedule:LifecyclePolicyPolicyDetailsSchedule" }, "description": "See the `schedule` configuration block.\n", "language": { "python": { "mapCase": false } } }, "targetTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tag keys and their values. Any resources that match the `resource_types` and are tagged with _any_ of these tags will be targeted.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "resourceTypes", "schedules", "targetTags" ] }, "aws:dlm/LifecyclePolicyPolicyDetailsSchedule:LifecyclePolicyPolicyDetailsSchedule": { "properties": { "copyTags": { "type": "boolean", "description": "Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.\n", "language": { "python": { "mapCase": false } } }, "createRule": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsScheduleCreateRule:LifecyclePolicyPolicyDetailsScheduleCreateRule", "description": "See the `create_rule` block. Max of 1 per schedule.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "A name for the schedule.\n", "language": { "python": { "mapCase": false } } }, "retainRule": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsScheduleRetainRule:LifecyclePolicyPolicyDetailsScheduleRetainRule", "description": "See the `retain_rule` block. Max of 1 per schedule.\n", "language": { "python": { "mapCase": false } } }, "tagsToAdd": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tag keys and their values. DLM lifecycle policies will already tag the snapshot with the tags on the volume. This configuration adds extra tags on top of these.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "createRule", "name", "retainRule" ], "language": { "nodejs": { "requiredOutputs": [ "copyTags", "createRule", "name", "retainRule" ] } } }, "aws:dlm/LifecyclePolicyPolicyDetailsScheduleCreateRule:LifecyclePolicyPolicyDetailsScheduleCreateRule": { "properties": { "interval": { "type": "integer", "description": "How often this lifecycle policy should be evaluated. `1`, `2`,`3`,`4`,`6`,`8`,`12` or `24` are valid values.\n", "language": { "python": { "mapCase": false } } }, "intervalUnit": { "type": "string", "description": "The unit for how often the lifecycle policy should be evaluated. `HOURS` is currently the only allowed value and also the default value.\n", "language": { "python": { "mapCase": false } } }, "times": { "type": "string", "description": "A list of times in 24 hour clock format that sets when the lifecycle policy should be evaluated. Max of 1.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "interval" ], "language": { "nodejs": { "requiredOutputs": [ "interval", "times" ] } } }, "aws:dlm/LifecyclePolicyPolicyDetailsScheduleRetainRule:LifecyclePolicyPolicyDetailsScheduleRetainRule": { "properties": { "count": { "type": "integer", "description": "How many snapshots to keep. Must be an integer between 1 and 1000.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "count" ] }, "aws:dms/EndpointElasticsearchSettings:EndpointElasticsearchSettings": { "properties": { "endpointUri": { "type": "string", "description": "Endpoint for the Elasticsearch cluster.\n", "language": { "python": { "mapCase": false } } }, "errorRetryDuration": { "type": "integer", "description": "Maximum number of seconds for which DMS retries failed API requests to the Elasticsearch cluster. Defaults to `300`.\n", "language": { "python": { "mapCase": false } } }, "fullLoadErrorPercentage": { "type": "integer", "description": "Maximum percentage of records that can fail to be written before a full load operation stops. Defaults to `10`.\n", "language": { "python": { "mapCase": false } } }, "serviceAccessRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role with permissions to write to the Elasticsearch cluster.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "endpointUri", "serviceAccessRoleArn" ] }, "aws:dms/EndpointKafkaSettings:EndpointKafkaSettings": { "properties": { "broker": { "type": "string", "description": "Kafka broker location. Specify in the form broker-hostname-or-ip:port.\n", "language": { "python": { "mapCase": false } } }, "topic": { "type": "string", "description": "Kafka topic for migration. Defaults to `kafka-default-topic`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "broker" ] }, "aws:dms/EndpointKinesisSettings:EndpointKinesisSettings": { "properties": { "messageFormat": { "type": "string", "description": "Output format for the records created. Defaults to `json`. Valid values are `json` and `json_unformatted` (a single line with no tab).\n", "language": { "python": { "mapCase": false } } }, "serviceAccessRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role with permissions to write to the Kinesis data stream.\n", "language": { "python": { "mapCase": false } } }, "streamArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Kinesis data stream.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:dms/EndpointMongodbSettings:EndpointMongodbSettings": { "properties": { "authMechanism": { "type": "string", "description": "Authentication mechanism to access the MongoDB source endpoint. Defaults to `default`.\n", "language": { "python": { "mapCase": false } } }, "authSource": { "type": "string", "description": "Authentication database name. Not used when `auth_type` is `no`. Defaults to `admin`.\n", "language": { "python": { "mapCase": false } } }, "authType": { "type": "string", "description": "Authentication type to access the MongoDB source endpoint. Defaults to `password`.\n", "language": { "python": { "mapCase": false } } }, "docsToInvestigate": { "type": "string", "description": "Number of documents to preview to determine the document organization. Use this setting when `nesting_level` is set to `one`. Defaults to `1000`.\n", "language": { "python": { "mapCase": false } } }, "extractDocId": { "type": "string", "description": "Document ID. Use this setting when `nesting_level` is set to `none`. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "nestingLevel": { "type": "string", "description": "Specifies either document or table mode. Defaults to `none`. Valid values are `one` (table mode) and `none` (document mode).\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:dms/EndpointS3Settings:EndpointS3Settings": { "properties": { "bucketFolder": { "type": "string", "description": "S3 Bucket Object prefix.\n", "language": { "python": { "mapCase": false } } }, "bucketName": { "type": "string", "description": "S3 Bucket name.\n", "language": { "python": { "mapCase": false } } }, "compressionType": { "type": "string", "description": "Set to compress target files. Defaults to `NONE`. Valid values are `GZIP` and `NONE`.\n", "language": { "python": { "mapCase": false } } }, "csvDelimiter": { "type": "string", "description": "Delimiter used to separate columns in the source files. Defaults to `,`.\n", "language": { "python": { "mapCase": false } } }, "csvRowDelimiter": { "type": "string", "description": "Delimiter used to separate rows in the source files. Defaults to `\\n`.\n", "language": { "python": { "mapCase": false } } }, "externalTableDefinition": { "type": "string", "description": "JSON document that describes how AWS DMS should interpret the data.\n", "language": { "python": { "mapCase": false } } }, "serviceAccessRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role with permissions to read from or write to the S3 Bucket.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:docdb/ClusterParameterGroupParameter:ClusterParameterGroupParameter": { "properties": { "applyMethod": { "type": "string", "description": "Valid values are `immediate` and `pending-reboot`. Defaults to `pending-reboot`.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the documentDB parameter.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the documentDB parameter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:dynamodb/GlobalTableReplica:GlobalTableReplica": { "properties": { "regionName": { "type": "string", "description": "AWS region name of replica DynamoDB Table. e.g. `us-east-1`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "regionName" ] }, "aws:dynamodb/TableAttribute:TableAttribute": { "properties": { "name": { "type": "string", "description": "The name of the index\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "Attribute type, which must be a scalar type: `S`, `N`, or `B` for (S)tring, (N)umber or (B)inary data\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "type" ] }, "aws:dynamodb/TableGlobalSecondaryIndex:TableGlobalSecondaryIndex": { "properties": { "hashKey": { "type": "string", "description": "The name of the hash key in the index; must be\ndefined as an attribute in the resource.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the index\n", "language": { "python": { "mapCase": false } } }, "nonKeyAttributes": { "type": "array", "items": { "type": "string" }, "description": "Only required with `INCLUDE` as a\nprojection type; a list of attributes to project into the index. These\ndo not need to be defined as attributes on the table.\n", "language": { "python": { "mapCase": false } } }, "projectionType": { "type": "string", "description": "One of `ALL`, `INCLUDE` or `KEYS_ONLY`\nwhere `ALL` projects every attribute into the index, `KEYS_ONLY`\nprojects just the hash and range key into the index, and `INCLUDE`\nprojects only the keys specified in the _non_key_attributes_\nparameter.\n", "language": { "python": { "mapCase": false } } }, "rangeKey": { "type": "string", "description": "The name of the range key; must be defined\n", "language": { "python": { "mapCase": false } } }, "readCapacity": { "type": "integer", "description": "The number of read units for this index. Must be set if billing_mode is set to PROVISIONED.\n", "language": { "python": { "mapCase": false } } }, "writeCapacity": { "type": "integer", "description": "The number of write units for this index. Must be set if billing_mode is set to PROVISIONED.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "hashKey", "name", "projectionType" ] }, "aws:dynamodb/TableLocalSecondaryIndex:TableLocalSecondaryIndex": { "properties": { "name": { "type": "string", "description": "The name of the index\n", "language": { "python": { "mapCase": false } } }, "nonKeyAttributes": { "type": "array", "items": { "type": "string" }, "description": "Only required with `INCLUDE` as a\nprojection type; a list of attributes to project into the index. These\ndo not need to be defined as attributes on the table.\n", "language": { "python": { "mapCase": false } } }, "projectionType": { "type": "string", "description": "One of `ALL`, `INCLUDE` or `KEYS_ONLY`\nwhere `ALL` projects every attribute into the index, `KEYS_ONLY`\nprojects just the hash and range key into the index, and `INCLUDE`\nprojects only the keys specified in the _non_key_attributes_\nparameter.\n", "language": { "python": { "mapCase": false } } }, "rangeKey": { "type": "string", "description": "The name of the range key; must be defined\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "projectionType", "rangeKey" ] }, "aws:dynamodb/TablePointInTimeRecovery:TablePointInTimeRecovery": { "properties": { "enabled": { "type": "boolean", "description": "Indicates whether ttl is enabled (true) or disabled (false).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ] }, "aws:dynamodb/TableReplica:TableReplica": { "properties": { "regionName": { "type": "string", "description": "Region name of the replica.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "regionName" ] }, "aws:dynamodb/TableServerSideEncryption:TableServerSideEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Indicates whether ttl is enabled (true) or disabled (false).\n", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "description": "The ARN of the CMK that should be used for the AWS KMS encryption.\nThis attribute should only be specified if the key is different from the default DynamoDB CMK, `alias/aws/dynamodb`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "enabled", "kmsKeyArn" ] } } }, "aws:dynamodb/TableTtl:TableTtl": { "properties": { "attributeName": { "type": "string", "description": "The name of the table attribute to store the TTL timestamp in.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether ttl is enabled (true) or disabled (false).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "attributeName" ] }, "aws:dynamodb/getTableAttribute:getTableAttribute": { "properties": { "name": { "type": "string", "description": "The name of the DynamoDB table.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTableGlobalSecondaryIndex:getTableGlobalSecondaryIndex": { "properties": { "hashKey": { "type": "string", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the DynamoDB table.\n", "language": { "python": { "mapCase": false } } }, "nonKeyAttributes": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "projectionType": { "type": "string", "language": { "python": { "mapCase": false } } }, "rangeKey": { "type": "string", "language": { "python": { "mapCase": false } } }, "readCapacity": { "type": "integer", "language": { "python": { "mapCase": false } } }, "writeCapacity": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "hashKey", "name", "nonKeyAttributes", "projectionType", "rangeKey", "readCapacity", "writeCapacity" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTableLocalSecondaryIndex:getTableLocalSecondaryIndex": { "properties": { "name": { "type": "string", "description": "The name of the DynamoDB table.\n", "language": { "python": { "mapCase": false } } }, "nonKeyAttributes": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "projectionType": { "type": "string", "language": { "python": { "mapCase": false } } }, "rangeKey": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "nonKeyAttributes", "projectionType", "rangeKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTablePointInTimeRecovery:getTablePointInTimeRecovery": { "properties": { "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTableReplica:getTableReplica": { "properties": { "regionName": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "regionName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTableServerSideEncryption:getTableServerSideEncryption": { "properties": { "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled", "kmsKeyArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTableTtl:getTableTtl": { "properties": { "attributeName": { "type": "string", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "attributeName", "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ebs/getEbsVolumesFilter:getEbsVolumesFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumes.html).\nFor example, if matching against the `size` filter, use:\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nEBS Volume IDs will be selected if any one of the given values match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ebs/getSnapshotFilter:getSnapshotFilter": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ebs/getSnapshotIdsFilter:getSnapshotIdsFilter": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ebs/getVolumeFilter:getVolumeFilter": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/AmiCopyEbsBlockDevice:AmiCopyEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Boolean controlling whether the EBS volumes created to\nsupport each created instance will be deleted once that instance is terminated.\n", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "description": "The path at which the device is exposed to created instances.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshot_id`.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "Number of I/O operations per second the\ncreated volumes will support.\n", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "description": "The id of an EBS snapshot that will be used to initialize the created\nEBS volumes. If set, the `volume_size` attribute must be at least as large as the referenced\nsnapshot.\n", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of created volumes in GiB.\nIf `snapshot_id` is set and `volume_size` is omitted then the volume will have the same size\nas the selected snapshot.\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of EBS volume to create. Can be one of \"standard\" (the\ndefault), \"io1\" or \"gp2\".\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deleteOnTermination", "deviceName", "encrypted", "iops", "snapshotId", "volumeSize", "volumeType" ] } } }, "aws:ec2/AmiCopyEphemeralBlockDevice:AmiCopyEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "The path at which the device is exposed to created instances.\n", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "description": "A name for the ephemeral device, of the form \"ephemeralN\" where\n*N* is a volume number starting from zero.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deviceName", "virtualName" ] } } }, "aws:ec2/AmiEbsBlockDevice:AmiEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Boolean controlling whether the EBS volumes created to\nsupport each created instance will be deleted once that instance is terminated.\n", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "description": "The path at which the device is exposed to created instances.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshot_id`.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "Number of I/O operations per second the\ncreated volumes will support.\n", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "description": "The id of an EBS snapshot that will be used to initialize the created\nEBS volumes. If set, the `volume_size` attribute must be at least as large as the referenced\nsnapshot.\n", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of created volumes in GiB.\nIf `snapshot_id` is set and `volume_size` is omitted then the volume will have the same size\nas the selected snapshot.\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of EBS volume to create. Can be one of \"standard\" (the\ndefault), \"io1\" or \"gp2\".\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "volumeSize" ] } } }, "aws:ec2/AmiEphemeralBlockDevice:AmiEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "The path at which the device is exposed to created instances.\n", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "description": "A name for the ephemeral device, of the form \"ephemeralN\" where\n*N* is a volume number starting from zero.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName", "virtualName" ] }, "aws:ec2/AmiFromInstanceEbsBlockDevice:AmiFromInstanceEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Boolean controlling whether the EBS volumes created to\nsupport each created instance will be deleted once that instance is terminated.\n", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "description": "The path at which the device is exposed to created instances.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshot_id`.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "Number of I/O operations per second the\ncreated volumes will support.\n", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "description": "The id of an EBS snapshot that will be used to initialize the created\nEBS volumes. If set, the `volume_size` attribute must be at least as large as the referenced\nsnapshot.\n", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of created volumes in GiB.\nIf `snapshot_id` is set and `volume_size` is omitted then the volume will have the same size\nas the selected snapshot.\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of EBS volume to create. Can be one of \"standard\" (the\ndefault), \"io1\" or \"gp2\".\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deleteOnTermination", "deviceName", "encrypted", "iops", "snapshotId", "volumeSize", "volumeType" ] } } }, "aws:ec2/AmiFromInstanceEphemeralBlockDevice:AmiFromInstanceEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "The path at which the device is exposed to created instances.\n", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "description": "A name for the ephemeral device, of the form \"ephemeralN\" where\n*N* is a volume number starting from zero.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deviceName", "virtualName" ] } } }, "aws:ec2/DefaultNetworkAclEgress:DefaultNetworkAclEgress": { "properties": { "action": { "type": "string", "description": "The action to take.\n", "language": { "python": { "mapCase": false } } }, "cidrBlock": { "type": "string", "description": "The CIDR block to match. This must be a\nvalid network mask.\n", "language": { "python": { "mapCase": false } } }, "fromPort": { "type": "integer", "description": "The from port to match.\n", "language": { "python": { "mapCase": false } } }, "icmpCode": { "type": "integer", "description": "The ICMP type code to be used. Default 0.\n", "language": { "python": { "mapCase": false } } }, "icmpType": { "type": "integer", "description": "The ICMP type to be used. Default 0.\n", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol to match. If using the -1 'all'\nprotocol, you must specify a from and to port of 0.\n", "language": { "python": { "mapCase": false } } }, "ruleNo": { "type": "integer", "description": "The rule number. Used for ordering.\n", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "description": "The to port to match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "action", "fromPort", "protocol", "ruleNo", "toPort" ] }, "aws:ec2/DefaultNetworkAclIngress:DefaultNetworkAclIngress": { "properties": { "action": { "type": "string", "description": "The action to take.\n", "language": { "python": { "mapCase": false } } }, "cidrBlock": { "type": "string", "description": "The CIDR block to match. This must be a\nvalid network mask.\n", "language": { "python": { "mapCase": false } } }, "fromPort": { "type": "integer", "description": "The from port to match.\n", "language": { "python": { "mapCase": false } } }, "icmpCode": { "type": "integer", "description": "The ICMP type code to be used. Default 0.\n", "language": { "python": { "mapCase": false } } }, "icmpType": { "type": "integer", "description": "The ICMP type to be used. Default 0.\n", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol to match. If using the -1 'all'\nprotocol, you must specify a from and to port of 0.\n", "language": { "python": { "mapCase": false } } }, "ruleNo": { "type": "integer", "description": "The rule number. Used for ordering.\n", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "description": "The to port to match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "action", "fromPort", "protocol", "ruleNo", "toPort" ] }, "aws:ec2/DefaultRouteTableRoute:DefaultRouteTableRoute": { "properties": { "cidrBlock": { "type": "string", "description": "The CIDR block of the route.\n", "language": { "python": { "mapCase": false } } }, "egressOnlyGatewayId": { "type": "string", "description": "Identifier of a VPC Egress Only Internet Gateway.\n", "language": { "python": { "mapCase": false } } }, "gatewayId": { "type": "string", "description": "Identifier of a VPC internet gateway or a virtual private gateway.\n", "language": { "python": { "mapCase": false } } }, "instanceId": { "type": "string", "description": "Identifier of an EC2 instance.\n", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlock": { "type": "string", "description": "The Ipv6 CIDR block of the route\n", "language": { "python": { "mapCase": false } } }, "natGatewayId": { "type": "string", "description": "Identifier of a VPC NAT gateway.\n", "language": { "python": { "mapCase": false } } }, "networkInterfaceId": { "type": "string", "description": "Identifier of an EC2 network interface.\n", "language": { "python": { "mapCase": false } } }, "transitGatewayId": { "type": "string", "description": "Identifier of an EC2 Transit Gateway.\n", "language": { "python": { "mapCase": false } } }, "vpcPeeringConnectionId": { "type": "string", "description": "Identifier of a VPC peering connection.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/DefaultSecurityGroupEgress:DefaultSecurityGroupEgress": { "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "description": { "type": "string", "description": "The description of the security group\n", "language": { "python": { "mapCase": false } } }, "fromPort": { "type": "integer", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "securityGroups": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "self": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fromPort", "protocol", "toPort" ] }, "aws:ec2/DefaultSecurityGroupIngress:DefaultSecurityGroupIngress": { "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "description": { "type": "string", "description": "The description of the security group\n", "language": { "python": { "mapCase": false } } }, "fromPort": { "type": "integer", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "securityGroups": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "self": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fromPort", "protocol", "toPort" ] }, "aws:ec2/FleetLaunchTemplateConfig:FleetLaunchTemplateConfig": { "properties": { "launchTemplateSpecification": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigLaunchTemplateSpecification:FleetLaunchTemplateConfigLaunchTemplateSpecification", "description": "Nested argument containing EC2 Launch Template to use. Defined below.\n", "language": { "python": { "mapCase": false } } }, "overrides": { "type": "array", "items": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverride:FleetLaunchTemplateConfigOverride" }, "description": "Nested argument(s) containing parameters to override the same parameters in the Launch Template. Defined below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "launchTemplateSpecification" ] }, "aws:ec2/FleetLaunchTemplateConfigLaunchTemplateSpecification:FleetLaunchTemplateConfigLaunchTemplateSpecification": { "properties": { "launchTemplateId": { "type": "string", "description": "ID of the launch template.\n", "language": { "python": { "mapCase": false } } }, "launchTemplateName": { "type": "string", "description": "Name of the launch template.\n", "language": { "python": { "mapCase": false } } }, "version": { "type": "string", "description": "Version number of the launch template.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "version" ] }, "aws:ec2/FleetLaunchTemplateConfigOverride:FleetLaunchTemplateConfigOverride": { "properties": { "availabilityZone": { "type": "string", "description": "Availability Zone in which to launch the instances.\n", "language": { "python": { "mapCase": false } } }, "instanceType": { "type": "string", "description": "Instance type.\n", "language": { "python": { "mapCase": false } } }, "maxPrice": { "type": "string", "description": "Maximum price per unit hour that you are willing to pay for a Spot Instance.\n", "language": { "python": { "mapCase": false } } }, "priority": { "type": "number", "description": "Priority for the launch template override. If `on_demand_options` `allocation_strategy` is set to `prioritized`, EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity. The highest priority is launched first. The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. Valid values are whole numbers starting at 0.\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "ID of the subnet in which to launch the instances.\n", "language": { "python": { "mapCase": false } } }, "weightedCapacity": { "type": "number", "description": "Number of units provided by the specified instance type.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/FleetOnDemandOptions:FleetOnDemandOptions": { "properties": { "allocationStrategy": { "type": "string", "description": "How to allocate the target capacity across the Spot pools. Valid values: `diversified`, `lowestPrice`. Default: `lowestPrice`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/FleetSpotOptions:FleetSpotOptions": { "properties": { "allocationStrategy": { "type": "string", "description": "How to allocate the target capacity across the Spot pools. Valid values: `diversified`, `lowestPrice`. Default: `lowestPrice`.\n", "language": { "python": { "mapCase": false } } }, "instanceInterruptionBehavior": { "type": "string", "description": "Behavior when a Spot Instance is interrupted. Valid values: `hibernate`, `stop`, `terminate`. Default: `terminate`.\n", "language": { "python": { "mapCase": false } } }, "instancePoolsToUseCount": { "type": "integer", "description": "Number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot `allocation_strategy` is set to `lowestPrice`. Default: `1`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/FleetTargetCapacitySpecification:FleetTargetCapacitySpecification": { "properties": { "defaultTargetCapacityType": { "type": "string", "description": "Default target capacity type. Valid values: `on-demand`, `spot`.\n", "language": { "python": { "mapCase": false } } }, "onDemandTargetCapacity": { "type": "integer", "description": "The number of On-Demand units to request.\n", "language": { "python": { "mapCase": false } } }, "spotTargetCapacity": { "type": "integer", "description": "The number of Spot units to request.\n", "language": { "python": { "mapCase": false } } }, "totalTargetCapacity": { "type": "integer", "description": "The number of units to request, filled using `default_target_capacity_type`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "defaultTargetCapacityType", "totalTargetCapacity" ] }, "aws:ec2/InstanceCreditSpecification:InstanceCreditSpecification": { "properties": { "cpuCredits": { "type": "string", "description": "The credit option for CPU usage. Can be `\"standard\"` or `\"unlimited\"`. T3 instances are launched as unlimited by default. T2 instances are launched as standard by default.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/InstanceEbsBlockDevice:InstanceEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the volume should be destroyed\non instance termination (Default: `true`).\n", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "description": "The name of the device to mount.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "Enables [EBS\nencryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html)\non the volume (Default: `false`). Cannot be used with `snapshot_id`. Must be configured to perform drift detection.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "The amount of provisioned\n[IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html).\nThis must be set with a `volume_type` of `\"io1\"`.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection.\n", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "description": "The Snapshot ID to mount.\n", "language": { "python": { "mapCase": false } } }, "volumeId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of the volume in gibibytes (GiB).\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of volume. Can be `\"standard\"`, `\"gp2\"`,\nor `\"io1\"`. (Default: `\"gp2\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "kmsKeyId", "snapshotId", "volumeId", "volumeSize", "volumeType" ] } } }, "aws:ec2/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "The name of the block device to mount on the instance.\n", "language": { "python": { "mapCase": false } } }, "noDevice": { "type": "boolean", "description": "Suppresses the specified device included in the AMI's block device mapping.\n", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "description": "The [Instance Store Device\nName](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames)\n(e.g. `\"ephemeral0\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName" ] }, "aws:ec2/InstanceMetadataOptions:InstanceMetadataOptions": { "properties": { "httpEndpoint": { "type": "string", "description": "Whether the metadata service is available. Can be `\"enabled\"` or `\"disabled\"`. (Default: `\"enabled\"`).\n", "language": { "python": { "mapCase": false } } }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Can be an integer from `1` to `64`. (Default: `1`).\n", "language": { "python": { "mapCase": false } } }, "httpTokens": { "type": "string", "description": "Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2_. Can be `\"optional\"` or `\"required\"`. (Default: `\"optional\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "httpEndpoint", "httpPutResponseHopLimit", "httpTokens" ] } } }, "aws:ec2/InstanceNetworkInterface:InstanceNetworkInterface": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether or not to delete the network interface on instance termination. Defaults to `false`. Currently, the only valid value is `false`, as this is only supported when creating new network interfaces when launching an instance.\n", "language": { "python": { "mapCase": false } } }, "deviceIndex": { "type": "integer", "description": "The integer index of the network interface attachment. Limited by instance type.\n", "language": { "python": { "mapCase": false } } }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface to attach.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceIndex", "networkInterfaceId" ] }, "aws:ec2/InstanceRootBlockDevice:InstanceRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the volume should be destroyed\non instance termination (Default: `true`).\n", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "description": "The name of the device to mount.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "Enable volume encryption. (Default: `false`). Must be configured to perform drift detection.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "The amount of provisioned\n[IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html).\nThis is only valid for `volume_type` of `\"io1\"`, and must be specified if\nusing that type\n", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection.\n", "language": { "python": { "mapCase": false } } }, "volumeId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of the volume in gibibytes (GiB).\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of volume. Can be `\"standard\"`, `\"gp2\"`, `\"io1\"`, `\"sc1\"`, or `\"st1\"`. (Default: `\"standard\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "kmsKeyId", "volumeId", "volumeSize", "volumeType" ] } } }, "aws:ec2/LaunchConfigurationEbsBlockDevice:LaunchConfigurationEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "language": { "python": { "mapCase": false } } }, "noDevice": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "snapshotId", "volumeSize", "volumeType" ] } } }, "aws:ec2/LaunchConfigurationEphemeralBlockDevice:LaunchConfigurationEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName", "virtualName" ] }, "aws:ec2/LaunchConfigurationRootBlockDevice:LaunchConfigurationRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "encrypted", "iops", "volumeSize", "volumeType" ] } } }, "aws:ec2/LaunchTemplateBlockDeviceMapping:LaunchTemplateBlockDeviceMapping": { "properties": { "deviceName": { "type": "string", "description": "The name of the device to mount.\n", "language": { "python": { "mapCase": false } } }, "ebs": { "$ref": "#/types/aws:ec2/LaunchTemplateBlockDeviceMappingEbs:LaunchTemplateBlockDeviceMappingEbs", "description": "Configure EBS volume properties.\n", "language": { "python": { "mapCase": false } } }, "noDevice": { "type": "string", "description": "Suppresses the specified device included in the AMI's block device mapping.\n", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "description": "The [Instance Store Device\nName](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames)\n(e.g. `\"ephemeral0\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/LaunchTemplateBlockDeviceMappingEbs:LaunchTemplateBlockDeviceMappingEbs": { "properties": { "deleteOnTermination": { "type": "string", "description": "Whether the volume should be destroyed on instance termination. Defaults to `false` if not set. See [Preserving Amazon EBS Volumes on Instance Termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) for more information.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "string", "description": "Enables [EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html)\non the volume (Default: `false`). Cannot be used with `snapshot_id`.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "The amount of provisioned\n[IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html).\nThis must be set with a `volume_type` of `\"io1\"`.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "description": "The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume.\n`encrypted` must be set to `true` when this is set.\n", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "description": "The Snapshot ID to mount.\n", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of volume. Can be `\"standard\"`, `\"gp2\"`, or `\"io1\"`. (Default: `\"standard\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iops", "volumeSize", "volumeType" ] } } }, "aws:ec2/LaunchTemplateCapacityReservationSpecification:LaunchTemplateCapacityReservationSpecification": { "properties": { "capacityReservationPreference": { "type": "string", "description": "Indicates the instance's Capacity Reservation preferences. Can be `open` or `none`. (Default `none`).\n", "language": { "python": { "mapCase": false } } }, "capacityReservationTarget": { "$ref": "#/types/aws:ec2/LaunchTemplateCapacityReservationSpecificationCapacityReservationTarget:LaunchTemplateCapacityReservationSpecificationCapacityReservationTarget", "description": "Used to target a specific Capacity Reservation:\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/LaunchTemplateCapacityReservationSpecificationCapacityReservationTarget:LaunchTemplateCapacityReservationSpecificationCapacityReservationTarget": { "properties": { "capacityReservationId": { "type": "string", "description": "The ID of the Capacity Reservation to target.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/LaunchTemplateCpuOptions:LaunchTemplateCpuOptions": { "properties": { "coreCount": { "type": "integer", "description": "The number of CPU cores for the instance.\n", "language": { "python": { "mapCase": false } } }, "threadsPerCore": { "type": "integer", "description": "The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of 1.\nOtherwise, specify the default value of 2.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/LaunchTemplateCreditSpecification:LaunchTemplateCreditSpecification": { "properties": { "cpuCredits": { "type": "string", "description": "The credit option for CPU usage. Can be `\"standard\"` or `\"unlimited\"`. T3 instances are launched as unlimited by default. T2 instances are launched as standard by default.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/LaunchTemplateElasticGpuSpecification:LaunchTemplateElasticGpuSpecification": { "properties": { "type": { "type": "string", "description": "The [Elastic GPU Type](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-gpus.html#elastic-gpus-basics)\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:ec2/LaunchTemplateElasticInferenceAccelerator:LaunchTemplateElasticInferenceAccelerator": { "properties": { "type": { "type": "string", "description": "Accelerator type.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:ec2/LaunchTemplateHibernationOptions:LaunchTemplateHibernationOptions": { "properties": { "configured": { "type": "boolean", "description": "If set to `true`, the launched EC2 instance will hibernation enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "configured" ] }, "aws:ec2/LaunchTemplateIamInstanceProfile:LaunchTemplateIamInstanceProfile": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the instance profile.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the instance profile.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceMarketOptions:LaunchTemplateInstanceMarketOptions": { "properties": { "marketType": { "type": "string", "description": "The market type. Can be `spot`.\n", "language": { "python": { "mapCase": false } } }, "spotOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceMarketOptionsSpotOptions:LaunchTemplateInstanceMarketOptionsSpotOptions", "description": "The options for [Spot Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances.html)\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceMarketOptionsSpotOptions:LaunchTemplateInstanceMarketOptionsSpotOptions": { "properties": { "blockDurationMinutes": { "type": "integer", "description": "The required duration in minutes. This value must be a multiple of 60.\n", "language": { "python": { "mapCase": false } } }, "instanceInterruptionBehavior": { "type": "string", "description": "The behavior when a Spot Instance is interrupted. Can be `hibernate`,\n`stop`, or `terminate`. (Default: `terminate`).\n", "language": { "python": { "mapCase": false } } }, "maxPrice": { "type": "string", "description": "The maximum hourly price you're willing to pay for the Spot Instances.\n", "language": { "python": { "mapCase": false } } }, "spotInstanceType": { "type": "string", "description": "The Spot Instance request type. Can be `one-time`, or `persistent`.\n", "language": { "python": { "mapCase": false } } }, "validUntil": { "type": "string", "description": "The end date of the request.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "validUntil" ] } } }, "aws:ec2/LaunchTemplateLicenseSpecification:LaunchTemplateLicenseSpecification": { "properties": { "licenseConfigurationArn": { "type": "string", "description": "ARN of the license configuration.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "licenseConfigurationArn" ] }, "aws:ec2/LaunchTemplateMetadataOptions:LaunchTemplateMetadataOptions": { "properties": { "httpEndpoint": { "type": "string", "description": "Whether the metadata service is available. Can be `\"enabled\"` or `\"disabled\"`. (Default: `\"enabled\"`).\n", "language": { "python": { "mapCase": false } } }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Can be an integer from `1` to `64`. (Default: `1`).\n", "language": { "python": { "mapCase": false } } }, "httpTokens": { "type": "string", "description": "Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2_. Can be `\"optional\"` or `\"required\"`. (Default: `\"optional\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "httpEndpoint", "httpPutResponseHopLimit", "httpTokens" ] } } }, "aws:ec2/LaunchTemplateMonitoring:LaunchTemplateMonitoring": { "properties": { "enabled": { "type": "boolean", "description": "If `true`, the launched EC2 instance will have detailed monitoring enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/LaunchTemplateNetworkInterface:LaunchTemplateNetworkInterface": { "properties": { "associatePublicIpAddress": { "type": "string", "description": "Associate a public ip address with the network interface. Boolean value.\n", "language": { "python": { "mapCase": false } } }, "deleteOnTermination": { "type": "boolean", "description": "Whether the network interface should be destroyed on instance termination. Defaults to `false` if not set.\n", "language": { "python": { "mapCase": false } } }, "description": { "type": "string", "description": "Description of the network interface.\n", "language": { "python": { "mapCase": false } } }, "deviceIndex": { "type": "integer", "description": "The integer index of the network interface attachment.\n", "language": { "python": { "mapCase": false } } }, "ipv4AddressCount": { "type": "integer", "description": "The number of secondary private IPv4 addresses to assign to a network interface. Conflicts with `ipv4_addresses`\n", "language": { "python": { "mapCase": false } } }, "ipv4Addresses": { "type": "array", "items": { "type": "string" }, "description": "One or more private IPv4 addresses to associate. Conflicts with `ipv4_address_count`\n", "language": { "python": { "mapCase": false } } }, "ipv6AddressCount": { "type": "integer", "description": "The number of IPv6 addresses to assign to a network interface. Conflicts with `ipv6_addresses`\n", "language": { "python": { "mapCase": false } } }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. Conflicts with `ipv6_address_count`\n", "language": { "python": { "mapCase": false } } }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface to attach.\n", "language": { "python": { "mapCase": false } } }, "privateIpAddress": { "type": "string", "description": "The primary private IPv4 address.\n", "language": { "python": { "mapCase": false } } }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate.\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "The VPC Subnet ID to associate.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/LaunchTemplatePlacement:LaunchTemplatePlacement": { "properties": { "affinity": { "type": "string", "description": "The affinity setting for an instance on a Dedicated Host.\n", "language": { "python": { "mapCase": false } } }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the instance.\n", "language": { "python": { "mapCase": false } } }, "groupName": { "type": "string", "description": "The name of the placement group for the instance.\n", "language": { "python": { "mapCase": false } } }, "hostId": { "type": "string", "description": "The ID of the Dedicated Host for the instance.\n", "language": { "python": { "mapCase": false } } }, "partitionNumber": { "type": "integer", "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.\n", "language": { "python": { "mapCase": false } } }, "spreadDomain": { "type": "string", "description": "Reserved for future use.\n", "language": { "python": { "mapCase": false } } }, "tenancy": { "type": "string", "description": "The tenancy of the instance (if the instance is running in a VPC). Can be `default`, `dedicated`, or `host`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/LaunchTemplateTagSpecification:LaunchTemplateTagSpecification": { "properties": { "resourceType": { "type": "string", "description": "The type of resource to tag. Valid values are `instance` and `volume`.\n", "language": { "python": { "mapCase": false } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/NetworkAclEgress:NetworkAclEgress": { "properties": { "action": { "type": "string", "description": "The action to take.\n", "language": { "python": { "mapCase": false } } }, "cidrBlock": { "type": "string", "description": "The CIDR block to match. This must be a\nvalid network mask.\n", "language": { "python": { "mapCase": false } } }, "fromPort": { "type": "integer", "description": "The from port to match.\n", "language": { "python": { "mapCase": false } } }, "icmpCode": { "type": "integer", "description": "The ICMP type code to be used. Default 0.\n", "language": { "python": { "mapCase": false } } }, "icmpType": { "type": "integer", "description": "The ICMP type to be used. Default 0.\n", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol to match. If using the -1 'all'\nprotocol, you must specify a from and to port of 0.\n", "language": { "python": { "mapCase": false } } }, "ruleNo": { "type": "integer", "description": "The rule number. Used for ordering.\n", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "description": "The to port to match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "action", "fromPort", "protocol", "ruleNo", "toPort" ] }, "aws:ec2/NetworkAclIngress:NetworkAclIngress": { "properties": { "action": { "type": "string", "description": "The action to take.\n", "language": { "python": { "mapCase": false } } }, "cidrBlock": { "type": "string", "description": "The CIDR block to match. This must be a\nvalid network mask.\n", "language": { "python": { "mapCase": false } } }, "fromPort": { "type": "integer", "description": "The from port to match.\n", "language": { "python": { "mapCase": false } } }, "icmpCode": { "type": "integer", "description": "The ICMP type code to be used. Default 0.\n", "language": { "python": { "mapCase": false } } }, "icmpType": { "type": "integer", "description": "The ICMP type to be used. Default 0.\n", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol to match. If using the -1 'all'\nprotocol, you must specify a from and to port of 0.\n", "language": { "python": { "mapCase": false } } }, "ruleNo": { "type": "integer", "description": "The rule number. Used for ordering.\n", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "description": "The to port to match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "action", "fromPort", "protocol", "ruleNo", "toPort" ] }, "aws:ec2/NetworkInterfaceAttachment:NetworkInterfaceAttachment": { "properties": { "attachmentId": { "type": "string", "language": { "python": { "mapCase": false } } }, "deviceIndex": { "type": "integer", "description": "Integer to define the devices index.\n", "language": { "python": { "mapCase": false } } }, "instance": { "type": "string", "description": "ID of the instance to attach to.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceIndex", "instance" ], "language": { "nodejs": { "requiredOutputs": [ "attachmentId", "deviceIndex", "instance" ] } } }, "aws:ec2/PeeringConnectionOptionsAccepter:PeeringConnectionOptionsAccepter": { "properties": { "allowClassicLinkToRemoteVpc": { "type": "boolean", "description": "Allow a local linked EC2-Classic instance to communicate\nwith instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection\nto the remote VPC. This option is not supported for inter-region VPC peering.\n", "language": { "python": { "mapCase": false } } }, "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Allow a local VPC to resolve public DNS hostnames to\nprivate IP addresses when queried from instances in the peer VPC.\n", "language": { "python": { "mapCase": false } } }, "allowVpcToRemoteClassicLink": { "type": "boolean", "description": "Allow a local VPC to communicate with a linked EC2-Classic\ninstance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink\nconnection. This option is not supported for inter-region VPC peering.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/PeeringConnectionOptionsRequester:PeeringConnectionOptionsRequester": { "properties": { "allowClassicLinkToRemoteVpc": { "type": "boolean", "description": "Allow a local linked EC2-Classic instance to communicate\nwith instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection\nto the remote VPC. This option is not supported for inter-region VPC peering.\n", "language": { "python": { "mapCase": false } } }, "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Allow a local VPC to resolve public DNS hostnames to\nprivate IP addresses when queried from instances in the peer VPC.\n", "language": { "python": { "mapCase": false } } }, "allowVpcToRemoteClassicLink": { "type": "boolean", "description": "Allow a local VPC to communicate with a linked EC2-Classic\ninstance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink\nconnection. This option is not supported for inter-region VPC peering.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/RouteTableRoute:RouteTableRoute": { "properties": { "cidrBlock": { "type": "string", "description": "The CIDR block of the route.\n", "language": { "python": { "mapCase": false } } }, "egressOnlyGatewayId": { "type": "string", "description": "Identifier of a VPC Egress Only Internet Gateway.\n", "language": { "python": { "mapCase": false } } }, "gatewayId": { "type": "string", "description": "Identifier of a VPC internet gateway or a virtual private gateway.\n", "language": { "python": { "mapCase": false } } }, "instanceId": { "type": "string", "description": "Identifier of an EC2 instance.\n", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlock": { "type": "string", "description": "The Ipv6 CIDR block of the route.\n", "language": { "python": { "mapCase": false } } }, "natGatewayId": { "type": "string", "description": "Identifier of a VPC NAT gateway.\n", "language": { "python": { "mapCase": false } } }, "networkInterfaceId": { "type": "string", "description": "Identifier of an EC2 network interface.\n", "language": { "python": { "mapCase": false } } }, "transitGatewayId": { "type": "string", "description": "Identifier of an EC2 Transit Gateway.\n", "language": { "python": { "mapCase": false } } }, "vpcPeeringConnectionId": { "type": "string", "description": "Identifier of a VPC peering connection.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/SecurityGroupEgress:SecurityGroupEgress": { "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks.\n", "language": { "python": { "mapCase": false } } }, "description": { "type": "string", "description": "Description of this egress rule.\n", "language": { "python": { "mapCase": false } } }, "fromPort": { "type": "integer", "description": "The start port (or ICMP type number if protocol is \"icmp\")\n", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks.\n", "language": { "python": { "mapCase": false } } }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of prefix list IDs (for allowing access to VPC endpoints)\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol. If you select a protocol of\n\"-1\" (semantically equivalent to `\"all\"`, which is not a valid value here), you must specify a \"from_port\" and \"to_port\" equal to 0. If not icmp, tcp, udp, or \"-1\" use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)\n", "language": { "python": { "mapCase": false } } }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group Group Names if using\nEC2-Classic, or Group IDs if using a VPC.\n", "language": { "python": { "mapCase": false } } }, "self": { "type": "boolean", "description": "If true, the security group itself will be added as\na source to this egress rule.\n", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "description": "The end range port (or ICMP code if protocol is \"icmp\").\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fromPort", "protocol", "toPort" ] }, "aws:ec2/SecurityGroupIngress:SecurityGroupIngress": { "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks.\n", "language": { "python": { "mapCase": false } } }, "description": { "type": "string", "description": "Description of this egress rule.\n", "language": { "python": { "mapCase": false } } }, "fromPort": { "type": "integer", "description": "The start port (or ICMP type number if protocol is \"icmp\")\n", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks.\n", "language": { "python": { "mapCase": false } } }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of prefix list IDs (for allowing access to VPC endpoints)\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol. If you select a protocol of\n\"-1\" (semantically equivalent to `\"all\"`, which is not a valid value here), you must specify a \"from_port\" and \"to_port\" equal to 0. If not icmp, tcp, udp, or \"-1\" use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)\n", "language": { "python": { "mapCase": false } } }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group Group Names if using\nEC2-Classic, or Group IDs if using a VPC.\n", "language": { "python": { "mapCase": false } } }, "self": { "type": "boolean", "description": "If true, the security group itself will be added as\na source to this egress rule.\n", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "description": "The end range port (or ICMP code if protocol is \"icmp\").\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fromPort", "protocol", "toPort" ] }, "aws:ec2/SpotFleetRequestLaunchSpecification:SpotFleetRequestLaunchSpecification": { "properties": { "ami": { "type": "string", "language": { "python": { "mapCase": false } } }, "associatePublicIpAddress": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "availabilityZone": { "type": "string", "description": "The availability zone in which to place the request.\n", "language": { "python": { "mapCase": false } } }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecificationEbsBlockDevice:SpotFleetRequestLaunchSpecificationEbsBlockDevice" }, "language": { "python": { "mapCase": false } } }, "ebsOptimized": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecificationEphemeralBlockDevice:SpotFleetRequestLaunchSpecificationEphemeralBlockDevice" }, "language": { "python": { "mapCase": false } } }, "iamInstanceProfile": { "type": "string", "language": { "python": { "mapCase": false } } }, "iamInstanceProfileArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "instanceType": { "type": "string", "description": "The type of instance to request.\n", "language": { "python": { "mapCase": false } } }, "keyName": { "type": "string", "language": { "python": { "mapCase": false } } }, "monitoring": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "placementGroup": { "type": "string", "language": { "python": { "mapCase": false } } }, "placementTenancy": { "type": "string", "language": { "python": { "mapCase": false } } }, "rootBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecificationRootBlockDevice:SpotFleetRequestLaunchSpecificationRootBlockDevice" }, "language": { "python": { "mapCase": false } } }, "spotPrice": { "type": "string", "description": "The maximum spot bid for this override request.\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "The subnet in which to launch the requested instance.\n", "language": { "python": { "mapCase": false } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n", "language": { "python": { "mapCase": false } } }, "userData": { "type": "string", "language": { "python": { "mapCase": false } } }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "weightedCapacity": { "type": "string", "description": "The capacity added to the fleet by a fulfilled request.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "ami", "instanceType" ], "language": { "nodejs": { "requiredOutputs": [ "ami", "availabilityZone", "ebsBlockDevices", "ephemeralBlockDevices", "instanceType", "keyName", "placementGroup", "rootBlockDevices", "subnetId", "vpcSecurityGroupIds" ] } } }, "aws:ec2/SpotFleetRequestLaunchSpecificationEbsBlockDevice:SpotFleetRequestLaunchSpecificationEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "kmsKeyId", "snapshotId", "volumeSize", "volumeType" ] } } }, "aws:ec2/SpotFleetRequestLaunchSpecificationEphemeralBlockDevice:SpotFleetRequestLaunchSpecificationEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName", "virtualName" ] }, "aws:ec2/SpotFleetRequestLaunchSpecificationRootBlockDevice:SpotFleetRequestLaunchSpecificationRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "encrypted", "iops", "kmsKeyId", "volumeSize", "volumeType" ] } } }, "aws:ec2/SpotFleetRequestLaunchTemplateConfig:SpotFleetRequestLaunchTemplateConfig": { "properties": { "launchTemplateSpecification": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecification:SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecification", "description": "Launch template specification. See Launch Template Specification below for more details.\n", "language": { "python": { "mapCase": false } } }, "overrides": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverride:SpotFleetRequestLaunchTemplateConfigOverride" }, "description": "One or more override configurations. See Overrides below for more details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "launchTemplateSpecification" ] }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecification:SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecification": { "properties": { "id": { "type": "string", "description": "The ID of the launch template. Conflicts with `name`.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the launch template. Conflicts with `id`.\n", "language": { "python": { "mapCase": false } } }, "version": { "type": "string", "description": "Template version. Unlike the autoscaling equivalent, does not support `$Latest` or `$Default`, so use the launch_template resource's attribute, e.g. `\"${aws_launch_template.foo.latest_version}\"`. It will use the default version if omitted.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverride:SpotFleetRequestLaunchTemplateConfigOverride": { "properties": { "availabilityZone": { "type": "string", "description": "The availability zone in which to place the request.\n", "language": { "python": { "mapCase": false } } }, "instanceType": { "type": "string", "description": "The type of instance to request.\n", "language": { "python": { "mapCase": false } } }, "priority": { "type": "number", "description": "The priority for the launch template override. The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority.\n", "language": { "python": { "mapCase": false } } }, "spotPrice": { "type": "string", "description": "The maximum spot bid for this override request.\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "The subnet in which to launch the requested instance.\n", "language": { "python": { "mapCase": false } } }, "weightedCapacity": { "type": "number", "description": "The capacity added to the fleet by a fulfilled request.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "priority", "spotPrice", "subnetId", "weightedCapacity" ] } } }, "aws:ec2/SpotInstanceRequestCreditSpecification:SpotInstanceRequestCreditSpecification": { "properties": { "cpuCredits": { "type": "string", "description": "The credit option for CPU usage. Can be `\"standard\"` or `\"unlimited\"`. T3 instances are launched as unlimited by default. T2 instances are launched as standard by default.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/SpotInstanceRequestEbsBlockDevice:SpotInstanceRequestEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the volume should be destroyed\non instance termination (Default: `true`).\n", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "description": "The name of the device to mount.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "Enables [EBS\nencryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html)\non the volume (Default: `false`). Cannot be used with `snapshot_id`. Must be configured to perform drift detection.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "The amount of provisioned\n[IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html).\nThis must be set with a `volume_type` of `\"io1\"`.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection.\n", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "description": "The Snapshot ID to mount.\n", "language": { "python": { "mapCase": false } } }, "volumeId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of the volume in gibibytes (GiB).\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of volume. Can be `\"standard\"`, `\"gp2\"`,\nor `\"io1\"`. (Default: `\"gp2\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "kmsKeyId", "snapshotId", "volumeId", "volumeSize", "volumeType" ] } } }, "aws:ec2/SpotInstanceRequestEphemeralBlockDevice:SpotInstanceRequestEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "The name of the block device to mount on the instance.\n", "language": { "python": { "mapCase": false } } }, "noDevice": { "type": "boolean", "description": "Suppresses the specified device included in the AMI's block device mapping.\n", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "description": "The [Instance Store Device\nName](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames)\n(e.g. `\"ephemeral0\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName" ] }, "aws:ec2/SpotInstanceRequestMetadataOptions:SpotInstanceRequestMetadataOptions": { "properties": { "httpEndpoint": { "type": "string", "description": "Whether the metadata service is available. Can be `\"enabled\"` or `\"disabled\"`. (Default: `\"enabled\"`).\n", "language": { "python": { "mapCase": false } } }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Can be an integer from `1` to `64`. (Default: `1`).\n", "language": { "python": { "mapCase": false } } }, "httpTokens": { "type": "string", "description": "Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2_. Can be `\"optional\"` or `\"required\"`. (Default: `\"optional\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "httpEndpoint", "httpPutResponseHopLimit", "httpTokens" ] } } }, "aws:ec2/SpotInstanceRequestNetworkInterface:SpotInstanceRequestNetworkInterface": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether or not to delete the network interface on instance termination. Defaults to `false`. Currently, the only valid value is `false`, as this is only supported when creating new network interfaces when launching an instance.\n", "language": { "python": { "mapCase": false } } }, "deviceIndex": { "type": "integer", "description": "The integer index of the network interface attachment. Limited by instance type.\n", "language": { "python": { "mapCase": false } } }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface to attach.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceIndex", "networkInterfaceId" ] }, "aws:ec2/SpotInstanceRequestRootBlockDevice:SpotInstanceRequestRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the volume should be destroyed\non instance termination (Default: `true`).\n", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "description": "The name of the device to mount.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "Enable volume encryption. (Default: `false`). Must be configured to perform drift detection.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "The amount of provisioned\n[IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html).\nThis is only valid for `volume_type` of `\"io1\"`, and must be specified if\nusing that type\n", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection.\n", "language": { "python": { "mapCase": false } } }, "volumeId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of the volume in gibibytes (GiB).\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of volume. Can be `\"standard\"`, `\"gp2\"`, `\"io1\"`, `\"sc1\"`, or `\"st1\"`. (Default: `\"standard\"`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "kmsKeyId", "volumeId", "volumeSize", "volumeType" ] } } }, "aws:ec2/TrafficMirrorFilterRuleDestinationPortRange:TrafficMirrorFilterRuleDestinationPortRange": { "properties": { "fromPort": { "type": "integer", "description": "Starting port of the range\n", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "description": "Ending port of the range\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/TrafficMirrorFilterRuleSourcePortRange:TrafficMirrorFilterRuleSourcePortRange": { "properties": { "fromPort": { "type": "integer", "description": "Starting port of the range\n", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "description": "Ending port of the range\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/VpcEndpointDnsEntry:VpcEndpointDnsEntry": { "properties": { "dnsName": { "type": "string", "description": "The DNS name.\n", "language": { "python": { "mapCase": false } } }, "hostedZoneId": { "type": "string", "description": "The ID of the private hosted zone.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dnsName", "hostedZoneId" ] } } }, "aws:ec2/VpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter": { "properties": { "allowClassicLinkToRemoteVpc": { "type": "boolean", "description": "Allow a local linked EC2-Classic instance to communicate\nwith instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection\nto the remote VPC.\n", "language": { "python": { "mapCase": false } } }, "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Allow a local VPC to resolve public DNS hostnames to\nprivate IP addresses when queried from instances in the peer VPC. This is\n[not supported](https://docs.aws.amazon.com/vpc/latest/peering/modify-peering-connections.html) for\ninter-region VPC peering.\n", "language": { "python": { "mapCase": false } } }, "allowVpcToRemoteClassicLink": { "type": "boolean", "description": "Allow a local VPC to communicate with a linked EC2-Classic\ninstance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink\nconnection.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/VpcPeeringConnectionAccepterAccepter:VpcPeeringConnectionAccepterAccepter": { "properties": { "allowClassicLinkToRemoteVpc": { "type": "boolean", "description": "Indicates whether a local ClassicLink connection can communicate\nwith the peer VPC over the VPC Peering Connection.\n", "language": { "python": { "mapCase": false } } }, "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Indicates whether a local VPC can resolve public DNS hostnames to\nprivate IP addresses when queried from instances in a peer VPC.\n", "language": { "python": { "mapCase": false } } }, "allowVpcToRemoteClassicLink": { "type": "boolean", "description": "Indicates whether a local VPC can communicate with a ClassicLink\nconnection in the peer VPC over the VPC Peering Connection.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/VpcPeeringConnectionAccepterRequester:VpcPeeringConnectionAccepterRequester": { "properties": { "allowClassicLinkToRemoteVpc": { "type": "boolean", "description": "Indicates whether a local ClassicLink connection can communicate\nwith the peer VPC over the VPC Peering Connection.\n", "language": { "python": { "mapCase": false } } }, "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Indicates whether a local VPC can resolve public DNS hostnames to\nprivate IP addresses when queried from instances in a peer VPC.\n", "language": { "python": { "mapCase": false } } }, "allowVpcToRemoteClassicLink": { "type": "boolean", "description": "Indicates whether a local VPC can communicate with a ClassicLink\nconnection in the peer VPC over the VPC Peering Connection.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/VpcPeeringConnectionRequester:VpcPeeringConnectionRequester": { "properties": { "allowClassicLinkToRemoteVpc": { "type": "boolean", "description": "Allow a local linked EC2-Classic instance to communicate\nwith instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection\nto the remote VPC.\n", "language": { "python": { "mapCase": false } } }, "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Allow a local VPC to resolve public DNS hostnames to\nprivate IP addresses when queried from instances in the peer VPC. This is\n[not supported](https://docs.aws.amazon.com/vpc/latest/peering/modify-peering-connections.html) for\ninter-region VPC peering.\n", "language": { "python": { "mapCase": false } } }, "allowVpcToRemoteClassicLink": { "type": "boolean", "description": "Allow a local VPC to communicate with a linked EC2-Classic\ninstance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink\nconnection.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ec2/VpnConnectionRoute:VpnConnectionRoute": { "properties": { "destinationCidrBlock": { "type": "string", "language": { "python": { "mapCase": false } } }, "source": { "type": "string", "language": { "python": { "mapCase": false } } }, "state": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destinationCidrBlock", "source", "state" ] } } }, "aws:ec2/VpnConnectionVgwTelemetry:VpnConnectionVgwTelemetry": { "properties": { "acceptedRouteCount": { "type": "integer", "language": { "python": { "mapCase": false } } }, "lastStatusChange": { "type": "string", "language": { "python": { "mapCase": false } } }, "outsideIpAddress": { "type": "string", "language": { "python": { "mapCase": false } } }, "status": { "type": "string", "language": { "python": { "mapCase": false } } }, "statusMessage": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "acceptedRouteCount", "lastStatusChange", "outsideIpAddress", "status", "statusMessage" ] } } }, "aws:ec2/getCoipPoolFilter:getCoipPoolFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA COIP Pool will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getCoipPoolsFilter:getCoipPoolsFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA COIP Pool will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getCustomerGatewayFilter:getCustomerGatewayFilter": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInstanceCreditSpecification:getInstanceCreditSpecification": { "properties": { "cpuCredits": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cpuCredits" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceEbsBlockDevice:getInstanceEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "If the root block device will be deleted on termination.\n", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "description": "The physical name of the device.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "If the EBS volume is encrypted.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "`0` If the volume is not a provisioned IOPS image, otherwise the supported IOPS count.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "description": "The ID of the snapshot.\n", "language": { "python": { "mapCase": false } } }, "volumeId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of the volume, in GiB.\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of the volume.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deleteOnTermination", "deviceName", "encrypted", "iops", "kmsKeyId", "snapshotId", "volumeId", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceEphemeralBlockDevice:getInstanceEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "The physical name of the device.\n", "language": { "python": { "mapCase": false } } }, "noDevice": { "type": "boolean", "description": "Whether the specified device included in the device mapping was suppressed or not (Boolean).\n", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "description": "The virtual device name.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceFilter:getInstanceFilter": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInstanceMetadataOption:getInstanceMetadataOption": { "properties": { "httpEndpoint": { "type": "string", "description": "The state of the metadata service: `enabled`, `disabled`.\n", "language": { "python": { "mapCase": false } } }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests.\n", "language": { "python": { "mapCase": false } } }, "httpTokens": { "type": "string", "description": "If session tokens are required: `optional`, `required`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "httpEndpoint", "httpPutResponseHopLimit", "httpTokens" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceRootBlockDevice:getInstanceRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "If the root block device will be deleted on termination.\n", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "description": "The physical name of the device.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "If the EBS volume is encrypted.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "`0` If the volume is not a provisioned IOPS image, otherwise the supported IOPS count.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of the volume, in GiB.\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of the volume.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deleteOnTermination", "deviceName", "encrypted", "iops", "kmsKeyId", "volumeId", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceTypeOfferingFilter:getInstanceTypeOfferingFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter. The `location` filter depends on the top-level `location_type` argument and if not specified, defaults to the current region.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInstanceTypeOfferingsFilter:getInstanceTypeOfferingsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter. The `location` filter depends on the top-level `location_type` argument and if not specified, defaults to the current region.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInstancesFilter:getInstancesFilter": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInternetGatewayAttachment:getInternetGatewayAttachment": { "properties": { "state": { "type": "string", "description": "The current state of the attachment between the gateway and the VPC. Present only if a VPC is attached\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "description": "The ID of an attached VPC.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "state", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInternetGatewayFilter:getInternetGatewayFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nAn Internet Gateway will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLaunchConfigurationEbsBlockDevice:getLaunchConfigurationEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the EBS Volume will be deleted on instance termination.\n", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "description": "The Name of the device.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "Whether the volume is Encrypted.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "The provisioned IOPs of the volume.\n", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "description": "The Snapshot ID of the mount.\n", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The Size of the volume.\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The Type of the volume.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deleteOnTermination", "deviceName", "encrypted", "iops", "snapshotId", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchConfigurationEphemeralBlockDevice:getLaunchConfigurationEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "The Name of the device.\n", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "description": "The Virtual Name of the device.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName", "virtualName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchConfigurationRootBlockDevice:getLaunchConfigurationRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the EBS Volume will be deleted on instance termination.\n", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "boolean", "description": "Whether the volume is Encrypted.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "The provisioned IOPs of the volume.\n", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The Size of the volume.\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The Type of the volume.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deleteOnTermination", "encrypted", "iops", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateBlockDeviceMapping:getLaunchTemplateBlockDeviceMapping": { "properties": { "deviceName": { "type": "string", "language": { "python": { "mapCase": false } } }, "ebs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateBlockDeviceMappingEb:getLaunchTemplateBlockDeviceMappingEb" }, "language": { "python": { "mapCase": false } } }, "noDevice": { "type": "string", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName", "ebs", "noDevice", "virtualName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateBlockDeviceMappingEb:getLaunchTemplateBlockDeviceMappingEb": { "properties": { "deleteOnTermination": { "type": "string", "language": { "python": { "mapCase": false } } }, "encrypted": { "type": "string", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deleteOnTermination", "encrypted", "iops", "kmsKeyId", "snapshotId", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateCreditSpecification:getLaunchTemplateCreditSpecification": { "properties": { "cpuCredits": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cpuCredits" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateElasticGpuSpecification:getLaunchTemplateElasticGpuSpecification": { "properties": { "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateFilter:getLaunchTemplateFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribeLaunchTemplates API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLaunchTemplateHibernationOption:getLaunchTemplateHibernationOption": { "properties": { "configured": { "type": "boolean", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "configured" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateIamInstanceProfile:getLaunchTemplateIamInstanceProfile": { "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the launch template.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribeLaunchTemplates API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceMarketOption:getLaunchTemplateInstanceMarketOption": { "properties": { "marketType": { "type": "string", "language": { "python": { "mapCase": false } } }, "spotOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceMarketOptionSpotOption:getLaunchTemplateInstanceMarketOptionSpotOption" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "marketType", "spotOptions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceMarketOptionSpotOption:getLaunchTemplateInstanceMarketOptionSpotOption": { "properties": { "blockDurationMinutes": { "type": "integer", "language": { "python": { "mapCase": false } } }, "instanceInterruptionBehavior": { "type": "string", "language": { "python": { "mapCase": false } } }, "maxPrice": { "type": "string", "language": { "python": { "mapCase": false } } }, "spotInstanceType": { "type": "string", "language": { "python": { "mapCase": false } } }, "validUntil": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "blockDurationMinutes", "instanceInterruptionBehavior", "maxPrice", "spotInstanceType", "validUntil" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateMetadataOption:getLaunchTemplateMetadataOption": { "properties": { "httpEndpoint": { "type": "string", "description": "The state of the metadata service: `enabled`, `disabled`.\n", "language": { "python": { "mapCase": false } } }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests.\n", "language": { "python": { "mapCase": false } } }, "httpTokens": { "type": "string", "description": "If session tokens are required: `optional`, `required`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "httpEndpoint", "httpPutResponseHopLimit", "httpTokens" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateMonitoring:getLaunchTemplateMonitoring": { "properties": { "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateNetworkInterface:getLaunchTemplateNetworkInterface": { "properties": { "associatePublicIpAddress": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "deleteOnTermination": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "description": { "type": "string", "description": "Description of the launch template.\n", "language": { "python": { "mapCase": false } } }, "deviceIndex": { "type": "integer", "language": { "python": { "mapCase": false } } }, "ipv4AddressCount": { "type": "integer", "language": { "python": { "mapCase": false } } }, "ipv4Addresses": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "ipv6AddressCount": { "type": "integer", "language": { "python": { "mapCase": false } } }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "networkInterfaceId": { "type": "string", "language": { "python": { "mapCase": false } } }, "privateIpAddress": { "type": "string", "language": { "python": { "mapCase": false } } }, "securityGroups": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deleteOnTermination", "description", "deviceIndex", "ipv4AddressCount", "ipv4Addresses", "ipv6AddressCount", "ipv6Addresses", "networkInterfaceId", "privateIpAddress", "securityGroups", "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplatePlacement:getLaunchTemplatePlacement": { "properties": { "affinity": { "type": "string", "language": { "python": { "mapCase": false } } }, "availabilityZone": { "type": "string", "language": { "python": { "mapCase": false } } }, "groupName": { "type": "string", "language": { "python": { "mapCase": false } } }, "hostId": { "type": "string", "language": { "python": { "mapCase": false } } }, "partitionNumber": { "type": "integer", "language": { "python": { "mapCase": false } } }, "spreadDomain": { "type": "string", "language": { "python": { "mapCase": false } } }, "tenancy": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "affinity", "availabilityZone", "groupName", "hostId", "partitionNumber", "spreadDomain", "tenancy" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateTagSpecification:getLaunchTemplateTagSpecification": { "properties": { "resourceType": { "type": "string", "language": { "python": { "mapCase": false } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match a pair on the desired Launch Template.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "resourceType", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLocalGatewayFilter:getLocalGatewayFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Local Gateway will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewayRouteTableFilter:getLocalGatewayRouteTableFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA local gateway route table will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewayRouteTablesFilter:getLocalGatewayRouteTablesFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Local Gateway Route Table will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewayVirtualInterfaceFilter:getLocalGatewayVirtualInterfaceFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewayVirtualInterfaceGroupFilter:getLocalGatewayVirtualInterfaceGroupFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewayVirtualInterfaceGroupsFilter:getLocalGatewayVirtualInterfaceGroupsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewaysFilter:getLocalGatewaysFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Local Gateway will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNatGatewayFilter:getNatGatewayFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nAn Nat Gateway will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNetworkAclsFilter:getNetworkAclsFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNetworkInterfaceAssociation:getNetworkInterfaceAssociation": { "properties": { "allocationId": { "type": "string", "description": "The allocation ID.\n", "language": { "python": { "mapCase": false } } }, "associationId": { "type": "string", "description": "The association ID.\n", "language": { "python": { "mapCase": false } } }, "ipOwnerId": { "type": "string", "description": "The ID of the Elastic IP address owner.\n", "language": { "python": { "mapCase": false } } }, "publicDnsName": { "type": "string", "description": "The public DNS name.\n", "language": { "python": { "mapCase": false } } }, "publicIp": { "type": "string", "description": "The address of the Elastic IP address bound to the network interface.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "allocationId", "associationId", "ipOwnerId", "publicDnsName", "publicIp" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInterfaceAttachment:getNetworkInterfaceAttachment": { "properties": { "attachmentId": { "type": "string", "language": { "python": { "mapCase": false } } }, "deviceIndex": { "type": "integer", "language": { "python": { "mapCase": false } } }, "instanceId": { "type": "string", "language": { "python": { "mapCase": false } } }, "instanceOwnerId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "attachmentId", "deviceIndex", "instanceId", "instanceOwnerId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInterfaceFilter:getNetworkInterfaceFilter": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNetworkInterfacesFilter:getNetworkInterfacesFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaces.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getRouteTableAssociation:getRouteTableAssociation": { "properties": { "gatewayId": { "type": "string", "description": "The id of an Internet Gateway or Virtual Private Gateway which is connected to the Route Table (not exported if not passed as a parameter).\n", "language": { "python": { "mapCase": false } } }, "main": { "type": "boolean", "description": "If the Association due to the Main Route Table.\n", "language": { "python": { "mapCase": false } } }, "routeTableAssociationId": { "type": "string", "description": "The Association ID.\n", "language": { "python": { "mapCase": false } } }, "routeTableId": { "type": "string", "description": "The id of the specific Route Table to retrieve.\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "The id of a Subnet which is connected to the Route Table (not exported if not passed as a parameter).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "gatewayId", "main", "routeTableAssociationId", "routeTableId", "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getRouteTableFilter:getRouteTableFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Route Table will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getRouteTableRoute:getRouteTableRoute": { "properties": { "cidrBlock": { "type": "string", "description": "The CIDR block of the route.\n", "language": { "python": { "mapCase": false } } }, "egressOnlyGatewayId": { "type": "string", "description": "The ID of the Egress Only Internet Gateway.\n", "language": { "python": { "mapCase": false } } }, "gatewayId": { "type": "string", "description": "The id of an Internet Gateway or Virtual Private Gateway which is connected to the Route Table (not exported if not passed as a parameter).\n", "language": { "python": { "mapCase": false } } }, "instanceId": { "type": "string", "description": "The EC2 instance ID.\n", "language": { "python": { "mapCase": false } } }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block of the route.\n", "language": { "python": { "mapCase": false } } }, "natGatewayId": { "type": "string", "description": "The NAT Gateway ID.\n", "language": { "python": { "mapCase": false } } }, "networkInterfaceId": { "type": "string", "description": "The ID of the elastic network interface (eni) to use.\n", "language": { "python": { "mapCase": false } } }, "transitGatewayId": { "type": "string", "description": "The EC2 Transit Gateway ID.\n", "language": { "python": { "mapCase": false } } }, "vpcPeeringConnectionId": { "type": "string", "description": "The VPC Peering ID.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cidrBlock", "egressOnlyGatewayId", "gatewayId", "instanceId", "ipv6CidrBlock", "natGatewayId", "networkInterfaceId", "transitGatewayId", "vpcPeeringConnectionId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getRouteTablesFilter:getRouteTablesFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Route Table will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getSecurityGroupFilter:getSecurityGroupFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Security Group will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getSecurityGroupsFilter:getSecurityGroupsFilter": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getSubnetFilter:getSubnetFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html).\nFor example, if matching against tag `Name`, use:\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA subnet will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getSubnetIdsFilter:getSubnetIdsFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html).\nFor example, if matching against tag `Name`, use:\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nSubnet IDs will be selected if any one of the given values match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcCidrBlockAssociation:getVpcCidrBlockAssociation": { "properties": { "associationId": { "type": "string", "description": "The association ID for the the IPv4 CIDR block.\n", "language": { "python": { "mapCase": false } } }, "cidrBlock": { "type": "string", "description": "The cidr block of the desired VPC.\n", "language": { "python": { "mapCase": false } } }, "state": { "type": "string", "description": "The current state of the desired VPC.\nCan be either `\"pending\"` or `\"available\"`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "associationId", "cidrBlock", "state" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcDhcpOptionsFilter:getVpcDhcpOptionsFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values for filtering.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcEndpointDnsEntry:getVpcEndpointDnsEntry": { "properties": { "dnsName": { "type": "string", "description": "The DNS name.\n", "language": { "python": { "mapCase": false } } }, "hostedZoneId": { "type": "string", "description": "The ID of the private hosted zone.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dnsName", "hostedZoneId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcEndpointFilter:getVpcEndpointFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC Endpoint will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcEndpointServiceFilter:getVpcEndpointServiceFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribeVpcEndpointServices API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServices.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcFilter:getVpcFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcPeeringConnectionFilter:getVpcPeeringConnectionFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC Peering Connection will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcsFilter:getVpcsFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpnGatewayFilter:getVpnGatewayFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPN Gateway will be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2clientvpn/EndpointAuthenticationOption:EndpointAuthenticationOption": { "properties": { "activeDirectoryId": { "type": "string", "description": "The ID of the Active Directory to be used for authentication if type is `directory-service-authentication`.\n", "language": { "python": { "mapCase": false } } }, "rootCertificateChainArn": { "type": "string", "description": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM). Only necessary when type is set to `certificate-authentication`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of client authentication to be used. Specify `certificate-authentication` to use certificate-based authentication, or `directory-service-authentication` to use Active Directory authentication.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:ec2clientvpn/EndpointConnectionLogOptions:EndpointConnectionLogOptions": { "properties": { "cloudwatchLogGroup": { "type": "string", "description": "The name of the CloudWatch Logs log group.\n", "language": { "python": { "mapCase": false } } }, "cloudwatchLogStream": { "type": "string", "description": "The name of the CloudWatch Logs log stream to which the connection data is published.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether connection logging is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ] }, "aws:ec2transitgateway/getDirectConnectGatewayAttachmentFilter:getDirectConnectGatewayAttachmentFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribeTransitGatewayAttachments API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getPeeringAttachmentFilter:getPeeringAttachmentFilter": { "properties": { "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayPeeringAttachments.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nAn EC2 Transit Gateway Peering Attachment be selected if any one of the given values matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getRouteTableFilter:getRouteTableFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getTransitGatewayFilter:getTransitGatewayFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getVpcAttachmentFilter:getVpcAttachmentFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getVpnAttachmentFilter:getVpnAttachmentFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribeTransitGatewayAttachments API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html).\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ecr/RepositoryImageScanningConfiguration:RepositoryImageScanningConfiguration": { "properties": { "scanOnPush": { "type": "boolean", "description": "Indicates whether images are scanned after being pushed to the repository (true) or not scanned (false).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "scanOnPush" ] }, "aws:ecs/CapacityProviderAutoScalingGroupProvider:CapacityProviderAutoScalingGroupProvider": { "properties": { "autoScalingGroupArn": { "type": "string", "description": "- The Amazon Resource Name (ARN) of the associated auto scaling group.\n", "language": { "python": { "mapCase": false } } }, "managedScaling": { "$ref": "#/types/aws:ecs/CapacityProviderAutoScalingGroupProviderManagedScaling:CapacityProviderAutoScalingGroupProviderManagedScaling", "description": "- Nested argument defining the parameters of the auto scaling. Defined below.\n", "language": { "python": { "mapCase": false } } }, "managedTerminationProtection": { "type": "string", "description": "- Enables or disables container-aware termination of instances in the auto scaling group when scale-in happens. Valid values are `ENABLED` and `DISABLED`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "autoScalingGroupArn" ], "language": { "nodejs": { "requiredOutputs": [ "autoScalingGroupArn", "managedScaling", "managedTerminationProtection" ] } } }, "aws:ecs/CapacityProviderAutoScalingGroupProviderManagedScaling:CapacityProviderAutoScalingGroupProviderManagedScaling": { "properties": { "maximumScalingStepSize": { "type": "integer", "description": "The maximum step adjustment size. A number between 1 and 10,000.\n", "language": { "python": { "mapCase": false } } }, "minimumScalingStepSize": { "type": "integer", "description": "The minimum step adjustment size. A number between 1 and 10,000.\n", "language": { "python": { "mapCase": false } } }, "status": { "type": "string", "description": "Whether auto scaling is managed by ECS. Valid values are `ENABLED` and `DISABLED`.\n", "language": { "python": { "mapCase": false } } }, "targetCapacity": { "type": "integer", "description": "The target utilization for the capacity provider. A number between 1 and 100.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "maximumScalingStepSize", "minimumScalingStepSize", "status", "targetCapacity" ] } } }, "aws:ecs/ClusterDefaultCapacityProviderStrategy:ClusterDefaultCapacityProviderStrategy": { "properties": { "base": { "type": "integer", "description": "The number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined.\n", "language": { "python": { "mapCase": false } } }, "capacityProvider": { "type": "string", "description": "The short name of the capacity provider.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The relative percentage of the total number of launched tasks that should use the specified capacity provider.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "capacityProvider" ] }, "aws:ecs/ClusterSetting:ClusterSetting": { "properties": { "name": { "type": "string", "description": "Name of the setting to manage. Valid values: `containerInsights`.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value to assign to the setting. Value values are `enabled` and `disabled`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:ecs/ServiceCapacityProviderStrategy:ServiceCapacityProviderStrategy": { "properties": { "base": { "type": "integer", "description": "The number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined.\n", "language": { "python": { "mapCase": false } } }, "capacityProvider": { "type": "string", "description": "The short name of the capacity provider.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The relative percentage of the total number of launched tasks that should use the specified capacity provider.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "capacityProvider" ] }, "aws:ecs/ServiceDeploymentController:ServiceDeploymentController": { "properties": { "type": { "type": "string", "description": "Type of deployment controller. Valid values: `CODE_DEPLOY`, `ECS`, `EXTERNAL`. Default: `ECS`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ecs/ServiceLoadBalancer:ServiceLoadBalancer": { "properties": { "containerName": { "type": "string", "description": "The name of the container to associate with the load balancer (as it appears in a container definition).\n", "language": { "python": { "mapCase": false } } }, "containerPort": { "type": "integer", "description": "The port on the container to associate with the load balancer.\n", "language": { "python": { "mapCase": false } } }, "elbName": { "type": "string", "description": "The name of the ELB (Classic) to associate with the service.\n", "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "description": "The ARN of the Load Balancer target group to associate with the service.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "containerName", "containerPort" ] }, "aws:ecs/ServiceNetworkConfiguration:ServiceNetworkConfiguration": { "properties": { "assignPublicIp": { "type": "boolean", "description": "Assign a public IP address to the ENI (Fargate launch type only). Valid values are `true` or `false`. Default `false`.\n", "language": { "python": { "mapCase": false } } }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.\n", "language": { "python": { "mapCase": false } } }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "The subnets associated with the task or service.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnets" ] }, "aws:ecs/ServiceOrderedPlacementStrategy:ServiceOrderedPlacementStrategy": { "properties": { "field": { "type": "string", "description": "For the `spread` placement strategy, valid values are `instanceId` (or `host`,\nwhich has the same effect), or any platform or custom attribute that is applied to a container instance.\nFor the `binpack` type, valid values are `memory` and `cpu`. For the `random` type, this attribute is not\nneeded. For more information, see [Placement Strategy](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PlacementStrategy.html).\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of placement strategy. Must be one of: `binpack`, `random`, or `spread`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:ecs/ServicePlacementConstraint:ServicePlacementConstraint": { "properties": { "expression": { "type": "string", "description": "Cluster Query Language expression to apply to the constraint. Does not need to be specified\nfor the `distinctInstance` type.\nFor more information, see [Cluster Query Language in the Amazon EC2 Container\nService Developer\nGuide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html).\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of constraint. The only valid values at this time are `memberOf` and `distinctInstance`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:ecs/ServiceServiceRegistries:ServiceServiceRegistries": { "properties": { "containerName": { "type": "string", "description": "The container name value, already specified in the task definition, to be used for your service discovery service.\n", "language": { "python": { "mapCase": false } } }, "containerPort": { "type": "integer", "description": "The port value, already specified in the task definition, to be used for your service discovery service.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "integer", "description": "The port value used if your Service Discovery service specified an SRV record.\n", "language": { "python": { "mapCase": false } } }, "registryArn": { "type": "string", "description": "The ARN of the Service Registry. The currently supported service registry is Amazon Route 53 Auto Naming Service(`aws.servicediscovery.Service`). For more information, see [Service](https://docs.aws.amazon.com/Route53/latest/APIReference/API_autonaming_Service.html)\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "registryArn" ] }, "aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator": { "properties": { "deviceName": { "type": "string", "description": "The Elastic Inference accelerator device name. The deviceName must also be referenced in a container definition as a ResourceRequirement.\n", "language": { "python": { "mapCase": false } } }, "deviceType": { "type": "string", "description": "The Elastic Inference accelerator type to use.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName", "deviceType" ] }, "aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint": { "properties": { "expression": { "type": "string", "description": "Cluster Query Language expression to apply to the constraint.\nFor more information, see [Cluster Query Language in the Amazon EC2 Container\nService Developer\nGuide](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html).\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The proxy type. The default value is `APPMESH`. The only supported value is `APPMESH`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration": { "properties": { "containerName": { "type": "string", "description": "The name of the container that will serve as the App Mesh proxy.\n", "language": { "python": { "mapCase": false } } }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified a key-value mapping.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The proxy type. The default value is `APPMESH`. The only supported value is `APPMESH`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "containerName" ] }, "aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume": { "properties": { "dockerVolumeConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionVolumeDockerVolumeConfiguration:TaskDefinitionVolumeDockerVolumeConfiguration", "description": "Used to configure a docker volume\n", "language": { "python": { "mapCase": false } } }, "efsVolumeConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionVolumeEfsVolumeConfiguration:TaskDefinitionVolumeEfsVolumeConfiguration", "description": "Used to configure a EFS volume.\n", "language": { "python": { "mapCase": false } } }, "hostPath": { "type": "string", "description": "The path on the host container instance that is presented to the container. If not set, ECS will create a nonpersistent data volume that starts empty and is deleted after the task has finished.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the volume. This name is referenced in the `sourceVolume`\nparameter of container definition in the `mountPoints` section.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name" ] }, "aws:ecs/TaskDefinitionVolumeDockerVolumeConfiguration:TaskDefinitionVolumeDockerVolumeConfiguration": { "properties": { "autoprovision": { "type": "boolean", "description": "If this value is `true`, the Docker volume is created if it does not already exist. *Note*: This field is only used if the scope is `shared`.\n", "language": { "python": { "mapCase": false } } }, "driver": { "type": "string", "description": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement.\n", "language": { "python": { "mapCase": false } } }, "driverOpts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Docker driver specific options.\n", "language": { "python": { "mapCase": false } } }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of custom metadata to add to your Docker volume.\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The scope for the Docker volume, which determines its lifecycle, either `task` or `shared`. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are `scoped` as shared persist after the task stops.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "scope" ] } } }, "aws:ecs/TaskDefinitionVolumeEfsVolumeConfiguration:TaskDefinitionVolumeEfsVolumeConfiguration": { "properties": { "authorizationConfig": { "$ref": "#/types/aws:ecs/TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfig:TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfig", "description": "The authorization configuration details for the Amazon EFS file system.\n", "language": { "python": { "mapCase": false } } }, "fileSystemId": { "type": "string", "description": "The ID of the EFS File System.\n", "language": { "python": { "mapCase": false } } }, "rootDirectory": { "type": "string", "description": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying / will have the same effect as omitting this parameter. This argument is ignored when using `authorization_config`.\n", "language": { "python": { "mapCase": false } } }, "transitEncryption": { "type": "string", "description": "Whether or not to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. Valid values: `ENABLED`, `DISABLED`. If this parameter is omitted, the default value of `DISABLED` is used.\n", "language": { "python": { "mapCase": false } } }, "transitEncryptionPort": { "type": "integer", "description": "The port to use for transit encryption. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fileSystemId" ] }, "aws:ecs/TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfig:TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfig": { "properties": { "accessPointId": { "type": "string", "description": "The access point ID to use. If an access point is specified, the root directory value will be relative to the directory set for the access point. If specified, transit encryption must be enabled in the EFSVolumeConfiguration.\n", "language": { "python": { "mapCase": false } } }, "iam": { "type": "string", "description": "Whether or not to use the Amazon ECS task IAM role defined in a task definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration. Valid values: `ENABLED`, `DISABLED`. If this parameter is omitted, the default value of `DISABLED` is used.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ecs/getClusterSetting:getClusterSetting": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:efs/AccessPointPosixUser:AccessPointPosixUser": { "properties": { "gid": { "type": "integer", "description": "The POSIX group ID used for all file system operations using this access point.\n", "language": { "python": { "mapCase": false } } }, "secondaryGids": { "type": "array", "items": { "type": "integer" }, "description": "Secondary POSIX group IDs used for all file system operations using this access point.\n", "language": { "python": { "mapCase": false } } }, "uid": { "type": "integer", "description": "The POSIX user ID used for all file system operations using this access point.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "gid", "uid" ] }, "aws:efs/AccessPointRootDirectory:AccessPointRootDirectory": { "properties": { "creationInfo": { "$ref": "#/types/aws:efs/AccessPointRootDirectoryCreationInfo:AccessPointRootDirectoryCreationInfo", "description": "Specifies the POSIX IDs and permissions to apply to the access point's Root Directory. See Creation Info below.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide `creation_info`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "creationInfo", "path" ] } } }, "aws:efs/AccessPointRootDirectoryCreationInfo:AccessPointRootDirectoryCreationInfo": { "properties": { "ownerGid": { "type": "integer", "description": "Specifies the POSIX group ID to apply to the `root_directory`.\n", "language": { "python": { "mapCase": false } } }, "ownerUid": { "type": "integer", "description": "Specifies the POSIX user ID to apply to the `root_directory`.\n", "language": { "python": { "mapCase": false } } }, "permissions": { "type": "string", "description": "Specifies the POSIX permissions to apply to the RootDirectory, in the format of an octal number representing the file's mode bits.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "ownerGid", "ownerUid", "permissions" ] }, "aws:efs/FileSystemLifecyclePolicy:FileSystemLifecyclePolicy": { "properties": { "transitionToIa": { "type": "string", "description": "Indicates how long it takes to transition files to the IA storage class. Valid values: `AFTER_7_DAYS`, `AFTER_14_DAYS`, `AFTER_30_DAYS`, `AFTER_60_DAYS`, or `AFTER_90_DAYS`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "transitionToIa" ] }, "aws:efs/getAccessPointPosixUser:getAccessPointPosixUser": { "properties": { "gid": { "type": "integer", "description": "Group ID\n", "language": { "python": { "mapCase": false } } }, "secondaryGids": { "type": "array", "items": { "type": "integer" }, "description": "Secondary group IDs\n", "language": { "python": { "mapCase": false } } }, "uid": { "type": "integer", "description": "User Id\n* `root_directory`- Single element list containing information on the directory on the Amazon EFS file system that the access point provides access to.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "gid", "secondaryGids", "uid" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:efs/getAccessPointRootDirectory:getAccessPointRootDirectory": { "properties": { "creationInfos": { "type": "array", "items": { "$ref": "#/types/aws:efs/getAccessPointRootDirectoryCreationInfo:getAccessPointRootDirectoryCreationInfo" }, "description": "Single element list containing information on the creation permissions of the directory\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "Path exposed as the root directory\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "creationInfos", "path" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:efs/getAccessPointRootDirectoryCreationInfo:getAccessPointRootDirectoryCreationInfo": { "properties": { "ownerGid": { "type": "integer", "description": "POSIX owner group ID\n", "language": { "python": { "mapCase": false } } }, "ownerUid": { "type": "integer", "description": "POSIX owner user ID\n", "language": { "python": { "mapCase": false } } }, "permissions": { "type": "string", "description": "POSIX permissions mode\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "ownerGid", "ownerUid", "permissions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:efs/getFileSystemLifecyclePolicy:getFileSystemLifecyclePolicy": { "properties": { "transitionToIa": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "transitionToIa" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/ClusterCertificateAuthority:ClusterCertificateAuthority": { "properties": { "data": { "type": "string", "description": "The base64 encoded certificate data required to communicate with your cluster. Add this to the `certificate-authority-data` section of the `kubeconfig` file for your cluster.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "data" ] } } }, "aws:eks/ClusterEncryptionConfig:ClusterEncryptionConfig": { "properties": { "provider": { "$ref": "#/types/aws:eks/ClusterEncryptionConfigProvider:ClusterEncryptionConfigProvider", "description": "Configuration block with provider for encryption. Detailed below.\n", "language": { "python": { "mapCase": false } } }, "resources": { "type": "array", "items": { "type": "string" }, "description": "List of strings with resources to be encrypted. Valid values: `secrets`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "provider", "resources" ] }, "aws:eks/ClusterEncryptionConfigProvider:ClusterEncryptionConfigProvider": { "properties": { "keyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see [Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "keyArn" ] }, "aws:eks/ClusterIdentity:ClusterIdentity": { "properties": { "oidcs": { "type": "array", "items": { "$ref": "#/types/aws:eks/ClusterIdentityOidc:ClusterIdentityOidc" }, "description": "Nested attribute containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "oidcs" ] } } }, "aws:eks/ClusterIdentityOidc:ClusterIdentityOidc": { "properties": { "issuer": { "type": "string", "description": "Issuer URL for the OpenID Connect identity provider.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "issuer" ] } } }, "aws:eks/ClusterVpcConfig:ClusterVpcConfig": { "properties": { "clusterSecurityGroupId": { "type": "string", "description": "The cluster security group that was created by Amazon EKS for the cluster.\n", "language": { "python": { "mapCase": false } } }, "endpointPrivateAccess": { "type": "boolean", "description": "Indicates whether or not the Amazon EKS private API server endpoint is enabled. Default is `false`.\n", "language": { "python": { "mapCase": false } } }, "endpointPublicAccess": { "type": "boolean", "description": "Indicates whether or not the Amazon EKS public API server endpoint is enabled. Default is `true`.\n", "language": { "python": { "mapCase": false } } }, "publicAccessCidrs": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with `0.0.0.0/0`. This provider will only perform drift detection of its value when present in a configuration.\n", "language": { "python": { "mapCase": false } } }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.\n", "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "description": "The VPC associated with your cluster.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "clusterSecurityGroupId", "publicAccessCidrs", "subnetIds", "vpcId" ] } } }, "aws:eks/FargateProfileSelector:FargateProfileSelector": { "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of Kubernetes labels for selection.\n", "language": { "python": { "mapCase": false } } }, "namespace": { "type": "string", "description": "Kubernetes namespace for selection.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "namespace" ] }, "aws:eks/NodeGroupRemoteAccess:NodeGroupRemoteAccess": { "properties": { "ec2SshKey": { "type": "string", "description": "EC2 Key Pair name that provides access for SSH communication with the worker nodes in the EKS Node Group. If you specify this configuration, but do not specify `source_security_group_ids` when you create an EKS Node Group, port 22 on the worker nodes is opened to the Internet (0.0.0.0/0).\n", "language": { "python": { "mapCase": false } } }, "sourceSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Security Group IDs to allow SSH access (port 22) from on the worker nodes. If you specify `ec2_ssh_key`, but do not specify this configuration when you create an EKS Node Group, port 22 on the worker nodes is opened to the Internet (0.0.0.0/0).\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:eks/NodeGroupResource:NodeGroupResource": { "properties": { "autoscalingGroups": { "type": "array", "items": { "$ref": "#/types/aws:eks/NodeGroupResourceAutoscalingGroup:NodeGroupResourceAutoscalingGroup" }, "description": "List of objects containing information about AutoScaling Groups.\n", "language": { "python": { "mapCase": false } } }, "remoteAccessSecurityGroupId": { "type": "string", "description": "Identifier of the remote access EC2 Security Group.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "autoscalingGroups", "remoteAccessSecurityGroupId" ] } } }, "aws:eks/NodeGroupResourceAutoscalingGroup:NodeGroupResourceAutoscalingGroup": { "properties": { "name": { "type": "string", "description": "Name of the AutoScaling Group.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "name" ] } } }, "aws:eks/NodeGroupScalingConfig:NodeGroupScalingConfig": { "properties": { "desiredSize": { "type": "integer", "description": "Desired number of worker nodes.\n", "language": { "python": { "mapCase": false } } }, "maxSize": { "type": "integer", "description": "Maximum number of worker nodes.\n", "language": { "python": { "mapCase": false } } }, "minSize": { "type": "integer", "description": "Minimum number of worker nodes.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "desiredSize", "maxSize", "minSize" ] }, "aws:eks/getClusterCertificateAuthority:getClusterCertificateAuthority": { "properties": { "data": { "type": "string", "description": "The base64 encoded certificate data required to communicate with your cluster. Add this to the `certificate-authority-data` section of the `kubeconfig` file for your cluster.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "data" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getClusterIdentity:getClusterIdentity": { "properties": { "oidcs": { "type": "array", "items": { "$ref": "#/types/aws:eks/getClusterIdentityOidc:getClusterIdentityOidc" }, "description": "Nested attribute containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "oidcs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getClusterIdentityOidc:getClusterIdentityOidc": { "properties": { "issuer": { "type": "string", "description": "Issuer URL for the OpenID Connect identity provider.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "issuer" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getClusterVpcConfig:getClusterVpcConfig": { "properties": { "clusterSecurityGroupId": { "type": "string", "description": "The cluster security group that was created by Amazon EKS for the cluster.\n", "language": { "python": { "mapCase": false } } }, "endpointPrivateAccess": { "type": "boolean", "description": "Indicates whether or not the Amazon EKS private API server endpoint is enabled.\n", "language": { "python": { "mapCase": false } } }, "endpointPublicAccess": { "type": "boolean", "description": "Indicates whether or not the Amazon EKS public API server endpoint is enabled.\n", "language": { "python": { "mapCase": false } } }, "publicAccessCidrs": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint.\n", "language": { "python": { "mapCase": false } } }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs\n", "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "description": "The VPC associated with your cluster.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "clusterSecurityGroupId", "endpointPrivateAccess", "endpointPublicAccess", "publicAccessCidrs", "securityGroupIds", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticache/ClusterCacheNode:ClusterCacheNode": { "properties": { "address": { "type": "string", "language": { "python": { "mapCase": false } } }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the cache cluster. If you want to create cache nodes in multi-az, use `preferred_availability_zones` instead. Default: System chosen Availability Zone.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcache the default is 11211, and for Redis the default port is 6379. Cannot be provided with `replication_group_id`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "address", "availabilityZone", "id", "port" ] } } }, "aws:elasticache/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "name": { "type": "string", "description": "The name of the ElastiCache parameter.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the ElastiCache parameter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:elasticache/ReplicationGroupClusterMode:ReplicationGroupClusterMode": { "properties": { "numNodeGroups": { "type": "integer", "description": "Specify the number of node groups (shards) for this Redis replication group. Changing this number will trigger an online resizing operation before other settings modifications.\n", "language": { "python": { "mapCase": false } } }, "replicasPerNodeGroup": { "type": "integer", "description": "Specify the number of replica nodes in each node group. Valid values are 0 to 5. Changing this number will force a new resource.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "numNodeGroups", "replicasPerNodeGroup" ] }, "aws:elasticache/getClusterCacheNode:getClusterCacheNode": { "properties": { "address": { "type": "string", "language": { "python": { "mapCase": false } } }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the cache cluster.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will\naccept connections.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "address", "availabilityZone", "id", "port" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticbeanstalk/ApplicationAppversionLifecycle:ApplicationAppversionLifecycle": { "properties": { "deleteSourceFromS3": { "type": "boolean", "description": "Set to `true` to delete a version's source bundle from S3 when the application version is deleted.\n", "language": { "python": { "mapCase": false } } }, "maxAgeInDays": { "type": "integer", "description": "The number of days to retain an application version ('max_age_in_days' and 'max_count' cannot be enabled simultaneously.).\n", "language": { "python": { "mapCase": false } } }, "maxCount": { "type": "integer", "description": "The maximum number of application versions to retain ('max_age_in_days' and 'max_count' cannot be enabled simultaneously.).\n", "language": { "python": { "mapCase": false } } }, "serviceRole": { "type": "string", "description": "The ARN of an IAM service role under which the application version is deleted. Elastic Beanstalk must have permission to assume this role.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "serviceRole" ] }, "aws:elasticbeanstalk/ConfigurationTemplateSetting:ConfigurationTemplateSetting": { "properties": { "name": { "type": "string", "description": "A unique name for this Template.\n", "language": { "python": { "mapCase": false } } }, "namespace": { "type": "string", "language": { "python": { "mapCase": false } } }, "resource": { "type": "string", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "namespace", "value" ] }, "aws:elasticbeanstalk/EnvironmentAllSetting:EnvironmentAllSetting": { "properties": { "name": { "type": "string", "description": "A unique name for this Environment. This name is used\nin the application URL\n", "language": { "python": { "mapCase": false } } }, "namespace": { "type": "string", "language": { "python": { "mapCase": false } } }, "resource": { "type": "string", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "namespace", "value" ] }, "aws:elasticbeanstalk/EnvironmentSetting:EnvironmentSetting": { "properties": { "name": { "type": "string", "description": "A unique name for this Environment. This name is used\nin the application URL\n", "language": { "python": { "mapCase": false } } }, "namespace": { "type": "string", "language": { "python": { "mapCase": false } } }, "resource": { "type": "string", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "namespace", "value" ] }, "aws:elasticbeanstalk/getApplicationAppversionLifecycle:getApplicationAppversionLifecycle": { "properties": { "deleteSourceFromS3": { "type": "boolean", "description": "Specifies whether delete a version's source bundle from S3 when the application version is deleted.\n", "language": { "python": { "mapCase": false } } }, "maxAgeInDays": { "type": "integer", "description": "The number of days to retain an application version.\n", "language": { "python": { "mapCase": false } } }, "maxCount": { "type": "integer", "description": "The maximum number of application versions to retain.\n", "language": { "python": { "mapCase": false } } }, "serviceRole": { "type": "string", "description": "The ARN of an IAM service role under which the application version is deleted. Elastic Beanstalk must have permission to assume this role.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deleteSourceFromS3", "maxAgeInDays", "maxCount", "serviceRole" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancing/LoadBalancerAccessLogs:LoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "description": "The S3 bucket name to store the logs in.\n", "language": { "python": { "mapCase": false } } }, "bucketPrefix": { "type": "string", "description": "The S3 bucket prefix. Logs are stored in the root if not configured.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `access_logs`. Default is `true`\n", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "description": "The publishing interval in minutes. Default: 60 minutes.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket" ] }, "aws:elasticloadbalancing/LoadBalancerHealthCheck:LoadBalancerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer", "description": "The number of checks before the instance is declared healthy.\n", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "description": "The interval between checks.\n", "language": { "python": { "mapCase": false } } }, "target": { "type": "string", "description": "The target of the check. Valid pattern is \"${PROTOCOL}:${PORT}${PATH}\", where PROTOCOL\nvalues are:\n* `HTTP`, `HTTPS` - PORT and PATH are required\n* `TCP`, `SSL` - PORT is required, PATH is not supported\n", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "description": "The length of time before the check times out.\n", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "description": "The number of checks before the instance is declared unhealthy.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "healthyThreshold", "interval", "target", "timeout", "unhealthyThreshold" ] }, "aws:elasticloadbalancing/LoadBalancerListener:LoadBalancerListener": { "properties": { "instancePort": { "type": "integer", "description": "The port on the instance to route to\n", "language": { "python": { "mapCase": false } } }, "instanceProtocol": { "type": "string", "description": "The protocol to use to the instance. Valid\nvalues are `HTTP`, `HTTPS`, `TCP`, or `SSL`\n", "language": { "python": { "mapCase": false } } }, "lbPort": { "type": "integer", "description": "The port to listen on for the load balancer\n", "language": { "python": { "mapCase": false } } }, "lbProtocol": { "type": "string", "description": "The protocol to listen on. Valid values are `HTTP`,\n`HTTPS`, `TCP`, or `SSL`\n", "language": { "python": { "mapCase": false } } }, "sslCertificateId": { "type": "string", "description": "The ARN of an SSL certificate you have\nuploaded to AWS IAM. **Note ECDSA-specific restrictions below. Only valid when `lb_protocol` is either HTTPS or SSL**\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "instancePort", "instanceProtocol", "lbPort", "lbProtocol" ] }, "aws:elasticloadbalancing/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elasticloadbalancing/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute": { "properties": { "name": { "type": "string", "description": "The name of the attribute\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the attribute\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:elasticloadbalancing/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "language": { "python": { "mapCase": false } } }, "bucketPrefix": { "type": "string", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket", "bucketPrefix", "enabled", "interval" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancing/getLoadBalancerHealthCheck:getLoadBalancerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "language": { "python": { "mapCase": false } } }, "target": { "type": "string", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "healthyThreshold", "interval", "target", "timeout", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancing/getLoadBalancerListener:getLoadBalancerListener": { "properties": { "instancePort": { "type": "integer", "language": { "python": { "mapCase": false } } }, "instanceProtocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "lbPort": { "type": "integer", "language": { "python": { "mapCase": false } } }, "lbProtocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "sslCertificateId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "instancePort", "instanceProtocol", "lbPort", "lbProtocol", "sslCertificateId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancingv2/ListenerDefaultAction:ListenerDefaultAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito", "language": { "python": { "mapCase": false } } }, "authenticateOidc": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc", "language": { "python": { "mapCase": false } } }, "fixedResponse": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n", "language": { "python": { "mapCase": false } } }, "forward": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerDefaultActionForward:ListenerDefaultActionForward", "description": "Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `target_group_arn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `target_group_arn`.\n", "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirect": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect", "description": "Information for creating a redirect action. Required if `type` is `redirect`.\n", "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "description": "The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:elasticloadbalancingv2/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "description": "The ARN of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "description": "The ID of the Cognito user pool client.\n", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "description": "The domain prefix or fully-qualified domain name of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:elasticloadbalancingv2/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "description": "The authorization endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "description": "The OAuth 2.0 client identifier.\n", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "description": "The OAuth 2.0 client secret.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "The OIDC issuer identifier of the IdP.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "description": "The token endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "description": "The user info endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:elasticloadbalancingv2/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "description": "The message body.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:elasticloadbalancingv2/ListenerDefaultActionForward:ListenerDefaultActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness", "description": "The target group stickiness for the rule.\n", "language": { "python": { "mapCase": false } } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup" }, "description": "One or more target groups block.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetGroups" ] }, "aws:elasticloadbalancingv2/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether target group stickiness is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "duration" ] }, "aws:elasticloadbalancingv2/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The weight. The range is 0 to 999.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn" ] }, "aws:elasticloadbalancingv2/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect": { "properties": { "host": { "type": "string", "description": "The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "statusCode" ] }, "aws:elasticloadbalancingv2/ListenerRuleAction:ListenerRuleAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito", "description": "Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`.\n", "language": { "python": { "mapCase": false } } }, "authenticateOidc": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc", "description": "Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } }, "fixedResponse": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n", "language": { "python": { "mapCase": false } } }, "forward": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleActionForward:ListenerRuleActionForward", "description": "Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `target_group_arn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `target_group_arn`.\n", "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirect": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleActionRedirect:ListenerRuleActionRedirect", "description": "Information for creating a redirect action. Required if `type` is `redirect`.\n", "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "description": "The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:elasticloadbalancingv2/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "description": "The ARN of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "description": "The ID of the Cognito user pool client.\n", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "description": "The domain prefix or fully-qualified domain name of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:elasticloadbalancingv2/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "description": "The authorization endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "description": "The OAuth 2.0 client identifier.\n", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "description": "The OAuth 2.0 client secret.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "The OIDC issuer identifier of the IdP.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "description": "The token endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "description": "The user info endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:elasticloadbalancingv2/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "description": "The message body.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:elasticloadbalancingv2/ListenerRuleActionForward:ListenerRuleActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness", "description": "The target group stickiness for the rule.\n", "language": { "python": { "mapCase": false } } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup" }, "description": "One or more target groups block.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetGroups" ] }, "aws:elasticloadbalancingv2/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether target group stickiness is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "duration" ] }, "aws:elasticloadbalancingv2/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The weight. The range is 0 to 999.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn" ] }, "aws:elasticloadbalancingv2/ListenerRuleActionRedirect:ListenerRuleActionRedirect": { "properties": { "host": { "type": "string", "description": "The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "statusCode" ] }, "aws:elasticloadbalancingv2/ListenerRuleCondition:ListenerRuleCondition": { "properties": { "field": { "type": "string", "description": "The type of condition. Valid values are `host-header` or `path-pattern`. Must also set `values`.\n", "deprecationMessage": "use 'host_header' or 'path_pattern' attribute instead", "language": { "python": { "mapCase": false } } }, "hostHeader": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader", "description": "Contains a single `values` item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.\n", "language": { "python": { "mapCase": false } } }, "httpHeader": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader", "description": "HTTP headers to match. HTTP Header block fields documented below.\n", "language": { "python": { "mapCase": false } } }, "httpRequestMethod": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod", "description": "Contains a single `values` item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (\\_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.\n", "language": { "python": { "mapCase": false } } }, "pathPattern": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern", "description": "Contains a single `values` item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a `query_string` condition.\n", "language": { "python": { "mapCase": false } } }, "queryStrings": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString" }, "description": "Query strings to match. Query String block fields documented below.\n", "language": { "python": { "mapCase": false } } }, "sourceIp": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp", "description": "Contains a single `values` item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the `X-Forwarded-For` header, use `http_header` condition instead.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "string", "description": "List of exactly one pattern to match. Required when `field` is set.\n", "deprecationMessage": "use 'host_header' or 'path_pattern' attribute instead", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "field", "hostHeader", "pathPattern", "values" ] } } }, "aws:elasticloadbalancingv2/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "values" ] } } }, "aws:elasticloadbalancingv2/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader": { "properties": { "httpHeaderName": { "type": "string", "description": "Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a `host-header` condition instead.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "httpHeaderName", "values" ] }, "aws:elasticloadbalancingv2/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "values" ] }, "aws:elasticloadbalancingv2/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "values" ] } } }, "aws:elasticloadbalancingv2/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString": { "properties": { "key": { "type": "string", "description": "Query string key pattern to match.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "Query string value pattern to match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "value" ] }, "aws:elasticloadbalancingv2/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "values" ] }, "aws:elasticloadbalancingv2/LoadBalancerAccessLogs:LoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "description": "The S3 bucket name to store the logs in.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `access_logs`. Defaults to `false`, even when `bucket` is specified.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "The S3 bucket prefix. Logs are stored in the root if not configured.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket" ] }, "aws:elasticloadbalancingv2/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string", "description": "The allocation ID of the Elastic IP address.\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "The id of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetId" ] }, "aws:elasticloadbalancingv2/TargetGroupHealthCheck:TargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean", "description": "Boolean to enable / disable `stickiness`. Default is `true`\n", "language": { "python": { "mapCase": false } } }, "healthyThreshold": { "type": "integer", "description": "The number of consecutive health checks successes required before considering an unhealthy target healthy. Defaults to 3.\n", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "description": "The approximate amount of time, in seconds, between health checks of an individual target. Minimum value 5 seconds, Maximum value 300 seconds. For `lambda` target groups, it needs to be greater as the `timeout` of the underlying `lambda`. Default 30 seconds.\n", "language": { "python": { "mapCase": false } } }, "matcher": { "type": "string", "description": "The HTTP codes to use when checking for a successful response from a target. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\"). Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The destination for the health check request. Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "description": "The amount of time, in seconds, during which no response means a failed health check. For Application Load Balancers, the range is 2 to 120 seconds, and the default is 5 seconds for the `instance` target type and 30 seconds for the `lambda` target type. For Network Load Balancers, you cannot set a custom value, and the default is 10 seconds for TCP and HTTPS health checks and 6 seconds for HTTP health checks.\n", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "description": "The number of consecutive health check failures required before considering the target unhealthy . For Network Load Balancers, this value must be the same as the `healthy_threshold`. Defaults to 3.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "matcher", "path", "timeout" ] } } }, "aws:elasticloadbalancingv2/TargetGroupStickiness:TargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether health checks are enabled. Defaults to true.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of sticky sessions. The only current possible value is `lb_cookie`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:elasticloadbalancingv2/getListenerDefaultAction:getListenerDefaultAction": { "properties": { "authenticateCognitos": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito" }, "language": { "python": { "mapCase": false } } }, "authenticateOidcs": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc" }, "language": { "python": { "mapCase": false } } }, "fixedResponses": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse" }, "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirects": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect" }, "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticateCognitos", "authenticateOidcs", "fixedResponses", "order", "redirects", "targetGroupArn", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancingv2/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticationRequestExtraParams", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancingv2/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticationRequestExtraParams", "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancingv2/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType", "messageBody", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancingv2/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect": { "properties": { "host": { "type": "string", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port of the listener. Required if `arn` is not set.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "host", "path", "port", "protocol", "query", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancingv2/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket", "enabled", "prefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancingv2/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancingv2/getTargetGroupHealthCheck:getTargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "healthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "language": { "python": { "mapCase": false } } }, "matcher": { "type": "string", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled", "healthyThreshold", "interval", "matcher", "path", "port", "protocol", "timeout", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticloadbalancingv2/getTargetGroupStickiness:getTargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cookieDuration", "enabled", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/DomainClusterConfig:DomainClusterConfig": { "properties": { "dedicatedMasterCount": { "type": "integer", "description": "Number of dedicated master nodes in the cluster\n", "language": { "python": { "mapCase": false } } }, "dedicatedMasterEnabled": { "type": "boolean", "description": "Indicates whether dedicated master nodes are enabled for the cluster.\n", "language": { "python": { "mapCase": false } } }, "dedicatedMasterType": { "type": "string", "description": "Instance type of the dedicated master nodes in the cluster.\n", "language": { "python": { "mapCase": false } } }, "instanceCount": { "type": "integer", "description": "Number of instances in the cluster.\n", "language": { "python": { "mapCase": false } } }, "instanceType": { "type": "string", "description": "Instance type of data nodes in the cluster.\n", "language": { "python": { "mapCase": false } } }, "warmCount": { "type": "integer", "description": "The number of warm nodes in the cluster. Valid values are between `2` and `150`. `warm_count` can be only and must be set when `warm_enabled` is set to `true`.\n", "language": { "python": { "mapCase": false } } }, "warmEnabled": { "type": "boolean", "description": "Indicates whether to enable warm storage.\n", "language": { "python": { "mapCase": false } } }, "warmType": { "type": "string", "description": "The instance type for the Elasticsearch cluster's warm nodes. Valid values are `ultrawarm1.medium.elasticsearch`, `ultrawarm1.large.elasticsearch` and `ultrawarm1.xlarge.elasticsearch`. `warm_type` can be only and must be set when `warm_enabled` is set to `true`.\n", "language": { "python": { "mapCase": false } } }, "zoneAwarenessConfig": { "$ref": "#/types/aws:elasticsearch/DomainClusterConfigZoneAwarenessConfig:DomainClusterConfigZoneAwarenessConfig", "description": "Configuration block containing zone awareness settings. Documented below.\n", "language": { "python": { "mapCase": false } } }, "zoneAwarenessEnabled": { "type": "boolean", "description": "Indicates whether zone awareness is enabled, set to `true` for multi-az deployment. To enable awareness with three Availability Zones, the `availability_zone_count` within the `zone_awareness_config` must be set to `3`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elasticsearch/DomainClusterConfigZoneAwarenessConfig:DomainClusterConfigZoneAwarenessConfig": { "properties": { "availabilityZoneCount": { "type": "integer", "description": "Number of Availability Zones for the domain to use with `zone_awareness_enabled`. Defaults to `2`. Valid values: `2` or `3`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elasticsearch/DomainCognitoOptions:DomainCognitoOptions": { "properties": { "enabled": { "type": "boolean", "description": "Specifies whether Amazon Cognito authentication with Kibana is enabled or not\n", "language": { "python": { "mapCase": false } } }, "identityPoolId": { "type": "string", "description": "ID of the Cognito Identity Pool to use\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "ARN of the IAM role that has the AmazonESCognitoAccess policy attached\n", "language": { "python": { "mapCase": false } } }, "userPoolId": { "type": "string", "description": "ID of the Cognito User Pool to use\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "identityPoolId", "roleArn", "userPoolId" ] }, "aws:elasticsearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions": { "properties": { "enforceHttps": { "type": "boolean", "description": "Whether or not to require HTTPS\n", "language": { "python": { "mapCase": false } } }, "tlsSecurityPolicy": { "type": "string", "description": "The name of the TLS security policy that needs to be applied to the HTTPS endpoint. Valid values: `Policy-Min-TLS-1-0-2019-07` and `Policy-Min-TLS-1-2-2019-07`. This provider will only perform drift detection if a configuration value is provided.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enforceHttps" ], "language": { "nodejs": { "requiredOutputs": [ "enforceHttps", "tlsSecurityPolicy" ] } } }, "aws:elasticsearch/DomainEbsOptions:DomainEbsOptions": { "properties": { "ebsEnabled": { "type": "boolean", "description": "Whether EBS volumes are attached to data nodes in the domain.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "The baseline input/output (I/O) performance of EBS volumes\nattached to data nodes. Applicable only for the Provisioned IOPS EBS volume type.\n", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of EBS volumes attached to data nodes (in GB).\n**Required** if `ebs_enabled` is set to `true`.\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of EBS volumes attached to data nodes.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "ebsEnabled" ], "language": { "nodejs": { "requiredOutputs": [ "ebsEnabled", "volumeType" ] } } }, "aws:elasticsearch/DomainEncryptAtRest:DomainEncryptAtRest": { "properties": { "enabled": { "type": "boolean", "description": "Specifies whether Amazon Cognito authentication with Kibana is enabled or not\n", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "description": "The KMS key id to encrypt the Elasticsearch domain with. If not specified then it defaults to using the `aws/es` service KMS key.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "enabled", "kmsKeyId" ] } } }, "aws:elasticsearch/DomainLogPublishingOption:DomainLogPublishingOption": { "properties": { "cloudwatchLogGroupArn": { "type": "string", "description": "ARN of the Cloudwatch log group to which log needs to be published.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Specifies whether Amazon Cognito authentication with Kibana is enabled or not\n", "language": { "python": { "mapCase": false } } }, "logType": { "type": "string", "description": "A type of Elasticsearch log. Valid values: INDEX_SLOW_LOGS, SEARCH_SLOW_LOGS, ES_APPLICATION_LOGS\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cloudwatchLogGroupArn", "logType" ] }, "aws:elasticsearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Specifies whether Amazon Cognito authentication with Kibana is enabled or not\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ] }, "aws:elasticsearch/DomainSnapshotOptions:DomainSnapshotOptions": { "properties": { "automatedSnapshotStartHour": { "type": "integer", "description": "Hour during which the service takes an automated daily\nsnapshot of the indices in the domain.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "automatedSnapshotStartHour" ] }, "aws:elasticsearch/DomainVpcOptions:DomainVpcOptions": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Security Group IDs to be applied to the Elasticsearch domain endpoints. If omitted, the default Security Group for the VPC will be used.\n", "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Subnet IDs for the Elasticsearch domain endpoints to be created in.\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "availabilityZones", "vpcId" ] } } }, "aws:elasticsearch/getDomainClusterConfig:getDomainClusterConfig": { "properties": { "dedicatedMasterCount": { "type": "integer", "description": "Number of dedicated master nodes in the cluster.\n", "language": { "python": { "mapCase": false } } }, "dedicatedMasterEnabled": { "type": "boolean", "description": "Indicates whether dedicated master nodes are enabled for the cluster.\n", "language": { "python": { "mapCase": false } } }, "dedicatedMasterType": { "type": "string", "description": "Instance type of the dedicated master nodes in the cluster.\n", "language": { "python": { "mapCase": false } } }, "instanceCount": { "type": "integer", "description": "Number of instances in the cluster.\n", "language": { "python": { "mapCase": false } } }, "instanceType": { "type": "string", "description": "Instance type of data nodes in the cluster.\n", "language": { "python": { "mapCase": false } } }, "warmCount": { "type": "integer", "description": "The number of warm nodes in the cluster.\n", "language": { "python": { "mapCase": false } } }, "warmEnabled": { "type": "boolean", "description": "Indicates warm storage is enabled.\n", "language": { "python": { "mapCase": false } } }, "warmType": { "type": "string", "description": "The instance type for the Elasticsearch cluster's warm nodes.\n", "language": { "python": { "mapCase": false } } }, "zoneAwarenessConfigs": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainClusterConfigZoneAwarenessConfig:getDomainClusterConfigZoneAwarenessConfig" }, "description": "Configuration block containing zone awareness settings.\n", "language": { "python": { "mapCase": false } } }, "zoneAwarenessEnabled": { "type": "boolean", "description": "Indicates whether zone awareness is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dedicatedMasterCount", "dedicatedMasterEnabled", "dedicatedMasterType", "instanceCount", "instanceType", "warmCount", "warmType", "zoneAwarenessConfigs", "zoneAwarenessEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainClusterConfigZoneAwarenessConfig:getDomainClusterConfigZoneAwarenessConfig": { "properties": { "availabilityZoneCount": { "type": "integer", "description": "Number of availability zones used.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "availabilityZoneCount" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainCognitoOption:getDomainCognitoOption": { "properties": { "enabled": { "type": "boolean", "description": "Whether node to node encryption is enabled.\n", "language": { "python": { "mapCase": false } } }, "identityPoolId": { "type": "string", "description": "The Cognito Identity pool used by the domain.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM Role with the AmazonESCognitoAccess policy attached.\n", "language": { "python": { "mapCase": false } } }, "userPoolId": { "type": "string", "description": "The Cognito User pool used by the domain.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled", "identityPoolId", "roleArn", "userPoolId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainEbsOption:getDomainEbsOption": { "properties": { "ebsEnabled": { "type": "boolean", "description": "Whether EBS volumes are attached to data nodes in the domain.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "The baseline input/output (I/O) performance of EBS volumes\nattached to data nodes.\n", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "description": "The size of EBS volumes attached to data nodes (in GB).\n", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "description": "The type of EBS volumes attached to data nodes.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "ebsEnabled", "iops", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainEncryptionAtRest:getDomainEncryptionAtRest": { "properties": { "enabled": { "type": "boolean", "description": "Whether node to node encryption is enabled.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyId": { "type": "string", "description": "The KMS key id used to encrypt data at rest.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled", "kmsKeyId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainLogPublishingOption:getDomainLogPublishingOption": { "properties": { "cloudwatchLogGroupArn": { "type": "string", "description": "The CloudWatch Log Group where the logs are published.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Whether node to node encryption is enabled.\n", "language": { "python": { "mapCase": false } } }, "logType": { "type": "string", "description": "The type of Elasticsearch log being published.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cloudwatchLogGroupArn", "enabled", "logType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainNodeToNodeEncryption:getDomainNodeToNodeEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Whether node to node encryption is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainSnapshotOption:getDomainSnapshotOption": { "properties": { "automatedSnapshotStartHour": { "type": "integer", "description": "Hour during which the service takes an automated daily\nsnapshot of the indices in the domain.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "automatedSnapshotStartHour" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainVpcOption:getDomainVpcOption": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The availability zones used by the domain.\n", "language": { "python": { "mapCase": false } } }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The security groups used by the domain.\n", "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The subnets used by the domain.\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "description": "The VPC used by the domain.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "availabilityZones", "securityGroupIds", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elastictranscoder/PipelineContentConfig:PipelineContentConfig": { "properties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket in which you want Elastic Transcoder to save transcoded files and playlists.\n", "language": { "python": { "mapCase": false } } }, "storageClass": { "type": "string", "description": "The Amazon S3 storage class, Standard or ReducedRedundancy, that you want Elastic Transcoder to assign to the files and playlists that it stores in your Amazon S3 bucket.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bucket" ] } } }, "aws:elastictranscoder/PipelineContentConfigPermission:PipelineContentConfigPermission": { "properties": { "accesses": { "type": "array", "items": { "type": "string" }, "description": "The permission that you want to give to the AWS user that you specified in `content_config_permissions.grantee`\n", "language": { "python": { "mapCase": false } } }, "grantee": { "type": "string", "description": "The AWS user or group that you want to have access to transcoded files and playlists.\n", "language": { "python": { "mapCase": false } } }, "granteeType": { "type": "string", "description": "Specify the type of value that appears in the `content_config_permissions.grantee` object. Valid values are `Canonical`, `Email` or `Group`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elastictranscoder/PipelineNotifications:PipelineNotifications": { "properties": { "completed": { "type": "string", "description": "The topic ARN for the Amazon SNS topic that you want to notify when Elastic Transcoder has finished processing a job in this pipeline.\n", "language": { "python": { "mapCase": false } } }, "error": { "type": "string", "description": "The topic ARN for the Amazon SNS topic that you want to notify when Elastic Transcoder encounters an error condition while processing a job in this pipeline.\n", "language": { "python": { "mapCase": false } } }, "progressing": { "type": "string", "description": "The topic ARN for the Amazon Simple Notification Service (Amazon SNS) topic that you want to notify when Elastic Transcoder has started to process a job in this pipeline.\n", "language": { "python": { "mapCase": false } } }, "warning": { "type": "string", "description": "The topic ARN for the Amazon SNS topic that you want to notify when Elastic Transcoder encounters a warning condition while processing a job in this pipeline.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elastictranscoder/PipelineThumbnailConfig:PipelineThumbnailConfig": { "properties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket in which you want Elastic Transcoder to save thumbnail files.\n", "language": { "python": { "mapCase": false } } }, "storageClass": { "type": "string", "description": "The Amazon S3 storage class, Standard or ReducedRedundancy, that you want Elastic Transcoder to assign to the thumbnails that it stores in your Amazon S3 bucket.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bucket" ] } } }, "aws:elastictranscoder/PipelineThumbnailConfigPermission:PipelineThumbnailConfigPermission": { "properties": { "accesses": { "type": "array", "items": { "type": "string" }, "description": "The permission that you want to give to the AWS user that you specified in `thumbnail_config_permissions.grantee`.\n", "language": { "python": { "mapCase": false } } }, "grantee": { "type": "string", "description": "The AWS user or group that you want to have access to thumbnail files.\n", "language": { "python": { "mapCase": false } } }, "granteeType": { "type": "string", "description": "Specify the type of value that appears in the `thumbnail_config_permissions.grantee` object.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elastictranscoder/PresetAudio:PresetAudio": { "properties": { "audioPackingMode": { "type": "string", "description": "The method of organizing audio channels and tracks. Use Audio:Channels to specify the number of channels in your output, and Audio:AudioPackingMode to specify the number of tracks and their relation to the channels. If you do not specify an Audio:AudioPackingMode, Elastic Transcoder uses SingleTrack.\n", "language": { "python": { "mapCase": false } } }, "bitRate": { "type": "string", "description": "The bit rate of the audio stream in the output file, in kilobits/second. Enter an integer between 64 and 320, inclusive.\n", "language": { "python": { "mapCase": false } } }, "channels": { "type": "string", "description": "The number of audio channels in the output file\n", "language": { "python": { "mapCase": false } } }, "codec": { "type": "string", "description": "The audio codec for the output file. Valid values are `AAC`, `flac`, `mp2`, `mp3`, `pcm`, and `vorbis`.\n", "language": { "python": { "mapCase": false } } }, "sampleRate": { "type": "string", "description": "The sample rate of the audio stream in the output file, in hertz. Valid values are: `auto`, `22050`, `32000`, `44100`, `48000`, `96000`\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elastictranscoder/PresetAudioCodecOptions:PresetAudioCodecOptions": { "properties": { "bitDepth": { "type": "string", "description": "The bit depth of a sample is how many bits of information are included in the audio samples. Valid values are `16` and `24`. (FLAC/PCM Only)\n", "language": { "python": { "mapCase": false } } }, "bitOrder": { "type": "string", "description": "The order the bits of a PCM sample are stored in. The supported value is LittleEndian. (PCM Only)\n", "language": { "python": { "mapCase": false } } }, "profile": { "type": "string", "description": "If you specified AAC for Audio:Codec, choose the AAC profile for the output file.\n", "language": { "python": { "mapCase": false } } }, "signed": { "type": "string", "description": "Whether audio samples are represented with negative and positive numbers (signed) or only positive numbers (unsigned). The supported value is Signed. (PCM Only)\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elastictranscoder/PresetThumbnails:PresetThumbnails": { "properties": { "aspectRatio": { "type": "string", "description": "The aspect ratio of thumbnails. The following values are valid: auto, 1:1, 4:3, 3:2, 16:9\n", "language": { "python": { "mapCase": false } } }, "format": { "type": "string", "description": "The format of thumbnails, if any. Valid formats are jpg and png.\n", "language": { "python": { "mapCase": false } } }, "interval": { "type": "string", "description": "The approximate number of seconds between thumbnails. The value must be an integer. The actual interval can vary by several seconds from one thumbnail to the next.\n", "language": { "python": { "mapCase": false } } }, "maxHeight": { "type": "string", "description": "The maximum height of thumbnails, in pixels. If you specify auto, Elastic Transcoder uses 1080 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 32 and 3072, inclusive.\n", "language": { "python": { "mapCase": false } } }, "maxWidth": { "type": "string", "description": "The maximum width of thumbnails, in pixels. If you specify auto, Elastic Transcoder uses 1920 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 32 and 4096, inclusive.\n", "language": { "python": { "mapCase": false } } }, "paddingPolicy": { "type": "string", "description": "When you set PaddingPolicy to Pad, Elastic Transcoder might add black bars to the top and bottom and/or left and right sides of thumbnails to make the total size of the thumbnails match the values that you specified for thumbnail MaxWidth and MaxHeight settings.\n", "language": { "python": { "mapCase": false } } }, "resolution": { "type": "string", "description": "The width and height of thumbnail files in pixels, in the format WidthxHeight, where both values are even integers. The values cannot exceed the width and height that you specified in the Video:Resolution object. (To better control resolution and aspect ratio of thumbnails, we recommend that you use the thumbnail values `max_width`, `max_height`, `sizing_policy`, and `padding_policy` instead of `resolution` and `aspect_ratio`. The two groups of settings are mutually exclusive. Do not use them together)\n", "language": { "python": { "mapCase": false } } }, "sizingPolicy": { "type": "string", "description": "A value that controls scaling of thumbnails. Valid values are: `Fit`, `Fill`, `Stretch`, `Keep`, `ShrinkToFit`, and `ShrinkToFill`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elastictranscoder/PresetVideo:PresetVideo": { "properties": { "aspectRatio": { "type": "string", "description": "The display aspect ratio of the video in the output file. Valid values are: `auto`, `1:1`, `4:3`, `3:2`, `16:9`. (Note; to better control resolution and aspect ratio of output videos, we recommend that you use the values `max_width`, `max_height`, `sizing_policy`, `padding_policy`, and `display_aspect_ratio` instead of `resolution` and `aspect_ratio`.)\n", "language": { "python": { "mapCase": false } } }, "bitRate": { "type": "string", "description": "The bit rate of the video stream in the output file, in kilobits/second. You can configure variable bit rate or constant bit rate encoding.\n", "language": { "python": { "mapCase": false } } }, "codec": { "type": "string", "description": "The video codec for the output file. Valid values are `gif`, `H.264`, `mpeg2`, `vp8`, and `vp9`.\n", "language": { "python": { "mapCase": false } } }, "displayAspectRatio": { "type": "string", "description": "The value that Elastic Transcoder adds to the metadata in the output file. If you set DisplayAspectRatio to auto, Elastic Transcoder chooses an aspect ratio that ensures square pixels. If you specify another option, Elastic Transcoder sets that value in the output file.\n", "language": { "python": { "mapCase": false } } }, "fixedGop": { "type": "string", "description": "Whether to use a fixed value for Video:FixedGOP. Not applicable for containers of type gif. Valid values are true and false. Also known as, Fixed Number of Frames Between Keyframes.\n", "language": { "python": { "mapCase": false } } }, "frameRate": { "type": "string", "description": "The frames per second for the video stream in the output file. The following values are valid: `auto`, `10`, `15`, `23.97`, `24`, `25`, `29.97`, `30`, `50`, `60`.\n", "language": { "python": { "mapCase": false } } }, "keyframesMaxDist": { "type": "string", "description": "The maximum number of frames between key frames. Not applicable for containers of type gif.\n", "language": { "python": { "mapCase": false } } }, "maxFrameRate": { "type": "string", "description": "If you specify auto for FrameRate, Elastic Transcoder uses the frame rate of the input video for the frame rate of the output video, up to the maximum frame rate. If you do not specify a MaxFrameRate, Elastic Transcoder will use a default of 30.\n", "language": { "python": { "mapCase": false } } }, "maxHeight": { "type": "string", "description": "The maximum height of the output video in pixels. If you specify auto, Elastic Transcoder uses 1080 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 96 and 3072, inclusive.\n", "language": { "python": { "mapCase": false } } }, "maxWidth": { "type": "string", "description": "The maximum width of the output video in pixels. If you specify auto, Elastic Transcoder uses 1920 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 128 and 4096, inclusive.\n", "language": { "python": { "mapCase": false } } }, "paddingPolicy": { "type": "string", "description": "When you set PaddingPolicy to Pad, Elastic Transcoder might add black bars to the top and bottom and/or left and right sides of the output video to make the total size of the output video match the values that you specified for `max_width` and `max_height`.\n", "language": { "python": { "mapCase": false } } }, "resolution": { "type": "string", "description": "The width and height of the video in the output file, in pixels. Valid values are `auto` and `widthxheight`. (see note for `aspect_ratio`)\n", "language": { "python": { "mapCase": false } } }, "sizingPolicy": { "type": "string", "description": "A value that controls scaling of the output video. Valid values are: `Fit`, `Fill`, `Stretch`, `Keep`, `ShrinkToFit`, `ShrinkToFill`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elastictranscoder/PresetVideoWatermark:PresetVideoWatermark": { "properties": { "horizontalAlign": { "type": "string", "description": "The horizontal position of the watermark unless you specify a nonzero value for `horzontal_offset`.\n", "language": { "python": { "mapCase": false } } }, "horizontalOffset": { "type": "string", "description": "The amount by which you want the horizontal position of the watermark to be offset from the position specified by `horizontal_align`.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "A unique identifier for the settings for one watermark. The value of Id can be up to 40 characters long. You can specify settings for up to four watermarks.\n", "language": { "python": { "mapCase": false } } }, "maxHeight": { "type": "string", "description": "The maximum height of the watermark.\n", "language": { "python": { "mapCase": false } } }, "maxWidth": { "type": "string", "description": "The maximum width of the watermark.\n", "language": { "python": { "mapCase": false } } }, "opacity": { "type": "string", "description": "A percentage that indicates how much you want a watermark to obscure the video in the location where it appears.\n", "language": { "python": { "mapCase": false } } }, "sizingPolicy": { "type": "string", "description": "A value that controls scaling of the watermark. Valid values are: `Fit`, `Stretch`, `ShrinkToFit`\n", "language": { "python": { "mapCase": false } } }, "target": { "type": "string", "description": "A value that determines how Elastic Transcoder interprets values that you specified for `video_watermarks.horizontal_offset`, `video_watermarks.vertical_offset`, `video_watermarks.max_width`, and `video_watermarks.max_height`. Valid values are `Content` and `Frame`.\n", "language": { "python": { "mapCase": false } } }, "verticalAlign": { "type": "string", "description": "The vertical position of the watermark unless you specify a nonzero value for `vertical_align`. Valid values are `Top`, `Bottom`, `Center`.\n", "language": { "python": { "mapCase": false } } }, "verticalOffset": { "type": "string", "description": "The amount by which you want the vertical position of the watermark to be offset from the position specified by `vertical_align`\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elb/LoadBalancerAccessLogs:LoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "description": "The S3 bucket name to store the logs in.\n", "language": { "python": { "mapCase": false } } }, "bucketPrefix": { "type": "string", "description": "The S3 bucket prefix. Logs are stored in the root if not configured.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `access_logs`. Default is `true`\n", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "description": "The publishing interval in minutes. Default: 60 minutes.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket" ] }, "aws:elb/LoadBalancerHealthCheck:LoadBalancerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer", "description": "The number of checks before the instance is declared healthy.\n", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "description": "The interval between checks.\n", "language": { "python": { "mapCase": false } } }, "target": { "type": "string", "description": "The target of the check. Valid pattern is \"${PROTOCOL}:${PORT}${PATH}\", where PROTOCOL\nvalues are:\n* `HTTP`, `HTTPS` - PORT and PATH are required\n* `TCP`, `SSL` - PORT is required, PATH is not supported\n", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "description": "The length of time before the check times out.\n", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "description": "The number of checks before the instance is declared unhealthy.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "healthyThreshold", "interval", "target", "timeout", "unhealthyThreshold" ] }, "aws:elb/LoadBalancerListener:LoadBalancerListener": { "properties": { "instancePort": { "type": "integer", "description": "The port on the instance to route to\n", "language": { "python": { "mapCase": false } } }, "instanceProtocol": { "type": "string", "description": "The protocol to use to the instance. Valid\nvalues are `HTTP`, `HTTPS`, `TCP`, or `SSL`\n", "language": { "python": { "mapCase": false } } }, "lbPort": { "type": "integer", "description": "The port to listen on for the load balancer\n", "language": { "python": { "mapCase": false } } }, "lbProtocol": { "type": "string", "description": "The protocol to listen on. Valid values are `HTTP`,\n`HTTPS`, `TCP`, or `SSL`\n", "language": { "python": { "mapCase": false } } }, "sslCertificateId": { "type": "string", "description": "The ARN of an SSL certificate you have\nuploaded to AWS IAM. **Note ECDSA-specific restrictions below. Only valid when `lb_protocol` is either HTTPS or SSL**\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "instancePort", "instanceProtocol", "lbPort", "lbProtocol" ] }, "aws:elb/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute": { "properties": { "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:elb/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute": { "properties": { "name": { "type": "string", "description": "The name of the attribute\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the attribute\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:elb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "language": { "python": { "mapCase": false } } }, "bucketPrefix": { "type": "string", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket", "bucketPrefix", "enabled", "interval" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elb/getLoadBalancerHealthCheck:getLoadBalancerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "language": { "python": { "mapCase": false } } }, "target": { "type": "string", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "healthyThreshold", "interval", "target", "timeout", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elb/getLoadBalancerListener:getLoadBalancerListener": { "properties": { "instancePort": { "type": "integer", "language": { "python": { "mapCase": false } } }, "instanceProtocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "lbPort": { "type": "integer", "language": { "python": { "mapCase": false } } }, "lbProtocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "sslCertificateId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "instancePort", "instanceProtocol", "lbPort", "lbProtocol", "sslCertificateId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:emr/ClusterBootstrapAction:ClusterBootstrapAction": { "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "List of command line arguments passed to the JAR file's main function when executed.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the step.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "Location of the script to run during a bootstrap action. Can be either a location in Amazon S3 or on a local file system\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "path" ] }, "aws:emr/ClusterCoreInstanceGroup:ClusterCoreInstanceGroup": { "properties": { "autoscalingPolicy": { "type": "string", "description": "The autoscaling policy document. This is a JSON formatted string. See [EMR Auto Scaling](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-automatic-scaling.html)\n", "language": { "python": { "mapCase": false } } }, "bidPrice": { "type": "string", "description": "Bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n", "language": { "python": { "mapCase": false } } }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterCoreInstanceGroupEbsConfig:ClusterCoreInstanceGroupEbsConfig" }, "description": "Configuration block(s) for EBS volumes attached to each instance in the instance group. Detailed below.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "The ID of the EMR Cluster\n", "language": { "python": { "mapCase": false } } }, "instanceCount": { "type": "integer", "description": "Target number of instances for the instance group. Must be 1 or 3. Defaults to 1. Launching with multiple master nodes is only supported in EMR version 5.23.0+, and requires this resource's `core_instance_group` to be configured. Public (Internet accessible) instances must be created in VPC subnets that have `map public IP on launch` enabled. Termination protection is automatically enabled when launched with multiple master nodes and this provider must have the `termination_protection = false` configuration applied before destroying this resource.\n", "language": { "python": { "mapCase": false } } }, "instanceType": { "type": "string", "description": "EC2 instance type for all instances in the instance group.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the step.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "instanceType" ], "language": { "nodejs": { "requiredOutputs": [ "ebsConfigs", "id", "instanceType" ] } } }, "aws:emr/ClusterCoreInstanceGroupEbsConfig:ClusterCoreInstanceGroupEbsConfig": { "properties": { "iops": { "type": "integer", "description": "The number of I/O operations per second (IOPS) that the volume supports\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The volume size, in gibibytes (GiB).\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The volume type. Valid options are `gp2`, `io1`, `standard` and `st1`. See [EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html).\n", "language": { "python": { "mapCase": false } } }, "volumesPerInstance": { "type": "integer", "description": "The number of EBS volumes with this configuration to attach to each EC2 instance in the instance group (default is 1)\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "size", "type" ] }, "aws:emr/ClusterEc2Attributes:ClusterEc2Attributes": { "properties": { "additionalMasterSecurityGroups": { "type": "string", "description": "String containing a comma separated list of additional Amazon EC2 security group IDs for the master node\n", "language": { "python": { "mapCase": false } } }, "additionalSlaveSecurityGroups": { "type": "string", "description": "String containing a comma separated list of additional Amazon EC2 security group IDs for the slave nodes as a comma separated string\n", "language": { "python": { "mapCase": false } } }, "emrManagedMasterSecurityGroup": { "type": "string", "description": "Identifier of the Amazon EC2 EMR-Managed security group for the master node\n", "language": { "python": { "mapCase": false } } }, "emrManagedSlaveSecurityGroup": { "type": "string", "description": "Identifier of the Amazon EC2 EMR-Managed security group for the slave nodes\n", "language": { "python": { "mapCase": false } } }, "instanceProfile": { "type": "string", "description": "Instance Profile for EC2 instances of the cluster assume this role\n", "language": { "python": { "mapCase": false } } }, "keyName": { "type": "string", "description": "Amazon EC2 key pair that can be used to ssh to the master node as the user called `hadoop`\n", "language": { "python": { "mapCase": false } } }, "serviceAccessSecurityGroup": { "type": "string", "description": "Identifier of the Amazon EC2 service-access security group - required when the cluster runs on a private subnet\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "VPC subnet id where you want the job flow to launch. Cannot specify the `cc1.4xlarge` instance type for nodes of a job flow launched in a Amazon VPC\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "instanceProfile" ], "language": { "nodejs": { "requiredOutputs": [ "emrManagedMasterSecurityGroup", "emrManagedSlaveSecurityGroup", "instanceProfile", "serviceAccessSecurityGroup" ] } } }, "aws:emr/ClusterInstanceGroup:ClusterInstanceGroup": { "properties": { "autoscalingPolicy": { "type": "string", "description": "The autoscaling policy document. This is a JSON formatted string. See [EMR Auto Scaling](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-automatic-scaling.html)\n", "language": { "python": { "mapCase": false } } }, "bidPrice": { "type": "string", "description": "Bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n", "language": { "python": { "mapCase": false } } }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterInstanceGroupEbsConfig:ClusterInstanceGroupEbsConfig" }, "description": "Configuration block(s) for EBS volumes attached to each instance in the instance group. Detailed below.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "The ID of the EMR Cluster\n", "language": { "python": { "mapCase": false } } }, "instanceCount": { "type": "integer", "description": "Target number of instances for the instance group. Must be 1 or 3. Defaults to 1. Launching with multiple master nodes is only supported in EMR version 5.23.0+, and requires this resource's `core_instance_group` to be configured. Public (Internet accessible) instances must be created in VPC subnets that have `map public IP on launch` enabled. Termination protection is automatically enabled when launched with multiple master nodes and this provider must have the `termination_protection = false` configuration applied before destroying this resource.\n", "language": { "python": { "mapCase": false } } }, "instanceRole": { "type": "string", "description": "The role of the instance group in the cluster. Valid values are: `MASTER`, `CORE`, and `TASK`.\n", "language": { "python": { "mapCase": false } } }, "instanceType": { "type": "string", "description": "EC2 instance type for all instances in the instance group.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the step.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "instanceRole", "instanceType" ], "language": { "nodejs": { "requiredOutputs": [ "ebsConfigs", "id", "instanceRole", "instanceType" ] } } }, "aws:emr/ClusterInstanceGroupEbsConfig:ClusterInstanceGroupEbsConfig": { "properties": { "iops": { "type": "integer", "description": "The number of I/O operations per second (IOPS) that the volume supports\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The volume size, in gibibytes (GiB).\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The volume type. Valid options are `gp2`, `io1`, `standard` and `st1`. See [EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html).\n", "language": { "python": { "mapCase": false } } }, "volumesPerInstance": { "type": "integer", "description": "The number of EBS volumes with this configuration to attach to each EC2 instance in the instance group (default is 1)\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "size", "type" ] }, "aws:emr/ClusterKerberosAttributes:ClusterKerberosAttributes": { "properties": { "adDomainJoinPassword": { "type": "string", "description": "The Active Directory password for `ad_domain_join_user`. This provider cannot perform drift detection of this configuration.\n", "language": { "python": { "mapCase": false } } }, "adDomainJoinUser": { "type": "string", "description": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain. This provider cannot perform drift detection of this configuration.\n", "language": { "python": { "mapCase": false } } }, "crossRealmTrustPrincipalPassword": { "type": "string", "description": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms. This provider cannot perform drift detection of this configuration.\n", "language": { "python": { "mapCase": false } } }, "kdcAdminPassword": { "type": "string", "description": "The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster. This provider cannot perform drift detection of this configuration.\n", "language": { "python": { "mapCase": false } } }, "realm": { "type": "string", "description": "The name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "kdcAdminPassword", "realm" ] }, "aws:emr/ClusterMasterInstanceGroup:ClusterMasterInstanceGroup": { "properties": { "bidPrice": { "type": "string", "description": "Bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n", "language": { "python": { "mapCase": false } } }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterMasterInstanceGroupEbsConfig:ClusterMasterInstanceGroupEbsConfig" }, "description": "Configuration block(s) for EBS volumes attached to each instance in the instance group. Detailed below.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "The ID of the EMR Cluster\n", "language": { "python": { "mapCase": false } } }, "instanceCount": { "type": "integer", "description": "Target number of instances for the instance group. Must be 1 or 3. Defaults to 1. Launching with multiple master nodes is only supported in EMR version 5.23.0+, and requires this resource's `core_instance_group` to be configured. Public (Internet accessible) instances must be created in VPC subnets that have `map public IP on launch` enabled. Termination protection is automatically enabled when launched with multiple master nodes and this provider must have the `termination_protection = false` configuration applied before destroying this resource.\n", "language": { "python": { "mapCase": false } } }, "instanceType": { "type": "string", "description": "EC2 instance type for all instances in the instance group.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the step.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "instanceType" ], "language": { "nodejs": { "requiredOutputs": [ "ebsConfigs", "id", "instanceType" ] } } }, "aws:emr/ClusterMasterInstanceGroupEbsConfig:ClusterMasterInstanceGroupEbsConfig": { "properties": { "iops": { "type": "integer", "description": "The number of I/O operations per second (IOPS) that the volume supports\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The volume size, in gibibytes (GiB).\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The volume type. Valid options are `gp2`, `io1`, `standard` and `st1`. See [EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html).\n", "language": { "python": { "mapCase": false } } }, "volumesPerInstance": { "type": "integer", "description": "The number of EBS volumes with this configuration to attach to each EC2 instance in the instance group (default is 1)\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "size", "type" ] }, "aws:emr/ClusterStep:ClusterStep": { "properties": { "actionOnFailure": { "type": "string", "description": "The action to take if the step fails. Valid values: `TERMINATE_JOB_FLOW`, `TERMINATE_CLUSTER`, `CANCEL_AND_WAIT`, and `CONTINUE`\n", "language": { "python": { "mapCase": false } } }, "hadoopJarStep": { "$ref": "#/types/aws:emr/ClusterStepHadoopJarStep:ClusterStepHadoopJarStep", "description": "The JAR file used for the step. Defined below.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the step.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "actionOnFailure", "hadoopJarStep", "name" ] }, "aws:emr/ClusterStepHadoopJarStep:ClusterStepHadoopJarStep": { "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "List of command line arguments passed to the JAR file's main function when executed.\n", "language": { "python": { "mapCase": false } } }, "jar": { "type": "string", "description": "Path to a JAR file run during the step.\n", "language": { "python": { "mapCase": false } } }, "mainClass": { "type": "string", "description": "Name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.\n", "language": { "python": { "mapCase": false } } }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-Value map of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "jar" ] }, "aws:emr/InstanceGroupEbsConfig:InstanceGroupEbsConfig": { "properties": { "iops": { "type": "integer", "description": "The number of I/O operations per second (IOPS) that the volume supports.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The volume type. Valid options are 'gp2', 'io1' and 'standard'.\n", "language": { "python": { "mapCase": false } } }, "volumesPerInstance": { "type": "integer", "description": "The number of EBS Volumes to attach per instance.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "size", "type" ] }, "aws:fsx/WindowsFileSystemSelfManagedActiveDirectory:WindowsFileSystemSelfManagedActiveDirectory": { "properties": { "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of up to two IP addresses of DNS servers or domain controllers in the self-managed AD directory. The IP addresses need to be either in the same VPC CIDR range as the file system or in the private IP version 4 (IPv4) address ranges as specified in [RFC 1918](https://tools.ietf.org/html/rfc1918).\n", "language": { "python": { "mapCase": false } } }, "domainName": { "type": "string", "description": "The fully qualified domain name of the self-managed AD directory. For example, `corp.example.com`.\n", "language": { "python": { "mapCase": false } } }, "fileSystemAdministratorsGroup": { "type": "string", "description": "The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, and setting audit controls (audit ACLs) on files and folders. The group that you specify must already exist in your domain. Defaults to `Domain Admins`.\n", "language": { "python": { "mapCase": false } } }, "organizationalUnitDistinguishedName": { "type": "string", "description": "The fully qualified distinguished name of the organizational unit within your self-managed AD directory that the Windows File Server instance will join. For example, `OU=FSx,DC=yourdomain,DC=corp,DC=com`. Only accepts OU as the direct parent of the file system. If none is provided, the FSx file system is created in the default location of your self-managed AD directory. To learn more, see [RFC 2253](https://tools.ietf.org/html/rfc2253).\n", "language": { "python": { "mapCase": false } } }, "password": { "type": "string", "description": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.\n", "language": { "python": { "mapCase": false } } }, "username": { "type": "string", "description": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dnsIps", "domainName", "password", "username" ] }, "aws:gamelift/AliasRoutingStrategy:AliasRoutingStrategy": { "properties": { "fleetId": { "type": "string", "description": "ID of the Gamelift Fleet to point the alias to.\n", "language": { "python": { "mapCase": false } } }, "message": { "type": "string", "description": "Message text to be used with the `TERMINAL` routing strategy.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "Type of routing strategy. e.g. `SIMPLE` or `TERMINAL`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:gamelift/BuildStorageLocation:BuildStorageLocation": { "properties": { "bucket": { "type": "string", "description": "Name of your S3 bucket.\n", "language": { "python": { "mapCase": false } } }, "key": { "type": "string", "description": "Name of the zip file containing your build files.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "ARN of the access role that allows Amazon GameLift to access your S3 bucket.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket", "key", "roleArn" ] }, "aws:gamelift/FleetEc2InboundPermission:FleetEc2InboundPermission": { "properties": { "fromPort": { "type": "integer", "description": "Starting value for a range of allowed port numbers.\n", "language": { "python": { "mapCase": false } } }, "ipRange": { "type": "string", "description": "Range of allowed IP addresses expressed in CIDR notation. e.g. `000.000.000.000/[subnet mask]` or `0.0.0.0/[subnet mask]`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "Network communication protocol used by the fleet. e.g. `TCP` or `UDP`\n", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "description": "Ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be higher than `from_port`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fromPort", "ipRange", "protocol", "toPort" ] }, "aws:gamelift/FleetResourceCreationLimitPolicy:FleetResourceCreationLimitPolicy": { "properties": { "newGameSessionsPerCreator": { "type": "integer", "description": "Maximum number of game sessions that an individual can create during the policy period.\n", "language": { "python": { "mapCase": false } } }, "policyPeriodInMinutes": { "type": "integer", "description": "Time span used in evaluating the resource creation limit policy.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:gamelift/FleetRuntimeConfiguration:FleetRuntimeConfiguration": { "properties": { "gameSessionActivationTimeoutSeconds": { "type": "integer", "description": "Maximum amount of time (in seconds) that a game session can remain in status `ACTIVATING`.\n", "language": { "python": { "mapCase": false } } }, "maxConcurrentGameSessionActivations": { "type": "integer", "description": "Maximum number of game sessions with status `ACTIVATING` to allow on an instance simultaneously.\n", "language": { "python": { "mapCase": false } } }, "serverProcesses": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/FleetRuntimeConfigurationServerProcess:FleetRuntimeConfigurationServerProcess" }, "description": "Collection of server process configurations that describe which server processes to run on each instance in a fleet. See below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:gamelift/FleetRuntimeConfigurationServerProcess:FleetRuntimeConfigurationServerProcess": { "properties": { "concurrentExecutions": { "type": "integer", "description": "Number of server processes using this configuration to run concurrently on an instance.\n", "language": { "python": { "mapCase": false } } }, "launchPath": { "type": "string", "description": "Location of the server executable in a game build. All game builds are installed on instances at the root : for Windows instances `C:\\game`, and for Linux instances `/local/game`.\n", "language": { "python": { "mapCase": false } } }, "parameters": { "type": "string", "description": "Optional list of parameters to pass to the server executable on launch.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "concurrentExecutions", "launchPath" ] }, "aws:gamelift/GameSessionQueuePlayerLatencyPolicy:GameSessionQueuePlayerLatencyPolicy": { "properties": { "maximumIndividualPlayerLatencyMilliseconds": { "type": "integer", "description": "Maximum latency value that is allowed for any player.\n", "language": { "python": { "mapCase": false } } }, "policyDurationSeconds": { "type": "integer", "description": "Length of time that the policy is enforced while placing a new game session. Absence of value for this attribute means that the policy is enforced until the queue times out.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "maximumIndividualPlayerLatencyMilliseconds" ] }, "aws:glacier/VaultNotification:VaultNotification": { "properties": { "events": { "type": "array", "items": { "type": "string" }, "description": "You can configure a vault to publish a notification for `ArchiveRetrievalCompleted` and `InventoryRetrievalCompleted` events.\n", "language": { "python": { "mapCase": false } } }, "snsTopic": { "type": "string", "description": "The SNS Topic ARN.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "events", "snsTopic" ] }, "aws:globalaccelerator/AcceleratorAttributes:AcceleratorAttributes": { "properties": { "flowLogsEnabled": { "type": "boolean", "description": "Indicates whether flow logs are enabled.\n", "language": { "python": { "mapCase": false } } }, "flowLogsS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket for the flow logs.\n", "language": { "python": { "mapCase": false } } }, "flowLogsS3Prefix": { "type": "string", "description": "The prefix for the location in the Amazon S3 bucket for the flow logs.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:globalaccelerator/AcceleratorIpSet:AcceleratorIpSet": { "properties": { "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "A list of IP addresses in the IP address set.\n", "language": { "python": { "mapCase": false } } }, "ipFamily": { "type": "string", "description": "The types of IP addresses included in this IP set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ipAddresses", "ipFamily" ] } } }, "aws:globalaccelerator/EndpointGroupEndpointConfiguration:EndpointGroupEndpointConfiguration": { "properties": { "endpointId": { "type": "string", "description": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The weight associated with the endpoint. When you add weights to endpoints, you configure AWS Global Accelerator to route traffic based on proportions that you specify.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:globalaccelerator/ListenerPortRange:ListenerPortRange": { "properties": { "fromPort": { "type": "integer", "description": "The first port in the range of ports, inclusive.\n", "language": { "python": { "mapCase": false } } }, "toPort": { "type": "integer", "description": "The last port in the range of ports, inclusive.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/CatalogTablePartitionKey:CatalogTablePartitionKey": { "properties": { "comment": { "type": "string", "description": "Free-form text comment.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "Name of the SerDe.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The datatype of data in the Column.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name" ] }, "aws:glue/CatalogTableStorageDescriptor:CatalogTableStorageDescriptor": { "properties": { "bucketColumns": { "type": "array", "items": { "type": "string" }, "description": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.\n", "language": { "python": { "mapCase": false } } }, "columns": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptorColumn:CatalogTableStorageDescriptorColumn" }, "description": "A list of the Columns in the table.\n", "language": { "python": { "mapCase": false } } }, "compressed": { "type": "boolean", "description": "True if the data in the table is compressed, or False if not.\n", "language": { "python": { "mapCase": false } } }, "inputFormat": { "type": "string", "description": "The input format: SequenceFileInputFormat (binary), or TextInputFormat, or a custom format.\n", "language": { "python": { "mapCase": false } } }, "location": { "type": "string", "description": "The physical location of the table. By default this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.\n", "language": { "python": { "mapCase": false } } }, "numberOfBuckets": { "type": "integer", "description": "Must be specified if the table contains any dimension columns.\n", "language": { "python": { "mapCase": false } } }, "outputFormat": { "type": "string", "description": "The output format: SequenceFileOutputFormat (binary), or IgnoreKeyTextOutputFormat, or a custom format.\n", "language": { "python": { "mapCase": false } } }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of initialization parameters for the SerDe, in key-value form.\n", "language": { "python": { "mapCase": false } } }, "serDeInfo": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptorSerDeInfo:CatalogTableStorageDescriptorSerDeInfo", "description": "Serialization/deserialization (SerDe) information.\n", "language": { "python": { "mapCase": false } } }, "skewedInfo": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptorSkewedInfo:CatalogTableStorageDescriptorSkewedInfo", "description": "Information about values that appear very frequently in a column (skewed values).\n", "language": { "python": { "mapCase": false } } }, "sortColumns": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptorSortColumn:CatalogTableStorageDescriptorSortColumn" }, "description": "A list of Order objects specifying the sort order of each bucket in the table.\n", "language": { "python": { "mapCase": false } } }, "storedAsSubDirectories": { "type": "boolean", "description": "True if the table data is stored in subdirectories, or False if not.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/CatalogTableStorageDescriptorColumn:CatalogTableStorageDescriptorColumn": { "properties": { "comment": { "type": "string", "description": "Free-form text comment.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "Name of the SerDe.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The datatype of data in the Column.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name" ] }, "aws:glue/CatalogTableStorageDescriptorSerDeInfo:CatalogTableStorageDescriptorSerDeInfo": { "properties": { "name": { "type": "string", "description": "Name of the SerDe.\n", "language": { "python": { "mapCase": false } } }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of initialization parameters for the SerDe, in key-value form.\n", "language": { "python": { "mapCase": false } } }, "serializationLibrary": { "type": "string", "description": "Usually the class that implements the SerDe. An example is: org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/CatalogTableStorageDescriptorSkewedInfo:CatalogTableStorageDescriptorSkewedInfo": { "properties": { "skewedColumnNames": { "type": "array", "items": { "type": "string" }, "description": "A list of names of columns that contain skewed values.\n", "language": { "python": { "mapCase": false } } }, "skewedColumnValueLocationMaps": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of values that appear so frequently as to be considered skewed.\n", "language": { "python": { "mapCase": false } } }, "skewedColumnValues": { "type": "array", "items": { "type": "string" }, "description": "A map of skewed values to the columns that contain them.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/CatalogTableStorageDescriptorSortColumn:CatalogTableStorageDescriptorSortColumn": { "properties": { "column": { "type": "string", "description": "The name of the column.\n", "language": { "python": { "mapCase": false } } }, "sortOrder": { "type": "integer", "description": "Indicates that the column is sorted in ascending order (== 1), or in descending order (==0).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "column", "sortOrder" ] }, "aws:glue/ClassifierCsvClassifier:ClassifierCsvClassifier": { "properties": { "allowSingleColumn": { "type": "boolean", "description": "Enables the processing of files that contain only one column.\n", "language": { "python": { "mapCase": false } } }, "containsHeader": { "type": "string", "description": "Indicates whether the CSV file contains a header. This can be one of \"ABSENT\", \"PRESENT\", or \"UNKNOWN\".\n", "language": { "python": { "mapCase": false } } }, "delimiter": { "type": "string", "description": "The delimiter used in the Csv to separate columns.\n", "language": { "python": { "mapCase": false } } }, "disableValueTrimming": { "type": "boolean", "description": "Specifies whether to trim column values.\n", "language": { "python": { "mapCase": false } } }, "headers": { "type": "array", "items": { "type": "string" }, "description": "A list of strings representing column names.\n", "language": { "python": { "mapCase": false } } }, "quoteSymbol": { "type": "string", "description": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/ClassifierGrokClassifier:ClassifierGrokClassifier": { "properties": { "classification": { "type": "string", "description": "An identifier of the data format that the classifier matches.\n", "language": { "python": { "mapCase": false } } }, "customPatterns": { "type": "string", "description": "Custom grok patterns used by this classifier.\n", "language": { "python": { "mapCase": false } } }, "grokPattern": { "type": "string", "description": "The grok pattern used by this classifier.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "classification", "grokPattern" ] }, "aws:glue/ClassifierJsonClassifier:ClassifierJsonClassifier": { "properties": { "jsonPath": { "type": "string", "description": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath`, as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "jsonPath" ] }, "aws:glue/ClassifierXmlClassifier:ClassifierXmlClassifier": { "properties": { "classification": { "type": "string", "description": "An identifier of the data format that the classifier matches.\n", "language": { "python": { "mapCase": false } } }, "rowTag": { "type": "string", "description": "The XML tag designating the element that contains each record in an XML document being parsed. Note that this cannot identify a self-closing element (closed by `/\u003e`). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `\u003crow item_a=\"A\" item_b=\"B\"\u003e\u003c/row\u003e` is okay, but `\u003crow item_a=\"A\" item_b=\"B\" /\u003e` is not).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "classification", "rowTag" ] }, "aws:glue/ConnectionPhysicalConnectionRequirements:ConnectionPhysicalConnectionRequirements": { "properties": { "availabilityZone": { "type": "string", "description": "The availability zone of the connection. This field is redundant and implied by `subnet_id`, but is currently an api requirement.\n", "language": { "python": { "mapCase": false } } }, "securityGroupIdLists": { "type": "array", "items": { "type": "string" }, "description": "The security group ID list used by the connection.\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "The subnet ID used by the connection.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/CrawlerCatalogTarget:CrawlerCatalogTarget": { "properties": { "databaseName": { "type": "string", "description": "The name of the Glue database to be synchronized.\n", "language": { "python": { "mapCase": false } } }, "tables": { "type": "array", "items": { "type": "string" }, "description": "A list of catalog tables to be synchronized.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "databaseName", "tables" ] }, "aws:glue/CrawlerDynamodbTarget:CrawlerDynamodbTarget": { "properties": { "path": { "type": "string", "description": "The name of the DynamoDB table to crawl.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "path" ] }, "aws:glue/CrawlerJdbcTarget:CrawlerJdbcTarget": { "properties": { "connectionName": { "type": "string", "description": "The name of the connection to use to connect to the JDBC target.\n", "language": { "python": { "mapCase": false } } }, "exclusions": { "type": "array", "items": { "type": "string" }, "description": "A list of glob patterns used to exclude from the crawl.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The path of the JDBC target.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "connectionName", "path" ] }, "aws:glue/CrawlerS3Target:CrawlerS3Target": { "properties": { "exclusions": { "type": "array", "items": { "type": "string" }, "description": "A list of glob patterns used to exclude from the crawl.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The name of the DynamoDB table to crawl.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "path" ] }, "aws:glue/CrawlerSchemaChangePolicy:CrawlerSchemaChangePolicy": { "properties": { "deleteBehavior": { "type": "string", "description": "The deletion behavior when the crawler finds a deleted object. Valid values: `LOG`, `DELETE_FROM_DATABASE`, or `DEPRECATE_IN_DATABASE`. Defaults to `DEPRECATE_IN_DATABASE`.\n", "language": { "python": { "mapCase": false } } }, "updateBehavior": { "type": "string", "description": "The update behavior when the crawler finds a changed schema. Valid values: `LOG` or `UPDATE_IN_DATABASE`. Defaults to `UPDATE_IN_DATABASE`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/JobCommand:JobCommand": { "properties": { "name": { "type": "string", "description": "The name of the job command. Defaults to `glueetl`. Use `pythonshell` for Python Shell Job Type, `max_capacity` needs to be set if `pythonshell` is chosen.\n", "language": { "python": { "mapCase": false } } }, "pythonVersion": { "type": "string", "description": "The Python version being used to execute a Python shell job. Allowed values are 2 or 3.\n", "language": { "python": { "mapCase": false } } }, "scriptLocation": { "type": "string", "description": "Specifies the S3 path to a script that executes a job.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "scriptLocation" ], "language": { "nodejs": { "requiredOutputs": [ "pythonVersion", "scriptLocation" ] } } }, "aws:glue/JobExecutionProperty:JobExecutionProperty": { "properties": { "maxConcurrentRuns": { "type": "integer", "description": "The maximum number of concurrent runs allowed for a job. The default is 1.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/JobNotificationProperty:JobNotificationProperty": { "properties": { "notifyDelayAfter": { "type": "integer", "description": "After a job run starts, the number of minutes to wait before sending a job run delay notification.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/SecurityConfigurationEncryptionConfiguration:SecurityConfigurationEncryptionConfiguration": { "properties": { "cloudwatchEncryption": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfigurationCloudwatchEncryption:SecurityConfigurationEncryptionConfigurationCloudwatchEncryption", "language": { "python": { "mapCase": false } } }, "jobBookmarksEncryption": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfigurationJobBookmarksEncryption:SecurityConfigurationEncryptionConfigurationJobBookmarksEncryption", "language": { "python": { "mapCase": false } } }, "s3Encryption": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfigurationS3Encryption:SecurityConfigurationEncryptionConfigurationS3Encryption", "description": "A `s3_encryption ` block as described below, which contains encryption configuration for S3 data.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cloudwatchEncryption", "jobBookmarksEncryption", "s3Encryption" ] }, "aws:glue/SecurityConfigurationEncryptionConfigurationCloudwatchEncryption:SecurityConfigurationEncryptionConfigurationCloudwatchEncryption": { "properties": { "cloudwatchEncryptionMode": { "type": "string", "description": "Encryption mode to use for CloudWatch data. Valid values: `DISABLED`, `SSE-KMS`. Default value: `DISABLED`.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/SecurityConfigurationEncryptionConfigurationJobBookmarksEncryption:SecurityConfigurationEncryptionConfigurationJobBookmarksEncryption": { "properties": { "jobBookmarksEncryptionMode": { "type": "string", "description": "Encryption mode to use for job bookmarks data. Valid values: `CSE-KMS`, `DISABLED`. Default value: `DISABLED`.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/SecurityConfigurationEncryptionConfigurationS3Encryption:SecurityConfigurationEncryptionConfigurationS3Encryption": { "properties": { "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.\n", "language": { "python": { "mapCase": false } } }, "s3EncryptionMode": { "type": "string", "description": "Encryption mode to use for S3 data. Valid values: `DISABLED`, `SSE-KMS`, `SSE-S3`. Default value: `DISABLED`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/TriggerAction:TriggerAction": { "properties": { "arguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Arguments to be passed to the job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes.\n", "language": { "python": { "mapCase": false } } }, "crawlerName": { "type": "string", "description": "The name of the crawler to be executed. Conflicts with `job_name`.\n", "language": { "python": { "mapCase": false } } }, "jobName": { "type": "string", "description": "The name of a job to be executed. Conflicts with `crawler_name`.\n", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "description": "The job run timeout in minutes. It overrides the timeout value of the job.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/TriggerPredicate:TriggerPredicate": { "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerPredicateCondition:TriggerPredicateCondition" }, "description": "A list of the conditions that determine when the trigger will fire. Defined below.\n", "language": { "python": { "mapCase": false } } }, "logical": { "type": "string", "description": "How to handle multiple conditions. Defaults to `AND`. Valid values are `AND` or `ANY`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "conditions" ] }, "aws:glue/TriggerPredicateCondition:TriggerPredicateCondition": { "properties": { "crawlState": { "type": "string", "description": "The condition crawl state. Currently, the values supported are `RUNNING`, `SUCCEEDED`, `CANCELLED`, and `FAILED`. If this is specified, `crawler_name` must also be specified. Conflicts with `state`.\n", "language": { "python": { "mapCase": false } } }, "crawlerName": { "type": "string", "description": "The name of the crawler to watch. If this is specified, `crawl_state` must also be specified. Conflicts with `job_name`.\n", "language": { "python": { "mapCase": false } } }, "jobName": { "type": "string", "description": "The name of the job to watch. If this is specified, `state` must also be specified. Conflicts with `crawler_name`.\n", "language": { "python": { "mapCase": false } } }, "logicalOperator": { "type": "string", "description": "A logical operator. Defaults to `EQUALS`.\n", "language": { "python": { "mapCase": false } } }, "state": { "type": "string", "description": "The condition job state. Currently, the values supported are `SUCCEEDED`, `STOPPED`, `TIMEOUT` and `FAILED`. If this is specified, `job_name` must also be specified. Conflicts with `crawler_state`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:glue/getScriptDagEdge:getScriptDagEdge": { "properties": { "source": { "type": "string", "description": "The ID of the node at which the edge starts.\n", "language": { "python": { "mapCase": false } } }, "target": { "type": "string", "description": "The ID of the node at which the edge ends.\n", "language": { "python": { "mapCase": false } } }, "targetParameter": { "type": "string", "description": "The target of the edge.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "source", "target" ] }, "aws:glue/getScriptDagNode:getScriptDagNode": { "properties": { "args": { "type": "array", "items": { "$ref": "#/types/aws:glue/getScriptDagNodeArg:getScriptDagNodeArg" }, "description": "Nested configuration an argument or property of a node. Defined below.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "A node identifier that is unique within the node's graph.\n", "language": { "python": { "mapCase": false } } }, "lineNumber": { "type": "integer", "description": "The line number of the node.\n", "language": { "python": { "mapCase": false } } }, "nodeType": { "type": "string", "description": "The type of node this is.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "args", "id", "nodeType" ] }, "aws:glue/getScriptDagNodeArg:getScriptDagNodeArg": { "properties": { "name": { "type": "string", "description": "The name of the argument or property.\n", "language": { "python": { "mapCase": false } } }, "param": { "type": "boolean", "description": "Boolean if the value is used as a parameter. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the argument or property.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:iam/getGroupUser:getGroupUser": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the iam user.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The path to the iam user.\n", "language": { "python": { "mapCase": false } } }, "userId": { "type": "string", "description": "The stable and unique string identifying the iam user.\n", "language": { "python": { "mapCase": false } } }, "userName": { "type": "string", "description": "The name of the iam user.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn", "path", "userId", "userName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:iam/getPolicyDocumentStatement:getPolicyDocumentStatement": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "A list of actions that this statement either allows\nor denies. For example, ``[\"ec2:RunInstances\", \"s3:*\"]``.\n", "language": { "python": { "mapCase": false } } }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPolicyDocumentStatementCondition:getPolicyDocumentStatementCondition" }, "description": "A nested configuration block (described below)\nthat defines a further, possibly-service-specific condition that constrains\nwhether this statement applies.\n", "language": { "python": { "mapCase": false } } }, "effect": { "type": "string", "description": "Either \"Allow\" or \"Deny\", to specify whether this\nstatement allows or denies the given actions. The default is \"Allow\".\n", "language": { "python": { "mapCase": false } } }, "notActions": { "type": "array", "items": { "type": "string" }, "description": "A list of actions that this statement does *not*\napply to. Used to apply a policy statement to all actions *except* those\nlisted.\n", "language": { "python": { "mapCase": false } } }, "notPrincipals": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPolicyDocumentStatementNotPrincipal:getPolicyDocumentStatementNotPrincipal" }, "description": "Like `principals` except gives resources that\nthe statement does *not* apply to.\n", "language": { "python": { "mapCase": false } } }, "notResources": { "type": "array", "items": { "type": "string" }, "description": "A list of resource ARNs that this statement\ndoes *not* apply to. Used to apply a policy statement to all resources\n*except* those listed.\n", "language": { "python": { "mapCase": false } } }, "principals": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPolicyDocumentStatementPrincipal:getPolicyDocumentStatementPrincipal" }, "description": "A nested configuration block (described below)\nspecifying a resource (or resource pattern) to which this statement applies.\n", "language": { "python": { "mapCase": false } } }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of resource ARNs that this statement applies\nto. This is required by AWS if used for an IAM policy.\n", "language": { "python": { "mapCase": false } } }, "sid": { "type": "string", "description": "An ID for the policy statement.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:iam/getPolicyDocumentStatementCondition:getPolicyDocumentStatementCondition": { "properties": { "test": { "type": "string", "description": "The name of the\n[IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html)\nto evaluate.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "The values to evaluate the condition against. If multiple\nvalues are provided, the condition matches if at least one of them applies.\n(That is, the tests are combined with the \"OR\" boolean operation.)\n", "language": { "python": { "mapCase": false } } }, "variable": { "type": "string", "description": "The name of a\n[Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys)\nto apply the condition to. Context variables may either be standard AWS\nvariables starting with `aws:`, or service-specific variables prefixed with\nthe service name.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "test", "values", "variable" ] }, "aws:iam/getPolicyDocumentStatementNotPrincipal:getPolicyDocumentStatementNotPrincipal": { "properties": { "identifiers": { "type": "array", "items": { "type": "string" }, "description": "List of identifiers for principals. When `type`\nis \"AWS\", these are IAM user or role ARNs. When `type` is \"Service\", these are AWS Service roles e.g. `lambda.amazonaws.com`. When `type` is \"Federated\", these are web identity users or SAML provider ARNs.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of principal. For AWS ARNs this is \"AWS\". For AWS services (e.g. Lambda), this is \"Service\". For Federated access the type is \"Federated\".\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "identifiers", "type" ] }, "aws:iam/getPolicyDocumentStatementPrincipal:getPolicyDocumentStatementPrincipal": { "properties": { "identifiers": { "type": "array", "items": { "type": "string" }, "description": "List of identifiers for principals. When `type`\nis \"AWS\", these are IAM user or role ARNs. When `type` is \"Service\", these are AWS Service roles e.g. `lambda.amazonaws.com`. When `type` is \"Federated\", these are web identity users or SAML provider ARNs.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of principal. For AWS ARNs this is \"AWS\". For AWS services (e.g. Lambda), this is \"Service\". For Federated access the type is \"Federated\".\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "identifiers", "type" ] }, "aws:index/ProviderAssumeRole:ProviderAssumeRole": { "properties": { "externalId": { "type": "string", "language": { "python": { "mapCase": false } } }, "policy": { "type": "string", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionName": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:index/ProviderEndpoint:ProviderEndpoint": { "properties": { "accessanalyzer": { "type": "string", "language": { "python": { "mapCase": false } } }, "acm": { "type": "string", "language": { "python": { "mapCase": false } } }, "acmpca": { "type": "string", "language": { "python": { "mapCase": false } } }, "amplify": { "type": "string", "language": { "python": { "mapCase": false } } }, "apigateway": { "type": "string", "language": { "python": { "mapCase": false } } }, "applicationautoscaling": { "type": "string", "language": { "python": { "mapCase": false } } }, "applicationinsights": { "type": "string", "language": { "python": { "mapCase": false } } }, "appmesh": { "type": "string", "language": { "python": { "mapCase": false } } }, "appstream": { "type": "string", "language": { "python": { "mapCase": false } } }, "appsync": { "type": "string", "language": { "python": { "mapCase": false } } }, "athena": { "type": "string", "language": { "python": { "mapCase": false } } }, "autoscaling": { "type": "string", "language": { "python": { "mapCase": false } } }, "autoscalingplans": { "type": "string", "language": { "python": { "mapCase": false } } }, "backup": { "type": "string", "language": { "python": { "mapCase": false } } }, "batch": { "type": "string", "language": { "python": { "mapCase": false } } }, "budgets": { "type": "string", "language": { "python": { "mapCase": false } } }, "cloud9": { "type": "string", "language": { "python": { "mapCase": false } } }, "cloudformation": { "type": "string", "language": { "python": { "mapCase": false } } }, "cloudfront": { "type": "string", "language": { "python": { "mapCase": false } } }, "cloudhsm": { "type": "string", "language": { "python": { "mapCase": false } } }, "cloudsearch": { "type": "string", "language": { "python": { "mapCase": false } } }, "cloudtrail": { "type": "string", "language": { "python": { "mapCase": false } } }, "cloudwatch": { "type": "string", "language": { "python": { "mapCase": false } } }, "cloudwatchevents": { "type": "string", "language": { "python": { "mapCase": false } } }, "cloudwatchlogs": { "type": "string", "language": { "python": { "mapCase": false } } }, "codeartifact": { "type": "string", "language": { "python": { "mapCase": false } } }, "codebuild": { "type": "string", "language": { "python": { "mapCase": false } } }, "codecommit": { "type": "string", "language": { "python": { "mapCase": false } } }, "codedeploy": { "type": "string", "language": { "python": { "mapCase": false } } }, "codepipeline": { "type": "string", "language": { "python": { "mapCase": false } } }, "cognitoidentity": { "type": "string", "language": { "python": { "mapCase": false } } }, "cognitoidp": { "type": "string", "language": { "python": { "mapCase": false } } }, "configservice": { "type": "string", "language": { "python": { "mapCase": false } } }, "cur": { "type": "string", "language": { "python": { "mapCase": false } } }, "dataexchange": { "type": "string", "language": { "python": { "mapCase": false } } }, "datapipeline": { "type": "string", "language": { "python": { "mapCase": false } } }, "datasync": { "type": "string", "language": { "python": { "mapCase": false } } }, "dax": { "type": "string", "language": { "python": { "mapCase": false } } }, "devicefarm": { "type": "string", "language": { "python": { "mapCase": false } } }, "directconnect": { "type": "string", "language": { "python": { "mapCase": false } } }, "dlm": { "type": "string", "language": { "python": { "mapCase": false } } }, "dms": { "type": "string", "language": { "python": { "mapCase": false } } }, "docdb": { "type": "string", "language": { "python": { "mapCase": false } } }, "ds": { "type": "string", "language": { "python": { "mapCase": false } } }, "dynamodb": { "type": "string", "language": { "python": { "mapCase": false } } }, "ec2": { "type": "string", "language": { "python": { "mapCase": false } } }, "ecr": { "type": "string", "language": { "python": { "mapCase": false } } }, "ecs": { "type": "string", "language": { "python": { "mapCase": false } } }, "efs": { "type": "string", "language": { "python": { "mapCase": false } } }, "eks": { "type": "string", "language": { "python": { "mapCase": false } } }, "elasticache": { "type": "string", "language": { "python": { "mapCase": false } } }, "elasticbeanstalk": { "type": "string", "language": { "python": { "mapCase": false } } }, "elastictranscoder": { "type": "string", "language": { "python": { "mapCase": false } } }, "elb": { "type": "string", "language": { "python": { "mapCase": false } } }, "emr": { "type": "string", "language": { "python": { "mapCase": false } } }, "es": { "type": "string", "language": { "python": { "mapCase": false } } }, "firehose": { "type": "string", "language": { "python": { "mapCase": false } } }, "fms": { "type": "string", "language": { "python": { "mapCase": false } } }, "forecast": { "type": "string", "language": { "python": { "mapCase": false } } }, "fsx": { "type": "string", "language": { "python": { "mapCase": false } } }, "gamelift": { "type": "string", "language": { "python": { "mapCase": false } } }, "glacier": { "type": "string", "language": { "python": { "mapCase": false } } }, "globalaccelerator": { "type": "string", "language": { "python": { "mapCase": false } } }, "glue": { "type": "string", "language": { "python": { "mapCase": false } } }, "greengrass": { "type": "string", "language": { "python": { "mapCase": false } } }, "guardduty": { "type": "string", "language": { "python": { "mapCase": false } } }, "iam": { "type": "string", "language": { "python": { "mapCase": false } } }, "imagebuilder": { "type": "string", "language": { "python": { "mapCase": false } } }, "inspector": { "type": "string", "language": { "python": { "mapCase": false } } }, "iot": { "type": "string", "language": { "python": { "mapCase": false } } }, "iotanalytics": { "type": "string", "language": { "python": { "mapCase": false } } }, "iotevents": { "type": "string", "language": { "python": { "mapCase": false } } }, "kafka": { "type": "string", "language": { "python": { "mapCase": false } } }, "kinesis": { "type": "string", "language": { "python": { "mapCase": false } } }, "kinesisAnalytics": { "type": "string", "deprecationMessage": "use `endpoints` configuration block `kinesisanalytics` argument instead", "language": { "python": { "mapCase": false } } }, "kinesisanalytics": { "type": "string", "language": { "python": { "mapCase": false } } }, "kinesisanalyticsv2": { "type": "string", "language": { "python": { "mapCase": false } } }, "kinesisvideo": { "type": "string", "language": { "python": { "mapCase": false } } }, "kms": { "type": "string", "language": { "python": { "mapCase": false } } }, "lakeformation": { "type": "string", "language": { "python": { "mapCase": false } } }, "lambda": { "type": "string", "language": { "python": { "mapCase": false } } }, "lexmodels": { "type": "string", "language": { "python": { "mapCase": false } } }, "licensemanager": { "type": "string", "language": { "python": { "mapCase": false } } }, "lightsail": { "type": "string", "language": { "python": { "mapCase": false } } }, "macie": { "type": "string", "language": { "python": { "mapCase": false } } }, "managedblockchain": { "type": "string", "language": { "python": { "mapCase": false } } }, "marketplacecatalog": { "type": "string", "language": { "python": { "mapCase": false } } }, "mediaconnect": { "type": "string", "language": { "python": { "mapCase": false } } }, "mediaconvert": { "type": "string", "language": { "python": { "mapCase": false } } }, "medialive": { "type": "string", "language": { "python": { "mapCase": false } } }, "mediapackage": { "type": "string", "language": { "python": { "mapCase": false } } }, "mediastore": { "type": "string", "language": { "python": { "mapCase": false } } }, "mediastoredata": { "type": "string", "language": { "python": { "mapCase": false } } }, "mq": { "type": "string", "language": { "python": { "mapCase": false } } }, "neptune": { "type": "string", "language": { "python": { "mapCase": false } } }, "networkmanager": { "type": "string", "language": { "python": { "mapCase": false } } }, "opsworks": { "type": "string", "language": { "python": { "mapCase": false } } }, "organizations": { "type": "string", "language": { "python": { "mapCase": false } } }, "outposts": { "type": "string", "language": { "python": { "mapCase": false } } }, "personalize": { "type": "string", "language": { "python": { "mapCase": false } } }, "pinpoint": { "type": "string", "language": { "python": { "mapCase": false } } }, "pricing": { "type": "string", "language": { "python": { "mapCase": false } } }, "qldb": { "type": "string", "language": { "python": { "mapCase": false } } }, "quicksight": { "type": "string", "language": { "python": { "mapCase": false } } }, "r53": { "type": "string", "deprecationMessage": "use `endpoints` configuration block `route53` argument instead", "language": { "python": { "mapCase": false } } }, "ram": { "type": "string", "language": { "python": { "mapCase": false } } }, "rds": { "type": "string", "language": { "python": { "mapCase": false } } }, "redshift": { "type": "string", "language": { "python": { "mapCase": false } } }, "resourcegroups": { "type": "string", "language": { "python": { "mapCase": false } } }, "resourcegroupstaggingapi": { "type": "string", "language": { "python": { "mapCase": false } } }, "route53": { "type": "string", "language": { "python": { "mapCase": false } } }, "route53domains": { "type": "string", "language": { "python": { "mapCase": false } } }, "route53resolver": { "type": "string", "language": { "python": { "mapCase": false } } }, "s3": { "type": "string", "language": { "python": { "mapCase": false } } }, "s3control": { "type": "string", "language": { "python": { "mapCase": false } } }, "sagemaker": { "type": "string", "language": { "python": { "mapCase": false } } }, "sdb": { "type": "string", "language": { "python": { "mapCase": false } } }, "secretsmanager": { "type": "string", "language": { "python": { "mapCase": false } } }, "securityhub": { "type": "string", "language": { "python": { "mapCase": false } } }, "serverlessrepo": { "type": "string", "language": { "python": { "mapCase": false } } }, "servicecatalog": { "type": "string", "language": { "python": { "mapCase": false } } }, "servicediscovery": { "type": "string", "language": { "python": { "mapCase": false } } }, "servicequotas": { "type": "string", "language": { "python": { "mapCase": false } } }, "ses": { "type": "string", "language": { "python": { "mapCase": false } } }, "shield": { "type": "string", "language": { "python": { "mapCase": false } } }, "sns": { "type": "string", "language": { "python": { "mapCase": false } } }, "sqs": { "type": "string", "language": { "python": { "mapCase": false } } }, "ssm": { "type": "string", "language": { "python": { "mapCase": false } } }, "stepfunctions": { "type": "string", "language": { "python": { "mapCase": false } } }, "storagegateway": { "type": "string", "language": { "python": { "mapCase": false } } }, "sts": { "type": "string", "language": { "python": { "mapCase": false } } }, "swf": { "type": "string", "language": { "python": { "mapCase": false } } }, "synthetics": { "type": "string", "language": { "python": { "mapCase": false } } }, "transfer": { "type": "string", "language": { "python": { "mapCase": false } } }, "waf": { "type": "string", "language": { "python": { "mapCase": false } } }, "wafregional": { "type": "string", "language": { "python": { "mapCase": false } } }, "wafv2": { "type": "string", "language": { "python": { "mapCase": false } } }, "worklink": { "type": "string", "language": { "python": { "mapCase": false } } }, "workmail": { "type": "string", "language": { "python": { "mapCase": false } } }, "workspaces": { "type": "string", "language": { "python": { "mapCase": false } } }, "xray": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:index/ProviderIgnoreTags:ProviderIgnoreTags": { "properties": { "keyPrefixes": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "keys": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:iot/ThingTypeProperties:ThingTypeProperties": { "properties": { "description": { "type": "string", "description": "The description of the thing type.\n", "language": { "python": { "mapCase": false } } }, "searchableAttributes": { "type": "array", "items": { "type": "string" }, "description": "A list of searchable thing attribute names.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "searchableAttributes" ] } } }, "aws:iot/TopicRuleCloudwatchAlarm:TopicRuleCloudwatchAlarm": { "properties": { "alarmName": { "type": "string", "description": "The CloudWatch alarm name.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch alarm.\n", "language": { "python": { "mapCase": false } } }, "stateReason": { "type": "string", "description": "The reason for the alarm change.\n", "language": { "python": { "mapCase": false } } }, "stateValue": { "type": "string", "description": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "alarmName", "roleArn", "stateReason", "stateValue" ] }, "aws:iot/TopicRuleCloudwatchMetric:TopicRuleCloudwatchMetric": { "properties": { "metricName": { "type": "string", "description": "The CloudWatch metric name.\n", "language": { "python": { "mapCase": false } } }, "metricNamespace": { "type": "string", "description": "The CloudWatch metric namespace name.\n", "language": { "python": { "mapCase": false } } }, "metricTimestamp": { "type": "string", "description": "An optional Unix timestamp (http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp).\n", "language": { "python": { "mapCase": false } } }, "metricUnit": { "type": "string", "description": "The metric unit (supported units can be found here: http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit)\n", "language": { "python": { "mapCase": false } } }, "metricValue": { "type": "string", "description": "The CloudWatch metric value.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch metric.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "metricName", "metricNamespace", "metricUnit", "metricValue", "roleArn" ] }, "aws:iot/TopicRuleDynamodb:TopicRuleDynamodb": { "properties": { "hashKeyField": { "type": "string", "description": "The hash key name.\n", "language": { "python": { "mapCase": false } } }, "hashKeyType": { "type": "string", "description": "The hash key type. Valid values are \"STRING\" or \"NUMBER\".\n", "language": { "python": { "mapCase": false } } }, "hashKeyValue": { "type": "string", "description": "The hash key value.\n", "language": { "python": { "mapCase": false } } }, "operation": { "type": "string", "description": "The operation. Valid values are \"INSERT\", \"UPDATE\", or \"DELETE\".\n", "language": { "python": { "mapCase": false } } }, "payloadField": { "type": "string", "description": "The action payload.\n", "language": { "python": { "mapCase": false } } }, "rangeKeyField": { "type": "string", "description": "The range key name.\n", "language": { "python": { "mapCase": false } } }, "rangeKeyType": { "type": "string", "description": "The range key type. Valid values are \"STRING\" or \"NUMBER\".\n", "language": { "python": { "mapCase": false } } }, "rangeKeyValue": { "type": "string", "description": "The range key value.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to the DynamoDB table.\n", "language": { "python": { "mapCase": false } } }, "tableName": { "type": "string", "description": "The name of the DynamoDB table.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "hashKeyField", "hashKeyValue", "roleArn", "tableName" ] }, "aws:iot/TopicRuleDynamodbv2:TopicRuleDynamodbv2": { "properties": { "putItem": { "$ref": "#/types/aws:iot/TopicRuleDynamodbv2PutItem:TopicRuleDynamodbv2PutItem", "description": "Configuration block with DynamoDB Table to which the message will be written. Nested arguments below.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch alarm.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn" ] }, "aws:iot/TopicRuleDynamodbv2PutItem:TopicRuleDynamodbv2PutItem": { "properties": { "tableName": { "type": "string", "description": "The name of the DynamoDB table.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "tableName" ] }, "aws:iot/TopicRuleElasticsearch:TopicRuleElasticsearch": { "properties": { "endpoint": { "type": "string", "description": "The endpoint of your Elasticsearch domain.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "The unique identifier for the document you are storing.\n", "language": { "python": { "mapCase": false } } }, "index": { "type": "string", "description": "The Elasticsearch index where you want to store your data.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that has access to Elasticsearch.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of document you are storing.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "endpoint", "id", "index", "roleArn", "type" ] }, "aws:iot/TopicRuleErrorAction:TopicRuleErrorAction": { "properties": { "cloudwatchAlarm": { "$ref": "#/types/aws:iot/TopicRuleErrorActionCloudwatchAlarm:TopicRuleErrorActionCloudwatchAlarm", "language": { "python": { "mapCase": false } } }, "cloudwatchMetric": { "$ref": "#/types/aws:iot/TopicRuleErrorActionCloudwatchMetric:TopicRuleErrorActionCloudwatchMetric", "language": { "python": { "mapCase": false } } }, "dynamodb": { "$ref": "#/types/aws:iot/TopicRuleErrorActionDynamodb:TopicRuleErrorActionDynamodb", "language": { "python": { "mapCase": false } } }, "dynamodbv2": { "$ref": "#/types/aws:iot/TopicRuleErrorActionDynamodbv2:TopicRuleErrorActionDynamodbv2", "language": { "python": { "mapCase": false } } }, "elasticsearch": { "$ref": "#/types/aws:iot/TopicRuleErrorActionElasticsearch:TopicRuleErrorActionElasticsearch", "language": { "python": { "mapCase": false } } }, "firehose": { "$ref": "#/types/aws:iot/TopicRuleErrorActionFirehose:TopicRuleErrorActionFirehose", "language": { "python": { "mapCase": false } } }, "iotAnalytics": { "$ref": "#/types/aws:iot/TopicRuleErrorActionIotAnalytics:TopicRuleErrorActionIotAnalytics", "language": { "python": { "mapCase": false } } }, "iotEvents": { "$ref": "#/types/aws:iot/TopicRuleErrorActionIotEvents:TopicRuleErrorActionIotEvents", "language": { "python": { "mapCase": false } } }, "kinesis": { "$ref": "#/types/aws:iot/TopicRuleErrorActionKinesis:TopicRuleErrorActionKinesis", "language": { "python": { "mapCase": false } } }, "lambda": { "$ref": "#/types/aws:iot/TopicRuleErrorActionLambda:TopicRuleErrorActionLambda", "language": { "python": { "mapCase": false } } }, "republish": { "$ref": "#/types/aws:iot/TopicRuleErrorActionRepublish:TopicRuleErrorActionRepublish", "language": { "python": { "mapCase": false } } }, "s3": { "$ref": "#/types/aws:iot/TopicRuleErrorActionS3:TopicRuleErrorActionS3", "language": { "python": { "mapCase": false } } }, "sns": { "$ref": "#/types/aws:iot/TopicRuleErrorActionSns:TopicRuleErrorActionSns", "language": { "python": { "mapCase": false } } }, "sqs": { "$ref": "#/types/aws:iot/TopicRuleErrorActionSqs:TopicRuleErrorActionSqs", "language": { "python": { "mapCase": false } } }, "stepFunctions": { "$ref": "#/types/aws:iot/TopicRuleErrorActionStepFunctions:TopicRuleErrorActionStepFunctions", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:iot/TopicRuleErrorActionCloudwatchAlarm:TopicRuleErrorActionCloudwatchAlarm": { "properties": { "alarmName": { "type": "string", "description": "The CloudWatch alarm name.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch alarm.\n", "language": { "python": { "mapCase": false } } }, "stateReason": { "type": "string", "description": "The reason for the alarm change.\n", "language": { "python": { "mapCase": false } } }, "stateValue": { "type": "string", "description": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "alarmName", "roleArn", "stateReason", "stateValue" ] }, "aws:iot/TopicRuleErrorActionCloudwatchMetric:TopicRuleErrorActionCloudwatchMetric": { "properties": { "metricName": { "type": "string", "description": "The CloudWatch metric name.\n", "language": { "python": { "mapCase": false } } }, "metricNamespace": { "type": "string", "description": "The CloudWatch metric namespace name.\n", "language": { "python": { "mapCase": false } } }, "metricTimestamp": { "type": "string", "description": "An optional Unix timestamp (http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp).\n", "language": { "python": { "mapCase": false } } }, "metricUnit": { "type": "string", "description": "The metric unit (supported units can be found here: http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit)\n", "language": { "python": { "mapCase": false } } }, "metricValue": { "type": "string", "description": "The CloudWatch metric value.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch metric.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "metricName", "metricNamespace", "metricUnit", "metricValue", "roleArn" ] }, "aws:iot/TopicRuleErrorActionDynamodb:TopicRuleErrorActionDynamodb": { "properties": { "hashKeyField": { "type": "string", "description": "The hash key name.\n", "language": { "python": { "mapCase": false } } }, "hashKeyType": { "type": "string", "description": "The hash key type. Valid values are \"STRING\" or \"NUMBER\".\n", "language": { "python": { "mapCase": false } } }, "hashKeyValue": { "type": "string", "description": "The hash key value.\n", "language": { "python": { "mapCase": false } } }, "operation": { "type": "string", "description": "The operation. Valid values are \"INSERT\", \"UPDATE\", or \"DELETE\".\n", "language": { "python": { "mapCase": false } } }, "payloadField": { "type": "string", "description": "The action payload.\n", "language": { "python": { "mapCase": false } } }, "rangeKeyField": { "type": "string", "description": "The range key name.\n", "language": { "python": { "mapCase": false } } }, "rangeKeyType": { "type": "string", "description": "The range key type. Valid values are \"STRING\" or \"NUMBER\".\n", "language": { "python": { "mapCase": false } } }, "rangeKeyValue": { "type": "string", "description": "The range key value.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to the DynamoDB table.\n", "language": { "python": { "mapCase": false } } }, "tableName": { "type": "string", "description": "The name of the DynamoDB table.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "hashKeyField", "hashKeyValue", "roleArn", "tableName" ] }, "aws:iot/TopicRuleErrorActionDynamodbv2:TopicRuleErrorActionDynamodbv2": { "properties": { "putItem": { "$ref": "#/types/aws:iot/TopicRuleErrorActionDynamodbv2PutItem:TopicRuleErrorActionDynamodbv2PutItem", "description": "Configuration block with DynamoDB Table to which the message will be written. Nested arguments below.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch alarm.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn" ] }, "aws:iot/TopicRuleErrorActionDynamodbv2PutItem:TopicRuleErrorActionDynamodbv2PutItem": { "properties": { "tableName": { "type": "string", "description": "The name of the DynamoDB table.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "tableName" ] }, "aws:iot/TopicRuleErrorActionElasticsearch:TopicRuleErrorActionElasticsearch": { "properties": { "endpoint": { "type": "string", "description": "The endpoint of your Elasticsearch domain.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "The unique identifier for the document you are storing.\n", "language": { "python": { "mapCase": false } } }, "index": { "type": "string", "description": "The Elasticsearch index where you want to store your data.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that has access to Elasticsearch.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of document you are storing.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "endpoint", "id", "index", "roleArn", "type" ] }, "aws:iot/TopicRuleErrorActionFirehose:TopicRuleErrorActionFirehose": { "properties": { "deliveryStreamName": { "type": "string", "description": "The delivery stream name.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that grants access to the Amazon Kinesis Firehose stream.\n", "language": { "python": { "mapCase": false } } }, "separator": { "type": "string", "description": "A character separator that is used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deliveryStreamName", "roleArn" ] }, "aws:iot/TopicRuleErrorActionIotAnalytics:TopicRuleErrorActionIotAnalytics": { "properties": { "channelName": { "type": "string", "description": "Name of AWS IOT Analytics channel.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "channelName", "roleArn" ] }, "aws:iot/TopicRuleErrorActionIotEvents:TopicRuleErrorActionIotEvents": { "properties": { "inputName": { "type": "string", "description": "The name of the AWS IoT Events input.\n", "language": { "python": { "mapCase": false } } }, "messageId": { "type": "string", "description": "Use this to ensure that only one input (message) with a given messageId is processed by an AWS IoT Events detector.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "inputName", "roleArn" ] }, "aws:iot/TopicRuleErrorActionKinesis:TopicRuleErrorActionKinesis": { "properties": { "partitionKey": { "type": "string", "description": "The partition key.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.\n", "language": { "python": { "mapCase": false } } }, "streamName": { "type": "string", "description": "The name of the Amazon Kinesis stream.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn", "streamName" ] }, "aws:iot/TopicRuleErrorActionLambda:TopicRuleErrorActionLambda": { "properties": { "functionArn": { "type": "string", "description": "The ARN of the Lambda function.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "functionArn" ] }, "aws:iot/TopicRuleErrorActionRepublish:TopicRuleErrorActionRepublish": { "properties": { "qos": { "type": "integer", "description": "The Quality of Service (QoS) level to use when republishing messages. Valid values are 0 or 1. The default value is 0.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n", "language": { "python": { "mapCase": false } } }, "topic": { "type": "string", "description": "The name of the MQTT topic the message should be republished to.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn", "topic" ] }, "aws:iot/TopicRuleErrorActionS3:TopicRuleErrorActionS3": { "properties": { "bucketName": { "type": "string", "description": "The Amazon S3 bucket name.\n", "language": { "python": { "mapCase": false } } }, "key": { "type": "string", "description": "The object key.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch alarm.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketName", "key", "roleArn" ] }, "aws:iot/TopicRuleErrorActionSns:TopicRuleErrorActionSns": { "properties": { "messageFormat": { "type": "string", "description": "The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\".\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n", "language": { "python": { "mapCase": false } } }, "targetArn": { "type": "string", "description": "The ARN of the SNS topic.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn", "targetArn" ] }, "aws:iot/TopicRuleErrorActionSqs:TopicRuleErrorActionSqs": { "properties": { "queueUrl": { "type": "string", "description": "The URL of the Amazon SQS queue.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n", "language": { "python": { "mapCase": false } } }, "useBase64": { "type": "boolean", "description": "Specifies whether to use Base64 encoding.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "queueUrl", "roleArn", "useBase64" ] }, "aws:iot/TopicRuleErrorActionStepFunctions:TopicRuleErrorActionStepFunctions": { "properties": { "executionNamePrefix": { "type": "string", "description": "The prefix used to generate, along with a UUID, the unique state machine execution name.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to start execution of the state machine.\n", "language": { "python": { "mapCase": false } } }, "stateMachineName": { "type": "string", "description": "The name of the Step Functions state machine whose execution will be started.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn", "stateMachineName" ] }, "aws:iot/TopicRuleFirehose:TopicRuleFirehose": { "properties": { "deliveryStreamName": { "type": "string", "description": "The delivery stream name.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that grants access to the Amazon Kinesis Firehose stream.\n", "language": { "python": { "mapCase": false } } }, "separator": { "type": "string", "description": "A character separator that is used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deliveryStreamName", "roleArn" ] }, "aws:iot/TopicRuleIotAnalytic:TopicRuleIotAnalytic": { "properties": { "channelName": { "type": "string", "description": "Name of AWS IOT Analytics channel.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "channelName", "roleArn" ] }, "aws:iot/TopicRuleIotEvent:TopicRuleIotEvent": { "properties": { "inputName": { "type": "string", "description": "The name of the AWS IoT Events input.\n", "language": { "python": { "mapCase": false } } }, "messageId": { "type": "string", "description": "Use this to ensure that only one input (message) with a given messageId is processed by an AWS IoT Events detector.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "inputName", "roleArn" ] }, "aws:iot/TopicRuleKinesis:TopicRuleKinesis": { "properties": { "partitionKey": { "type": "string", "description": "The partition key.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.\n", "language": { "python": { "mapCase": false } } }, "streamName": { "type": "string", "description": "The name of the Amazon Kinesis stream.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn", "streamName" ] }, "aws:iot/TopicRuleLambda:TopicRuleLambda": { "properties": { "functionArn": { "type": "string", "description": "The ARN of the Lambda function.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "functionArn" ] }, "aws:iot/TopicRuleRepublish:TopicRuleRepublish": { "properties": { "qos": { "type": "integer", "description": "The Quality of Service (QoS) level to use when republishing messages. Valid values are 0 or 1. The default value is 0.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n", "language": { "python": { "mapCase": false } } }, "topic": { "type": "string", "description": "The name of the MQTT topic the message should be republished to.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn", "topic" ] }, "aws:iot/TopicRuleS3:TopicRuleS3": { "properties": { "bucketName": { "type": "string", "description": "The Amazon S3 bucket name.\n", "language": { "python": { "mapCase": false } } }, "key": { "type": "string", "description": "The object key.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch alarm.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketName", "key", "roleArn" ] }, "aws:iot/TopicRuleSns:TopicRuleSns": { "properties": { "messageFormat": { "type": "string", "description": "The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\".\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n", "language": { "python": { "mapCase": false } } }, "targetArn": { "type": "string", "description": "The ARN of the SNS topic.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn", "targetArn" ] }, "aws:iot/TopicRuleSqs:TopicRuleSqs": { "properties": { "queueUrl": { "type": "string", "description": "The URL of the Amazon SQS queue.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n", "language": { "python": { "mapCase": false } } }, "useBase64": { "type": "boolean", "description": "Specifies whether to use Base64 encoding.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "queueUrl", "roleArn", "useBase64" ] }, "aws:iot/TopicRuleStepFunction:TopicRuleStepFunction": { "properties": { "executionNamePrefix": { "type": "string", "description": "The prefix used to generate, along with a UUID, the unique state machine execution name.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to start execution of the state machine.\n", "language": { "python": { "mapCase": false } } }, "stateMachineName": { "type": "string", "description": "The name of the Step Functions state machine whose execution will be started.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn", "stateMachineName" ] }, "aws:kinesis/AnalyticsApplicationCloudwatchLoggingOptions:AnalyticsApplicationCloudwatchLoggingOptions": { "properties": { "id": { "type": "string", "description": "The ARN of the Kinesis Analytics Application.\n", "language": { "python": { "mapCase": false } } }, "logStreamArn": { "type": "string", "description": "The ARN of the CloudWatch Log Stream.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to send application messages.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "logStreamArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "id", "logStreamArn", "roleArn" ] } } }, "aws:kinesis/AnalyticsApplicationInputs:AnalyticsApplicationInputs": { "properties": { "id": { "type": "string", "description": "The ARN of the Kinesis Analytics Application.\n", "language": { "python": { "mapCase": false } } }, "kinesisFirehose": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsKinesisFirehose:AnalyticsApplicationInputsKinesisFirehose", "description": "The Kinesis Firehose configuration for the streaming source. Conflicts with `kinesis_stream`.\nSee Kinesis Firehose below for more details.\n", "language": { "python": { "mapCase": false } } }, "kinesisStream": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsKinesisStream:AnalyticsApplicationInputsKinesisStream", "description": "The Kinesis Stream configuration for the streaming source. Conflicts with `kinesis_firehose`.\nSee Kinesis Stream below for more details.\n", "language": { "python": { "mapCase": false } } }, "namePrefix": { "type": "string", "description": "The Name Prefix to use when creating an in-application stream.\n", "language": { "python": { "mapCase": false } } }, "parallelism": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsParallelism:AnalyticsApplicationInputsParallelism", "description": "The number of Parallel in-application streams to create.\nSee Parallelism below for more details.\n", "language": { "python": { "mapCase": false } } }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsProcessingConfiguration:AnalyticsApplicationInputsProcessingConfiguration", "description": "The Processing Configuration to transform records as they are received from the stream.\nSee Processing Configuration below for more details.\n", "language": { "python": { "mapCase": false } } }, "schema": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchema:AnalyticsApplicationInputsSchema", "description": "The Schema format of the data in the streaming source. See Source Schema below for more details.\n", "language": { "python": { "mapCase": false } } }, "startingPositionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsStartingPositionConfiguration:AnalyticsApplicationInputsStartingPositionConfiguration" }, "language": { "python": { "mapCase": false } } }, "streamNames": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "namePrefix", "schema" ], "language": { "nodejs": { "requiredOutputs": [ "id", "namePrefix", "schema", "startingPositionConfigurations", "streamNames" ] } } }, "aws:kinesis/AnalyticsApplicationInputsKinesisFirehose:AnalyticsApplicationInputsKinesisFirehose": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Kinesis Firehose delivery stream.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the stream.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationInputsKinesisStream:AnalyticsApplicationInputsKinesisStream": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Kinesis Stream.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the stream.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationInputsParallelism:AnalyticsApplicationInputsParallelism": { "properties": { "count": { "type": "integer", "description": "The Count of streams.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "count" ] }, "aws:kinesis/AnalyticsApplicationInputsProcessingConfiguration:AnalyticsApplicationInputsProcessingConfiguration": { "properties": { "lambda": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsProcessingConfigurationLambda:AnalyticsApplicationInputsProcessingConfigurationLambda", "description": "The Lambda function configuration. See Lambda below for more details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "lambda" ] }, "aws:kinesis/AnalyticsApplicationInputsProcessingConfigurationLambda:AnalyticsApplicationInputsProcessingConfigurationLambda": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Lambda function.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the Lambda function.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationInputsSchema:AnalyticsApplicationInputsSchema": { "properties": { "recordColumns": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchemaRecordColumn:AnalyticsApplicationInputsSchemaRecordColumn" }, "description": "The Record Column mapping for the streaming source data element.\nSee Record Columns below for more details.\n", "language": { "python": { "mapCase": false } } }, "recordEncoding": { "type": "string", "description": "The Encoding of the record in the streaming source.\n", "language": { "python": { "mapCase": false } } }, "recordFormat": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormat:AnalyticsApplicationInputsSchemaRecordFormat", "description": "The Record Format and mapping information to schematize a record.\nSee Record Format below for more details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "recordColumns", "recordFormat" ] }, "aws:kinesis/AnalyticsApplicationInputsSchemaRecordColumn:AnalyticsApplicationInputsSchemaRecordColumn": { "properties": { "mapping": { "type": "string", "description": "The Mapping reference to the data element.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "Name of the column.\n", "language": { "python": { "mapCase": false } } }, "sqlType": { "type": "string", "description": "The SQL Type of the column.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "sqlType" ] }, "aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormat:AnalyticsApplicationInputsSchemaRecordFormat": { "properties": { "mappingParameters": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParameters:AnalyticsApplicationInputsSchemaRecordFormatMappingParameters", "description": "The Mapping Information for the record format.\nSee Mapping Parameters below for more details.\n", "language": { "python": { "mapCase": false } } }, "recordFormatType": { "type": "string", "description": "The type of Record Format. Can be `CSV` or `JSON`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "recordFormatType" ] } } }, "aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParameters:AnalyticsApplicationInputsSchemaRecordFormatMappingParameters": { "properties": { "csv": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsv:AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsv", "description": "Mapping information when the record format uses delimiters.\nSee CSV Mapping Parameters below for more details.\n", "language": { "python": { "mapCase": false } } }, "json": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJson:AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJson", "description": "Mapping information when JSON is the record format on the streaming source.\nSee JSON Mapping Parameters below for more details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsv:AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsv": { "properties": { "recordColumnDelimiter": { "type": "string", "description": "The Column Delimiter.\n", "language": { "python": { "mapCase": false } } }, "recordRowDelimiter": { "type": "string", "description": "The Row Delimiter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "recordColumnDelimiter", "recordRowDelimiter" ] }, "aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJson:AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJson": { "properties": { "recordRowPath": { "type": "string", "description": "Path to the top-level parent that contains the records.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "recordRowPath" ] }, "aws:kinesis/AnalyticsApplicationInputsStartingPositionConfiguration:AnalyticsApplicationInputsStartingPositionConfiguration": { "properties": { "startingPosition": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "startingPosition" ] } } }, "aws:kinesis/AnalyticsApplicationOutput:AnalyticsApplicationOutput": { "properties": { "id": { "type": "string", "description": "The ARN of the Kinesis Analytics Application.\n", "language": { "python": { "mapCase": false } } }, "kinesisFirehose": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutputKinesisFirehose:AnalyticsApplicationOutputKinesisFirehose", "description": "The Kinesis Firehose configuration for the destination stream. Conflicts with `kinesis_stream`.\nSee Kinesis Firehose below for more details.\n", "language": { "python": { "mapCase": false } } }, "kinesisStream": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutputKinesisStream:AnalyticsApplicationOutputKinesisStream", "description": "The Kinesis Stream configuration for the destination stream. Conflicts with `kinesis_firehose`.\nSee Kinesis Stream below for more details.\n", "language": { "python": { "mapCase": false } } }, "lambda": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutputLambda:AnalyticsApplicationOutputLambda", "description": "The Lambda function destination. See Lambda below for more details.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The Name of the in-application stream.\n", "language": { "python": { "mapCase": false } } }, "schema": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutputSchema:AnalyticsApplicationOutputSchema", "description": "The Schema format of the data written to the destination. See Destination Schema below for more details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "schema" ], "language": { "nodejs": { "requiredOutputs": [ "id", "name", "schema" ] } } }, "aws:kinesis/AnalyticsApplicationOutputKinesisFirehose:AnalyticsApplicationOutputKinesisFirehose": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Kinesis Firehose delivery stream.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the stream.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationOutputKinesisStream:AnalyticsApplicationOutputKinesisStream": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Kinesis Stream.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the stream.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationOutputLambda:AnalyticsApplicationOutputLambda": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Lambda function.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the Lambda function.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationOutputSchema:AnalyticsApplicationOutputSchema": { "properties": { "recordFormatType": { "type": "string", "description": "The Format Type of the records on the output stream. Can be `CSV` or `JSON`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/AnalyticsApplicationReferenceDataSources:AnalyticsApplicationReferenceDataSources": { "properties": { "id": { "type": "string", "description": "The ARN of the Kinesis Analytics Application.\n", "language": { "python": { "mapCase": false } } }, "s3": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesS3:AnalyticsApplicationReferenceDataSourcesS3", "description": "The S3 configuration for the reference data source. See S3 Reference below for more details.\n", "language": { "python": { "mapCase": false } } }, "schema": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchema:AnalyticsApplicationReferenceDataSourcesSchema", "description": "The Schema format of the data in the streaming source. See Source Schema below for more details.\n", "language": { "python": { "mapCase": false } } }, "tableName": { "type": "string", "description": "The in-application Table Name.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "s3", "schema", "tableName" ], "language": { "nodejs": { "requiredOutputs": [ "id", "s3", "schema", "tableName" ] } } }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesS3:AnalyticsApplicationReferenceDataSourcesS3": { "properties": { "bucketArn": { "type": "string", "description": "The S3 Bucket ARN.\n", "language": { "python": { "mapCase": false } } }, "fileKey": { "type": "string", "description": "The File Key name containing reference data.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to send application messages.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketArn", "fileKey", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchema:AnalyticsApplicationReferenceDataSourcesSchema": { "properties": { "recordColumns": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordColumn:AnalyticsApplicationReferenceDataSourcesSchemaRecordColumn" }, "description": "The Record Column mapping for the streaming source data element.\nSee Record Columns below for more details.\n", "language": { "python": { "mapCase": false } } }, "recordEncoding": { "type": "string", "description": "The Encoding of the record in the streaming source.\n", "language": { "python": { "mapCase": false } } }, "recordFormat": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormat:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormat", "description": "The Record Format and mapping information to schematize a record.\nSee Record Format below for more details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "recordColumns", "recordFormat" ] }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordColumn:AnalyticsApplicationReferenceDataSourcesSchemaRecordColumn": { "properties": { "mapping": { "type": "string", "description": "The Mapping reference to the data element.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "Name of the column.\n", "language": { "python": { "mapCase": false } } }, "sqlType": { "type": "string", "description": "The SQL Type of the column.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "sqlType" ] }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormat:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormat": { "properties": { "mappingParameters": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParameters:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParameters", "description": "The Mapping Information for the record format.\nSee Mapping Parameters below for more details.\n", "language": { "python": { "mapCase": false } } }, "recordFormatType": { "type": "string", "description": "The type of Record Format. Can be `CSV` or `JSON`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "recordFormatType" ] } } }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParameters:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParameters": { "properties": { "csv": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersCsv:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersCsv", "description": "Mapping information when the record format uses delimiters.\nSee CSV Mapping Parameters below for more details.\n", "language": { "python": { "mapCase": false } } }, "json": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersJson:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersJson", "description": "Mapping information when JSON is the record format on the streaming source.\nSee JSON Mapping Parameters below for more details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersCsv:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersCsv": { "properties": { "recordColumnDelimiter": { "type": "string", "description": "The Column Delimiter.\n", "language": { "python": { "mapCase": false } } }, "recordRowDelimiter": { "type": "string", "description": "The Row Delimiter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "recordColumnDelimiter", "recordRowDelimiter" ] }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersJson:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersJson": { "properties": { "recordRowPath": { "type": "string", "description": "Path to the top-level parent that contains the records.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "recordRowPath" ] }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfiguration:FirehoseDeliveryStreamElasticsearchConfiguration": { "properties": { "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds between 60 to 900, before delivering it to the destination. The default value is 300s.\n", "language": { "python": { "mapCase": false } } }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs between 1 to 100, before delivering it to the destination. The default value is 5MB.\n", "language": { "python": { "mapCase": false } } }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamElasticsearchConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. More details are given below\n", "language": { "python": { "mapCase": false } } }, "domainArn": { "type": "string", "description": "The ARN of the Amazon ES domain. The IAM role must have permission for `DescribeElasticsearchDomain`, `DescribeElasticsearchDomains`, and `DescribeElasticsearchDomainConfig` after assuming `RoleARN`. The pattern needs to be `arn:.*`.\n", "language": { "python": { "mapCase": false } } }, "indexName": { "type": "string", "description": "The Elasticsearch index name.\n", "language": { "python": { "mapCase": false } } }, "indexRotationPeriod": { "type": "string", "description": "The Elasticsearch index rotation period. Index rotation appends a timestamp to the IndexName to facilitate expiration of old data. Valid values are `NoRotation`, `OneHour`, `OneDay`, `OneWeek`, and `OneMonth`. The default value is `OneDay`.\n", "language": { "python": { "mapCase": false } } }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfiguration:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfiguration", "description": "The data processing configuration. More details are given below.\n", "language": { "python": { "mapCase": false } } }, "retryDuration": { "type": "integer", "description": "After an initial failure to deliver to Amazon Elasticsearch, the total amount of time, in seconds between 0 to 7200, during which Firehose re-attempts delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. The default value is 300s. There will be no retry if the value is 0.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be assumed by Firehose for calling the Amazon ES Configuration API and for indexing documents. The pattern needs to be `arn:.*`.\n", "language": { "python": { "mapCase": false } } }, "s3BackupMode": { "type": "string", "description": "Defines how documents should be delivered to Amazon S3. Valid values are `FailedDocumentsOnly` and `AllDocuments`. Default value is `FailedDocumentsOnly`.\n", "language": { "python": { "mapCase": false } } }, "typeName": { "type": "string", "description": "The Elasticsearch type name with maximum length of 100 characters.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "domainArn", "indexName", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLoggingOptions", "domainArn", "indexName", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamElasticsearchConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfiguration:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n", "language": { "python": { "mapCase": false } } }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessor" }, "description": "Array of data processors. More details are given below\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameter" }, "description": "Array of processor parameters. More details are given below\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of processor. Valid Values: `Lambda`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`\n", "language": { "python": { "mapCase": false } } }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3Configuration:FirehoseDeliveryStreamExtendedS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n", "language": { "python": { "mapCase": false } } }, "bufferInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n", "language": { "python": { "mapCase": false } } }, "bufferSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n", "language": { "python": { "mapCase": false } } }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamExtendedS3ConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. More details are given below\n", "language": { "python": { "mapCase": false } } }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is UNCOMPRESSED. Other supported values are GZIP, ZIP \u0026 Snappy. If the destination is redshift you cannot use ZIP or Snappy.\n", "language": { "python": { "mapCase": false } } }, "dataFormatConversionConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfiguration", "description": "Nested argument for the serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3. More details given below.\n", "language": { "python": { "mapCase": false } } }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. This prefix appears immediately following the bucket name.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n", "language": { "python": { "mapCase": false } } }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfiguration", "description": "The data processing configuration. More details are given below.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The role that Kinesis Data Firehose can use to access AWS Glue. This role must be in the same account you use for Kinesis Data Firehose. Cross-account roles aren't allowed.\n", "language": { "python": { "mapCase": false } } }, "s3BackupConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfiguration", "description": "The configuration for backup in Amazon S3. Required if `s3_backup_mode` is `Enabled`. Supports the same fields as `s3_configuration` object.\n", "language": { "python": { "mapCase": false } } }, "s3BackupMode": { "type": "string", "description": "The Amazon S3 backup mode. Valid values are `Disabled` and `Enabled`. Default value is `Disabled`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamExtendedS3ConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Defaults to `true`. Set it to `false` if you want to disable format conversion while preserving the configuration details.\n", "language": { "python": { "mapCase": false } } }, "inputFormatConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfiguration", "description": "Nested argument that specifies the deserializer that you want Kinesis Data Firehose to use to convert the format of your data from JSON. More details below.\n", "language": { "python": { "mapCase": false } } }, "outputFormatConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfiguration", "description": "Nested argument that specifies the serializer that you want Kinesis Data Firehose to use to convert the format of your data to the Parquet or ORC format. More details below.\n", "language": { "python": { "mapCase": false } } }, "schemaConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationSchemaConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationSchemaConfiguration", "description": "Nested argument that specifies the AWS Glue Data Catalog table that contains the column information. More details below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "inputFormatConfiguration", "outputFormatConfiguration", "schemaConfiguration" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfiguration": { "properties": { "deserializer": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializer:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializer", "description": "Nested argument that specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. More details below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deserializer" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializer:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializer": { "properties": { "hiveJsonSerDe": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerHiveJsonSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerHiveJsonSerDe", "description": "Nested argument that specifies the native Hive / HCatalog JsonSerDe. More details below.\n", "language": { "python": { "mapCase": false } } }, "openXJsonSerDe": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerOpenXJsonSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerOpenXJsonSerDe", "description": "Nested argument that specifies the OpenX SerDe. More details below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerHiveJsonSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerHiveJsonSerDe": { "properties": { "timestampFormats": { "type": "array", "items": { "type": "string" }, "description": "A list of how you want Kinesis Data Firehose to parse the date and time stamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html). You can also use the special value millis to parse time stamps in epoch milliseconds. If you don't specify a format, Kinesis Data Firehose uses java.sql.Timestamp::valueOf by default.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerOpenXJsonSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerOpenXJsonSerDe": { "properties": { "caseInsensitive": { "type": "boolean", "description": "When set to true, which is the default, Kinesis Data Firehose converts JSON keys to lowercase before deserializing them.\n", "language": { "python": { "mapCase": false } } }, "columnToJsonKeyMappings": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, timestamp is a Hive keyword. If you have a JSON key named timestamp, set this parameter to `{ ts = \"timestamp\" }` to map this key to a column named ts.\n", "language": { "python": { "mapCase": false } } }, "convertDotsInJsonKeysToUnderscores": { "type": "boolean", "description": "When set to `true`, specifies that the names of the keys include dots and that you want Kinesis Data Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfiguration": { "properties": { "serializer": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializer:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializer", "description": "Nested argument that specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. More details below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "serializer" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializer:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializer": { "properties": { "orcSerDe": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerOrcSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerOrcSerDe", "description": "Nested argument that specifies converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://orc.apache.org/docs/). More details below.\n", "language": { "python": { "mapCase": false } } }, "parquetSerDe": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerParquetSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerParquetSerDe", "description": "Nested argument that specifies converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://parquet.apache.org/documentation/latest/). More details below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerOrcSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerOrcSerDe": { "properties": { "blockSizeBytes": { "type": "integer", "description": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Kinesis Data Firehose uses this value for padding calculations.\n", "language": { "python": { "mapCase": false } } }, "bloomFilterColumns": { "type": "array", "items": { "type": "string" }, "description": "A list of column names for which you want Kinesis Data Firehose to create bloom filters.\n", "language": { "python": { "mapCase": false } } }, "bloomFilterFalsePositiveProbability": { "type": "number", "description": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is `0.05`, the minimum is `0`, and the maximum is `1`.\n", "language": { "python": { "mapCase": false } } }, "compression": { "type": "string", "description": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED`, `SNAPPY`, and `GZIP`, with the default being `SNAPPY`. Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.\n", "language": { "python": { "mapCase": false } } }, "dictionaryKeyThreshold": { "type": "number", "description": "A float that represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to `1`.\n", "language": { "python": { "mapCase": false } } }, "enablePadding": { "type": "boolean", "description": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false`.\n", "language": { "python": { "mapCase": false } } }, "formatVersion": { "type": "string", "description": "The version of the file to write. The possible values are `V0_11` and `V0_12`. The default is `V0_12`.\n", "language": { "python": { "mapCase": false } } }, "paddingTolerance": { "type": "number", "description": "A float between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is `0.05`, which means 5 percent of stripe size. For the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task. Kinesis Data Firehose ignores this parameter when `enable_padding` is `false`.\n", "language": { "python": { "mapCase": false } } }, "rowIndexStride": { "type": "integer", "description": "The number of rows between index entries. The default is `10000` and the minimum is `1000`.\n", "language": { "python": { "mapCase": false } } }, "stripeSizeBytes": { "type": "integer", "description": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerParquetSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerParquetSerDe": { "properties": { "blockSizeBytes": { "type": "integer", "description": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Kinesis Data Firehose uses this value for padding calculations.\n", "language": { "python": { "mapCase": false } } }, "compression": { "type": "string", "description": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED`, `SNAPPY`, and `GZIP`, with the default being `SNAPPY`. Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.\n", "language": { "python": { "mapCase": false } } }, "enableDictionaryCompression": { "type": "boolean", "description": "Indicates whether to enable dictionary compression.\n", "language": { "python": { "mapCase": false } } }, "maxPaddingBytes": { "type": "integer", "description": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `0`.\n", "language": { "python": { "mapCase": false } } }, "pageSizeBytes": { "type": "integer", "description": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.\n", "language": { "python": { "mapCase": false } } }, "writerVersion": { "type": "string", "description": "Indicates the version of row format to output. The possible values are `V1` and `V2`. The default is `V1`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationSchemaConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationSchemaConfiguration": { "properties": { "catalogId": { "type": "string", "description": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.\n", "language": { "python": { "mapCase": false } } }, "databaseName": { "type": "string", "description": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n", "language": { "python": { "mapCase": false } } }, "region": { "type": "string", "description": "If you don't specify an AWS Region, the default is the current region.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The role that Kinesis Data Firehose can use to access AWS Glue. This role must be in the same account you use for Kinesis Data Firehose. Cross-account roles aren't allowed.\n", "language": { "python": { "mapCase": false } } }, "tableName": { "type": "string", "description": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n", "language": { "python": { "mapCase": false } } }, "versionId": { "type": "string", "description": "Specifies the table version for the output data schema. Defaults to `LATEST`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "databaseName", "roleArn", "tableName" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "databaseName", "region", "roleArn", "tableName" ] } } }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n", "language": { "python": { "mapCase": false } } }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessor" }, "description": "Array of data processors. More details are given below\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameter" }, "description": "Array of processor parameters. More details are given below\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of processor. Valid Values: `Lambda`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`\n", "language": { "python": { "mapCase": false } } }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfiguration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n", "language": { "python": { "mapCase": false } } }, "bufferInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n", "language": { "python": { "mapCase": false } } }, "bufferSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n", "language": { "python": { "mapCase": false } } }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. More details are given below\n", "language": { "python": { "mapCase": false } } }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is UNCOMPRESSED. Other supported values are GZIP, ZIP \u0026 Snappy. If the destination is redshift you cannot use ZIP or Snappy.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The role that Kinesis Data Firehose can use to access AWS Glue. This role must be in the same account you use for Kinesis Data Firehose. Cross-account roles aren't allowed.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamKinesisSourceConfiguration:FirehoseDeliveryStreamKinesisSourceConfiguration": { "properties": { "kinesisStreamArn": { "type": "string", "description": "The kinesis stream used as the source of the firehose delivery stream.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The ARN of the role that provides access to the source Kinesis stream.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "kinesisStreamArn", "roleArn" ] }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfiguration:FirehoseDeliveryStreamRedshiftConfiguration": { "properties": { "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamRedshiftConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. More details are given below\n", "language": { "python": { "mapCase": false } } }, "clusterJdbcurl": { "type": "string", "description": "The jdbcurl of the redshift cluster.\n", "language": { "python": { "mapCase": false } } }, "copyOptions": { "type": "string", "description": "Copy options for copying the data from the s3 intermediate bucket into redshift, for example to change the default delimiter. For valid values, see the [AWS documentation](http://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html)\n", "language": { "python": { "mapCase": false } } }, "dataTableColumns": { "type": "string", "description": "The data table columns that will be targeted by the copy command.\n", "language": { "python": { "mapCase": false } } }, "dataTableName": { "type": "string", "description": "The name of the table in the redshift cluster that the s3 bucket will copy to.\n", "language": { "python": { "mapCase": false } } }, "password": { "type": "string", "description": "The password for the username above.\n", "language": { "python": { "mapCase": false } } }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfiguration:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfiguration", "description": "The data processing configuration. More details are given below.\n", "language": { "python": { "mapCase": false } } }, "retryDuration": { "type": "integer", "description": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of DurationInSeconds is 0 (zero) or if the first delivery attempt takes longer than the current value.\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The arn of the role the stream assumes.\n", "language": { "python": { "mapCase": false } } }, "s3BackupConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfiguration:FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfiguration", "description": "The configuration for backup in Amazon S3. Required if `s3_backup_mode` is `Enabled`. Supports the same fields as `s3_configuration` object.\n", "language": { "python": { "mapCase": false } } }, "s3BackupMode": { "type": "string", "description": "The Amazon S3 backup mode. Valid values are `Disabled` and `Enabled`. Default value is `Disabled`.\n", "language": { "python": { "mapCase": false } } }, "username": { "type": "string", "description": "The username that the firehose delivery stream will assume. It is strongly recommended that the username and password provided is used exclusively for Amazon Kinesis Firehose purposes, and that the permissions for the account are restricted for Amazon Redshift INSERT permissions.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "clusterJdbcurl", "dataTableName", "password", "roleArn", "username" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLoggingOptions", "clusterJdbcurl", "dataTableName", "password", "roleArn", "username" ] } } }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamRedshiftConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfiguration:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n", "language": { "python": { "mapCase": false } } }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessor" }, "description": "Array of data processors. More details are given below\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessorParameter" }, "description": "Array of processor parameters. More details are given below\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of processor. Valid Values: `Lambda`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`\n", "language": { "python": { "mapCase": false } } }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfiguration:FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfiguration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n", "language": { "python": { "mapCase": false } } }, "bufferInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n", "language": { "python": { "mapCase": false } } }, "bufferSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n", "language": { "python": { "mapCase": false } } }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. More details are given below\n", "language": { "python": { "mapCase": false } } }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is UNCOMPRESSED. Other supported values are GZIP, ZIP \u0026 Snappy. If the destination is redshift you cannot use ZIP or Snappy.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The role that Kinesis Data Firehose can use to access AWS Glue. This role must be in the same account you use for Kinesis Data Firehose. Cross-account roles aren't allowed.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamS3Configuration:FirehoseDeliveryStreamS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n", "language": { "python": { "mapCase": false } } }, "bufferInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n", "language": { "python": { "mapCase": false } } }, "bufferSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n", "language": { "python": { "mapCase": false } } }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamS3ConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. More details are given below\n", "language": { "python": { "mapCase": false } } }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is UNCOMPRESSED. Other supported values are GZIP, ZIP \u0026 Snappy. If the destination is redshift you cannot use ZIP or Snappy.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n", "language": { "python": { "mapCase": false } } }, "roleArn": { "type": "string", "description": "The role that Kinesis Data Firehose can use to access AWS Glue. This role must be in the same account you use for Kinesis Data Firehose. Cross-account roles aren't allowed.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamS3ConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamServerSideEncryption:FirehoseDeliveryStreamServerSideEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Whether to enable encryption at rest. Default is `false`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfiguration:FirehoseDeliveryStreamSplunkConfiguration": { "properties": { "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamSplunkConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. More details are given below.\n", "language": { "python": { "mapCase": false } } }, "hecAcknowledgmentTimeout": { "type": "integer", "description": "The amount of time, in seconds between 180 and 600, that Kinesis Firehose waits to receive an acknowledgment from Splunk after it sends it data.\n", "language": { "python": { "mapCase": false } } }, "hecEndpoint": { "type": "string", "description": "The HTTP Event Collector (HEC) endpoint to which Kinesis Firehose sends your data.\n", "language": { "python": { "mapCase": false } } }, "hecEndpointType": { "type": "string", "description": "The HEC endpoint type. Valid values are `Raw` or `Event`. The default value is `Raw`.\n", "language": { "python": { "mapCase": false } } }, "hecToken": { "type": "string", "description": "The GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.\n", "language": { "python": { "mapCase": false } } }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfiguration:FirehoseDeliveryStreamSplunkConfigurationProcessingConfiguration", "description": "The data processing configuration. More details are given below.\n", "language": { "python": { "mapCase": false } } }, "retryDuration": { "type": "integer", "description": "After an initial failure to deliver to Splunk, the total amount of time, in seconds between 0 to 7200, during which Firehose re-attempts delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. The default value is 300s. There will be no retry if the value is 0.\n", "language": { "python": { "mapCase": false } } }, "s3BackupMode": { "type": "string", "description": "Defines how documents should be delivered to Amazon S3. Valid values are `FailedEventsOnly` and `AllEvents`. Default value is `FailedEventsOnly`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "hecEndpoint", "hecToken" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLoggingOptions", "hecEndpoint", "hecToken" ] } } }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamSplunkConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfiguration:FirehoseDeliveryStreamSplunkConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n", "language": { "python": { "mapCase": false } } }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessor" }, "description": "Array of data processors. More details are given below\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessorParameter" }, "description": "Array of processor parameters. More details are given below\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of processor. Valid Values: `Lambda`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`\n", "language": { "python": { "mapCase": false } } }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kms/GrantConstraint:GrantConstraint": { "properties": { "encryptionContextEquals": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of key-value pairs that must match the encryption context in subsequent cryptographic operation requests. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint. Conflicts with `encryption_context_subset`.\n", "language": { "python": { "mapCase": false } } }, "encryptionContextSubset": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of key-value pairs that must be included in the encryption context of subsequent cryptographic operation requests. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs. Conflicts with `encryption_context_equals`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:kms/getSecretSecret:getSecretSecret": { "properties": { "context": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "grantTokens": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "language": { "python": { "mapCase": false } } }, "payload": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "payload" ] }, "aws:kms/getSecretsSecret:getSecretsSecret": { "properties": { "context": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An optional mapping that makes up the Encryption Context for the secret.\n", "language": { "python": { "mapCase": false } } }, "grantTokens": { "type": "array", "items": { "type": "string" }, "description": "An optional list of Grant Tokens for the secret.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name to export this secret under in the attributes.\n", "language": { "python": { "mapCase": false } } }, "payload": { "type": "string", "description": "Base64 encoded payload, as returned from a KMS encrypt operation.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "payload" ] }, "aws:lambda/AliasRoutingConfig:AliasRoutingConfig": { "properties": { "additionalVersionWeights": { "type": "object", "additionalProperties": { "type": "number" }, "description": "A map that defines the proportion of events that should be sent to different versions of a lambda function.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:lambda/EventSourceMappingDestinationConfig:EventSourceMappingDestinationConfig": { "properties": { "onFailure": { "$ref": "#/types/aws:lambda/EventSourceMappingDestinationConfigOnFailure:EventSourceMappingDestinationConfigOnFailure", "description": "The destination configuration for failed invocations. Detailed below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:lambda/EventSourceMappingDestinationConfigOnFailure:EventSourceMappingDestinationConfigOnFailure": { "properties": { "destinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the destination resource.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "destinationArn" ] }, "aws:lambda/FunctionDeadLetterConfig:FunctionDeadLetterConfig": { "properties": { "targetArn": { "type": "string", "description": "The ARN of an SNS topic or SQS queue to notify when an invocation fails. If this\noption is used, the function's IAM role must be granted suitable access to write to the target object,\nwhich means allowing either the `sns:Publish` or `sqs:SendMessage` action on this ARN, depending on\nwhich service is targeted.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetArn" ] }, "aws:lambda/FunctionEnvironment:FunctionEnvironment": { "properties": { "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that defines environment variables for the Lambda function.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:lambda/FunctionEventInvokeConfigDestinationConfig:FunctionEventInvokeConfigDestinationConfig": { "properties": { "onFailure": { "$ref": "#/types/aws:lambda/FunctionEventInvokeConfigDestinationConfigOnFailure:FunctionEventInvokeConfigDestinationConfigOnFailure", "description": "Configuration block with destination configuration for failed asynchronous invocations. See below for details.\n", "language": { "python": { "mapCase": false } } }, "onSuccess": { "$ref": "#/types/aws:lambda/FunctionEventInvokeConfigDestinationConfigOnSuccess:FunctionEventInvokeConfigDestinationConfigOnSuccess", "description": "Configuration block with destination configuration for successful asynchronous invocations. See below for details.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:lambda/FunctionEventInvokeConfigDestinationConfigOnFailure:FunctionEventInvokeConfigDestinationConfigOnFailure": { "properties": { "destination": { "type": "string", "description": "Amazon Resource Name (ARN) of the destination resource. See the [Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) for acceptable resource types and associated IAM permissions.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "destination" ] }, "aws:lambda/FunctionEventInvokeConfigDestinationConfigOnSuccess:FunctionEventInvokeConfigDestinationConfigOnSuccess": { "properties": { "destination": { "type": "string", "description": "Amazon Resource Name (ARN) of the destination resource. See the [Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) for acceptable resource types and associated IAM permissions.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "destination" ] }, "aws:lambda/FunctionFileSystemConfig:FunctionFileSystemConfig": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.\n", "language": { "python": { "mapCase": false } } }, "localMountPath": { "type": "string", "description": "The path where the function can access the file system, starting with /mnt/.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn", "localMountPath" ] }, "aws:lambda/FunctionTracingConfig:FunctionTracingConfig": { "properties": { "mode": { "type": "string", "description": "Can be either `PassThrough` or `Active`. If PassThrough, Lambda will only trace\nthe request from an upstream service if it contains a tracing header with\n\"sampled=1\". If Active, Lambda will respect any tracing header it receives\nfrom an upstream service. If no tracing header is received, Lambda will call\nX-Ray for a tracing decision.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mode" ] }, "aws:lambda/FunctionVpcConfig:FunctionVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs associated with the Lambda function.\n", "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs associated with the Lambda function.\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "securityGroupIds", "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "securityGroupIds", "subnetIds", "vpcId" ] } } }, "aws:lambda/getFunctionDeadLetterConfig:getFunctionDeadLetterConfig": { "properties": { "targetArn": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionEnvironment:getFunctionEnvironment": { "properties": { "variables": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "variables" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionFileSystemConfig:getFunctionFileSystemConfig": { "properties": { "arn": { "type": "string", "description": "Unqualified (no `:QUALIFIER` or `:VERSION` suffix) Amazon Resource Name (ARN) identifying your Lambda Function. See also `qualified_arn`.\n", "language": { "python": { "mapCase": false } } }, "localMountPath": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn", "localMountPath" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionTracingConfig:getFunctionTracingConfig": { "properties": { "mode": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionVpcConfig:getFunctionVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "securityGroupIds", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/ListenerDefaultAction:ListenerDefaultAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:lb/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito", "language": { "python": { "mapCase": false } } }, "authenticateOidc": { "$ref": "#/types/aws:lb/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc", "language": { "python": { "mapCase": false } } }, "fixedResponse": { "$ref": "#/types/aws:lb/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n", "language": { "python": { "mapCase": false } } }, "forward": { "$ref": "#/types/aws:lb/ListenerDefaultActionForward:ListenerDefaultActionForward", "description": "Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `target_group_arn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `target_group_arn`.\n", "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirect": { "$ref": "#/types/aws:lb/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect", "description": "Information for creating a redirect action. Required if `type` is `redirect`.\n", "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "description": "The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:lb/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "description": "The ARN of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "description": "The ID of the Cognito user pool client.\n", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "description": "The domain prefix or fully-qualified domain name of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:lb/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "description": "The authorization endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "description": "The OAuth 2.0 client identifier.\n", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "description": "The OAuth 2.0 client secret.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "The OIDC issuer identifier of the IdP.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "description": "The token endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "description": "The user info endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:lb/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "description": "The message body.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:lb/ListenerDefaultActionForward:ListenerDefaultActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:lb/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness", "description": "The target group stickiness for the rule.\n", "language": { "python": { "mapCase": false } } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup" }, "description": "One or more target groups block.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetGroups" ] }, "aws:lb/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether target group stickiness is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "duration" ] }, "aws:lb/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The weight. The range is 0 to 999.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn" ] }, "aws:lb/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect": { "properties": { "host": { "type": "string", "description": "The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "statusCode" ] }, "aws:lb/ListenerRuleAction:ListenerRuleAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:lb/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito", "description": "Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`.\n", "language": { "python": { "mapCase": false } } }, "authenticateOidc": { "$ref": "#/types/aws:lb/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc", "description": "Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } }, "fixedResponse": { "$ref": "#/types/aws:lb/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n", "language": { "python": { "mapCase": false } } }, "forward": { "$ref": "#/types/aws:lb/ListenerRuleActionForward:ListenerRuleActionForward", "description": "Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `target_group_arn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `target_group_arn`.\n", "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirect": { "$ref": "#/types/aws:lb/ListenerRuleActionRedirect:ListenerRuleActionRedirect", "description": "Information for creating a redirect action. Required if `type` is `redirect`.\n", "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "description": "The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:lb/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "description": "The ARN of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "description": "The ID of the Cognito user pool client.\n", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "description": "The domain prefix or fully-qualified domain name of the Cognito user pool.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:lb/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n", "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "description": "The authorization endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "description": "The OAuth 2.0 client identifier.\n", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "description": "The OAuth 2.0 client secret.\n", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "description": "The OIDC issuer identifier of the IdP.\n", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "description": "The token endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "description": "The user info endpoint of the IdP.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:lb/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "description": "The message body.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:lb/ListenerRuleActionForward:ListenerRuleActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:lb/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness", "description": "The target group stickiness for the rule.\n", "language": { "python": { "mapCase": false } } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup" }, "description": "One or more target groups block.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetGroups" ] }, "aws:lb/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether target group stickiness is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "duration" ] }, "aws:lb/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n", "language": { "python": { "mapCase": false } } }, "weight": { "type": "integer", "description": "The weight. The range is 0 to 999.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn" ] }, "aws:lb/ListenerRuleActionRedirect:ListenerRuleActionRedirect": { "properties": { "host": { "type": "string", "description": "The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "statusCode" ] }, "aws:lb/ListenerRuleCondition:ListenerRuleCondition": { "properties": { "field": { "type": "string", "description": "The type of condition. Valid values are `host-header` or `path-pattern`. Must also set `values`.\n", "deprecationMessage": "use 'host_header' or 'path_pattern' attribute instead", "language": { "python": { "mapCase": false } } }, "hostHeader": { "$ref": "#/types/aws:lb/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader", "description": "Contains a single `values` item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.\n", "language": { "python": { "mapCase": false } } }, "httpHeader": { "$ref": "#/types/aws:lb/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader", "description": "HTTP headers to match. HTTP Header block fields documented below.\n", "language": { "python": { "mapCase": false } } }, "httpRequestMethod": { "$ref": "#/types/aws:lb/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod", "description": "Contains a single `values` item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (\\_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.\n", "language": { "python": { "mapCase": false } } }, "pathPattern": { "$ref": "#/types/aws:lb/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern", "description": "Contains a single `values` item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a `query_string` condition.\n", "language": { "python": { "mapCase": false } } }, "queryStrings": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString" }, "description": "Query strings to match. Query String block fields documented below.\n", "language": { "python": { "mapCase": false } } }, "sourceIp": { "$ref": "#/types/aws:lb/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp", "description": "Contains a single `values` item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the `X-Forwarded-For` header, use `http_header` condition instead.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "string", "description": "List of exactly one pattern to match. Required when `field` is set.\n", "deprecationMessage": "use 'host_header' or 'path_pattern' attribute instead", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "field", "hostHeader", "pathPattern", "values" ] } } }, "aws:lb/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "values" ] } } }, "aws:lb/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader": { "properties": { "httpHeaderName": { "type": "string", "description": "Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a `host-header` condition instead.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "httpHeaderName", "values" ] }, "aws:lb/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "values" ] }, "aws:lb/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "values" ] } } }, "aws:lb/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString": { "properties": { "key": { "type": "string", "description": "Query string key pattern to match.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "Query string value pattern to match.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "value" ] }, "aws:lb/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp": { "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of exactly one pattern to match. Required when `field` is set.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "values" ] }, "aws:lb/LoadBalancerAccessLogs:LoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "description": "The S3 bucket name to store the logs in.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `access_logs`. Defaults to `false`, even when `bucket` is specified.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "The S3 bucket prefix. Logs are stored in the root if not configured.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket" ] }, "aws:lb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string", "description": "The allocation ID of the Elastic IP address.\n", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "The id of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetId" ] }, "aws:lb/TargetGroupHealthCheck:TargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean", "description": "Boolean to enable / disable `stickiness`. Default is `true`\n", "language": { "python": { "mapCase": false } } }, "healthyThreshold": { "type": "integer", "description": "The number of consecutive health checks successes required before considering an unhealthy target healthy. Defaults to 3.\n", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "description": "The approximate amount of time, in seconds, between health checks of an individual target. Minimum value 5 seconds, Maximum value 300 seconds. For `lambda` target groups, it needs to be greater as the `timeout` of the underlying `lambda`. Default 30 seconds.\n", "language": { "python": { "mapCase": false } } }, "matcher": { "type": "string", "description": "The HTTP codes to use when checking for a successful response from a target. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\"). Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).\n", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "description": "The destination for the health check request. Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "description": "The amount of time, in seconds, during which no response means a failed health check. For Application Load Balancers, the range is 2 to 120 seconds, and the default is 5 seconds for the `instance` target type and 30 seconds for the `lambda` target type. For Network Load Balancers, you cannot set a custom value, and the default is 10 seconds for TCP and HTTPS health checks and 6 seconds for HTTP health checks.\n", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "description": "The number of consecutive health check failures required before considering the target unhealthy . For Network Load Balancers, this value must be the same as the `healthy_threshold`. Defaults to 3.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "matcher", "path", "timeout" ] } } }, "aws:lb/TargetGroupStickiness:TargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether health checks are enabled. Defaults to true.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of sticky sessions. The only current possible value is `lb_cookie`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:lb/getListenerDefaultAction:getListenerDefaultAction": { "properties": { "authenticateCognitos": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito" }, "language": { "python": { "mapCase": false } } }, "authenticateOidcs": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc" }, "language": { "python": { "mapCase": false } } }, "fixedResponses": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse" }, "language": { "python": { "mapCase": false } } }, "order": { "type": "integer", "language": { "python": { "mapCase": false } } }, "redirects": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect" }, "language": { "python": { "mapCase": false } } }, "targetGroupArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticateCognitos", "authenticateOidcs", "fixedResponses", "order", "redirects", "targetGroupArn", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "userPoolArn": { "type": "string", "language": { "python": { "mapCase": false } } }, "userPoolClientId": { "type": "string", "language": { "python": { "mapCase": false } } }, "userPoolDomain": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticationRequestExtraParams", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "authorizationEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } }, "clientId": { "type": "string", "language": { "python": { "mapCase": false } } }, "clientSecret": { "type": "string", "language": { "python": { "mapCase": false } } }, "issuer": { "type": "string", "language": { "python": { "mapCase": false } } }, "onUnauthenticatedRequest": { "type": "string", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionCookieName": { "type": "string", "language": { "python": { "mapCase": false } } }, "sessionTimeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "tokenEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } }, "userInfoEndpoint": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "authenticationRequestExtraParams", "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string", "language": { "python": { "mapCase": false } } }, "messageBody": { "type": "string", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "contentType", "messageBody", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect": { "properties": { "host": { "type": "string", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "description": "The port of the listener. Required if `arn` is not set.\n", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "query": { "type": "string", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "host", "path", "port", "protocol", "query", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket", "enabled", "prefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getTargetGroupHealthCheck:getTargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "healthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } }, "interval": { "type": "integer", "language": { "python": { "mapCase": false } } }, "matcher": { "type": "string", "language": { "python": { "mapCase": false } } }, "path": { "type": "string", "language": { "python": { "mapCase": false } } }, "port": { "type": "string", "language": { "python": { "mapCase": false } } }, "protocol": { "type": "string", "language": { "python": { "mapCase": false } } }, "timeout": { "type": "integer", "language": { "python": { "mapCase": false } } }, "unhealthyThreshold": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled", "healthyThreshold", "interval", "matcher", "path", "port", "protocol", "timeout", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getTargetGroupStickiness:getTargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "cookieDuration", "enabled", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:macie/S3BucketAssociationClassificationType:S3BucketAssociationClassificationType": { "properties": { "continuous": { "type": "string", "description": "A string value indicating that Macie perform a one-time classification of all of the existing objects in the bucket.\nThe only valid value is the default value, `FULL`.\n", "language": { "python": { "mapCase": false } } }, "oneTime": { "type": "string", "description": "A string value indicating whether or not Macie performs a one-time classification of all of the existing objects in the bucket.\nValid values are `NONE` and `FULL`. Defaults to `NONE` indicating that Macie only classifies objects that are added after the association was created.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:mediaconvert/QueueReservationPlanSettings:QueueReservationPlanSettings": { "properties": { "commitment": { "type": "string", "description": "The length of the term of your reserved queue pricing plan commitment. Valid value is `ONE_YEAR`.\n", "language": { "python": { "mapCase": false } } }, "renewalType": { "type": "string", "description": "Specifies whether the term of your reserved queue pricing plan. Valid values are `AUTO_RENEW` or `EXPIRE`.\n", "language": { "python": { "mapCase": false } } }, "reservedSlots": { "type": "integer", "description": "Specifies the number of reserved transcode slots (RTS) for queue.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "commitment", "renewalType", "reservedSlots" ] }, "aws:mediapackage/ChannelHlsIngest:ChannelHlsIngest": { "properties": { "ingestEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:mediapackage/ChannelHlsIngestIngestEndpoint:ChannelHlsIngestIngestEndpoint" }, "description": "A list of the ingest endpoints\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ingestEndpoints" ] } } }, "aws:mediapackage/ChannelHlsIngestIngestEndpoint:ChannelHlsIngestIngestEndpoint": { "properties": { "password": { "type": "string", "description": "The password\n", "language": { "python": { "mapCase": false } } }, "url": { "type": "string", "description": "The URL\n", "language": { "python": { "mapCase": false } } }, "username": { "type": "string", "description": "The username\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "password", "url", "username" ] } } }, "aws:mq/BrokerConfiguration:BrokerConfiguration": { "properties": { "id": { "type": "string", "description": "The Configuration ID.\n", "language": { "python": { "mapCase": false } } }, "revision": { "type": "integer", "description": "Revision of the Configuration.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "revision" ] } } }, "aws:mq/BrokerEncryptionOptions:BrokerEncryptionOptions": { "properties": { "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of Key Management Service (KMS) Customer Master Key (CMK) to use for encryption at rest. Requires setting `use_aws_owned_key` to `false`. To perform drift detection when AWS managed CMKs or customer managed CMKs are in use, this value must be configured.\n", "language": { "python": { "mapCase": false } } }, "useAwsOwnedKey": { "type": "boolean", "description": "Boolean to enable an AWS owned Key Management Service (KMS) Customer Master Key (CMK) that is not in your account. Defaults to `true`. Setting to `false` without configuring `kms_key_id` will create an AWS managed Customer Master Key (CMK) aliased to `aws/mq` in your account.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "kmsKeyId" ] } } }, "aws:mq/BrokerInstance:BrokerInstance": { "properties": { "consoleUrl": { "type": "string", "language": { "python": { "mapCase": false } } }, "endpoints": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "ipAddress": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "consoleUrl", "endpoints", "ipAddress" ] } } }, "aws:mq/BrokerLogs:BrokerLogs": { "properties": { "audit": { "type": "boolean", "description": "Enables audit logging. User management action made using JMX or the ActiveMQ Web Console is logged. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } }, "general": { "type": "boolean", "description": "Enables general logging via CloudWatch. Defaults to `false`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:mq/BrokerMaintenanceWindowStartTime:BrokerMaintenanceWindowStartTime": { "properties": { "dayOfWeek": { "type": "string", "description": "The day of the week. e.g. `MONDAY`, `TUESDAY`, or `WEDNESDAY`\n", "language": { "python": { "mapCase": false } } }, "timeOfDay": { "type": "string", "description": "The time, in 24-hour format. e.g. `02:00`\n", "language": { "python": { "mapCase": false } } }, "timeZone": { "type": "string", "description": "The time zone, UTC by default, in either the Country/City format, or the UTC offset format. e.g. `CET`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dayOfWeek", "timeOfDay", "timeZone" ] }, "aws:mq/BrokerUser:BrokerUser": { "properties": { "consoleAccess": { "type": "boolean", "description": "Whether to enable access to the [ActiveMQ Web Console](http://activemq.apache.org/web-console.html) for the user.\n", "language": { "python": { "mapCase": false } } }, "groups": { "type": "array", "items": { "type": "string" }, "description": "The list of groups (20 maximum) to which the ActiveMQ user belongs.\n", "language": { "python": { "mapCase": false } } }, "password": { "type": "string", "description": "The password of the user. It must be 12 to 250 characters long, at least 4 unique characters, and must not contain commas.\n", "language": { "python": { "mapCase": false } } }, "username": { "type": "string", "description": "The username of the user.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "password", "username" ] }, "aws:mq/getBrokerConfiguration:getBrokerConfiguration": { "properties": { "id": { "type": "string", "language": { "python": { "mapCase": false } } }, "revision": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "id", "revision" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerEncryptionOption:getBrokerEncryptionOption": { "properties": { "kmsKeyId": { "type": "string", "language": { "python": { "mapCase": false } } }, "useAwsOwnedKey": { "type": "boolean", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "kmsKeyId", "useAwsOwnedKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerInstance:getBrokerInstance": { "properties": { "consoleUrl": { "type": "string", "language": { "python": { "mapCase": false } } }, "endpoints": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "ipAddress": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "consoleUrl", "endpoints", "ipAddress" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerLogs:getBrokerLogs": { "properties": { "audit": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "general": { "type": "boolean", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "audit", "general" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerMaintenanceWindowStartTime:getBrokerMaintenanceWindowStartTime": { "properties": { "dayOfWeek": { "type": "string", "language": { "python": { "mapCase": false } } }, "timeOfDay": { "type": "string", "language": { "python": { "mapCase": false } } }, "timeZone": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dayOfWeek", "timeOfDay", "timeZone" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerUser:getBrokerUser": { "properties": { "consoleAccess": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "groups": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "username": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "consoleAccess", "groups", "username" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/ClusterBrokerNodeGroupInfo:ClusterBrokerNodeGroupInfo": { "properties": { "azDistribution": { "type": "string", "description": "The distribution of broker nodes across availability zones ([documentation](https://docs.aws.amazon.com/msk/1.0/apireference/clusters.html#clusters-model-brokerazdistribution)). Currently the only valid value is `DEFAULT`.\n", "language": { "python": { "mapCase": false } } }, "clientSubnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnets to connect to in client VPC ([documentation](https://docs.aws.amazon.com/msk/1.0/apireference/clusters.html#clusters-prop-brokernodegroupinfo-clientsubnets)).\n", "language": { "python": { "mapCase": false } } }, "ebsVolumeSize": { "type": "integer", "description": "The size in GiB of the EBS volume for the data drive on each broker node.\n", "language": { "python": { "mapCase": false } } }, "instanceType": { "type": "string", "description": "Specify the instance type to use for the kafka brokers. e.g. kafka.m5.large. ([Pricing info](https://aws.amazon.com/msk/pricing/))\n", "language": { "python": { "mapCase": false } } }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of the security groups to associate with the elastic network interfaces to control who can communicate with the cluster.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "clientSubnets", "ebsVolumeSize", "instanceType", "securityGroups" ] }, "aws:msk/ClusterClientAuthentication:ClusterClientAuthentication": { "properties": { "tls": { "$ref": "#/types/aws:msk/ClusterClientAuthenticationTls:ClusterClientAuthenticationTls", "description": "Configuration block for specifying TLS client authentication. See below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:msk/ClusterClientAuthenticationTls:ClusterClientAuthenticationTls": { "properties": { "certificateAuthorityArns": { "type": "array", "items": { "type": "string" }, "description": "List of ACM Certificate Authority Amazon Resource Names (ARNs).\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:msk/ClusterConfigurationInfo:ClusterConfigurationInfo": { "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the MSK Configuration to use in the cluster.\n", "language": { "python": { "mapCase": false } } }, "revision": { "type": "integer", "description": "Revision of the MSK Configuration to use in the cluster.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn", "revision" ] }, "aws:msk/ClusterEncryptionInfo:ClusterEncryptionInfo": { "properties": { "encryptionAtRestKmsKeyArn": { "type": "string", "description": "You may specify a KMS key short ID or ARN (it will always output an ARN) to use for encrypting your data at rest. If no key is specified, an AWS managed KMS ('aws/msk' managed service) key will be used for encrypting the data at rest.\n", "language": { "python": { "mapCase": false } } }, "encryptionInTransit": { "$ref": "#/types/aws:msk/ClusterEncryptionInfoEncryptionInTransit:ClusterEncryptionInfoEncryptionInTransit", "description": "Configuration block to specify encryption in transit. See below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "encryptionAtRestKmsKeyArn" ] } } }, "aws:msk/ClusterEncryptionInfoEncryptionInTransit:ClusterEncryptionInfoEncryptionInTransit": { "properties": { "clientBroker": { "type": "string", "description": "Encryption setting for data in transit between clients and brokers. Valid values: `TLS`, `TLS_PLAINTEXT`, and `PLAINTEXT`. Default value is `TLS_PLAINTEXT` when `encryption_in_transit` block defined, but `TLS` when `encryption_in_transit` block omitted.\n", "language": { "python": { "mapCase": false } } }, "inCluster": { "type": "boolean", "description": "Whether data communication among broker nodes is encrypted. Default value: `true`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:msk/ClusterLoggingInfo:ClusterLoggingInfo": { "properties": { "brokerLogs": { "$ref": "#/types/aws:msk/ClusterLoggingInfoBrokerLogs:ClusterLoggingInfoBrokerLogs", "description": "Configuration block for Broker Logs settings for logging info. See below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "brokerLogs" ] }, "aws:msk/ClusterLoggingInfoBrokerLogs:ClusterLoggingInfoBrokerLogs": { "properties": { "cloudwatchLogs": { "$ref": "#/types/aws:msk/ClusterLoggingInfoBrokerLogsCloudwatchLogs:ClusterLoggingInfoBrokerLogsCloudwatchLogs", "language": { "python": { "mapCase": false } } }, "firehose": { "$ref": "#/types/aws:msk/ClusterLoggingInfoBrokerLogsFirehose:ClusterLoggingInfoBrokerLogsFirehose", "language": { "python": { "mapCase": false } } }, "s3": { "$ref": "#/types/aws:msk/ClusterLoggingInfoBrokerLogsS3:ClusterLoggingInfoBrokerLogsS3", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:msk/ClusterLoggingInfoBrokerLogsCloudwatchLogs:ClusterLoggingInfoBrokerLogsCloudwatchLogs": { "properties": { "enabled": { "type": "boolean", "description": "Indicates whether you want to enable or disable streaming broker logs to Cloudwatch Logs.\n", "language": { "python": { "mapCase": false } } }, "logGroup": { "type": "string", "description": "Name of the Cloudwatch Log Group to deliver logs to.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ] }, "aws:msk/ClusterLoggingInfoBrokerLogsFirehose:ClusterLoggingInfoBrokerLogsFirehose": { "properties": { "deliveryStream": { "type": "string", "description": "Name of the Kinesis Data Firehose delivery stream to deliver logs to.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether you want to enable or disable streaming broker logs to Cloudwatch Logs.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ] }, "aws:msk/ClusterLoggingInfoBrokerLogsS3:ClusterLoggingInfoBrokerLogsS3": { "properties": { "bucket": { "type": "string", "description": "Name of the S3 bucket to deliver logs to.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Indicates whether you want to enable or disable streaming broker logs to Cloudwatch Logs.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "Prefix to append to the folder name.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ] }, "aws:msk/ClusterOpenMonitoring:ClusterOpenMonitoring": { "properties": { "prometheus": { "$ref": "#/types/aws:msk/ClusterOpenMonitoringPrometheus:ClusterOpenMonitoringPrometheus", "description": "Configuration block for Prometheus settings for open monitoring. See below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "prometheus" ] }, "aws:msk/ClusterOpenMonitoringPrometheus:ClusterOpenMonitoringPrometheus": { "properties": { "jmxExporter": { "$ref": "#/types/aws:msk/ClusterOpenMonitoringPrometheusJmxExporter:ClusterOpenMonitoringPrometheusJmxExporter", "description": "Configuration block for JMX Exporter. See below.\n", "language": { "python": { "mapCase": false } } }, "nodeExporter": { "$ref": "#/types/aws:msk/ClusterOpenMonitoringPrometheusNodeExporter:ClusterOpenMonitoringPrometheusNodeExporter", "description": "Configuration block for Node Exporter. See below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:msk/ClusterOpenMonitoringPrometheusJmxExporter:ClusterOpenMonitoringPrometheusJmxExporter": { "properties": { "enabledInBroker": { "type": "boolean", "description": "Indicates whether you want to enable or disable the JMX Exporter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabledInBroker" ] }, "aws:msk/ClusterOpenMonitoringPrometheusNodeExporter:ClusterOpenMonitoringPrometheusNodeExporter": { "properties": { "enabledInBroker": { "type": "boolean", "description": "Indicates whether you want to enable or disable the JMX Exporter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabledInBroker" ] }, "aws:neptune/ClusterParameterGroupParameter:ClusterParameterGroupParameter": { "properties": { "applyMethod": { "type": "string", "description": "Valid values are `immediate` and `pending-reboot`. Defaults to `pending-reboot`.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the neptune parameter.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the neptune parameter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:neptune/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "applyMethod": { "type": "string", "description": "The apply method of the Neptune parameter. Valid values are `immediate` and `pending-reboot`. Defaults to `pending-reboot`.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the Neptune parameter.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the Neptune parameter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:opsworks/ApplicationAppSource:ApplicationAppSource": { "properties": { "password": { "type": "string", "description": "Password to use when authenticating to the source. This provider cannot perform drift detection of this configuration.\n", "language": { "python": { "mapCase": false } } }, "revision": { "type": "string", "description": "For sources that are version-aware, the revision to use.\n", "language": { "python": { "mapCase": false } } }, "sshKey": { "type": "string", "description": "SSH key to use when authenticating to the source. This provider cannot perform drift detection of this configuration.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of source to use. For example, \"archive\".\n", "language": { "python": { "mapCase": false } } }, "url": { "type": "string", "description": "The URL where the app resource can be found.\n", "language": { "python": { "mapCase": false } } }, "username": { "type": "string", "description": "Username to use when authenticating to the source.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:opsworks/ApplicationEnvironment:ApplicationEnvironment": { "properties": { "key": { "type": "string", "description": "Variable name.\n", "language": { "python": { "mapCase": false } } }, "secure": { "type": "boolean", "description": "Set visibility of the variable value to `true` or `false`.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "Variable value.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "value" ] }, "aws:opsworks/ApplicationSslConfiguration:ApplicationSslConfiguration": { "properties": { "certificate": { "type": "string", "description": "The contents of the certificate's domain.crt file.\n", "language": { "python": { "mapCase": false } } }, "chain": { "type": "string", "description": "Can be used to specify an intermediate certificate authority key or client authentication.\n", "language": { "python": { "mapCase": false } } }, "privateKey": { "type": "string", "description": "The private key; the contents of the certificate's domain.key file.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "certificate", "privateKey" ] }, "aws:opsworks/CustomLayerEbsVolume:CustomLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "description": "Encrypt the volume.\n", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n", "language": { "python": { "mapCase": false } } }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n", "language": { "python": { "mapCase": false } } }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n", "language": { "python": { "mapCase": false } } }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/GangliaLayerEbsVolume:GangliaLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n", "language": { "python": { "mapCase": false } } }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n", "language": { "python": { "mapCase": false } } }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n", "language": { "python": { "mapCase": false } } }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/HaproxyLayerEbsVolume:HaproxyLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n", "language": { "python": { "mapCase": false } } }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n", "language": { "python": { "mapCase": false } } }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n", "language": { "python": { "mapCase": false } } }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/InstanceEbsBlockDevice:InstanceEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "deviceName": { "type": "string", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "language": { "python": { "mapCase": false } } }, "snapshotId": { "type": "string", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "iops", "snapshotId", "volumeSize", "volumeType" ] } } }, "aws:opsworks/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "language": { "python": { "mapCase": false } } }, "virtualName": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "deviceName", "virtualName" ] }, "aws:opsworks/InstanceRootBlockDevice:InstanceRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "language": { "python": { "mapCase": false } } }, "volumeSize": { "type": "integer", "language": { "python": { "mapCase": false } } }, "volumeType": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iops", "volumeSize", "volumeType" ] } } }, "aws:opsworks/JavaAppLayerEbsVolume:JavaAppLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n", "language": { "python": { "mapCase": false } } }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n", "language": { "python": { "mapCase": false } } }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n", "language": { "python": { "mapCase": false } } }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/MemcachedLayerEbsVolume:MemcachedLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n", "language": { "python": { "mapCase": false } } }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n", "language": { "python": { "mapCase": false } } }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n", "language": { "python": { "mapCase": false } } }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/MysqlLayerEbsVolume:MysqlLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n", "language": { "python": { "mapCase": false } } }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n", "language": { "python": { "mapCase": false } } }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n", "language": { "python": { "mapCase": false } } }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/NodejsAppLayerEbsVolume:NodejsAppLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n", "language": { "python": { "mapCase": false } } }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n", "language": { "python": { "mapCase": false } } }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n", "language": { "python": { "mapCase": false } } }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/PhpAppLayerEbsVolume:PhpAppLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n", "language": { "python": { "mapCase": false } } }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n", "language": { "python": { "mapCase": false } } }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n", "language": { "python": { "mapCase": false } } }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/RailsAppLayerEbsVolume:RailsAppLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n", "language": { "python": { "mapCase": false } } }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n", "language": { "python": { "mapCase": false } } }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n", "language": { "python": { "mapCase": false } } }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/StackCustomCookbooksSource:StackCustomCookbooksSource": { "properties": { "password": { "type": "string", "description": "Password to use when authenticating to the source. The provider cannot perform drift detection of this configuration.\n", "language": { "python": { "mapCase": false } } }, "revision": { "type": "string", "description": "For sources that are version-aware, the revision to use.\n", "language": { "python": { "mapCase": false } } }, "sshKey": { "type": "string", "description": "SSH key to use when authenticating to the source. The provider cannot perform drift detection of this configuration.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of source to use. For example, \"archive\".\n", "language": { "python": { "mapCase": false } } }, "url": { "type": "string", "description": "The URL where the cookbooks resource can be found.\n", "language": { "python": { "mapCase": false } } }, "username": { "type": "string", "description": "Username to use when authenticating to the source.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type", "url" ] }, "aws:opsworks/StaticWebLayerEbsVolume:StaticWebLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n", "language": { "python": { "mapCase": false } } }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n", "language": { "python": { "mapCase": false } } }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n", "language": { "python": { "mapCase": false } } }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:organizations/OrganizationAccount:OrganizationAccount": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n", "language": { "python": { "mapCase": false } } }, "email": { "type": "string", "description": "Email of the account\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Identifier of the root\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the policy type\n", "language": { "python": { "mapCase": false } } }, "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "email", "id", "name", "status" ] } } }, "aws:organizations/OrganizationNonMasterAccount:OrganizationNonMasterAccount": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n", "language": { "python": { "mapCase": false } } }, "email": { "type": "string", "description": "Email of the account\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Identifier of the root\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the policy type\n", "language": { "python": { "mapCase": false } } }, "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "email", "id", "name", "status" ] } } }, "aws:organizations/OrganizationRoot:OrganizationRoot": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Identifier of the root\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the policy type\n", "language": { "python": { "mapCase": false } } }, "policyTypes": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationRootPolicyType:OrganizationRootPolicyType" }, "description": "List of policy types enabled for this root. All elements have these attributes:\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name", "policyTypes" ] } } }, "aws:organizations/OrganizationRootPolicyType:OrganizationRootPolicyType": { "properties": { "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "status", "type" ] } } }, "aws:organizations/OrganizationalUnitAccount:OrganizationalUnitAccount": { "properties": { "arn": { "type": "string", "description": "ARN of the organizational unit\n", "language": { "python": { "mapCase": false } } }, "email": { "type": "string", "description": "Email of the account\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Identifier of the organization unit\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name for the organizational unit\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "email", "id", "name" ] } } }, "aws:organizations/getOrganizationAccount:getOrganizationAccount": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n", "language": { "python": { "mapCase": false } } }, "email": { "type": "string", "description": "Email of the account\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Identifier of the root\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the policy type\n", "language": { "python": { "mapCase": false } } }, "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn", "email", "id", "name", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationNonMasterAccount:getOrganizationNonMasterAccount": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n", "language": { "python": { "mapCase": false } } }, "email": { "type": "string", "description": "Email of the account\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Identifier of the root\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the policy type\n", "language": { "python": { "mapCase": false } } }, "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn", "email", "id", "name", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationRoot:getOrganizationRoot": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Identifier of the root\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the policy type\n", "language": { "python": { "mapCase": false } } }, "policyTypes": { "type": "array", "items": { "$ref": "#/types/aws:organizations/getOrganizationRootPolicyType:getOrganizationRootPolicyType" }, "description": "List of policy types enabled for this root. All elements have these attributes:\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn", "id", "name", "policyTypes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationRootPolicyType:getOrganizationRootPolicyType": { "properties": { "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "status", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationalUnitsChildren:getOrganizationalUnitsChildren": { "properties": { "arn": { "type": "string", "description": "ARN of the organizational unit\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "ID of the organizational unit\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "Name of the organizational unit\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:pinpoint/AppCampaignHook:AppCampaignHook": { "properties": { "lambdaFunctionName": { "type": "string", "description": "Lambda function name or ARN to be called for delivery. Conflicts with `web_url`\n", "language": { "python": { "mapCase": false } } }, "mode": { "type": "string", "description": "What mode Lambda should be invoked in. Valid values for this parameter are `DELIVERY`, `FILTER`.\n", "language": { "python": { "mapCase": false } } }, "webUrl": { "type": "string", "description": "Web URL to call for hook. If the URL has authentication specified it will be added as authentication to the request. Conflicts with `lambda_function_name`\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:pinpoint/AppLimits:AppLimits": { "properties": { "daily": { "type": "integer", "description": "The maximum number of messages that the campaign can send daily.\n", "language": { "python": { "mapCase": false } } }, "maximumDuration": { "type": "integer", "description": "The length of time (in seconds) that the campaign can run before it ends and message deliveries stop. This duration begins at the scheduled start time for the campaign. The minimum value is 60.\n", "language": { "python": { "mapCase": false } } }, "messagesPerSecond": { "type": "integer", "description": "The number of messages that the campaign can send per second. The minimum value is 50, and the maximum is 20000.\n", "language": { "python": { "mapCase": false } } }, "total": { "type": "integer", "description": "The maximum total number of messages that the campaign can send.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:pinpoint/AppQuietTime:AppQuietTime": { "properties": { "end": { "type": "string", "description": "The default end time for quiet time in ISO 8601 format. Required if `start` is set\n", "language": { "python": { "mapCase": false } } }, "start": { "type": "string", "description": "The default start time for quiet time in ISO 8601 format. Required if `end` is set\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:pricing/getProductFilter:getProductFilter": { "properties": { "field": { "type": "string", "description": "The product attribute name that you want to filter on.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The product attribute value that you want to filter on.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "field", "value" ] }, "aws:ram/getResourceShareFilter:getResourceShareFilter": { "properties": { "name": { "type": "string", "description": "The name of the tag key to filter on.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "The value of the tag key.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:rds/ClusterParameterGroupParameter:ClusterParameterGroupParameter": { "properties": { "applyMethod": { "type": "string", "description": "\"immediate\" (default), or \"pending-reboot\". Some\nengines can't apply some parameters without a reboot, and you will need to\nspecify \"pending-reboot\" here.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the DB parameter.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the DB parameter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:rds/ClusterS3Import:ClusterS3Import": { "properties": { "bucketName": { "type": "string", "description": "The bucket name where your backup is stored\n", "language": { "python": { "mapCase": false } } }, "bucketPrefix": { "type": "string", "description": "Can be blank, but is the path to your backup\n", "language": { "python": { "mapCase": false } } }, "ingestionRole": { "type": "string", "description": "Role applied to load the data.\n", "language": { "python": { "mapCase": false } } }, "sourceEngine": { "type": "string", "description": "Source engine for the backup\n", "language": { "python": { "mapCase": false } } }, "sourceEngineVersion": { "type": "string", "description": "Version of the source engine used to make the backup\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketName", "ingestionRole", "sourceEngine", "sourceEngineVersion" ] }, "aws:rds/ClusterScalingConfiguration:ClusterScalingConfiguration": { "properties": { "autoPause": { "type": "boolean", "description": "Whether to enable automatic pause. A DB cluster can be paused only when it's idle (it has no connections). If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it. Defaults to `true`.\n", "language": { "python": { "mapCase": false } } }, "maxCapacity": { "type": "integer", "description": "The maximum capacity. The maximum capacity must be greater than or equal to the minimum capacity. Valid capacity values are `1`, `2`, `4`, `8`, `16`, `32`, `64`, `128`, and `256`. Defaults to `16`.\n", "language": { "python": { "mapCase": false } } }, "minCapacity": { "type": "integer", "description": "The minimum capacity. The minimum capacity must be lesser than or equal to the maximum capacity. Valid capacity values are `1`, `2`, `4`, `8`, `16`, `32`, `64`, `128`, and `256`. Defaults to `2`.\n", "language": { "python": { "mapCase": false } } }, "secondsUntilAutoPause": { "type": "integer", "description": "The time, in seconds, before an Aurora DB cluster in serverless mode is paused. Valid values are `300` through `86400`. Defaults to `300`.\n", "language": { "python": { "mapCase": false } } }, "timeoutAction": { "type": "string", "description": "The action to take when the timeout is reached. Valid values: `ForceApplyCapacityChange`, `RollbackCapacityChange`. Defaults to `RollbackCapacityChange`. See [documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.timeout-action).\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:rds/InstanceS3Import:InstanceS3Import": { "properties": { "bucketName": { "type": "string", "description": "The bucket name where your backup is stored\n", "language": { "python": { "mapCase": false } } }, "bucketPrefix": { "type": "string", "description": "Can be blank, but is the path to your backup\n", "language": { "python": { "mapCase": false } } }, "ingestionRole": { "type": "string", "description": "Role applied to load the data.\n", "language": { "python": { "mapCase": false } } }, "sourceEngine": { "type": "string", "description": "Source engine for the backup\n", "language": { "python": { "mapCase": false } } }, "sourceEngineVersion": { "type": "string", "description": "Version of the source engine used to make the backup\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketName", "ingestionRole", "sourceEngine", "sourceEngineVersion" ] }, "aws:rds/OptionGroupOption:OptionGroupOption": { "properties": { "dbSecurityGroupMemberships": { "type": "array", "items": { "type": "string" }, "description": "A list of DB Security Groups for which the option is enabled.\n", "language": { "python": { "mapCase": false } } }, "optionName": { "type": "string", "description": "The Name of the Option (e.g. MEMCACHED).\n", "language": { "python": { "mapCase": false } } }, "optionSettings": { "type": "array", "items": { "$ref": "#/types/aws:rds/OptionGroupOptionOptionSetting:OptionGroupOptionOptionSetting" }, "description": "A list of option settings to apply.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "integer", "description": "The Port number when connecting to the Option (e.g. 11211).\n", "language": { "python": { "mapCase": false } } }, "version": { "type": "string", "description": "The version of the option (e.g. 13.1.0.0).\n", "language": { "python": { "mapCase": false } } }, "vpcSecurityGroupMemberships": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC Security Groups for which the option is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "optionName" ] }, "aws:rds/OptionGroupOptionOptionSetting:OptionGroupOptionOptionSetting": { "properties": { "name": { "type": "string", "description": "The Name of the setting.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The Value of the setting.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:rds/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "applyMethod": { "type": "string", "description": "\"immediate\" (default), or \"pending-reboot\". Some\nengines can't apply some parameters without a reboot, and you will need to\nspecify \"pending-reboot\" here.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the DB parameter.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the DB parameter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:rds/SecurityGroupIngress:SecurityGroupIngress": { "properties": { "cidr": { "type": "string", "description": "The CIDR block to accept\n", "language": { "python": { "mapCase": false } } }, "securityGroupId": { "type": "string", "description": "The ID of the security group to authorize\n", "language": { "python": { "mapCase": false } } }, "securityGroupName": { "type": "string", "description": "The name of the security group to authorize\n", "language": { "python": { "mapCase": false } } }, "securityGroupOwnerId": { "type": "string", "description": "The owner Id of the security group provided\nby `security_group_name`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "securityGroupId", "securityGroupName", "securityGroupOwnerId" ] } } }, "aws:redshift/ClusterLogging:ClusterLogging": { "properties": { "bucketName": { "type": "string", "description": "The name of an existing S3 bucket where the log files are to be stored. Must be in the same region as the cluster and the cluster must have read bucket and put object permissions.\nFor more information on the permissions required for the bucket, please read the AWS [documentation](http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging)\n", "language": { "python": { "mapCase": false } } }, "enable": { "type": "boolean", "description": "Enables logging information such as queries and connection attempts, for the specified Amazon Redshift cluster.\n", "language": { "python": { "mapCase": false } } }, "s3KeyPrefix": { "type": "string", "description": "The prefix applied to the log file names.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enable" ], "language": { "nodejs": { "requiredOutputs": [ "bucketName", "enable", "s3KeyPrefix" ] } } }, "aws:redshift/ClusterSnapshotCopy:ClusterSnapshotCopy": { "properties": { "destinationRegion": { "type": "string", "description": "The destination region that you want to copy snapshots to.\n", "language": { "python": { "mapCase": false } } }, "grantName": { "type": "string", "description": "The name of the snapshot copy grant to use when snapshots of an AWS KMS-encrypted cluster are copied to the destination region.\n", "language": { "python": { "mapCase": false } } }, "retentionPeriod": { "type": "integer", "description": "The number of days to retain automated snapshots in the destination region after they are copied from the source region. Defaults to `7`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "destinationRegion" ] }, "aws:redshift/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "name": { "type": "string", "description": "The name of the Redshift parameter.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The value of the Redshift parameter.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "value" ] }, "aws:redshift/SecurityGroupIngress:SecurityGroupIngress": { "properties": { "cidr": { "type": "string", "description": "The CIDR block to accept\n", "language": { "python": { "mapCase": false } } }, "securityGroupName": { "type": "string", "description": "The name of the security group to authorize\n", "language": { "python": { "mapCase": false } } }, "securityGroupOwnerId": { "type": "string", "description": "The owner Id of the security group provided\nby `security_group_name`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "securityGroupName", "securityGroupOwnerId" ] } } }, "aws:resourcegroups/GroupResourceQuery:GroupResourceQuery": { "properties": { "query": { "type": "string", "description": "The resource query as a JSON string.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of the resource query. Defaults to `TAG_FILTERS_1_0`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "query" ] }, "aws:route53/RecordAlias:RecordAlias": { "properties": { "evaluateTargetHealth": { "type": "boolean", "description": "Set to `true` if you want Route 53 to determine whether to respond to DNS queries using this resource record set by checking the health of the resource record set. Some resources have special requirements, see [related part of documentation](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html#rrsets-values-alias-evaluate-target-health).\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "DNS domain name for a CloudFront distribution, S3 bucket, ELB, or another resource record set in this hosted zone.\n", "language": { "python": { "mapCase": false } } }, "zoneId": { "type": "string", "description": "Hosted zone ID for a CloudFront distribution, S3 bucket, ELB, or Route 53 hosted zone. See `resource_elb.zone_id` for example.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "evaluateTargetHealth", "name", "zoneId" ] }, "aws:route53/RecordFailoverRoutingPolicy:RecordFailoverRoutingPolicy": { "properties": { "type": { "type": "string", "description": "`PRIMARY` or `SECONDARY`. A `PRIMARY` record will be served if its healthcheck is passing, otherwise the `SECONDARY` will be served. See http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html#dns-failover-failover-rrsets\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:route53/RecordGeolocationRoutingPolicy:RecordGeolocationRoutingPolicy": { "properties": { "continent": { "type": "string", "description": "A two-letter continent code. See http://docs.aws.amazon.com/Route53/latest/APIReference/API_GetGeoLocation.html for code details. Either `continent` or `country` must be specified.\n", "language": { "python": { "mapCase": false } } }, "country": { "type": "string", "description": "A two-character country code or `*` to indicate a default resource record set.\n", "language": { "python": { "mapCase": false } } }, "subdivision": { "type": "string", "description": "A subdivision code for a country.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:route53/RecordLatencyRoutingPolicy:RecordLatencyRoutingPolicy": { "properties": { "region": { "type": "string", "description": "An AWS region from which to measure latency. See http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-latency\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "region" ] }, "aws:route53/RecordWeightedRoutingPolicy:RecordWeightedRoutingPolicy": { "properties": { "weight": { "type": "integer", "description": "A numeric value indicating the relative weight of the record. See http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "weight" ] }, "aws:route53/ResolverEndpointIpAddress:ResolverEndpointIpAddress": { "properties": { "ip": { "type": "string", "description": "The IP address in the subnet that you want to use for DNS queries.\n", "language": { "python": { "mapCase": false } } }, "ipId": { "type": "string", "language": { "python": { "mapCase": false } } }, "subnetId": { "type": "string", "description": "The ID of the subnet that contains the IP address.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "subnetId" ], "language": { "nodejs": { "requiredOutputs": [ "ip", "ipId", "subnetId" ] } } }, "aws:route53/ResolverRuleTargetIp:ResolverRuleTargetIp": { "properties": { "ip": { "type": "string", "description": "One IP address that you want to forward DNS queries to. You can specify only IPv4 addresses.\n", "language": { "python": { "mapCase": false } } }, "port": { "type": "integer", "description": "The port at `ip` that you want to forward DNS queries to. Default value is `53`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "ip" ] }, "aws:route53/ZoneVpc:ZoneVpc": { "properties": { "vpcId": { "type": "string", "description": "ID of the VPC to associate.\n", "language": { "python": { "mapCase": false } } }, "vpcRegion": { "type": "string", "description": "Region of the VPC to associate. Defaults to AWS provider region.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "vpcId" ], "language": { "nodejs": { "requiredOutputs": [ "vpcId", "vpcRegion" ] } } }, "aws:s3/AccessPointPublicAccessBlockConfiguration:AccessPointPublicAccessBlockConfiguration": { "properties": { "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to `true`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.\n* PUT Object calls fail if the request includes a public ACL.\n* PUT Bucket calls fail if the request includes a public ACL.\n", "language": { "python": { "mapCase": false } } }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to `true`. Enabling this setting does not affect existing bucket policies. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n", "language": { "python": { "mapCase": false } } }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to `true`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore all public ACLs on buckets in this account and any objects that they contain.\n", "language": { "python": { "mapCase": false } } }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to `true`. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access buckets with public policies.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/AccessPointVpcConfiguration:AccessPointVpcConfiguration": { "properties": { "vpcId": { "type": "string", "description": "This access point will only allow connections from the specified VPC ID.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "vpcId" ] }, "aws:s3/AnalyticsConfigurationFilter:AnalyticsConfigurationFilter": { "properties": { "prefix": { "type": "string", "description": "Object prefix for filtering.\n", "language": { "python": { "mapCase": false } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Set of object tags for filtering.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/AnalyticsConfigurationStorageClassAnalysis:AnalyticsConfigurationStorageClassAnalysis": { "properties": { "dataExport": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExport:AnalyticsConfigurationStorageClassAnalysisDataExport", "description": "Data export configuration (documented below).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dataExport" ] }, "aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExport:AnalyticsConfigurationStorageClassAnalysisDataExport": { "properties": { "destination": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExportDestination:AnalyticsConfigurationStorageClassAnalysisDataExportDestination", "description": "Specifies the destination for the exported analytics data (documented below).\n", "language": { "python": { "mapCase": false } } }, "outputSchemaVersion": { "type": "string", "description": "The schema version of exported analytics data. Allowed values: `V_1`. Default value: `V_1`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "destination" ] }, "aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExportDestination:AnalyticsConfigurationStorageClassAnalysisDataExportDestination": { "properties": { "s3BucketDestination": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestination:AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestination", "description": "Analytics data export currently only supports an S3 bucket destination (documented below).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "s3BucketDestination" ] }, "aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestination:AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestination": { "properties": { "bucketAccountId": { "type": "string", "description": "The account ID that owns the destination bucket.\n", "language": { "python": { "mapCase": false } } }, "bucketArn": { "type": "string", "description": "The ARN of the destination bucket.\n", "language": { "python": { "mapCase": false } } }, "format": { "type": "string", "description": "The output format of exported analytics data. Allowed values: `CSV`. Default value: `CSV`.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "Object prefix for filtering.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketArn" ] }, "aws:s3/BucketCorsRule:BucketCorsRule": { "properties": { "allowedHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies which headers are allowed.\n", "language": { "python": { "mapCase": false } } }, "allowedMethods": { "type": "array", "items": { "type": "string" }, "description": "Specifies which methods are allowed. Can be `GET`, `PUT`, `POST`, `DELETE` or `HEAD`.\n", "language": { "python": { "mapCase": false } } }, "allowedOrigins": { "type": "array", "items": { "type": "string" }, "description": "Specifies which origins are allowed.\n", "language": { "python": { "mapCase": false } } }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies expose header in the response.\n", "language": { "python": { "mapCase": false } } }, "maxAgeSeconds": { "type": "integer", "description": "Specifies time in seconds that browser can cache the response for a preflight request.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "allowedMethods", "allowedOrigins" ] }, "aws:s3/BucketGrant:BucketGrant": { "properties": { "id": { "type": "string", "description": "Canonical user id to grant for. Used only when `type` is `CanonicalUser`.\n", "language": { "python": { "mapCase": false } } }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions to apply for grantee. Valid values are `READ`, `WRITE`, `READ_ACP`, `WRITE_ACP`, `FULL_CONTROL`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "- Type of grantee to apply for. Valid values are `CanonicalUser` and `Group`. `AmazonCustomerByEmail` is not supported.\n", "language": { "python": { "mapCase": false } } }, "uri": { "type": "string", "description": "Uri address to grant for. Used only when `type` is `Group`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "permissions", "type" ] }, "aws:s3/BucketLifecycleRule:BucketLifecycleRule": { "properties": { "abortIncompleteMultipartUploadDays": { "type": "integer", "description": "Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.\n", "language": { "python": { "mapCase": false } } }, "enabled": { "type": "boolean", "description": "Specifies lifecycle rule status.\n", "language": { "python": { "mapCase": false } } }, "expiration": { "$ref": "#/types/aws:s3/BucketLifecycleRuleExpiration:BucketLifecycleRuleExpiration", "description": "Specifies a period in the object's expire (documented below).\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Unique identifier for the rule.\n", "language": { "python": { "mapCase": false } } }, "noncurrentVersionExpiration": { "$ref": "#/types/aws:s3/BucketLifecycleRuleNoncurrentVersionExpiration:BucketLifecycleRuleNoncurrentVersionExpiration", "description": "Specifies when noncurrent object versions expire (documented below).\n", "language": { "python": { "mapCase": false } } }, "noncurrentVersionTransitions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleRuleNoncurrentVersionTransition:BucketLifecycleRuleNoncurrentVersionTransition" }, "description": "Specifies when noncurrent object versions transitions (documented below).\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "Object key prefix identifying one or more objects to which the rule applies.\n", "language": { "python": { "mapCase": false } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies object tags key and value.\n", "language": { "python": { "mapCase": false } } }, "transitions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleRuleTransition:BucketLifecycleRuleTransition" }, "description": "Specifies a period in the object's transitions (documented below).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "enabled", "id" ] } } }, "aws:s3/BucketLifecycleRuleExpiration:BucketLifecycleRuleExpiration": { "properties": { "date": { "type": "string", "description": "Specifies the date after which you want the corresponding action to take effect.\n", "language": { "python": { "mapCase": false } } }, "days": { "type": "integer", "description": "Specifies the number of days after object creation when the specific rule action takes effect.\n", "language": { "python": { "mapCase": false } } }, "expiredObjectDeleteMarker": { "type": "boolean", "description": "On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/BucketLifecycleRuleNoncurrentVersionExpiration:BucketLifecycleRuleNoncurrentVersionExpiration": { "properties": { "days": { "type": "integer", "description": "Specifies the number of days noncurrent object versions expire.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/BucketLifecycleRuleNoncurrentVersionTransition:BucketLifecycleRuleNoncurrentVersionTransition": { "properties": { "days": { "type": "integer", "description": "Specifies the number of days noncurrent object versions transition.\n", "language": { "python": { "mapCase": false } } }, "storageClass": { "type": "string", "description": "Specifies the Amazon S3 storage class to which you want the noncurrent object versions to transition. Can be `ONEZONE_IA`, `STANDARD_IA`, `INTELLIGENT_TIERING`, `GLACIER`, or `DEEP_ARCHIVE`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "storageClass" ] }, "aws:s3/BucketLifecycleRuleTransition:BucketLifecycleRuleTransition": { "properties": { "date": { "type": "string", "description": "Specifies the date after which you want the corresponding action to take effect.\n", "language": { "python": { "mapCase": false } } }, "days": { "type": "integer", "description": "Specifies the number of days after object creation when the specific rule action takes effect.\n", "language": { "python": { "mapCase": false } } }, "storageClass": { "type": "string", "description": "Specifies the Amazon S3 storage class to which you want the object to transition. Can be `ONEZONE_IA`, `STANDARD_IA`, `INTELLIGENT_TIERING`, `GLACIER`, or `DEEP_ARCHIVE`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "storageClass" ] }, "aws:s3/BucketLogging:BucketLogging": { "properties": { "targetBucket": { "type": "string", "description": "The name of the bucket that will receive the log objects.\n", "language": { "python": { "mapCase": false } } }, "targetPrefix": { "type": "string", "description": "To specify a key prefix for log objects.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "targetBucket" ] }, "aws:s3/BucketMetricFilter:BucketMetricFilter": { "properties": { "prefix": { "type": "string", "description": "Object prefix for filtering (singular).\n", "language": { "python": { "mapCase": false } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Object tags for filtering (up to 10).\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/BucketNotificationLambdaFunction:BucketNotificationLambdaFunction": { "properties": { "events": { "type": "array", "items": { "type": "string" }, "description": "Specifies [event](http://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#notification-how-to-event-types-and-destinations) for which to send notifications.\n", "language": { "python": { "mapCase": false } } }, "filterPrefix": { "type": "string", "description": "Specifies object key name prefix.\n", "language": { "python": { "mapCase": false } } }, "filterSuffix": { "type": "string", "description": "Specifies object key name suffix.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Specifies unique identifier for each of the notification configurations.\n", "language": { "python": { "mapCase": false } } }, "lambdaFunctionArn": { "type": "string", "description": "Specifies Amazon Lambda function ARN.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "events" ], "language": { "nodejs": { "requiredOutputs": [ "events", "id" ] } } }, "aws:s3/BucketNotificationQueue:BucketNotificationQueue": { "properties": { "events": { "type": "array", "items": { "type": "string" }, "description": "Specifies [event](http://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#notification-how-to-event-types-and-destinations) for which to send notifications.\n", "language": { "python": { "mapCase": false } } }, "filterPrefix": { "type": "string", "description": "Specifies object key name prefix.\n", "language": { "python": { "mapCase": false } } }, "filterSuffix": { "type": "string", "description": "Specifies object key name suffix.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Specifies unique identifier for each of the notification configurations.\n", "language": { "python": { "mapCase": false } } }, "queueArn": { "type": "string", "description": "Specifies Amazon SQS queue ARN.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "events", "queueArn" ], "language": { "nodejs": { "requiredOutputs": [ "events", "id", "queueArn" ] } } }, "aws:s3/BucketNotificationTopic:BucketNotificationTopic": { "properties": { "events": { "type": "array", "items": { "type": "string" }, "description": "Specifies [event](http://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#notification-how-to-event-types-and-destinations) for which to send notifications.\n", "language": { "python": { "mapCase": false } } }, "filterPrefix": { "type": "string", "description": "Specifies object key name prefix.\n", "language": { "python": { "mapCase": false } } }, "filterSuffix": { "type": "string", "description": "Specifies object key name suffix.\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Specifies unique identifier for each of the notification configurations.\n", "language": { "python": { "mapCase": false } } }, "topicArn": { "type": "string", "description": "Specifies Amazon SNS topic ARN.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "events", "topicArn" ], "language": { "nodejs": { "requiredOutputs": [ "events", "id", "topicArn" ] } } }, "aws:s3/BucketObjectLockConfiguration:BucketObjectLockConfiguration": { "properties": { "objectLockEnabled": { "type": "string", "description": "Indicates whether this bucket has an Object Lock configuration enabled. Valid value is `Enabled`.\n", "language": { "python": { "mapCase": false } } }, "rule": { "$ref": "#/types/aws:s3/BucketObjectLockConfigurationRule:BucketObjectLockConfigurationRule", "description": "The Object Lock rule in place for this bucket.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "objectLockEnabled" ] }, "aws:s3/BucketObjectLockConfigurationRule:BucketObjectLockConfigurationRule": { "properties": { "defaultRetention": { "$ref": "#/types/aws:s3/BucketObjectLockConfigurationRuleDefaultRetention:BucketObjectLockConfigurationRuleDefaultRetention", "description": "The default retention period that you want to apply to new objects placed in this bucket.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "defaultRetention" ] }, "aws:s3/BucketObjectLockConfigurationRuleDefaultRetention:BucketObjectLockConfigurationRuleDefaultRetention": { "properties": { "days": { "type": "integer", "description": "The number of days that you want to specify for the default retention period.\n", "language": { "python": { "mapCase": false } } }, "mode": { "type": "string", "description": "The default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n", "language": { "python": { "mapCase": false } } }, "years": { "type": "integer", "description": "The number of years that you want to specify for the default retention period.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "mode" ] }, "aws:s3/BucketReplicationConfiguration:BucketReplicationConfiguration": { "properties": { "role": { "type": "string", "description": "The ARN of the IAM role for Amazon S3 to assume when replicating the objects.\n", "language": { "python": { "mapCase": false } } }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRule:BucketReplicationConfigurationRule" }, "description": "Specifies the rules managing the replication (documented below).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "role", "rules" ] }, "aws:s3/BucketReplicationConfigurationRule:BucketReplicationConfigurationRule": { "properties": { "destination": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleDestination:BucketReplicationConfigurationRuleDestination", "description": "Specifies the destination for the rule (documented below).\n", "language": { "python": { "mapCase": false } } }, "filter": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleFilter:BucketReplicationConfigurationRuleFilter", "description": "Filter that identifies subset of objects to which the replication rule applies (documented below).\n", "language": { "python": { "mapCase": false } } }, "id": { "type": "string", "description": "Unique identifier for the rule.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "Object keyname prefix identifying one or more objects to which the rule applies.\n", "language": { "python": { "mapCase": false } } }, "priority": { "type": "integer", "description": "is optional (with a default value of `0`) but must be unique between multiple rules\n", "language": { "python": { "mapCase": false } } }, "sourceSelectionCriteria": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleSourceSelectionCriteria:BucketReplicationConfigurationRuleSourceSelectionCriteria", "description": "Specifies special object selection criteria (documented below).\n", "language": { "python": { "mapCase": false } } }, "status": { "type": "string", "description": "The status of the rule. Either `Enabled` or `Disabled`. The rule is ignored if status is not Enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "destination", "status" ] }, "aws:s3/BucketReplicationConfigurationRuleDestination:BucketReplicationConfigurationRuleDestination": { "properties": { "accessControlTranslation": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleDestinationAccessControlTranslation:BucketReplicationConfigurationRuleDestinationAccessControlTranslation", "description": "Specifies the overrides to use for object owners on replication. Must be used in conjunction with `account_id` owner override configuration.\n", "language": { "python": { "mapCase": false } } }, "accountId": { "type": "string", "description": "The Account ID to use for overriding the object owner on replication. Must be used in conjunction with `access_control_translation` override configuration.\n", "language": { "python": { "mapCase": false } } }, "bucket": { "type": "string", "description": "The ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.\n", "language": { "python": { "mapCase": false } } }, "replicaKmsKeyId": { "type": "string", "description": "Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with\n`sse_kms_encrypted_objects` source selection criteria.\n", "language": { "python": { "mapCase": false } } }, "storageClass": { "type": "string", "description": "The class of storage used to store the object. Can be `STANDARD`, `REDUCED_REDUNDANCY`, `STANDARD_IA`, `ONEZONE_IA`, `INTELLIGENT_TIERING`, `GLACIER`, or `DEEP_ARCHIVE`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket" ] }, "aws:s3/BucketReplicationConfigurationRuleDestinationAccessControlTranslation:BucketReplicationConfigurationRuleDestinationAccessControlTranslation": { "properties": { "owner": { "type": "string", "description": "The override value for the owner on replicated objects. Currently only `Destination` is supported.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "owner" ] }, "aws:s3/BucketReplicationConfigurationRuleFilter:BucketReplicationConfigurationRuleFilter": { "properties": { "prefix": { "type": "string", "description": "Object keyname prefix that identifies subset of objects to which the rule applies.\n", "language": { "python": { "mapCase": false } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags that identifies subset of objects to which the rule applies.\nThe rule applies only to objects having all the tags in its tagset.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/BucketReplicationConfigurationRuleSourceSelectionCriteria:BucketReplicationConfigurationRuleSourceSelectionCriteria": { "properties": { "sseKmsEncryptedObjects": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObjects:BucketReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObjects", "description": "Match SSE-KMS encrypted objects (documented below). If specified, `replica_kms_key_id`\nin `destination` must be specified as well.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/BucketReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObjects:BucketReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObjects": { "properties": { "enabled": { "type": "boolean", "description": "Boolean which indicates if this criteria is enabled.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "enabled" ] }, "aws:s3/BucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration": { "properties": { "rule": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfigurationRule:BucketServerSideEncryptionConfigurationRule", "description": "A single object for server-side encryption by default configuration. (documented below)\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "rule" ] }, "aws:s3/BucketServerSideEncryptionConfigurationRule:BucketServerSideEncryptionConfigurationRule": { "properties": { "applyServerSideEncryptionByDefault": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault:BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault", "description": "A single object for setting server-side encryption by default. (documented below)\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "applyServerSideEncryptionByDefault" ] }, "aws:s3/BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault:BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault": { "properties": { "kmsMasterKeyId": { "type": "string", "description": "The AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of `sse_algorithm` as `aws:kms`. The default `aws/s3` AWS KMS master key is used if this element is absent while the `sse_algorithm` is `aws:kms`.\n", "language": { "python": { "mapCase": false } } }, "sseAlgorithm": { "type": "string", "description": "The server-side encryption algorithm to use. Valid values are `AES256` and `aws:kms`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "sseAlgorithm" ] }, "aws:s3/BucketVersioning:BucketVersioning": { "properties": { "enabled": { "type": "boolean", "description": "Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.\n", "language": { "python": { "mapCase": false } } }, "mfaDelete": { "type": "boolean", "description": "Enable MFA delete for either `Change the versioning state of your bucket` or `Permanently delete an object version`. Default is `false`. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/BucketWebsite:BucketWebsite": { "properties": { "errorDocument": { "type": "string", "description": "An absolute path to the document to return in case of a 4XX error.\n", "language": { "python": { "mapCase": false } } }, "indexDocument": { "type": "string", "description": "Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.\n", "language": { "python": { "mapCase": false } } }, "redirectAllRequestsTo": { "type": "string", "description": "A hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (`http://` or `https://`) to use when redirecting requests. The default is the protocol that is used in the original request.\n", "language": { "python": { "mapCase": false } } }, "routingRules": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:s3/routingRules:RoutingRule" } } ], "description": "A json array containing [routing rules](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules.html)\ndescribing redirect behavior and when redirects are applied.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/InventoryDestination:InventoryDestination": { "properties": { "bucket": { "$ref": "#/types/aws:s3/InventoryDestinationBucket:InventoryDestinationBucket", "description": "The S3 bucket configuration where inventory results are published (documented below).\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucket" ] }, "aws:s3/InventoryDestinationBucket:InventoryDestinationBucket": { "properties": { "accountId": { "type": "string", "description": "The ID of the account that owns the destination bucket. Recommended to be set to prevent problems if the destination bucket ownership changes.\n", "language": { "python": { "mapCase": false } } }, "bucketArn": { "type": "string", "description": "The Amazon S3 bucket ARN of the destination.\n", "language": { "python": { "mapCase": false } } }, "encryption": { "$ref": "#/types/aws:s3/InventoryDestinationBucketEncryption:InventoryDestinationBucketEncryption", "description": "Contains the type of server-side encryption to use to encrypt the inventory (documented below).\n", "language": { "python": { "mapCase": false } } }, "format": { "type": "string", "description": "Specifies the output format of the inventory results. Can be `CSV`, [`ORC`](https://orc.apache.org/) or [`Parquet`](https://parquet.apache.org/).\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "The prefix that is prepended to all inventory results.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketArn", "format" ] }, "aws:s3/InventoryDestinationBucketEncryption:InventoryDestinationBucketEncryption": { "properties": { "sseKms": { "$ref": "#/types/aws:s3/InventoryDestinationBucketEncryptionSseKms:InventoryDestinationBucketEncryptionSseKms", "description": "Specifies to use server-side encryption with AWS KMS-managed keys to encrypt the inventory file (documented below).\n", "language": { "python": { "mapCase": false } } }, "sseS3": { "$ref": "#/types/aws:s3/InventoryDestinationBucketEncryptionSseS3:InventoryDestinationBucketEncryptionSseS3", "description": "Specifies to use server-side encryption with Amazon S3-managed keys (SSE-S3) to encrypt the inventory file.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/InventoryDestinationBucketEncryptionSseKms:InventoryDestinationBucketEncryptionSseKms": { "properties": { "keyId": { "type": "string", "description": "The ARN of the KMS customer master key (CMK) used to encrypt the inventory file.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "keyId" ] }, "aws:s3/InventoryDestinationBucketEncryptionSseS3:InventoryDestinationBucketEncryptionSseS3": { "type": "object" }, "aws:s3/InventoryFilter:InventoryFilter": { "properties": { "prefix": { "type": "string", "description": "The prefix that an object must have to be included in the inventory results.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:s3/InventorySchedule:InventorySchedule": { "properties": { "frequency": { "type": "string", "description": "Specifies how frequently inventory results are produced. Valid values: `Daily`, `Weekly`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "frequency" ] }, "aws:sagemaker/EndpointConfigurationProductionVariant:EndpointConfigurationProductionVariant": { "properties": { "acceleratorType": { "type": "string", "description": "The size of the Elastic Inference (EI) instance to use for the production variant.\n", "language": { "python": { "mapCase": false } } }, "initialInstanceCount": { "type": "integer", "description": "Initial number of instances used for auto-scaling.\n", "language": { "python": { "mapCase": false } } }, "initialVariantWeight": { "type": "number", "description": "Determines initial traffic distribution among all of the models that you specify in the endpoint configuration. If unspecified, it defaults to 1.0.\n", "language": { "python": { "mapCase": false } } }, "instanceType": { "type": "string", "description": "The type of instance to start.\n", "language": { "python": { "mapCase": false } } }, "modelName": { "type": "string", "description": "The name of the model to use.\n", "language": { "python": { "mapCase": false } } }, "variantName": { "type": "string", "description": "The name of the variant. If omitted, this provider will assign a random, unique name.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "initialInstanceCount", "instanceType", "modelName" ], "language": { "nodejs": { "requiredOutputs": [ "initialInstanceCount", "instanceType", "modelName", "variantName" ] } } }, "aws:sagemaker/ModelContainer:ModelContainer": { "properties": { "containerHostname": { "type": "string", "description": "The DNS host name for the container.\n", "language": { "python": { "mapCase": false } } }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables for the Docker container.\nA list of key value pairs.\n", "language": { "python": { "mapCase": false } } }, "image": { "type": "string", "description": "The registry path where the inference code image is stored in Amazon ECR.\n", "language": { "python": { "mapCase": false } } }, "modelDataUrl": { "type": "string", "description": "The URL for the S3 location where model artifacts are stored.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "image" ] }, "aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer": { "properties": { "containerHostname": { "type": "string", "description": "The DNS host name for the container.\n", "language": { "python": { "mapCase": false } } }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables for the Docker container.\nA list of key value pairs.\n", "language": { "python": { "mapCase": false } } }, "image": { "type": "string", "description": "The registry path where the inference code image is stored in Amazon ECR.\n", "language": { "python": { "mapCase": false } } }, "modelDataUrl": { "type": "string", "description": "The URL for the S3 location where model artifacts are stored.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "image" ] }, "aws:sagemaker/ModelVpcConfig:ModelVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } }, "subnets": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "securityGroupIds", "subnets" ] }, "aws:secretsmanager/SecretRotationRotationRules:SecretRotationRotationRules": { "properties": { "automaticallyAfterDays": { "type": "integer", "description": "Specifies the number of days between automatic scheduled rotations of the secret.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "automaticallyAfterDays" ] }, "aws:secretsmanager/SecretRotationRules:SecretRotationRules": { "properties": { "automaticallyAfterDays": { "type": "integer", "description": "Specifies the number of days between automatic scheduled rotations of the secret.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "automaticallyAfterDays" ] }, "aws:secretsmanager/getSecretRotationRotationRule:getSecretRotationRotationRule": { "properties": { "automaticallyAfterDays": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "automaticallyAfterDays" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:secretsmanager/getSecretRotationRule:getSecretRotationRule": { "properties": { "automaticallyAfterDays": { "type": "integer", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "automaticallyAfterDays" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicediscovery/ServiceDnsConfig:ServiceDnsConfig": { "properties": { "dnsRecords": { "type": "array", "items": { "$ref": "#/types/aws:servicediscovery/ServiceDnsConfigDnsRecord:ServiceDnsConfigDnsRecord" }, "description": "An array that contains one DnsRecord object for each resource record set.\n", "language": { "python": { "mapCase": false } } }, "namespaceId": { "type": "string", "description": "The ID of the namespace to use for DNS configuration.\n", "language": { "python": { "mapCase": false } } }, "routingPolicy": { "type": "string", "description": "The routing policy that you want to apply to all records that Route 53 creates when you register an instance and specify the service. Valid Values: MULTIVALUE, WEIGHTED\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dnsRecords", "namespaceId" ] }, "aws:servicediscovery/ServiceDnsConfigDnsRecord:ServiceDnsConfigDnsRecord": { "properties": { "ttl": { "type": "integer", "description": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this resource record set.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of health check that you want to create, which indicates how Route 53 determines whether an endpoint is healthy. Valid Values: HTTP, HTTPS, TCP\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "ttl", "type" ] }, "aws:servicediscovery/ServiceHealthCheckConfig:ServiceHealthCheckConfig": { "properties": { "failureThreshold": { "type": "integer", "description": "The number of 30-second intervals that you want service discovery to wait before it changes the health status of a service instance. Maximum value of 10.\n", "language": { "python": { "mapCase": false } } }, "resourcePath": { "type": "string", "description": "The path that you want Route 53 to request when performing health checks. Route 53 automatically adds the DNS name for the service. If you don't specify a value, the default value is /.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of health check that you want to create, which indicates how Route 53 determines whether an endpoint is healthy. Valid Values: HTTP, HTTPS, TCP\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:servicediscovery/ServiceHealthCheckCustomConfig:ServiceHealthCheckCustomConfig": { "properties": { "failureThreshold": { "type": "integer", "description": "The number of 30-second intervals that you want service discovery to wait before it changes the health status of a service instance. Maximum value of 10.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ses/EventDestinationCloudwatchDestination:EventDestinationCloudwatchDestination": { "properties": { "defaultValue": { "type": "string", "description": "The default value for the event\n", "language": { "python": { "mapCase": false } } }, "dimensionName": { "type": "string", "description": "The name for the dimension\n", "language": { "python": { "mapCase": false } } }, "valueSource": { "type": "string", "description": "The source for the value. It can be either `\"messageTag\"` or `\"emailHeader\"`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "defaultValue", "dimensionName", "valueSource" ] }, "aws:ses/EventDestinationKinesisDestination:EventDestinationKinesisDestination": { "properties": { "roleArn": { "type": "string", "description": "The ARN of the role that has permissions to access the Kinesis Stream\n", "language": { "python": { "mapCase": false } } }, "streamArn": { "type": "string", "description": "The ARN of the Kinesis Stream\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "roleArn", "streamArn" ] }, "aws:ses/EventDestinationSnsDestination:EventDestinationSnsDestination": { "properties": { "topicArn": { "type": "string", "description": "The ARN of the SNS topic\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "topicArn" ] }, "aws:ses/ReceiptRuleAddHeaderAction:ReceiptRuleAddHeaderAction": { "properties": { "headerName": { "type": "string", "description": "The name of the header to add\n", "language": { "python": { "mapCase": false } } }, "headerValue": { "type": "string", "description": "The value of the header to add\n", "language": { "python": { "mapCase": false } } }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "headerName", "headerValue", "position" ] }, "aws:ses/ReceiptRuleBounceAction:ReceiptRuleBounceAction": { "properties": { "message": { "type": "string", "description": "The message to send\n", "language": { "python": { "mapCase": false } } }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n", "language": { "python": { "mapCase": false } } }, "sender": { "type": "string", "description": "The email address of the sender\n", "language": { "python": { "mapCase": false } } }, "smtpReplyCode": { "type": "string", "description": "The RFC 5321 SMTP reply code\n", "language": { "python": { "mapCase": false } } }, "statusCode": { "type": "string", "description": "The RFC 3463 SMTP enhanced status code\n", "language": { "python": { "mapCase": false } } }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "message", "position", "sender", "smtpReplyCode" ] }, "aws:ses/ReceiptRuleLambdaAction:ReceiptRuleLambdaAction": { "properties": { "functionArn": { "type": "string", "description": "The ARN of the Lambda function to invoke\n", "language": { "python": { "mapCase": false } } }, "invocationType": { "type": "string", "description": "Event or RequestResponse\n", "language": { "python": { "mapCase": false } } }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n", "language": { "python": { "mapCase": false } } }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "functionArn", "position" ], "language": { "nodejs": { "requiredOutputs": [ "functionArn", "invocationType", "position" ] } } }, "aws:ses/ReceiptRuleS3Action:ReceiptRuleS3Action": { "properties": { "bucketName": { "type": "string", "description": "The name of the S3 bucket\n", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "description": "The ARN of the KMS key\n", "language": { "python": { "mapCase": false } } }, "objectKeyPrefix": { "type": "string", "description": "The key prefix of the S3 bucket\n", "language": { "python": { "mapCase": false } } }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n", "language": { "python": { "mapCase": false } } }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketName", "position" ] }, "aws:ses/ReceiptRuleSnsAction:ReceiptRuleSnsAction": { "properties": { "position": { "type": "integer", "description": "The position of the action in the receipt rule\n", "language": { "python": { "mapCase": false } } }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "position", "topicArn" ] }, "aws:ses/ReceiptRuleStopAction:ReceiptRuleStopAction": { "properties": { "position": { "type": "integer", "description": "The position of the action in the receipt rule\n", "language": { "python": { "mapCase": false } } }, "scope": { "type": "string", "description": "The scope to apply\n", "language": { "python": { "mapCase": false } } }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "position", "scope" ] }, "aws:ses/ReceiptRuleWorkmailAction:ReceiptRuleWorkmailAction": { "properties": { "organizationArn": { "type": "string", "description": "The ARN of the WorkMail organization\n", "language": { "python": { "mapCase": false } } }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n", "language": { "python": { "mapCase": false } } }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "organizationArn", "position" ] }, "aws:ssm/AssociationOutputLocation:AssociationOutputLocation": { "properties": { "s3BucketName": { "type": "string", "description": "The S3 bucket name.\n", "language": { "python": { "mapCase": false } } }, "s3KeyPrefix": { "type": "string", "description": "The S3 bucket prefix. Results stored in the root if not configured.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "s3BucketName" ] }, "aws:ssm/AssociationTarget:AssociationTarget": { "properties": { "key": { "type": "string", "description": "Either `InstanceIds` or `tag:Tag Name` to specify an EC2 tag.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "A list of instance IDs or tag values. AWS currently limits this list size to one value.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/DocumentAttachmentsSource:DocumentAttachmentsSource": { "properties": { "key": { "type": "string", "description": "The key describing the location of an attachment to a document. Valid key types include: `SourceUrl` and `S3FileUrl`\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the document attachment file\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "The value describing the location of an attachment to a document\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/DocumentParameter:DocumentParameter": { "properties": { "defaultValue": { "type": "string", "language": { "python": { "mapCase": false } } }, "description": { "type": "string", "description": "The description of the document.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the document.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ssm/MaintenanceWindowTargetTarget:MaintenanceWindowTargetTarget": { "properties": { "key": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/MaintenanceWindowTaskLoggingInfo:MaintenanceWindowTaskLoggingInfo": { "properties": { "s3BucketName": { "type": "string", "language": { "python": { "mapCase": false } } }, "s3BucketPrefix": { "type": "string", "language": { "python": { "mapCase": false } } }, "s3Region": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "s3BucketName", "s3Region" ] }, "aws:ssm/MaintenanceWindowTaskTarget:MaintenanceWindowTaskTarget": { "properties": { "key": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParameters:MaintenanceWindowTaskTaskInvocationParameters": { "properties": { "automationParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersAutomationParameters:MaintenanceWindowTaskTaskInvocationParametersAutomationParameters", "description": "The parameters for an AUTOMATION task type. Documented below.\n", "language": { "python": { "mapCase": false } } }, "lambdaParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersLambdaParameters:MaintenanceWindowTaskTaskInvocationParametersLambdaParameters", "description": "The parameters for a LAMBDA task type. Documented below.\n", "language": { "python": { "mapCase": false } } }, "runCommandParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParameters:MaintenanceWindowTaskTaskInvocationParametersRunCommandParameters", "description": "The parameters for a RUN_COMMAND task type. Documented below.\n", "language": { "python": { "mapCase": false } } }, "stepFunctionsParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParameters:MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParameters", "description": "The parameters for a STEP_FUNCTIONS task type. Documented below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersAutomationParameters:MaintenanceWindowTaskTaskInvocationParametersAutomationParameters": { "properties": { "documentVersion": { "type": "string", "description": "The version of an Automation document to use during task execution.\n", "language": { "python": { "mapCase": false } } }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameter:MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameter" }, "description": "The parameters for the RUN_COMMAND task execution. Documented below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameter:MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameter": { "properties": { "name": { "type": "string", "description": "The parameter name.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "The array of strings.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersLambdaParameters:MaintenanceWindowTaskTaskInvocationParametersLambdaParameters": { "properties": { "clientContext": { "type": "string", "description": "Pass client-specific information to the Lambda function that you are invoking.\n", "language": { "python": { "mapCase": false } } }, "payload": { "type": "string", "description": "JSON to provide to your Lambda function as input.\n", "language": { "python": { "mapCase": false } } }, "qualifier": { "type": "string", "description": "Specify a Lambda function version or alias name.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParameters:MaintenanceWindowTaskTaskInvocationParametersRunCommandParameters": { "properties": { "comment": { "type": "string", "description": "Information about the command(s) to execute.\n", "language": { "python": { "mapCase": false } } }, "documentHash": { "type": "string", "description": "The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.\n", "language": { "python": { "mapCase": false } } }, "documentHashType": { "type": "string", "description": "SHA-256 or SHA-1. SHA-1 hashes have been deprecated. Valid values: `Sha256` and `Sha1`\n", "language": { "python": { "mapCase": false } } }, "notificationConfig": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfig:MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfig", "description": "Configurations for sending notifications about command status changes on a per-instance basis. Documented below.\n", "language": { "python": { "mapCase": false } } }, "outputS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket.\n", "language": { "python": { "mapCase": false } } }, "outputS3KeyPrefix": { "type": "string", "description": "The Amazon S3 bucket subfolder.\n", "language": { "python": { "mapCase": false } } }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameter:MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameter" }, "description": "The parameters for the RUN_COMMAND task execution. Documented below.\n", "language": { "python": { "mapCase": false } } }, "serviceRoleArn": { "type": "string", "description": "The IAM service role to assume during task execution.\n", "language": { "python": { "mapCase": false } } }, "timeoutSeconds": { "type": "integer", "description": "If this time is reached and the command has not already started executing, it doesn't run.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfig:MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfig": { "properties": { "notificationArn": { "type": "string", "description": "An Amazon Resource Name (ARN) for a Simple Notification Service (SNS) topic. Run Command pushes notifications about command status changes to this topic.\n", "language": { "python": { "mapCase": false } } }, "notificationEvents": { "type": "array", "items": { "type": "string" }, "description": "The different events for which you can receive notifications. Valid values: `All`, `InProgress`, `Success`, `TimedOut`, `Cancelled`, and `Failed`\n", "language": { "python": { "mapCase": false } } }, "notificationType": { "type": "string", "description": "When specified with `Command`, receive notification when the status of a command changes. When specified with `Invocation`, for commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes. Valid values: `Command` and `Invocation`\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameter:MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameter": { "properties": { "name": { "type": "string", "description": "The parameter name.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "description": "The array of strings.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParameters:MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParameters": { "properties": { "input": { "type": "string", "description": "The inputs for the STEP_FUNCTION task.\n", "language": { "python": { "mapCase": false } } }, "name": { "type": "string", "description": "The name of the STEP_FUNCTION task.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskParameter:MaintenanceWindowTaskTaskParameter": { "properties": { "name": { "type": "string", "description": "The name of the maintenance window task.\n", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ssm/PatchBaselineApprovalRule:PatchBaselineApprovalRule": { "properties": { "approveAfterDays": { "type": "integer", "description": "The number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline. Valid Range: 0 to 100.\n", "language": { "python": { "mapCase": false } } }, "complianceLevel": { "type": "string", "description": "Defines the compliance level for patches approved by this rule. Valid compliance levels include the following: `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`.\n", "language": { "python": { "mapCase": false } } }, "enableNonSecurity": { "type": "boolean", "description": "Boolean enabling the application of non-security updates. The default value is 'false'. Valid for Linux instances only.\n", "language": { "python": { "mapCase": false } } }, "patchFilters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineApprovalRulePatchFilter:PatchBaselineApprovalRulePatchFilter" }, "description": "The patch filter group that defines the criteria for the rule. Up to 5 patch filters can be specified per approval rule using Key/Value pairs. Valid Keys are `PATCH_SET | PRODUCT | CLASSIFICATION | MSRC_SEVERITY | PATCH_ID`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "approveAfterDays", "patchFilters" ] }, "aws:ssm/PatchBaselineApprovalRulePatchFilter:PatchBaselineApprovalRulePatchFilter": { "properties": { "key": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/PatchBaselineGlobalFilter:PatchBaselineGlobalFilter": { "properties": { "key": { "type": "string", "language": { "python": { "mapCase": false } } }, "values": { "type": "array", "items": { "type": "string" }, "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/ResourceDataSyncS3Destination:ResourceDataSyncS3Destination": { "properties": { "bucketName": { "type": "string", "description": "Name of S3 bucket where the aggregated data is stored.\n", "language": { "python": { "mapCase": false } } }, "kmsKeyArn": { "type": "string", "description": "ARN of an encryption key for a destination in Amazon S3.\n", "language": { "python": { "mapCase": false } } }, "prefix": { "type": "string", "description": "Prefix for the bucket.\n", "language": { "python": { "mapCase": false } } }, "region": { "type": "string", "description": "Region with the bucket targeted by the Resource Data Sync.\n", "language": { "python": { "mapCase": false } } }, "syncFormat": { "type": "string", "description": "A supported sync format. Only JsonSerDe is currently supported. Defaults to JsonSerDe.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "bucketName", "region" ] }, "aws:storagegateway/GatewaySmbActiveDirectorySettings:GatewaySmbActiveDirectorySettings": { "properties": { "domainName": { "type": "string", "description": "The name of the domain that you want the gateway to join.\n", "language": { "python": { "mapCase": false } } }, "password": { "type": "string", "description": "The password of the user who has permission to add the gateway to the Active Directory domain.\n", "language": { "python": { "mapCase": false } } }, "username": { "type": "string", "description": "The user name of user who has permission to add the gateway to the Active Directory domain.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "domainName", "password", "username" ] }, "aws:storagegateway/NfsFileShareNfsFileShareDefaults:NfsFileShareNfsFileShareDefaults": { "properties": { "directoryMode": { "type": "string", "description": "The Unix directory mode in the string form \"nnnn\". Defaults to `\"0777\"`.\n", "language": { "python": { "mapCase": false } } }, "fileMode": { "type": "string", "description": "The Unix file mode in the string form \"nnnn\". Defaults to `\"0666\"`.\n", "language": { "python": { "mapCase": false } } }, "groupId": { "type": "integer", "description": "The default group ID for the file share (unless the files have another group ID specified). Defaults to `65534` (`nfsnobody`). Valid values: `0` through `4294967294`.\n", "language": { "python": { "mapCase": false } } }, "ownerId": { "type": "integer", "description": "The default owner ID for the file share (unless the files have another owner ID specified). Defaults to `65534` (`nfsnobody`). Valid values: `0` through `4294967294`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:transfer/ServerEndpointDetails:ServerEndpointDetails": { "properties": { "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "vpcEndpointId" ] }, "aws:waf/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:waf/ByteMatchSetByteMatchTupleFieldToMatch:ByteMatchSetByteMatchTupleFieldToMatch", "description": "The part of a web request that you want to search, such as a specified header or a query string.\n", "language": { "python": { "mapCase": false } } }, "positionalConstraint": { "type": "string", "description": "Within the portion of a web request that you want to search\n(for example, in the query string, if any), specify where you want to search.\ne.g. `CONTAINS`, `CONTAINS_WORD` or `EXACTLY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-PositionalConstraint)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } }, "targetString": { "type": "string", "description": "The value that you want to search for. e.g. `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-TargetString)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `target_string` before inspecting a request for a match.\ne.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-TextTransformation)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fieldToMatch", "positionalConstraint", "textTransformation" ] }, "aws:waf/ByteMatchSetByteMatchTupleFieldToMatch:ByteMatchSetByteMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g. `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:waf/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint": { "properties": { "type": { "type": "string", "description": "The type of geographical area you want AWS WAF to search for. Currently Country is the only valid value.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The country that you want AWS WAF to search for.\nThis is the two-letter country code, e.g. `US`, `CA`, `RU`, `CN`, etc.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_GeoMatchConstraint.html) for all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type", "value" ] }, "aws:waf/IpSetIpSetDescriptor:IpSetIpSetDescriptor": { "properties": { "type": { "type": "string", "description": "Type of the IP address - `IPV4` or `IPV6`.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "An IPv4 or IPv6 address specified via CIDR notation.\ne.g. `192.0.2.44/32` or `1111:0000:0000:0000:0000:0000:0000:0000/64`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type", "value" ] }, "aws:waf/RateBasedRulePredicate:RateBasedRulePredicate": { "properties": { "dataId": { "type": "string", "description": "A unique identifier for a predicate in the rule, such as Byte Match Set ID or IPSet ID.\n", "language": { "python": { "mapCase": false } } }, "negated": { "type": "boolean", "description": "Set this to `false` if you want to allow, block, or count requests\nbased on the settings in the specified `ByteMatchSet`, `IPSet`, `SqlInjectionMatchSet`, `XssMatchSet`, or `SizeConstraintSet`.\nFor example, if an IPSet includes the IP address `192.0.2.44`, AWS WAF will allow or block requests based on that IP address.\nIf set to `true`, AWS WAF will allow, block, or count requests based on all IP addresses _except_ `192.0.2.44`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of predicate in a rule. Valid values: `ByteMatch`, `GeoMatch`, `IPMatch`, `RegexMatch`, `SizeConstraint`, `SqlInjectionMatch`, or `XssMatch`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dataId", "negated", "type" ] }, "aws:waf/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:waf/RegexMatchSetRegexMatchTupleFieldToMatch:RegexMatchSetRegexMatchTupleFieldToMatch", "description": "The part of a web request that you want to search, such as a specified header or a query string.\n", "language": { "python": { "mapCase": false } } }, "regexPatternSetId": { "type": "string", "description": "The ID of a `WAF Regex Pattern Set`.\n", "language": { "python": { "mapCase": false } } }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\ne.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-TextTransformation)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fieldToMatch", "regexPatternSetId", "textTransformation" ] }, "aws:waf/RegexMatchSetRegexMatchTupleFieldToMatch:RegexMatchSetRegexMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g. `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:waf/RuleGroupActivatedRule:RuleGroupActivatedRule": { "properties": { "action": { "$ref": "#/types/aws:waf/RuleGroupActivatedRuleAction:RuleGroupActivatedRuleAction", "description": "Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule.\n", "language": { "python": { "mapCase": false } } }, "priority": { "type": "integer", "description": "Specifies the order in which the rules are evaluated. Rules with a lower value are evaluated before rules with a higher value.\n", "language": { "python": { "mapCase": false } } }, "ruleId": { "type": "string", "description": "The ID of a `waf_rule`\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The rule type, either `REGULAR`, `RATE_BASED`, or `GROUP`. Defaults to `REGULAR`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "action", "priority", "ruleId" ] }, "aws:waf/RuleGroupActivatedRuleAction:RuleGroupActivatedRuleAction": { "properties": { "type": { "type": "string", "description": "The rule type, either `REGULAR`, `RATE_BASED`, or `GROUP`. Defaults to `REGULAR`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:waf/RulePredicate:RulePredicate": { "properties": { "dataId": { "type": "string", "description": "A unique identifier for a predicate in the rule, such as Byte Match Set ID or IPSet ID.\n", "language": { "python": { "mapCase": false } } }, "negated": { "type": "boolean", "description": "Set this to `false` if you want to allow, block, or count requests\nbased on the settings in the specified `waf_byte_match_set`, `waf_ipset`, `aws.waf.SizeConstraintSet`, `aws.waf.SqlInjectionMatchSet` or `aws.waf.XssMatchSet`.\nFor example, if an IPSet includes the IP address `192.0.2.44`, AWS WAF will allow or block requests based on that IP address.\nIf set to `true`, AWS WAF will allow, block, or count requests based on all IP addresses except `192.0.2.44`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of predicate in a rule. Valid values: `ByteMatch`, `GeoMatch`, `IPMatch`, `RegexMatch`, `SizeConstraint`, `SqlInjectionMatch`, or `XssMatch`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dataId", "negated", "type" ] }, "aws:waf/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint": { "properties": { "comparisonOperator": { "type": "string", "description": "The type of comparison you want to perform.\ne.g. `EQ`, `NE`, `LT`, `GT`.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_SizeConstraint.html) for all supported values.\n", "language": { "python": { "mapCase": false } } }, "fieldToMatch": { "$ref": "#/types/aws:waf/SizeConstraintSetSizeConstraintFieldToMatch:SizeConstraintSetSizeConstraintFieldToMatch", "description": "Specifies where in a web request to look for the size constraint.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size in bytes that you want to compare against the size of the specified `field_to_match`.\nValid values are between 0 - 21474836480 bytes (0 - 20 GB).\n", "language": { "python": { "mapCase": false } } }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `field_to_match` before inspecting a request for a match.\ne.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_SizeConstraint.html#WAF-Type-SizeConstraint-TextTransformation)\nfor all supported values.\n**Note:** if you choose `BODY` as `type`, you must choose `NONE` because CloudFront forwards only the first 8192 bytes for inspection.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "comparisonOperator", "fieldToMatch", "size", "textTransformation" ] }, "aws:waf/SizeConstraintSetSizeConstraintFieldToMatch:SizeConstraintSetSizeConstraintFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g. `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:waf/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:waf/SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch:SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch", "description": "Specifies where in a web request to look for snippets of malicious SQL code.\n", "language": { "python": { "mapCase": false } } }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `field_to_match` before inspecting a request for a match.\ne.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_SqlInjectionMatchTuple.html#WAF-Type-SqlInjectionMatchTuple-TextTransformation)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fieldToMatch", "textTransformation" ] }, "aws:waf/SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch:SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g. `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:waf/WebAclDefaultAction:WebAclDefaultAction": { "properties": { "type": { "type": "string", "description": "The rule type, either `REGULAR`, as defined by [Rule](http://docs.aws.amazon.com/waf/latest/APIReference/API_Rule.html), `RATE_BASED`, as defined by [RateBasedRule](http://docs.aws.amazon.com/waf/latest/APIReference/API_RateBasedRule.html), or `GROUP`, as defined by [RuleGroup](https://docs.aws.amazon.com/waf/latest/APIReference/API_RuleGroup.html). The default is REGULAR. If you add a RATE_BASED rule, you need to set `type` as `RATE_BASED`. If you add a GROUP rule, you need to set `type` as `GROUP`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:waf/WebAclLoggingConfiguration:WebAclLoggingConfiguration": { "properties": { "logDestination": { "type": "string", "description": "Amazon Resource Name (ARN) of Kinesis Firehose Delivery Stream\n", "language": { "python": { "mapCase": false } } }, "redactedFields": { "$ref": "#/types/aws:waf/WebAclLoggingConfigurationRedactedFields:WebAclLoggingConfigurationRedactedFields", "description": "Configuration block containing parts of the request that you want redacted from the logs. Detailed below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "logDestination" ] }, "aws:waf/WebAclLoggingConfigurationRedactedFields:WebAclLoggingConfigurationRedactedFields": { "properties": { "fieldToMatches": { "type": "array", "items": { "$ref": "#/types/aws:waf/WebAclLoggingConfigurationRedactedFieldsFieldToMatch:WebAclLoggingConfigurationRedactedFieldsFieldToMatch" }, "description": "Set of configuration blocks for fields to redact. Detailed below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fieldToMatches" ] }, "aws:waf/WebAclLoggingConfigurationRedactedFieldsFieldToMatch:WebAclLoggingConfigurationRedactedFieldsFieldToMatch": { "properties": { "data": { "type": "string", "description": "When the value of `type` is `HEADER`, enter the name of the header that you want the WAF to search, for example, `User-Agent` or `Referer`. If the value of `type` is any other value, omit `data`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The rule type, either `REGULAR`, as defined by [Rule](http://docs.aws.amazon.com/waf/latest/APIReference/API_Rule.html), `RATE_BASED`, as defined by [RateBasedRule](http://docs.aws.amazon.com/waf/latest/APIReference/API_RateBasedRule.html), or `GROUP`, as defined by [RuleGroup](https://docs.aws.amazon.com/waf/latest/APIReference/API_RuleGroup.html). The default is REGULAR. If you add a RATE_BASED rule, you need to set `type` as `RATE_BASED`. If you add a GROUP rule, you need to set `type` as `GROUP`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:waf/WebAclRule:WebAclRule": { "properties": { "action": { "$ref": "#/types/aws:waf/WebAclRuleAction:WebAclRuleAction", "description": "The action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Not used if `type` is `GROUP`.\n", "language": { "python": { "mapCase": false } } }, "overrideAction": { "$ref": "#/types/aws:waf/WebAclRuleOverrideAction:WebAclRuleOverrideAction", "description": "Override the action that a group requests CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Only used if `type` is `GROUP`.\n", "language": { "python": { "mapCase": false } } }, "priority": { "type": "integer", "description": "Specifies the order in which the rules in a WebACL are evaluated.\nRules with a lower value are evaluated before rules with a higher value.\n", "language": { "python": { "mapCase": false } } }, "ruleId": { "type": "string", "description": "ID of the associated WAF (Global) rule (e.g. `aws.waf.Rule`). WAF (Regional) rules cannot be used.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The rule type, either `REGULAR`, as defined by [Rule](http://docs.aws.amazon.com/waf/latest/APIReference/API_Rule.html), `RATE_BASED`, as defined by [RateBasedRule](http://docs.aws.amazon.com/waf/latest/APIReference/API_RateBasedRule.html), or `GROUP`, as defined by [RuleGroup](https://docs.aws.amazon.com/waf/latest/APIReference/API_RuleGroup.html). The default is REGULAR. If you add a RATE_BASED rule, you need to set `type` as `RATE_BASED`. If you add a GROUP rule, you need to set `type` as `GROUP`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "priority", "ruleId" ] }, "aws:waf/WebAclRuleAction:WebAclRuleAction": { "properties": { "type": { "type": "string", "description": "The rule type, either `REGULAR`, as defined by [Rule](http://docs.aws.amazon.com/waf/latest/APIReference/API_Rule.html), `RATE_BASED`, as defined by [RateBasedRule](http://docs.aws.amazon.com/waf/latest/APIReference/API_RateBasedRule.html), or `GROUP`, as defined by [RuleGroup](https://docs.aws.amazon.com/waf/latest/APIReference/API_RuleGroup.html). The default is REGULAR. If you add a RATE_BASED rule, you need to set `type` as `RATE_BASED`. If you add a GROUP rule, you need to set `type` as `GROUP`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:waf/WebAclRuleOverrideAction:WebAclRuleOverrideAction": { "properties": { "type": { "type": "string", "description": "The rule type, either `REGULAR`, as defined by [Rule](http://docs.aws.amazon.com/waf/latest/APIReference/API_Rule.html), `RATE_BASED`, as defined by [RateBasedRule](http://docs.aws.amazon.com/waf/latest/APIReference/API_RateBasedRule.html), or `GROUP`, as defined by [RuleGroup](https://docs.aws.amazon.com/waf/latest/APIReference/API_RuleGroup.html). The default is REGULAR. If you add a RATE_BASED rule, you need to set `type` as `RATE_BASED`. If you add a GROUP rule, you need to set `type` as `GROUP`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:waf/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:waf/XssMatchSetXssMatchTupleFieldToMatch:XssMatchSetXssMatchTupleFieldToMatch", "description": "Specifies where in a web request to look for cross-site scripting attacks.\n", "language": { "python": { "mapCase": false } } }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `target_string` before inspecting a request for a match.\ne.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_XssMatchTuple.html#WAF-Type-XssMatchTuple-TextTransformation)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fieldToMatch", "textTransformation" ] }, "aws:waf/XssMatchSetXssMatchTupleFieldToMatch:XssMatchSetXssMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g. `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafregional/ByteMatchSetByteMatchTupleFieldToMatch:ByteMatchSetByteMatchTupleFieldToMatch", "description": "Settings for the ByteMatchTuple. FieldToMatch documented below.\n", "language": { "python": { "mapCase": false } } }, "positionalConstraint": { "type": "string", "description": "Within the portion of a web request that you want to search.\n", "language": { "python": { "mapCase": false } } }, "targetString": { "type": "string", "description": "The value that you want AWS WAF to search for. The maximum length of the value is 50 bytes.\n", "language": { "python": { "mapCase": false } } }, "textTransformation": { "type": "string", "description": "The formatting way for web request.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fieldToMatch", "positionalConstraint", "textTransformation" ] }, "aws:wafregional/ByteMatchSetByteMatchTupleFieldToMatch:ByteMatchSetByteMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When the value of Type is HEADER, enter the name of the header that you want AWS WAF to search, for example, User-Agent or Referer. If the value of Type is any other value, omit Data.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint": { "properties": { "type": { "type": "string", "description": "The type of geographical area you want AWS WAF to search for. Currently Country is the only valid value.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The country that you want AWS WAF to search for.\nThis is the two-letter country code, e.g. `US`, `CA`, `RU`, `CN`, etc.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_GeoMatchConstraint.html) for all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type", "value" ] }, "aws:wafregional/IpSetIpSetDescriptor:IpSetIpSetDescriptor": { "properties": { "type": { "type": "string", "description": "The string like IPV4 or IPV6.\n", "language": { "python": { "mapCase": false } } }, "value": { "type": "string", "description": "The CIDR notation.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type", "value" ] }, "aws:wafregional/RateBasedRulePredicate:RateBasedRulePredicate": { "properties": { "dataId": { "type": "string", "description": "A unique identifier for a predicate in the rule, such as Byte Match Set ID or IPSet ID.\n", "language": { "python": { "mapCase": false } } }, "negated": { "type": "boolean", "description": "Set this to `false` if you want to allow, block, or count requests\nbased on the settings in the specified `ByteMatchSet`, `IPSet`, `SqlInjectionMatchSet`, `XssMatchSet`, or `SizeConstraintSet`.\nFor example, if an IPSet includes the IP address `192.0.2.44`, AWS WAF will allow or block requests based on that IP address.\nIf set to `true`, AWS WAF will allow, block, or count requests based on all IP addresses _except_ `192.0.2.44`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of predicate in a rule. Valid values: `ByteMatch`, `GeoMatch`, `IPMatch`, `RegexMatch`, `SizeConstraint`, `SqlInjectionMatch`, or `XssMatch`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dataId", "negated", "type" ] }, "aws:wafregional/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafregional/RegexMatchSetRegexMatchTupleFieldToMatch:RegexMatchSetRegexMatchTupleFieldToMatch", "description": "The part of a web request that you want to search, such as a specified header or a query string.\n", "language": { "python": { "mapCase": false } } }, "regexPatternSetId": { "type": "string", "description": "The ID of a `WAF Regex Pattern Set`.\n", "language": { "python": { "mapCase": false } } }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\ne.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-TextTransformation)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fieldToMatch", "regexPatternSetId", "textTransformation" ] }, "aws:wafregional/RegexMatchSetRegexMatchTupleFieldToMatch:RegexMatchSetRegexMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g. `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/RuleGroupActivatedRule:RuleGroupActivatedRule": { "properties": { "action": { "$ref": "#/types/aws:wafregional/RuleGroupActivatedRuleAction:RuleGroupActivatedRuleAction", "description": "Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule.\n", "language": { "python": { "mapCase": false } } }, "priority": { "type": "integer", "description": "Specifies the order in which the rules are evaluated. Rules with a lower value are evaluated before rules with a higher value.\n", "language": { "python": { "mapCase": false } } }, "ruleId": { "type": "string", "description": "The ID of a `waf_regional_rule`\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The rule type, either `REGULAR`, `RATE_BASED`, or `GROUP`. Defaults to `REGULAR`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "action", "priority", "ruleId" ] }, "aws:wafregional/RuleGroupActivatedRuleAction:RuleGroupActivatedRuleAction": { "properties": { "type": { "type": "string", "description": "The rule type, either `REGULAR`, `RATE_BASED`, or `GROUP`. Defaults to `REGULAR`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/RulePredicate:RulePredicate": { "properties": { "dataId": { "type": "string", "language": { "python": { "mapCase": false } } }, "negated": { "type": "boolean", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "dataId", "negated", "type" ] }, "aws:wafregional/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint": { "properties": { "comparisonOperator": { "type": "string", "description": "The type of comparison you want to perform.\ne.g. `EQ`, `NE`, `LT`, `GT`.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_SizeConstraint.html) for all supported values.\n", "language": { "python": { "mapCase": false } } }, "fieldToMatch": { "$ref": "#/types/aws:wafregional/SizeConstraintSetSizeConstraintFieldToMatch:SizeConstraintSetSizeConstraintFieldToMatch", "description": "Specifies where in a web request to look for the size constraint.\n", "language": { "python": { "mapCase": false } } }, "size": { "type": "integer", "description": "The size in bytes that you want to compare against the size of the specified `field_to_match`.\nValid values are between 0 - 21474836480 bytes (0 - 20 GB).\n", "language": { "python": { "mapCase": false } } }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `field_to_match` before inspecting a request for a match.\ne.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_SizeConstraint.html#WAF-Type-SizeConstraint-TextTransformation)\nfor all supported values.\n**Note:** if you choose `BODY` as `type`, you must choose `NONE` because CloudFront forwards only the first 8192 bytes for inspection.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "comparisonOperator", "fieldToMatch", "size", "textTransformation" ] }, "aws:wafregional/SizeConstraintSetSizeConstraintFieldToMatch:SizeConstraintSetSizeConstraintFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g. `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch:SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch", "description": "Specifies where in a web request to look for snippets of malicious SQL code.\n", "language": { "python": { "mapCase": false } } }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `field_to_match` before inspecting a request for a match.\ne.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_regional_SqlInjectionMatchTuple.html#WAF-Type-regional_SqlInjectionMatchTuple-TextTransformation)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fieldToMatch", "textTransformation" ] }, "aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch:SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g. `HEADER`, `METHOD` or `BODY`.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_regional_FieldToMatch.html)\nfor all supported values.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/WebAclDefaultAction:WebAclDefaultAction": { "properties": { "type": { "type": "string", "description": "Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. e.g. `ALLOW`, `BLOCK` or `COUNT`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/WebAclLoggingConfiguration:WebAclLoggingConfiguration": { "properties": { "logDestination": { "type": "string", "description": "Amazon Resource Name (ARN) of Kinesis Firehose Delivery Stream\n", "language": { "python": { "mapCase": false } } }, "redactedFields": { "$ref": "#/types/aws:wafregional/WebAclLoggingConfigurationRedactedFields:WebAclLoggingConfigurationRedactedFields", "description": "Configuration block containing parts of the request that you want redacted from the logs. Detailed below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "logDestination" ] }, "aws:wafregional/WebAclLoggingConfigurationRedactedFields:WebAclLoggingConfigurationRedactedFields": { "properties": { "fieldToMatches": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/WebAclLoggingConfigurationRedactedFieldsFieldToMatch:WebAclLoggingConfigurationRedactedFieldsFieldToMatch" }, "description": "Set of configuration blocks for fields to redact. Detailed below.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fieldToMatches" ] }, "aws:wafregional/WebAclLoggingConfigurationRedactedFieldsFieldToMatch:WebAclLoggingConfigurationRedactedFieldsFieldToMatch": { "properties": { "data": { "type": "string", "description": "When the value of `type` is `HEADER`, enter the name of the header that you want the WAF to search, for example, `User-Agent` or `Referer`. If the value of `type` is any other value, omit `data`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. e.g. `ALLOW`, `BLOCK` or `COUNT`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/WebAclRule:WebAclRule": { "properties": { "action": { "$ref": "#/types/aws:wafregional/WebAclRuleAction:WebAclRuleAction", "description": "Configuration block of the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Not used if `type` is `GROUP`. Detailed below.\n", "language": { "python": { "mapCase": false } } }, "overrideAction": { "$ref": "#/types/aws:wafregional/WebAclRuleOverrideAction:WebAclRuleOverrideAction", "description": "Configuration block of the override the action that a group requests CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Only used if `type` is `GROUP`. Detailed below.\n", "language": { "python": { "mapCase": false } } }, "priority": { "type": "integer", "description": "Specifies the order in which the rules in a WebACL are evaluated.\nRules with a lower value are evaluated before rules with a higher value.\n", "language": { "python": { "mapCase": false } } }, "ruleId": { "type": "string", "description": "ID of the associated WAF (Regional) rule (e.g. `aws.wafregional.Rule`). WAF (Global) rules cannot be used.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. e.g. `ALLOW`, `BLOCK` or `COUNT`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "priority", "ruleId" ] }, "aws:wafregional/WebAclRuleAction:WebAclRuleAction": { "properties": { "type": { "type": "string", "description": "Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. e.g. `ALLOW`, `BLOCK` or `COUNT`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/WebAclRuleOverrideAction:WebAclRuleOverrideAction": { "properties": { "type": { "type": "string", "description": "Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. e.g. `ALLOW`, `BLOCK` or `COUNT`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafregional/XssMatchSetXssMatchTupleFieldToMatch:XssMatchSetXssMatchTupleFieldToMatch", "description": "Specifies where in a web request to look for cross-site scripting attacks.\n", "language": { "python": { "mapCase": false } } }, "textTransformation": { "type": "string", "description": "Which text transformation, if any, to perform on the web request before inspecting the request for cross-site scripting attacks.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "fieldToMatch", "textTransformation" ] }, "aws:wafregional/XssMatchSetXssMatchTupleFieldToMatch:XssMatchSetXssMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When the value of `type` is `HEADER`, enter the name of the header that you want the WAF to search, for example, `User-Agent` or `Referer`. If the value of `type` is any other value, omit `data`.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string. e.g. `HEADER` or `METHOD`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "type" ] }, "aws:wafv2/RegexPatternSetRegularExpression:RegexPatternSetRegularExpression": { "properties": { "regexString": { "type": "string", "description": "The string representing the regular expression, see the AWS WAF [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-regex-pattern-set-creating.html) for more information.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "regexString" ] }, "aws:wafv2/getRegexPatternSetRegularExpression:getRegexPatternSetRegularExpression": { "properties": { "regexString": { "type": "string", "description": "(Required) The string representing the regular expression, see the AWS WAF [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-regex-pattern-set-creating.html) for more information.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "regexString" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:worklink/FleetIdentityProvider:FleetIdentityProvider": { "properties": { "samlMetadata": { "type": "string", "description": "The SAML metadata document provided by the customer’s identity provider.\n", "language": { "python": { "mapCase": false } } }, "type": { "type": "string", "description": "The type of identity provider.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "samlMetadata", "type" ] }, "aws:worklink/FleetNetwork:FleetNetwork": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs associated with access to the provided subnets.\n", "language": { "python": { "mapCase": false } } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs used for X-ENI connections from Amazon WorkLink rendering containers.\n", "language": { "python": { "mapCase": false } } }, "vpcId": { "type": "string", "description": "The VPC ID with connectivity to associated websites.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "securityGroupIds", "subnetIds", "vpcId" ] }, "aws:workspaces/DirectorySelfServicePermissions:DirectorySelfServicePermissions": { "properties": { "changeComputeType": { "type": "boolean", "description": "Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default `false`.\n", "language": { "python": { "mapCase": false } } }, "increaseVolumeSize": { "type": "boolean", "description": "Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default `false`.\n", "language": { "python": { "mapCase": false } } }, "rebuildWorkspace": { "type": "boolean", "description": "Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default `false`.\n", "language": { "python": { "mapCase": false } } }, "restartWorkspace": { "type": "boolean", "description": "Whether WorkSpaces directory users can restart their workspace. Default `true`.\n", "language": { "python": { "mapCase": false } } }, "switchRunningMode": { "type": "boolean", "description": "Whether WorkSpaces directory users can switch the running mode of their workspace. Default `false`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object" }, "aws:workspaces/IpGroupRule:IpGroupRule": { "properties": { "description": { "type": "string", "description": "The description.\n", "language": { "python": { "mapCase": false } } }, "source": { "type": "string", "description": "The IP address range, in CIDR notation, e.g. `10.0.0.0/16`\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "source" ] }, "aws:workspaces/WorkspaceWorkspaceProperties:WorkspaceWorkspaceProperties": { "properties": { "computeTypeName": { "type": "string", "description": "The compute type. For more information, see [Amazon WorkSpaces Bundles](http://aws.amazon.com/workspaces/details/#Amazon_WorkSpaces_Bundles). Valid values are `VALUE`, `STANDARD`, `PERFORMANCE`, `POWER`, `GRAPHICS`, `POWERPRO` and `GRAPHICSPRO`.\n", "language": { "python": { "mapCase": false } } }, "rootVolumeSizeGib": { "type": "integer", "description": "The size of the root volume.\n", "language": { "python": { "mapCase": false } } }, "runningMode": { "type": "string", "description": "The running mode. For more information, see [Manage the WorkSpace Running Mode](https://docs.aws.amazon.com/workspaces/latest/adminguide/running-mode.html). Valid values are `AUTO_STOP` and `ALWAYS_ON`.\n", "language": { "python": { "mapCase": false } } }, "runningModeAutoStopTimeoutInMinutes": { "type": "integer", "description": "The time after a user logs off when WorkSpaces are automatically stopped. Configured in 60-minute intervals.\n", "language": { "python": { "mapCase": false } } }, "userVolumeSizeGib": { "type": "integer", "description": "The size of the user storage.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "runningModeAutoStopTimeoutInMinutes" ] } } }, "aws:workspaces/getBundleComputeType:getBundleComputeType": { "properties": { "name": { "type": "string", "description": "The name of the bundle. You cannot combine this parameter with `bundle_id`.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:workspaces/getBundleRootStorage:getBundleRootStorage": { "properties": { "capacity": { "type": "string", "description": "The size of the user storage.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "capacity" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:workspaces/getBundleUserStorage:getBundleUserStorage": { "properties": { "capacity": { "type": "string", "description": "The size of the user storage.\n", "language": { "python": { "mapCase": false } } } }, "type": "object", "required": [ "capacity" ], "language": { "nodejs": { "requiredInputs": [] } } } }, "provider": { "description": "The provider type for the aws package. By default, resources use package-wide configuration\nsettings, however an explicit `Provider` instance may be created and passed during resource\nconstruction to achieve fine-grained programmatic control over provider settings. See the\n[documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information.\n", "inputProperties": { "accessKey": { "type": "string", "description": "The access key for API operations. You can retrieve this from the 'Security \u0026 Credentials' section of the AWS console.\n" }, "allowedAccountIds": { "type": "array", "items": { "type": "string" } }, "assumeRole": { "$ref": "#/types/aws:index/ProviderAssumeRole:ProviderAssumeRole" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:index/ProviderEndpoint:ProviderEndpoint" } }, "forbiddenAccountIds": { "type": "array", "items": { "type": "string" } }, "ignoreTags": { "$ref": "#/types/aws:index/ProviderIgnoreTags:ProviderIgnoreTags", "description": "Configuration block with settings to ignore resource tags across all resources.\n" }, "insecure": { "type": "boolean", "description": "Explicitly allow the provider to perform \"insecure\" SSL requests. If omitted,default value is `false`\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.\n" }, "profile": { "type": "string", "description": "The profile for API operations. If not set, the default profile created with `aws configure` will be used.\n", "defaultInfo": { "environment": [ "AWS_PROFILE" ] } }, "region": { "type": "string", "$ref": "#/types/aws:index/region:Region", "description": "The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc.\n", "defaultInfo": { "environment": [ "AWS_REGION", "AWS_DEFAULT_REGION" ] } }, "s3ForcePathStyle": { "type": "boolean", "description": "Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By\ndefault, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY).\nSpecific to the Amazon S3 service.\n" }, "secretKey": { "type": "string", "description": "The secret key for API operations. You can retrieve this from the 'Security \u0026 Credentials' section of the AWS console.\n" }, "sharedCredentialsFile": { "type": "string", "description": "The path to the shared credentials file. If not set this defaults to ~/.aws/credentials.\n" }, "skipCredentialsValidation": { "type": "boolean", "description": "Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS\navailable/implemented.\n" }, "skipGetEc2Platforms": { "type": "boolean", "description": "Skip getting the supported EC2 platforms. Used by users that don't have ec2:DescribeAccountAttributes permissions.\n" }, "skipMetadataApiCheck": { "type": "boolean" }, "skipRegionValidation": { "type": "boolean", "description": "Skip static validation of region name. Used by users of alternative AWS-like APIs or users w/ access to regions that are\nnot public (yet).\n" }, "skipRequestingAccountId": { "type": "boolean", "description": "Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.\n" }, "token": { "type": "string", "description": "session token. A session token is only required if you are using temporary security credentials.\n" } } }, "resources": { "aws:accessanalyzer/analyzer:Analyzer": { "description": "Manages an Access Analyzer Analyzer. More information can be found in the [Access Analyzer User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.accessanalyzer.Analyzer(\"example\", {\n analyzerName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.accessanalyzer.Analyzer(\"example\", analyzer_name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.AccessAnalyzer.Analyzer(\"example\", new Aws.AccessAnalyzer.AnalyzerArgs\n {\n AnalyzerName = \"example\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/accessanalyzer\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = accessanalyzer.NewAnalyzer(ctx, \"example\", \u0026accessanalyzer.AnalyzerArgs{\n\t\t\tAnalyzerName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "analyzerName": { "type": "string", "description": "Name of the Analyzer.\n" }, "arn": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "type": { "type": "string", "description": "Type of Analyzer. Valid value is currently only `ACCOUNT`. Defaults to `ACCOUNT`.\n" } }, "required": [ "analyzerName", "arn" ], "inputProperties": { "analyzerName": { "type": "string", "description": "Name of the Analyzer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "type": { "type": "string", "description": "Type of Analyzer. Valid value is currently only `ACCOUNT`. Defaults to `ACCOUNT`.\n" } }, "requiredInputs": [ "analyzerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Analyzer resources.\n", "properties": { "analyzerName": { "type": "string", "description": "Name of the Analyzer.\n" }, "arn": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "type": { "type": "string", "description": "Type of Analyzer. Valid value is currently only `ACCOUNT`. Defaults to `ACCOUNT`.\n" } }, "type": "object" } }, "aws:acm/certificate:Certificate": { "description": "The ACM certificate resource allows requesting and management of certificates\nfrom the Amazon Certificate Manager.\n\nIt deals with requesting certificates and managing their attributes and life-cycle.\nThis resource does not deal with validation of a certificate but can provide inputs\nfor other resources implementing the validation. It does not wait for a certificate to be issued.\nUse a `aws.acm.CertificateValidation` resource for this.\n\nMost commonly, this resource is used together with `aws.route53.Record` and\n`aws.acm.CertificateValidation` to request a DNS validated certificate,\ndeploy the required validation records and wait for validation to complete.\n\nDomain validation through E-Mail is also supported but should be avoided as it requires a manual step outside\nof this provider.\n\nIt's recommended to specify `create_before_destroy = true` in a [lifecycle](https://www.terraform.io/docs/configuration/resources.html#lifecycle) block to replace a certificate\nwhich is currently in use (eg, by `aws.lb.Listener`).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Certificate creation\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cert = new aws.acm.Certificate(\"cert\", {\n domainName: \"example.com\",\n tags: {\n Environment: \"test\",\n },\n validationMethod: \"DNS\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncert = aws.acm.Certificate(\"cert\",\n domain_name=\"example.com\",\n tags={\n \"Environment\": \"test\",\n },\n validation_method=\"DNS\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var cert = new Aws.Acm.Certificate(\"cert\", new Aws.Acm.CertificateArgs\n {\n DomainName = \"example.com\",\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n ValidationMethod = \"DNS\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = acm.NewCertificate(ctx, \"cert\", \u0026acm.CertificateArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tValidationMethod: pulumi.String(\"DNS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Importing an existing certificate\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as tls from \"@pulumi/tls\";\n\nconst examplePrivateKey = new tls.PrivateKey(\"example\", {\n algorithm: \"RSA\",\n});\nconst exampleSelfSignedCert = new tls.SelfSignedCert(\"example\", {\n allowedUses: [\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n ],\n keyAlgorithm: \"RSA\",\n privateKeyPem: examplePrivateKey.privateKeyPem,\n subjects: [{\n commonName: \"example.com\",\n organization: \"ACME Examples, Inc\",\n }],\n validityPeriodHours: 12,\n});\nconst cert = new aws.acm.Certificate(\"cert\", {\n certificateBody: exampleSelfSignedCert.certPem,\n privateKey: examplePrivateKey.privateKeyPem,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_tls as tls\n\nexample_private_key = tls.PrivateKey(\"examplePrivateKey\", algorithm=\"RSA\")\nexample_self_signed_cert = tls.SelfSignedCert(\"exampleSelfSignedCert\",\n allowed_uses=[\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n ],\n key_algorithm=\"RSA\",\n private_key_pem=example_private_key.private_key_pem,\n subjects=[{\n \"commonName\": \"example.com\",\n \"organization\": \"ACME Examples, Inc\",\n }],\n validity_period_hours=12)\ncert = aws.acm.Certificate(\"cert\",\n certificate_body=example_self_signed_cert.cert_pem,\n private_key=example_private_key.private_key_pem)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Tls = Pulumi.Tls;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var examplePrivateKey = new Tls.PrivateKey(\"examplePrivateKey\", new Tls.PrivateKeyArgs\n {\n Algorithm = \"RSA\",\n });\n var exampleSelfSignedCert = new Tls.SelfSignedCert(\"exampleSelfSignedCert\", new Tls.SelfSignedCertArgs\n {\n AllowedUses = \n {\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n },\n KeyAlgorithm = \"RSA\",\n PrivateKeyPem = examplePrivateKey.PrivateKeyPem,\n Subjects = \n {\n new Tls.Inputs.SelfSignedCertSubjectArgs\n {\n CommonName = \"example.com\",\n Organization = \"ACME Examples, Inc\",\n },\n },\n ValidityPeriodHours = 12,\n });\n var cert = new Aws.Acm.Certificate(\"cert\", new Aws.Acm.CertificateArgs\n {\n CertificateBody = exampleSelfSignedCert.CertPem,\n PrivateKey = examplePrivateKey.PrivateKeyPem,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the certificate\n" }, "certificateAuthorityArn": { "type": "string", "description": "ARN of an ACMPCA\n" }, "certificateBody": { "type": "string", "description": "The certificate's PEM-formatted public key\n" }, "certificateChain": { "type": "string", "description": "The certificate's PEM-formatted chain\n* Creating a private CA issued certificate\n" }, "domainName": { "type": "string", "description": "A domain name for which the certificate should be issued\n" }, "domainValidationOptions": { "type": "array", "items": { "$ref": "#/types/aws:acm/CertificateDomainValidationOption:CertificateDomainValidationOption" }, "description": "A list of attributes to feed into other resources to complete certificate validation. Can have more than one element, e.g. if SANs are defined. Only set if `DNS`-validation was used.\n" }, "options": { "$ref": "#/types/aws:acm/CertificateOptions:CertificateOptions", "description": "Configuration block used to set certificate options. Detailed below.\n* Importing an existing certificate\n" }, "privateKey": { "type": "string", "description": "The certificate's PEM-formatted private key\n" }, "status": { "type": "string", "description": "Status of the certificate.\n" }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "A list of domains that should be SANs in the issued certificate. To remove all elements of a previously configured list, set this value equal to an empty list (`[]`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "validationEmails": { "type": "array", "items": { "type": "string" }, "description": "A list of addresses that received a validation E-Mail. Only set if `EMAIL`-validation was used.\n" }, "validationMethod": { "type": "string", "description": "Which method to use for validation. `DNS` or `EMAIL` are valid, `NONE` can be used for certificates that were imported into ACM and then into state managed by this provider.\n" } }, "required": [ "arn", "domainName", "domainValidationOptions", "status", "subjectAlternativeNames", "validationEmails", "validationMethod" ], "inputProperties": { "certificateAuthorityArn": { "type": "string", "description": "ARN of an ACMPCA\n" }, "certificateBody": { "type": "string", "description": "The certificate's PEM-formatted public key\n" }, "certificateChain": { "type": "string", "description": "The certificate's PEM-formatted chain\n* Creating a private CA issued certificate\n" }, "domainName": { "type": "string", "description": "A domain name for which the certificate should be issued\n" }, "options": { "$ref": "#/types/aws:acm/CertificateOptions:CertificateOptions", "description": "Configuration block used to set certificate options. Detailed below.\n* Importing an existing certificate\n" }, "privateKey": { "type": "string", "description": "The certificate's PEM-formatted private key\n" }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "A list of domains that should be SANs in the issued certificate. To remove all elements of a previously configured list, set this value equal to an empty list (`[]`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "validationMethod": { "type": "string", "description": "Which method to use for validation. `DNS` or `EMAIL` are valid, `NONE` can be used for certificates that were imported into ACM and then into state managed by this provider.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Certificate resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the certificate\n" }, "certificateAuthorityArn": { "type": "string", "description": "ARN of an ACMPCA\n" }, "certificateBody": { "type": "string", "description": "The certificate's PEM-formatted public key\n" }, "certificateChain": { "type": "string", "description": "The certificate's PEM-formatted chain\n* Creating a private CA issued certificate\n" }, "domainName": { "type": "string", "description": "A domain name for which the certificate should be issued\n" }, "domainValidationOptions": { "type": "array", "items": { "$ref": "#/types/aws:acm/CertificateDomainValidationOption:CertificateDomainValidationOption" }, "description": "A list of attributes to feed into other resources to complete certificate validation. Can have more than one element, e.g. if SANs are defined. Only set if `DNS`-validation was used.\n" }, "options": { "$ref": "#/types/aws:acm/CertificateOptions:CertificateOptions", "description": "Configuration block used to set certificate options. Detailed below.\n* Importing an existing certificate\n" }, "privateKey": { "type": "string", "description": "The certificate's PEM-formatted private key\n" }, "status": { "type": "string", "description": "Status of the certificate.\n" }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "A list of domains that should be SANs in the issued certificate. To remove all elements of a previously configured list, set this value equal to an empty list (`[]`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "validationEmails": { "type": "array", "items": { "type": "string" }, "description": "A list of addresses that received a validation E-Mail. Only set if `EMAIL`-validation was used.\n" }, "validationMethod": { "type": "string", "description": "Which method to use for validation. `DNS` or `EMAIL` are valid, `NONE` can be used for certificates that were imported into ACM and then into state managed by this provider.\n" } }, "type": "object" } }, "aws:acm/certificateValidation:CertificateValidation": { "description": "This resource represents a successful validation of an ACM certificate in concert\nwith other resources.\n\nMost commonly, this resource is used together with `aws.route53.Record` and\n`aws.acm.Certificate` to request a DNS validated certificate,\ndeploy the required validation records and wait for validation to complete.\n\n\u003e **WARNING:** This resource implements a part of the validation workflow. It does not represent a real-world entity in AWS, therefore changing or deleting this resource on its own has no immediate effect.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### DNS Validation with Route 53\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst certCertificate = new aws.acm.Certificate(\"cert\", {\n domainName: \"example.com\",\n validationMethod: \"DNS\",\n});\nconst zone = pulumi.output(aws.route53.getZone({\n name: \"example.com.\",\n privateZone: false,\n}, { async: true }));\nconst certValidation = new aws.route53.Record(\"cert_validation\", {\n name: certCertificate.domainValidationOptions[0].resourceRecordName,\n records: [certCertificate.domainValidationOptions[0].resourceRecordValue],\n ttl: 60,\n type: certCertificate.domainValidationOptions[0].resourceRecordType,\n zoneId: zone.zoneId!,\n});\nconst certCertificateValidation = new aws.acm.CertificateValidation(\"cert\", {\n certificateArn: certCertificate.arn,\n validationRecordFqdns: [certValidation.fqdn],\n});\nconst frontEnd = new aws.lb.Listener(\"front_end\", {\n // [...]\n certificateArn: certCertificateValidation.certificateArn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncert_certificate = aws.acm.Certificate(\"certCertificate\",\n domain_name=\"example.com\",\n validation_method=\"DNS\")\nzone = aws.route53.get_zone(name=\"example.com.\",\n private_zone=False)\ncert_validation = aws.route53.Record(\"certValidation\",\n name=cert_certificate.domain_validation_options[0][\"resourceRecordName\"],\n records=[cert_certificate.domain_validation_options[0][\"resourceRecordValue\"]],\n ttl=60,\n type=cert_certificate.domain_validation_options[0][\"resourceRecordType\"],\n zone_id=zone.zone_id)\ncert_certificate_validation = aws.acm.CertificateValidation(\"certCertificateValidation\",\n certificate_arn=cert_certificate.arn,\n validation_record_fqdns=[cert_validation.fqdn])\nfront_end = aws.lb.Listener(\"frontEnd\", certificate_arn=cert_certificate_validation.certificate_arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var certCertificate = new Aws.Acm.Certificate(\"certCertificate\", new Aws.Acm.CertificateArgs\n {\n DomainName = \"example.com\",\n ValidationMethod = \"DNS\",\n });\n var zone = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs\n {\n Name = \"example.com.\",\n PrivateZone = false,\n }));\n var certValidation = new Aws.Route53.Record(\"certValidation\", new Aws.Route53.RecordArgs\n {\n Name = certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[0].ResourceRecordName),\n Records = \n {\n certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[0].ResourceRecordValue),\n },\n Ttl = 60,\n Type = certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[0].ResourceRecordType),\n ZoneId = zone.Apply(zone =\u003e zone.ZoneId),\n });\n var certCertificateValidation = new Aws.Acm.CertificateValidation(\"certCertificateValidation\", new Aws.Acm.CertificateValidationArgs\n {\n CertificateArn = certCertificate.Arn,\n ValidationRecordFqdns = \n {\n certValidation.Fqdn,\n },\n });\n var frontEnd = new Aws.LB.Listener(\"frontEnd\", new Aws.LB.ListenerArgs\n {\n CertificateArn = certCertificateValidation.CertificateArn,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Alternative Domains DNS Validation with Route 53\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst certCertificate = new aws.acm.Certificate(\"cert\", {\n domainName: \"example.com\",\n subjectAlternativeNames: [\n \"www.example.com\",\n \"example.org\",\n ],\n validationMethod: \"DNS\",\n});\nconst zone = pulumi.output(aws.route53.getZone({\n name: \"example.com.\",\n privateZone: false,\n}, { async: true }));\nconst zoneAlt = pulumi.output(aws.route53.getZone({\n name: \"example.org.\",\n privateZone: false,\n}, { async: true }));\nconst certValidation = new aws.route53.Record(\"cert_validation\", {\n name: certCertificate.domainValidationOptions[0].resourceRecordName,\n records: [certCertificate.domainValidationOptions[0].resourceRecordValue],\n ttl: 60,\n type: certCertificate.domainValidationOptions[0].resourceRecordType,\n zoneId: zone.zoneId!,\n});\nconst certValidationAlt1 = new aws.route53.Record(\"cert_validation_alt1\", {\n name: certCertificate.domainValidationOptions[1].resourceRecordName,\n records: [certCertificate.domainValidationOptions[1].resourceRecordValue],\n ttl: 60,\n type: certCertificate.domainValidationOptions[1].resourceRecordType,\n zoneId: zone.zoneId!,\n});\nconst certValidationAlt2 = new aws.route53.Record(\"cert_validation_alt2\", {\n name: certCertificate.domainValidationOptions[2].resourceRecordName,\n records: [certCertificate.domainValidationOptions[2].resourceRecordValue],\n ttl: 60,\n type: certCertificate.domainValidationOptions[2].resourceRecordType,\n zoneId: zoneAlt.zoneId!,\n});\nconst certCertificateValidation = new aws.acm.CertificateValidation(\"cert\", {\n certificateArn: certCertificate.arn,\n validationRecordFqdns: [\n certValidation.fqdn,\n certValidationAlt1.fqdn,\n certValidationAlt2.fqdn,\n ],\n});\nconst frontEnd = new aws.lb.Listener(\"front_end\", {\n // [...]\n certificateArn: certCertificateValidation.certificateArn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncert_certificate = aws.acm.Certificate(\"certCertificate\",\n domain_name=\"example.com\",\n subject_alternative_names=[\n \"www.example.com\",\n \"example.org\",\n ],\n validation_method=\"DNS\")\nzone = aws.route53.get_zone(name=\"example.com.\",\n private_zone=False)\nzone_alt = aws.route53.get_zone(name=\"example.org.\",\n private_zone=False)\ncert_validation = aws.route53.Record(\"certValidation\",\n name=cert_certificate.domain_validation_options[0][\"resourceRecordName\"],\n records=[cert_certificate.domain_validation_options[0][\"resourceRecordValue\"]],\n ttl=60,\n type=cert_certificate.domain_validation_options[0][\"resourceRecordType\"],\n zone_id=zone.zone_id)\ncert_validation_alt1 = aws.route53.Record(\"certValidationAlt1\",\n name=cert_certificate.domain_validation_options[1][\"resourceRecordName\"],\n records=[cert_certificate.domain_validation_options[1][\"resourceRecordValue\"]],\n ttl=60,\n type=cert_certificate.domain_validation_options[1][\"resourceRecordType\"],\n zone_id=zone.zone_id)\ncert_validation_alt2 = aws.route53.Record(\"certValidationAlt2\",\n name=cert_certificate.domain_validation_options[2][\"resourceRecordName\"],\n records=[cert_certificate.domain_validation_options[2][\"resourceRecordValue\"]],\n ttl=60,\n type=cert_certificate.domain_validation_options[2][\"resourceRecordType\"],\n zone_id=zone_alt.zone_id)\ncert_certificate_validation = aws.acm.CertificateValidation(\"certCertificateValidation\",\n certificate_arn=cert_certificate.arn,\n validation_record_fqdns=[\n cert_validation.fqdn,\n cert_validation_alt1.fqdn,\n cert_validation_alt2.fqdn,\n ])\nfront_end = aws.lb.Listener(\"frontEnd\", certificate_arn=cert_certificate_validation.certificate_arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var certCertificate = new Aws.Acm.Certificate(\"certCertificate\", new Aws.Acm.CertificateArgs\n {\n DomainName = \"example.com\",\n SubjectAlternativeNames = \n {\n \"www.example.com\",\n \"example.org\",\n },\n ValidationMethod = \"DNS\",\n });\n var zone = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs\n {\n Name = \"example.com.\",\n PrivateZone = false,\n }));\n var zoneAlt = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs\n {\n Name = \"example.org.\",\n PrivateZone = false,\n }));\n var certValidation = new Aws.Route53.Record(\"certValidation\", new Aws.Route53.RecordArgs\n {\n Name = certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[0].ResourceRecordName),\n Records = \n {\n certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[0].ResourceRecordValue),\n },\n Ttl = 60,\n Type = certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[0].ResourceRecordType),\n ZoneId = zone.Apply(zone =\u003e zone.ZoneId),\n });\n var certValidationAlt1 = new Aws.Route53.Record(\"certValidationAlt1\", new Aws.Route53.RecordArgs\n {\n Name = certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[1].ResourceRecordName),\n Records = \n {\n certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[1].ResourceRecordValue),\n },\n Ttl = 60,\n Type = certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[1].ResourceRecordType),\n ZoneId = zone.Apply(zone =\u003e zone.ZoneId),\n });\n var certValidationAlt2 = new Aws.Route53.Record(\"certValidationAlt2\", new Aws.Route53.RecordArgs\n {\n Name = certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[2].ResourceRecordName),\n Records = \n {\n certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[2].ResourceRecordValue),\n },\n Ttl = 60,\n Type = certCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions[2].ResourceRecordType),\n ZoneId = zoneAlt.Apply(zoneAlt =\u003e zoneAlt.ZoneId),\n });\n var certCertificateValidation = new Aws.Acm.CertificateValidation(\"certCertificateValidation\", new Aws.Acm.CertificateValidationArgs\n {\n CertificateArn = certCertificate.Arn,\n ValidationRecordFqdns = \n {\n certValidation.Fqdn,\n certValidationAlt1.Fqdn,\n certValidationAlt2.Fqdn,\n },\n });\n var frontEnd = new Aws.LB.Listener(\"frontEnd\", new Aws.LB.ListenerArgs\n {\n CertificateArn = certCertificateValidation.CertificateArn,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Email Validation\n\nIn this situation, the resource is simply a waiter for manual email approval of ACM certificates.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst certCertificate = new aws.acm.Certificate(\"cert\", {\n domainName: \"example.com\",\n validationMethod: \"EMAIL\",\n});\nconst certCertificateValidation = new aws.acm.CertificateValidation(\"cert\", {\n certificateArn: certCertificate.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncert_certificate = aws.acm.Certificate(\"certCertificate\",\n domain_name=\"example.com\",\n validation_method=\"EMAIL\")\ncert_certificate_validation = aws.acm.CertificateValidation(\"certCertificateValidation\", certificate_arn=cert_certificate.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var certCertificate = new Aws.Acm.Certificate(\"certCertificate\", new Aws.Acm.CertificateArgs\n {\n DomainName = \"example.com\",\n ValidationMethod = \"EMAIL\",\n });\n var certCertificateValidation = new Aws.Acm.CertificateValidation(\"certCertificateValidation\", new Aws.Acm.CertificateValidationArgs\n {\n CertificateArn = certCertificate.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcertCertificate, err := acm.NewCertificate(ctx, \"certCertificate\", \u0026acm.CertificateArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tValidationMethod: pulumi.String(\"EMAIL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acm.NewCertificateValidation(ctx, \"certCertificateValidation\", \u0026acm.CertificateValidationArgs{\n\t\t\tCertificateArn: certCertificate.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate that is being validated.\n" }, "validationRecordFqdns": { "type": "array", "items": { "type": "string" }, "description": "List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation\n" } }, "required": [ "certificateArn" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate that is being validated.\n" }, "validationRecordFqdns": { "type": "array", "items": { "type": "string" }, "description": "List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation\n" } }, "requiredInputs": [ "certificateArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering CertificateValidation resources.\n", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate that is being validated.\n" }, "validationRecordFqdns": { "type": "array", "items": { "type": "string" }, "description": "List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation\n" } }, "type": "object" } }, "aws:acmpca/certificateAuthority:CertificateAuthority": { "description": "Provides a resource to manage AWS Certificate Manager Private Certificate Authorities (ACM PCA Certificate Authorities).\n\n\u003e **NOTE:** Creating this resource will leave the certificate authority in a `PENDING_CERTIFICATE` status, which means it cannot yet issue certificates. To complete this setup, you must fully sign the certificate authority CSR available in the `certificate_signing_request` attribute and import the signed certificate using the AWS SDK, CLI or Console. This provider can support another resource to manage that workflow automatically in the future.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acmpca.CertificateAuthority(\"example\", {\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n permanentDeletionTimeInDays: 7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.CertificateAuthority(\"example\",\n certificate_authority_configuration={\n \"keyAlgorithm\": \"RSA_4096\",\n \"signingAlgorithm\": \"SHA512WITHRSA\",\n \"subject\": {\n \"commonName\": \"example.com\",\n },\n },\n permanent_deletion_time_in_days=7)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Acmpca.CertificateAuthority(\"example\", new Aws.Acmpca.CertificateAuthorityArgs\n {\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n PermanentDeletionTimeInDays = 7,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPermanentDeletionTimeInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Enable Certificate Revocation List\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucket = new aws.s3.Bucket(\"example\", {});\nconst acmpcaBucketAccess = pulumi.all([exampleBucket.arn, exampleBucket.arn]).apply(([exampleBucketArn, exampleBucketArn1]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n ],\n principals: [{\n identifiers: [\"acm-pca.amazonaws.com\"],\n type: \"Service\",\n }],\n resources: [\n exampleBucketArn,\n `${exampleBucketArn1}/*`,\n ],\n }],\n}, { async: true }));\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: exampleBucket.id,\n policy: acmpcaBucketAccess.json,\n});\nconst exampleCertificateAuthority = new aws.acmpca.CertificateAuthority(\"example\", {\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n revocationConfiguration: {\n crlConfiguration: {\n customCname: \"crl.example.com\",\n enabled: true,\n expirationInDays: 7,\n s3BucketName: exampleBucket.id,\n },\n },\n}, { dependsOn: [exampleBucketPolicy] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket = aws.s3.Bucket(\"exampleBucket\")\nacmpca_bucket_access = pulumi.Output.all(example_bucket.arn, example_bucket.arn).apply(lambda exampleBucketArn, exampleBucketArn1: aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n ],\n \"principals\": [{\n \"identifiers\": [\"acm-pca.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n \"resources\": [\n example_bucket_arn,\n f\"{example_bucket_arn1}/*\",\n ],\n}]))\nexample_bucket_policy = aws.s3.BucketPolicy(\"exampleBucketPolicy\",\n bucket=example_bucket.id,\n policy=acmpca_bucket_access.json)\nexample_certificate_authority = aws.acmpca.CertificateAuthority(\"exampleCertificateAuthority\",\n certificate_authority_configuration={\n \"keyAlgorithm\": \"RSA_4096\",\n \"signingAlgorithm\": \"SHA512WITHRSA\",\n \"subject\": {\n \"commonName\": \"example.com\",\n },\n },\n revocation_configuration={\n \"crlConfiguration\": {\n \"customCname\": \"crl.example.com\",\n \"enabled\": True,\n \"expirationInDays\": 7,\n \"s3_bucket_name\": example_bucket.id,\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleBucket = new Aws.S3.Bucket(\"exampleBucket\", new Aws.S3.BucketArgs\n {\n });\n var acmpcaBucketAccess = Output.Tuple(exampleBucket.Arn, exampleBucket.Arn).Apply(values =\u003e\n {\n var exampleBucketArn = values.Item1;\n var exampleBucketArn1 = values.Item2;\n return Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"acm-pca.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n Resources = \n {\n exampleBucketArn,\n $\"{exampleBucketArn1}/*\",\n },\n },\n },\n });\n });\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"exampleBucketPolicy\", new Aws.S3.BucketPolicyArgs\n {\n Bucket = exampleBucket.Id,\n Policy = acmpcaBucketAccess.Apply(acmpcaBucketAccess =\u003e acmpcaBucketAccess.Json),\n });\n var exampleCertificateAuthority = new Aws.Acmpca.CertificateAuthority(\"exampleCertificateAuthority\", new Aws.Acmpca.CertificateAuthorityArgs\n {\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n RevocationConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityRevocationConfigurationArgs\n {\n CrlConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs\n {\n CustomCname = \"crl.example.com\",\n Enabled = true,\n ExpirationInDays = 7,\n S3BucketName = exampleBucket.Id,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucket, err := s3.NewBucket(ctx, \"exampleBucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPolicy(ctx, \"exampleBucketPolicy\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucket.ID(),\n\t\t\tPolicy: acmpcaBucketAccess.ApplyT(func(acmpcaBucketAccess iam.GetPolicyDocumentResult) (string, error) {\n\t\t\t\treturn acmpcaBucketAccess.Json, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificateAuthority(ctx, \"exampleCertificateAuthority\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRevocationConfiguration: \u0026acmpca.CertificateAuthorityRevocationConfigurationArgs{\n\t\t\t\tCrlConfiguration: \u0026acmpca.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs{\n\t\t\t\t\tCustomCname: pulumi.String(\"crl.example.com\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tExpirationInDays: pulumi.Int(7),\n\t\t\t\t\tS3BucketName: exampleBucket.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the certificate authority.\n" }, "certificate": { "type": "string", "description": "Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.\n" }, "certificateAuthorityConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityCertificateAuthorityConfiguration:CertificateAuthorityCertificateAuthorityConfiguration", "description": "Nested argument containing algorithms and certificate subject information. Defined below.\n" }, "certificateChain": { "type": "string", "description": "Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.\n" }, "certificateSigningRequest": { "type": "string", "description": "The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.\n" }, "enabled": { "type": "boolean", "description": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.\n" }, "notAfter": { "type": "string", "description": "Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n" }, "notBefore": { "type": "string", "description": "Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n" }, "permanentDeletionTimeInDays": { "type": "integer", "description": "The number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.\n" }, "revocationConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityRevocationConfiguration:CertificateAuthorityRevocationConfiguration", "description": "Nested argument containing revocation configuration. Defined below.\n" }, "serial": { "type": "string", "description": "Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.\n" }, "status": { "type": "string", "description": "Status of the certificate authority.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies a key-value map of user-defined tags that are attached to the certificate authority.\n" }, "type": { "type": "string", "description": "The type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.\n" } }, "required": [ "arn", "certificate", "certificateAuthorityConfiguration", "certificateChain", "certificateSigningRequest", "notAfter", "notBefore", "serial", "status" ], "inputProperties": { "certificateAuthorityConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityCertificateAuthorityConfiguration:CertificateAuthorityCertificateAuthorityConfiguration", "description": "Nested argument containing algorithms and certificate subject information. Defined below.\n" }, "enabled": { "type": "boolean", "description": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.\n" }, "permanentDeletionTimeInDays": { "type": "integer", "description": "The number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.\n" }, "revocationConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityRevocationConfiguration:CertificateAuthorityRevocationConfiguration", "description": "Nested argument containing revocation configuration. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies a key-value map of user-defined tags that are attached to the certificate authority.\n" }, "type": { "type": "string", "description": "The type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.\n" } }, "requiredInputs": [ "certificateAuthorityConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering CertificateAuthority resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the certificate authority.\n" }, "certificate": { "type": "string", "description": "Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.\n" }, "certificateAuthorityConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityCertificateAuthorityConfiguration:CertificateAuthorityCertificateAuthorityConfiguration", "description": "Nested argument containing algorithms and certificate subject information. Defined below.\n" }, "certificateChain": { "type": "string", "description": "Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.\n" }, "certificateSigningRequest": { "type": "string", "description": "The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.\n" }, "enabled": { "type": "boolean", "description": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.\n" }, "notAfter": { "type": "string", "description": "Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n" }, "notBefore": { "type": "string", "description": "Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n" }, "permanentDeletionTimeInDays": { "type": "integer", "description": "The number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.\n" }, "revocationConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityRevocationConfiguration:CertificateAuthorityRevocationConfiguration", "description": "Nested argument containing revocation configuration. Defined below.\n" }, "serial": { "type": "string", "description": "Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.\n" }, "status": { "type": "string", "description": "Status of the certificate authority.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies a key-value map of user-defined tags that are attached to the certificate authority.\n" }, "type": { "type": "string", "description": "The type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.\n" } }, "type": "object" } }, "aws:alb/listener:Listener": { "description": "Provides a Load Balancer Listener resource.\n\n\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Forward Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"443\",\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Redirect Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [{\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n type: \"redirect\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[{\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n \"type\": \"redirect\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n Type = \"redirect\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tRedirect: \u0026lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Fixed-response Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [{\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n type: \"fixed-response\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[{\n \"fixedResponse\": {\n \"content_type\": \"text/plain\",\n \"messageBody\": \"Fixed response content\",\n \"status_code\": \"200\",\n },\n \"type\": \"fixed-response\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n Type = \"fixed-response\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Authenticate-cognito Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [\n {\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n type: \"authenticate-cognito\",\n },\n {\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n },\n ],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[\n {\n \"authenticateCognito\": {\n \"userPoolArn\": pool.arn,\n \"userPoolClientId\": client.id,\n \"userPoolDomain\": domain.domain,\n },\n \"type\": \"authenticate-cognito\",\n },\n {\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n },\n ],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n });\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\", new Aws.Cognito.UserPoolDomainArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n Type = \"authenticate-cognito\",\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Authenticate-oidc Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [\n {\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n type: \"authenticate-oidc\",\n },\n {\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n },\n ],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[\n {\n \"authenticateOidc\": {\n \"authorizationEndpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"tokenEndpoint\": \"https://example.com/token_endpoint\",\n \"userInfoEndpoint\": \"https://example.com/user_info_endpoint\",\n },\n \"type\": \"authenticate-oidc\",\n },\n {\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n },\n ],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n Type = \"authenticate-oidc\",\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "required": [ "arn", "defaultActions", "loadBalancerArn", "port", "sslPolicy" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "requiredInputs": [ "defaultActions", "loadBalancerArn", "port" ], "stateInputs": { "description": "Input properties used for looking up and filtering Listener resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/listener:Listener" } ] }, "aws:alb/listenerCertificate:ListenerCertificate": { "description": "Provides a Load Balancer Listener Certificate resource.\n\nThis resource is for additional certificates and does not replace the default certificate on the listener.\n\n\u003e **Note:** `aws.alb.ListenerCertificate` is known as `aws.lb.ListenerCertificate`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCertificate = new aws.acm.Certificate(\"example\", {});\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst exampleListenerCertificate = new aws.lb.ListenerCertificate(\"example\", {\n certificateArn: exampleCertificate.arn,\n listenerArn: frontEndListener.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_certificate = aws.acm.Certificate(\"exampleCertificate\")\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\")\nexample_listener_certificate = aws.lb.ListenerCertificate(\"exampleListenerCertificate\",\n certificate_arn=example_certificate.arn,\n listener_arn=front_end_listener.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleCertificate = new Aws.Acm.Certificate(\"exampleCertificate\", new Aws.Acm.CertificateArgs\n {\n });\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n });\n var exampleListenerCertificate = new Aws.LB.ListenerCertificate(\"exampleListenerCertificate\", new Aws.LB.ListenerCertificateArgs\n {\n CertificateArn = exampleCertificate.Arn,\n ListenerArn = frontEndListener.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCertificate, err := acm.NewCertificate(ctx, \"exampleCertificate\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"frontEndListener\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerCertificate(ctx, \"exampleListenerCertificate\", \u0026lb.ListenerCertificateArgs{\n\t\t\tCertificateArn: exampleCertificate.Arn,\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "required": [ "certificateArn", "listenerArn" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "requiredInputs": [ "certificateArn", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerCertificate resources.\n", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/listenerCertificate:ListenerCertificate" } ] }, "aws:alb/listenerRule:ListenerRule": { "description": "Provides a Load Balancer Listener Rule resource.\n\n\u003e **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst static = new aws.lb.ListenerRule(\"static\", {\n actions: [{\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n }],\n conditions: [\n {\n pathPattern: {\n values: [\"/static/*\"],\n },\n },\n {\n hostHeader: {\n values: [\"example.com\"],\n },\n },\n ],\n listenerArn: frontEndListener.arn,\n priority: 100,\n});\nconst hostBasedRouting = new aws.lb.ListenerRule(\"host_based_routing\", {\n actions: [{\n forward: {\n stickiness: {\n duration: 600,\n enabled: true,\n },\n targetGroups: [\n {\n arn: aws_lb_target_group_main.arn,\n weight: 80,\n },\n {\n arn: aws_lb_target_group_canary.arn,\n weight: 20,\n },\n ],\n },\n type: \"forward\",\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n priority: 99,\n});\nconst hostBasedWeightedRouting = new aws.lb.ListenerRule(\"host_based_weighted_routing\", {\n actions: [{\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mydomain.io\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n priority: 99,\n});\nconst redirectHttpToHttps = new aws.lb.ListenerRule(\"redirect_http_to_https\", {\n actions: [{\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n type: \"redirect\",\n }],\n conditions: [{\n httpHeader: {\n httpHeaderName: \"X-Forwarded-For\",\n values: [\"192.168.1.*\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n});\nconst healthCheck = new aws.lb.ListenerRule(\"health_check\", {\n actions: [{\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"HEALTHY\",\n statusCode: \"200\",\n },\n type: \"fixed-response\",\n }],\n conditions: [{\n queryStrings: [\n {\n key: \"health\",\n value: \"check\",\n },\n {\n value: \"bar\",\n },\n ],\n }],\n listenerArn: frontEndListener.arn,\n});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst admin = new aws.lb.ListenerRule(\"admin\", {\n actions: [\n {\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n type: \"authenticate-oidc\",\n },\n {\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n },\n ],\n listenerArn: frontEndListener.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\")\nstatic = aws.lb.ListenerRule(\"static\",\n actions=[{\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n }],\n conditions=[\n {\n \"pathPattern\": {\n \"values\": [\"/static/*\"],\n },\n },\n {\n \"hostHeader\": {\n \"values\": [\"example.com\"],\n },\n },\n ],\n listener_arn=front_end_listener.arn,\n priority=100)\nhost_based_routing = aws.lb.ListenerRule(\"hostBasedRouting\",\n actions=[{\n \"forward\": {\n \"stickiness\": {\n \"duration\": 600,\n \"enabled\": True,\n },\n \"targetGroup\": [\n {\n \"arn\": aws_lb_target_group[\"main\"][\"arn\"],\n \"weight\": 80,\n },\n {\n \"arn\": aws_lb_target_group[\"canary\"][\"arn\"],\n \"weight\": 20,\n },\n ],\n },\n \"type\": \"forward\",\n }],\n conditions=[{\n \"hostHeader\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }],\n listener_arn=front_end_listener.arn,\n priority=99)\nhost_based_weighted_routing = aws.lb.ListenerRule(\"hostBasedWeightedRouting\",\n actions=[{\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n }],\n conditions=[{\n \"hostHeader\": {\n \"values\": [\"my-service.*.mydomain.io\"],\n },\n }],\n listener_arn=front_end_listener.arn,\n priority=99)\nredirect_http_to_https = aws.lb.ListenerRule(\"redirectHttpToHttps\",\n actions=[{\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n \"type\": \"redirect\",\n }],\n conditions=[{\n \"httpHeader\": {\n \"httpHeaderName\": \"X-Forwarded-For\",\n \"values\": [\"192.168.1.*\"],\n },\n }],\n listener_arn=front_end_listener.arn)\nhealth_check = aws.lb.ListenerRule(\"healthCheck\",\n actions=[{\n \"fixedResponse\": {\n \"content_type\": \"text/plain\",\n \"messageBody\": \"HEALTHY\",\n \"status_code\": \"200\",\n },\n \"type\": \"fixed-response\",\n }],\n conditions=[{\n \"queryString\": [\n {\n \"key\": \"health\",\n \"value\": \"check\",\n },\n {\n \"value\": \"bar\",\n },\n ],\n }],\n listener_arn=front_end_listener.arn)\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nadmin = aws.lb.ListenerRule(\"admin\",\n actions=[\n {\n \"authenticateOidc\": {\n \"authorizationEndpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"tokenEndpoint\": \"https://example.com/token_endpoint\",\n \"userInfoEndpoint\": \"https://example.com/user_info_endpoint\",\n },\n \"type\": \"authenticate-oidc\",\n },\n {\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n },\n ],\n listener_arn=front_end_listener.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n });\n var @static = new Aws.LB.ListenerRule(\"static\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs\n {\n Values = \n {\n \"/static/*\",\n },\n },\n },\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"example.com\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 100,\n });\n var hostBasedRouting = new Aws.LB.ListenerRule(\"hostBasedRouting\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs\n {\n Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs\n {\n Duration = 600,\n Enabled = true,\n },\n TargetGroup = \n {\n \n {\n { \"arn\", aws_lb_target_group.Main.Arn },\n { \"weight\", 80 },\n },\n \n {\n { \"arn\", aws_lb_target_group.Canary.Arn },\n { \"weight\", 20 },\n },\n },\n },\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n });\n var hostBasedWeightedRouting = new Aws.LB.ListenerRule(\"hostBasedWeightedRouting\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"my-service.*.mydomain.io\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n });\n var redirectHttpToHttps = new Aws.LB.ListenerRule(\"redirectHttpToHttps\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n Type = \"redirect\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs\n {\n HttpHeaderName = \"X-Forwarded-For\",\n Values = \n {\n \"192.168.1.*\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n var healthCheck = new Aws.LB.ListenerRule(\"healthCheck\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"HEALTHY\",\n StatusCode = \"200\",\n },\n Type = \"fixed-response\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n QueryString = \n {\n \n {\n { \"key\", \"health\" },\n { \"value\", \"check\" },\n },\n \n {\n { \"value\", \"bar\" },\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n });\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\", new Aws.Cognito.UserPoolDomainArgs\n {\n });\n var admin = new Aws.LB.ListenerRule(\"admin\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n Type = \"authenticate-oidc\",\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"frontEndListener\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"static\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tPathPattern: \u0026lb.ListenerRuleConditionPathPatternArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"/static/*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"hostBasedRouting\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tForward: \u0026lb.ListenerRuleActionForwardArgs{\n\t\t\t\t\t\tStickiness: \u0026lb.ListenerRuleActionForwardStickinessArgs{\n\t\t\t\t\t\t\tDuration: pulumi.Int(600),\n\t\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTargetGroup: pulumi.MapArray{\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"arn\": pulumi.String(aws_lb_target_group.Main.Arn),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(80),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"arn\": pulumi.String(aws_lb_target_group.Canary.Arn),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(20),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"hostBasedWeightedRouting\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mydomain.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"redirectHttpToHttps\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tRedirect: \u0026lb.ListenerRuleActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHttpHeader: \u0026lb.ListenerRuleConditionHttpHeaderArgs{\n\t\t\t\t\t\tHttpHeaderName: pulumi.String(\"X-Forwarded-For\"),\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"192.168.1.*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"healthCheck\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerRuleActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"HEALTHY\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tQueryString: pulumi.Array{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"health\"),\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"check\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"bar\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"admin\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerRuleActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "required": [ "actions", "arn", "conditions", "listenerArn", "priority" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "requiredInputs": [ "actions", "conditions", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerRule resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/listenerRule:ListenerRule" } ] }, "aws:alb/loadBalancer:LoadBalancer": { "description": "Provides a Load Balancer resource.\n\n\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Application Load Balancer\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n accessLogs: {\n bucket: aws_s3_bucket_lb_logs.bucket,\n enabled: true,\n prefix: \"test-lb\",\n },\n enableDeletionProtection: true,\n internal: false,\n loadBalancerType: \"application\",\n securityGroups: [aws_security_group_lb_sg.id],\n subnets: [aws_subnet_public.map(v =\u003e v.id)],\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n access_logs={\n \"bucket\": aws_s3_bucket[\"lb_logs\"][\"bucket\"],\n \"enabled\": True,\n \"prefix\": \"test-lb\",\n },\n enable_deletion_protection=True,\n internal=False,\n load_balancer_type=\"application\",\n security_groups=[aws_security_group[\"lb_sg\"][\"id\"]],\n subnets=[[__item[\"id\"] for __item in aws_subnet[\"public\"]]],\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.LB.LoadBalancer(\"test\", new Aws.LB.LoadBalancerArgs\n {\n AccessLogs = new Aws.LB.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = aws_s3_bucket.Lb_logs.Bucket,\n Enabled = true,\n Prefix = \"test-lb\",\n },\n EnableDeletionProtection = true,\n Internal = false,\n LoadBalancerType = \"application\",\n SecurityGroups = \n {\n aws_security_group.Lb_sg.Id,\n },\n Subnets = \n {\n aws_subnet.Public.Select(__item =\u003e __item.Id).ToList(),\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Network Load Balancer\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n enableDeletionProtection: true,\n internal: false,\n loadBalancerType: \"network\",\n subnets: [aws_subnet_public.map(v =\u003e v.id)],\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n enable_deletion_protection=True,\n internal=False,\n load_balancer_type=\"network\",\n subnets=[[__item[\"id\"] for __item in aws_subnet[\"public\"]]],\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.LB.LoadBalancer(\"test\", new Aws.LB.LoadBalancerArgs\n {\n EnableDeletionProtection = true,\n Internal = false,\n LoadBalancerType = \"network\",\n Subnets = \n {\n aws_subnet.Public.Select(__item =\u003e __item.Id).ToList(),\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Specifying Elastic IPs\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n loadBalancerType: \"network\",\n subnetMappings: [\n {\n allocationId: aws_eip_example1.id,\n subnetId: aws_subnet_example1.id,\n },\n {\n allocationId: aws_eip_example2.id,\n subnetId: aws_subnet_example2.id,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n load_balancer_type=\"network\",\n subnet_mappings=[\n {\n \"allocation_id\": aws_eip[\"example1\"][\"id\"],\n \"subnet_id\": aws_subnet[\"example1\"][\"id\"],\n },\n {\n \"allocation_id\": aws_eip[\"example2\"][\"id\"],\n \"subnet_id\": aws_subnet[\"example2\"][\"id\"],\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.LB.LoadBalancer(\"example\", new Aws.LB.LoadBalancerArgs\n {\n LoadBalancerType = \"network\",\n SubnetMappings = \n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n AllocationId = aws_eip.Example1.Id,\n SubnetId = aws_subnet.Example1.Id,\n },\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n AllocationId = aws_eip.Example2.Id,\n SubnetId = aws_subnet.Example2.Id,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tAllocationId: pulumi.String(aws_eip.Example1.Id),\n\t\t\t\t\tSubnetId: pulumi.String(aws_subnet.Example1.Id),\n\t\t\t\t},\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tAllocationId: pulumi.String(aws_eip.Example2.Id),\n\t\t\t\t\tSubnetId: pulumi.String(aws_subnet.Example2.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessLogs": { "$ref": "#/types/aws:alb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the load balancer.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "$ref": "#/types/aws:alb/ipAddressType:IpAddressType", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "$ref": "#/types/aws:alb/loadBalancerType:LoadBalancerType", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:alb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "required": [ "arn", "arnSuffix", "dnsName", "internal", "ipAddressType", "name", "securityGroups", "subnetMappings", "subnets", "vpcId", "zoneId" ], "inputProperties": { "accessLogs": { "$ref": "#/types/aws:alb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "$ref": "#/types/aws:alb/ipAddressType:IpAddressType", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "$ref": "#/types/aws:alb/loadBalancerType:LoadBalancerType", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:alb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancer resources.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:alb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the load balancer.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "$ref": "#/types/aws:alb/ipAddressType:IpAddressType", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "$ref": "#/types/aws:alb/loadBalancerType:LoadBalancerType", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:alb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/loadBalancer:LoadBalancer" } ] }, "aws:alb/targetGroup:TargetGroup": { "description": "Provides a Target Group resource for use with Load Balancer resources.\n\n\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Instance Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst test = new aws.lb.TargetGroup(\"test\", {\n port: 80,\n protocol: \"HTTP\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\ntest = aws.lb.TargetGroup(\"test\",\n port=80,\n protocol=\"HTTP\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var test = new Aws.LB.TargetGroup(\"test\", new Aws.LB.TargetGroupArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### IP Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst ip_example = new aws.lb.TargetGroup(\"ip-example\", {\n port: 80,\n protocol: \"HTTP\",\n targetType: \"ip\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nip_example = aws.lb.TargetGroup(\"ip-example\",\n port=80,\n protocol=\"HTTP\",\n target_type=\"ip\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var ip_example = new Aws.LB.TargetGroup(\"ip-example\", new Aws.LB.TargetGroupArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n TargetType = \"ip\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"ip-example\", \u0026lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tTargetType: pulumi.String(\"ip\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Lambda Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda_example = new aws.lb.TargetGroup(\"lambda-example\", {\n targetType: \"lambda\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_example = aws.lb.TargetGroup(\"lambda-example\", target_type=\"lambda\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lambda_example = new Aws.LB.TargetGroup(\"lambda-example\", new Aws.LB.TargetGroupArgs\n {\n TargetType = \"lambda\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewTargetGroup(ctx, \"lambda-example\", \u0026lb.TargetGroupArgs{\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Target Group (matches `id`)\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:alb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:alb/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "required": [ "arn", "arnSuffix", "healthCheck", "loadBalancingAlgorithmType", "name", "stickiness" ], "inputProperties": { "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:alb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:alb/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Target Group (matches `id`)\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:alb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:alb/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/targetGroup:TargetGroup" } ] }, "aws:alb/targetGroupAttachment:TargetGroupAttachment": { "description": "Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the `aws.elb.Attachment` resource.\n\n\u003e **Note:** `aws.alb.TargetGroupAttachment` is known as `aws.lb.TargetGroupAttachment`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {});\nconst testInstance = new aws.ec2.Instance(\"test\", {});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n port: 80,\n targetGroupArn: testTargetGroup.arn,\n targetId: testInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"testTargetGroup\")\ntest_instance = aws.ec2.Instance(\"testInstance\")\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"testTargetGroupAttachment\",\n port=80,\n target_group_arn=test_target_group.arn,\n target_id=test_instance.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testTargetGroup = new Aws.LB.TargetGroup(\"testTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var testInstance = new Aws.Ec2.Instance(\"testInstance\", new Aws.Ec2.InstanceArgs\n {\n });\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"testTargetGroupAttachment\", new Aws.LB.TargetGroupAttachmentArgs\n {\n Port = 80,\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testInstance.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"testTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := ec2.NewInstance(ctx, \"testInstance\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"testTargetGroupAttachment\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testInstance.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Usage with lambda\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {\n targetType: \"lambda\",\n});\nconst testFunction = new aws.lambda.Function(\"test\", {});\nconst withLb = new aws.lambda.Permission(\"with_lb\", {\n action: \"lambda:InvokeFunction\",\n function: testFunction.arn,\n principal: \"elasticloadbalancing.amazonaws.com\",\n sourceArn: testTargetGroup.arn,\n});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: testTargetGroup.arn,\n targetId: testFunction.arn,\n}, { dependsOn: [withLb] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"testTargetGroup\", target_type=\"lambda\")\ntest_function = aws.lambda_.Function(\"testFunction\")\nwith_lb = aws.lambda_.Permission(\"withLb\",\n action=\"lambda:InvokeFunction\",\n function=test_function.arn,\n principal=\"elasticloadbalancing.amazonaws.com\",\n source_arn=test_target_group.arn)\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"testTargetGroupAttachment\",\n target_group_arn=test_target_group.arn,\n target_id=test_function.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testTargetGroup = new Aws.LB.TargetGroup(\"testTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n TargetType = \"lambda\",\n });\n var testFunction = new Aws.Lambda.Function(\"testFunction\", new Aws.Lambda.FunctionArgs\n {\n });\n var withLb = new Aws.Lambda.Permission(\"withLb\", new Aws.Lambda.PermissionArgs\n {\n Action = \"lambda:InvokeFunction\",\n Function = testFunction.Arn,\n Principal = \"elasticloadbalancing.amazonaws.com\",\n SourceArn = testTargetGroup.Arn,\n });\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"testTargetGroupAttachment\", new Aws.LB.TargetGroupAttachmentArgs\n {\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testFunction.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"testTargetGroup\", \u0026lb.TargetGroupArgs{\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestFunction, err := lambda.NewFunction(ctx, \"testFunction\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"withLb\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testFunction.Arn,\n\t\t\tPrincipal: pulumi.String(\"elasticloadbalancing.amazonaws.com\"),\n\t\t\tSourceArn: testTargetGroup.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"testTargetGroupAttachment\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testFunction.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "required": [ "targetGroupArn", "targetId" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "requiredInputs": [ "targetGroupArn", "targetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroupAttachment resources.\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/targetGroupAttachment:TargetGroupAttachment" } ] }, "aws:apigateway/account:Account": { "description": "Provides a settings of an API Gateway Account. Settings is applied region-wide per `provider` block.\n\n\u003e **Note:** As there is no API method for deleting account settings or resetting it to defaults, destroying this resource will keep your account settings intact\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cloudwatchRole = new aws.iam.Role(\"cloudwatch\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"apigateway.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n`,\n});\nconst demo = new aws.apigateway.Account(\"demo\", {\n cloudwatchRoleArn: cloudwatchRole.arn,\n});\nconst cloudwatchRolePolicy = new aws.iam.RolePolicy(\"cloudwatch\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n \"logs:PutLogEvents\",\n \"logs:GetLogEvents\",\n \"logs:FilterLogEvents\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n role: cloudwatchRole.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncloudwatch_role = aws.iam.Role(\"cloudwatchRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"apigateway.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n\n\"\"\")\ndemo = aws.apigateway.Account(\"demo\", cloudwatch_role_arn=cloudwatch_role.arn)\ncloudwatch_role_policy = aws.iam.RolePolicy(\"cloudwatchRolePolicy\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n \"logs:PutLogEvents\",\n \"logs:GetLogEvents\",\n \"logs:FilterLogEvents\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n\n\"\"\",\n role=cloudwatch_role.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var cloudwatchRole = new Aws.Iam.Role(\"cloudwatchRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Sid\"\": \"\"\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"apigateway.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"sts:AssumeRole\"\"\n }\n ]\n}\n\n\",\n });\n var demo = new Aws.ApiGateway.Account(\"demo\", new Aws.ApiGateway.AccountArgs\n {\n CloudwatchRoleArn = cloudwatchRole.Arn,\n });\n var cloudwatchRolePolicy = new Aws.Iam.RolePolicy(\"cloudwatchRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"logs:CreateLogGroup\"\",\n \"\"logs:CreateLogStream\"\",\n \"\"logs:DescribeLogGroups\"\",\n \"\"logs:DescribeLogStreams\"\",\n \"\"logs:PutLogEvents\"\",\n \"\"logs:GetLogEvents\"\",\n \"\"logs:FilterLogEvents\"\"\n ],\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\n\",\n Role = cloudwatchRole.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcloudwatchRole, err := iam.NewRole(ctx, \"cloudwatchRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"apigateway.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewAccount(ctx, \"demo\", \u0026apigateway.AccountArgs{\n\t\t\tCloudwatchRoleArn: cloudwatchRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"cloudwatchRolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Action\\\": [\\n\", \" \\\"logs:CreateLogGroup\\\",\\n\", \" \\\"logs:CreateLogStream\\\",\\n\", \" \\\"logs:DescribeLogGroups\\\",\\n\", \" \\\"logs:DescribeLogStreams\\\",\\n\", \" \\\"logs:PutLogEvents\\\",\\n\", \" \\\"logs:GetLogEvents\\\",\\n\", \" \\\"logs:FilterLogEvents\\\"\\n\", \" ],\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRole: cloudwatchRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "cloudwatchRoleArn": { "type": "string", "description": "The ARN of an IAM role for CloudWatch (to allow logging \u0026 monitoring).\nSee more [in AWS Docs](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-stage-settings.html#how-to-stage-settings-console).\nLogging \u0026 monitoring can be enabled/disabled and otherwise tuned on the API Gateway Stage level.\n" }, "throttleSettings": { "$ref": "#/types/aws:apigateway/AccountThrottleSettings:AccountThrottleSettings", "description": "Account-Level throttle settings. See exported fields below.\n" } }, "required": [ "throttleSettings" ], "inputProperties": { "cloudwatchRoleArn": { "type": "string", "description": "The ARN of an IAM role for CloudWatch (to allow logging \u0026 monitoring).\nSee more [in AWS Docs](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-stage-settings.html#how-to-stage-settings-console).\nLogging \u0026 monitoring can be enabled/disabled and otherwise tuned on the API Gateway Stage level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Account resources.\n", "properties": { "cloudwatchRoleArn": { "type": "string", "description": "The ARN of an IAM role for CloudWatch (to allow logging \u0026 monitoring).\nSee more [in AWS Docs](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-stage-settings.html#how-to-stage-settings-console).\nLogging \u0026 monitoring can be enabled/disabled and otherwise tuned on the API Gateway Stage level.\n" }, "throttleSettings": { "$ref": "#/types/aws:apigateway/AccountThrottleSettings:AccountThrottleSettings", "description": "Account-Level throttle settings. See exported fields below.\n" } }, "type": "object" } }, "aws:apigateway/apiKey:ApiKey": { "description": "Provides an API Gateway API Key.\n\n\u003e **NOTE:** Since the API Gateway usage plans feature was launched on August 11, 2016, usage plans are now **required** to associate an API key with an API stage.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoApiKey = new aws.apigateway.ApiKey(\"MyDemoApiKey\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api_key = aws.apigateway.ApiKey(\"myDemoApiKey\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDemoApiKey = new Aws.ApiGateway.ApiKey(\"myDemoApiKey\", new Aws.ApiGateway.ApiKeyArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigateway.NewApiKey(ctx, \"myDemoApiKey\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "createdDate": { "type": "string", "description": "The creation date of the API key\n" }, "description": { "type": "string", "description": "The API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "enabled": { "type": "boolean", "description": "Specifies whether the API key can be used by callers. Defaults to `true`.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the API key\n" }, "name": { "type": "string", "description": "The name of the API key\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "value": { "type": "string", "description": "The value of the API key. If not specified, it will be automatically generated by AWS on creation.\n" } }, "required": [ "arn", "createdDate", "description", "lastUpdatedDate", "name", "value" ], "inputProperties": { "description": { "type": "string", "description": "The API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "enabled": { "type": "boolean", "description": "Specifies whether the API key can be used by callers. Defaults to `true`.\n" }, "name": { "type": "string", "description": "The name of the API key\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "value": { "type": "string", "description": "The value of the API key. If not specified, it will be automatically generated by AWS on creation.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ApiKey resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "createdDate": { "type": "string", "description": "The creation date of the API key\n" }, "description": { "type": "string", "description": "The API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "enabled": { "type": "boolean", "description": "Specifies whether the API key can be used by callers. Defaults to `true`.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the API key\n" }, "name": { "type": "string", "description": "The name of the API key\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "value": { "type": "string", "description": "The value of the API key. If not specified, it will be automatically generated by AWS on creation.\n" } }, "type": "object" } }, "aws:apigateway/authorizer:Authorizer": { "description": "Provides an API Gateway Authorizer.\n", "properties": { "authorizerCredentials": { "type": "string", "description": "The credentials required for the authorizer.\nTo specify an IAM Role for API Gateway to assume, use the IAM Role ARN.\n" }, "authorizerResultTtlInSeconds": { "type": "integer", "description": "The TTL of cached authorizer results in seconds.\nDefaults to `300`.\n" }, "authorizerUri": { "type": "string", "description": "The authorizer's Uniform Resource Identifier (URI).\nThis must be a well-formed Lambda function URI in the form of `arn:aws:apigateway:{region}:lambda:path/{service_api}`,\ne.g. `arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:012345678912:function:my-function/invocations`\n" }, "identitySource": { "type": "string", "description": "The source of the identity in an incoming request.\nDefaults to `method.request.header.Authorization`. For `REQUEST` type, this may be a comma-separated list of values, including headers, query string parameters and stage variables - e.g. `\"method.request.header.SomeHeaderName,method.request.querystring.SomeQueryStringName,stageVariables.SomeStageVariableName\"`\n" }, "identityValidationExpression": { "type": "string", "description": "A validation expression for the incoming identity.\nFor `TOKEN` type, this value should be a regular expression. The incoming token from the client is matched\nagainst this expression, and will proceed if the token matches. If the token doesn't match,\nthe client receives a 401 Unauthorized response.\n" }, "name": { "type": "string", "description": "The name of the authorizer\n" }, "providerArns": { "type": "array", "items": { "type": "string" }, "description": "A list of the Amazon Cognito user pool ARNs.\nEach element is of this format: `arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}`.\n" }, "restApi": { "type": "string", "description": "The ID of the associated REST API\n" }, "type": { "type": "string", "description": "The type of the authorizer. Possible values are `TOKEN` for a Lambda function using a single authorization token submitted in a custom header, `REQUEST` for a Lambda function using incoming request parameters, or `COGNITO_USER_POOLS` for using an Amazon Cognito user pool.\nDefaults to `TOKEN`.\n" } }, "required": [ "name", "restApi" ], "inputProperties": { "authorizerCredentials": { "type": "string", "description": "The credentials required for the authorizer.\nTo specify an IAM Role for API Gateway to assume, use the IAM Role ARN.\n" }, "authorizerResultTtlInSeconds": { "type": "integer", "description": "The TTL of cached authorizer results in seconds.\nDefaults to `300`.\n" }, "authorizerUri": { "type": "string", "description": "The authorizer's Uniform Resource Identifier (URI).\nThis must be a well-formed Lambda function URI in the form of `arn:aws:apigateway:{region}:lambda:path/{service_api}`,\ne.g. `arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:012345678912:function:my-function/invocations`\n" }, "identitySource": { "type": "string", "description": "The source of the identity in an incoming request.\nDefaults to `method.request.header.Authorization`. For `REQUEST` type, this may be a comma-separated list of values, including headers, query string parameters and stage variables - e.g. `\"method.request.header.SomeHeaderName,method.request.querystring.SomeQueryStringName,stageVariables.SomeStageVariableName\"`\n" }, "identityValidationExpression": { "type": "string", "description": "A validation expression for the incoming identity.\nFor `TOKEN` type, this value should be a regular expression. The incoming token from the client is matched\nagainst this expression, and will proceed if the token matches. If the token doesn't match,\nthe client receives a 401 Unauthorized response.\n" }, "name": { "type": "string", "description": "The name of the authorizer\n" }, "providerArns": { "type": "array", "items": { "type": "string" }, "description": "A list of the Amazon Cognito user pool ARNs.\nEach element is of this format: `arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}`.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "type": { "type": "string", "description": "The type of the authorizer. Possible values are `TOKEN` for a Lambda function using a single authorization token submitted in a custom header, `REQUEST` for a Lambda function using incoming request parameters, or `COGNITO_USER_POOLS` for using an Amazon Cognito user pool.\nDefaults to `TOKEN`.\n" } }, "requiredInputs": [ "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering Authorizer resources.\n", "properties": { "authorizerCredentials": { "type": "string", "description": "The credentials required for the authorizer.\nTo specify an IAM Role for API Gateway to assume, use the IAM Role ARN.\n" }, "authorizerResultTtlInSeconds": { "type": "integer", "description": "The TTL of cached authorizer results in seconds.\nDefaults to `300`.\n" }, "authorizerUri": { "type": "string", "description": "The authorizer's Uniform Resource Identifier (URI).\nThis must be a well-formed Lambda function URI in the form of `arn:aws:apigateway:{region}:lambda:path/{service_api}`,\ne.g. `arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:012345678912:function:my-function/invocations`\n" }, "identitySource": { "type": "string", "description": "The source of the identity in an incoming request.\nDefaults to `method.request.header.Authorization`. For `REQUEST` type, this may be a comma-separated list of values, including headers, query string parameters and stage variables - e.g. `\"method.request.header.SomeHeaderName,method.request.querystring.SomeQueryStringName,stageVariables.SomeStageVariableName\"`\n" }, "identityValidationExpression": { "type": "string", "description": "A validation expression for the incoming identity.\nFor `TOKEN` type, this value should be a regular expression. The incoming token from the client is matched\nagainst this expression, and will proceed if the token matches. If the token doesn't match,\nthe client receives a 401 Unauthorized response.\n" }, "name": { "type": "string", "description": "The name of the authorizer\n" }, "providerArns": { "type": "array", "items": { "type": "string" }, "description": "A list of the Amazon Cognito user pool ARNs.\nEach element is of this format: `arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}`.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "type": { "type": "string", "description": "The type of the authorizer. Possible values are `TOKEN` for a Lambda function using a single authorization token submitted in a custom header, `REQUEST` for a Lambda function using incoming request parameters, or `COGNITO_USER_POOLS` for using an Amazon Cognito user pool.\nDefaults to `TOKEN`.\n" } }, "type": "object" } }, "aws:apigateway/basePathMapping:BasePathMapping": { "description": "Connects a custom domain name registered via `aws.apigateway.DomainName`\nwith a deployed API so that its methods can be called via the\ncustom domain name.\n", "properties": { "basePath": { "type": "string", "description": "Path segment that must be prepended to the path when accessing the API via this mapping. If omitted, the API is exposed at the root of the given domain.\n" }, "domainName": { "type": "string", "description": "The already-registered domain name to connect the API to.\n" }, "restApi": { "type": "string", "description": "The id of the API to connect.\n" }, "stageName": { "type": "string", "description": "The name of a specific deployment stage to expose at the given path. If omitted, callers may select any stage by including its name as a path element after the base path.\n" } }, "required": [ "restApi", "domainName" ], "inputProperties": { "basePath": { "type": "string", "description": "Path segment that must be prepended to the path when accessing the API via this mapping. If omitted, the API is exposed at the root of the given domain.\n" }, "domainName": { "type": "string", "description": "The already-registered domain name to connect the API to.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The id of the API to connect.\n" }, "stageName": { "type": "string", "description": "The name of a specific deployment stage to expose at the given path. If omitted, callers may select any stage by including its name as a path element after the base path.\n" } }, "requiredInputs": [ "restApi", "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering BasePathMapping resources.\n", "properties": { "basePath": { "type": "string", "description": "Path segment that must be prepended to the path when accessing the API via this mapping. If omitted, the API is exposed at the root of the given domain.\n" }, "domainName": { "type": "string", "description": "The already-registered domain name to connect the API to.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The id of the API to connect.\n" }, "stageName": { "type": "string", "description": "The name of a specific deployment stage to expose at the given path. If omitted, callers may select any stage by including its name as a path element after the base path.\n" } }, "type": "object" } }, "aws:apigateway/clientCertificate:ClientCertificate": { "description": "Provides an API Gateway Client Certificate.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst demo = new aws.apigateway.ClientCertificate(\"demo\", {\n description: \"My client certificate\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndemo = aws.apigateway.ClientCertificate(\"demo\", description=\"My client certificate\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var demo = new Aws.ApiGateway.ClientCertificate(\"demo\", new Aws.ApiGateway.ClientCertificateArgs\n {\n Description = \"My client certificate\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigateway.NewClientCertificate(ctx, \"demo\", \u0026apigateway.ClientCertificateArgs{\n\t\t\tDescription: pulumi.String(\"My client certificate\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "createdDate": { "type": "string", "description": "The date when the client certificate was created.\n" }, "description": { "type": "string", "description": "The description of the client certificate.\n" }, "expirationDate": { "type": "string", "description": "The date when the client certificate will expire.\n" }, "pemEncodedCertificate": { "type": "string", "description": "The PEM-encoded public key of the client certificate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "createdDate", "expirationDate", "pemEncodedCertificate" ], "inputProperties": { "description": { "type": "string", "description": "The description of the client certificate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ClientCertificate resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "createdDate": { "type": "string", "description": "The date when the client certificate was created.\n" }, "description": { "type": "string", "description": "The description of the client certificate.\n" }, "expirationDate": { "type": "string", "description": "The date when the client certificate will expire.\n" }, "pemEncodedCertificate": { "type": "string", "description": "The PEM-encoded public key of the client certificate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:apigateway/deployment:Deployment": { "description": "Provides an API Gateway REST Deployment.\n\n\u003e **Note:** This resource depends on having at least one `aws.apigateway.Integration` created in the REST API, which \nitself has other dependencies. To avoid race conditions when all resources are being created together, you need to add \nimplicit resource references via the `triggers` argument or explicit resource references using the \n[resource `dependsOn` meta-argument](https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"myDemoAPI\", {description: \"This is my API for demonstration purposes\"});\nconst myDemoResource = new aws.apigateway.Resource(\"myDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"test\",\n});\nconst myDemoMethod = new aws.apigateway.Method(\"myDemoMethod\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"myDemoIntegration\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n type: \"MOCK\",\n});\nconst myDemoDeployment = new aws.apigateway.Deployment(\"myDemoDeployment\", {\n restApi: myDemoAPI.id,\n stageName: \"test\",\n variables: {\n answer: \"42\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"myDemoAPI\", description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"myDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"test\")\nmy_demo_method = aws.apigateway.Method(\"myDemoMethod\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\nmy_demo_integration = aws.apigateway.Integration(\"myDemoIntegration\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n type=\"MOCK\")\nmy_demo_deployment = aws.apigateway.Deployment(\"myDemoDeployment\",\n rest_api=my_demo_api.id,\n stage_name=\"test\",\n variables={\n \"answer\": \"42\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"myDemoAPI\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n var myDemoResource = new Aws.ApiGateway.Resource(\"myDemoResource\", new Aws.ApiGateway.ResourceArgs\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"test\",\n });\n var myDemoMethod = new Aws.ApiGateway.Method(\"myDemoMethod\", new Aws.ApiGateway.MethodArgs\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"myDemoIntegration\", new Aws.ApiGateway.IntegrationArgs\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n Type = \"MOCK\",\n });\n var myDemoDeployment = new Aws.ApiGateway.Deployment(\"myDemoDeployment\", new Aws.ApiGateway.DeploymentArgs\n {\n RestApi = myDemoAPI.Id,\n StageName = \"test\",\n Variables = \n {\n { \"answer\", \"42\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"myDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"myDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"myDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoIntegration, err := apigateway.NewIntegration(ctx, \"myDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewDeployment(ctx, \"myDemoDeployment\", \u0026apigateway.DeploymentArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tStageName: pulumi.String(\"test\"),\n\t\t\tVariables: pulumi.Map{\n\t\t\t\t\"answer\": pulumi.String(\"42\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "createdDate": { "type": "string", "description": "The creation date of the deployment\n" }, "description": { "type": "string", "description": "The description of the deployment\n" }, "executionArn": { "type": "string", "description": "The execution ARN to be used in `lambda_permission` resource's `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g. `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j/prod`\n" }, "invokeUrl": { "type": "string", "description": "The URL to invoke the API pointing to the stage,\ne.g. `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/prod`\n" }, "restApi": { "type": "string", "description": "The ID of the associated REST API\n" }, "stageDescription": { "type": "string", "description": "The description of the stage\n" }, "stageName": { "type": "string", "description": "The name of the stage. If the specified stage already exists, it will be updated to point to the new deployment. If the stage does not exist, a new one will be created and point to this deployment.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of arbitrary keys and values that, when changed, will trigger a redeployment.\n" }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that defines variables for the stage\n" } }, "required": [ "createdDate", "executionArn", "invokeUrl", "restApi" ], "inputProperties": { "description": { "type": "string", "description": "The description of the deployment\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "stageDescription": { "type": "string", "description": "The description of the stage\n" }, "stageName": { "type": "string", "description": "The name of the stage. If the specified stage already exists, it will be updated to point to the new deployment. If the stage does not exist, a new one will be created and point to this deployment.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of arbitrary keys and values that, when changed, will trigger a redeployment.\n" }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that defines variables for the stage\n" } }, "requiredInputs": [ "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering Deployment resources.\n", "properties": { "createdDate": { "type": "string", "description": "The creation date of the deployment\n" }, "description": { "type": "string", "description": "The description of the deployment\n" }, "executionArn": { "type": "string", "description": "The execution ARN to be used in `lambda_permission` resource's `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g. `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j/prod`\n" }, "invokeUrl": { "type": "string", "description": "The URL to invoke the API pointing to the stage,\ne.g. `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/prod`\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "stageDescription": { "type": "string", "description": "The description of the stage\n" }, "stageName": { "type": "string", "description": "The name of the stage. If the specified stage already exists, it will be updated to point to the new deployment. If the stage does not exist, a new one will be created and point to this deployment.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of arbitrary keys and values that, when changed, will trigger a redeployment.\n" }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that defines variables for the stage\n" } }, "type": "object" } }, "aws:apigateway/documentationPart:DocumentationPart": { "description": "Provides a settings of an API Gateway Documentation Part.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRestApi = new aws.apigateway.RestApi(\"example\", {});\nconst exampleDocumentationPart = new aws.apigateway.DocumentationPart(\"example\", {\n location: {\n method: \"GET\",\n path: \"/example\",\n type: \"METHOD\",\n },\n properties: \"{\\\"description\\\":\\\"Example description\\\"}\",\n restApiId: exampleRestApi.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_rest_api = aws.apigateway.RestApi(\"exampleRestApi\")\nexample_documentation_part = aws.apigateway.DocumentationPart(\"exampleDocumentationPart\",\n location={\n \"method\": \"GET\",\n \"path\": \"/example\",\n \"type\": \"METHOD\",\n },\n properties=\"{\\\"description\\\":\\\"Example description\\\"}\",\n rest_api_id=example_rest_api.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleRestApi = new Aws.ApiGateway.RestApi(\"exampleRestApi\", new Aws.ApiGateway.RestApiArgs\n {\n });\n var exampleDocumentationPart = new Aws.ApiGateway.DocumentationPart(\"exampleDocumentationPart\", new Aws.ApiGateway.DocumentationPartArgs\n {\n Location = new Aws.ApiGateway.Inputs.DocumentationPartLocationArgs\n {\n Method = \"GET\",\n Path = \"/example\",\n Type = \"METHOD\",\n },\n Properties = \"{\\\"description\\\":\\\"Example description\\\"}\",\n RestApiId = exampleRestApi.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRestApi, err := apigateway.NewRestApi(ctx, \"exampleRestApi\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewDocumentationPart(ctx, \"exampleDocumentationPart\", \u0026apigateway.DocumentationPartArgs{\n\t\t\tLocation: \u0026apigateway.DocumentationPartLocationArgs{\n\t\t\t\tMethod: pulumi.String(\"GET\"),\n\t\t\t\tPath: pulumi.String(\"/example\"),\n\t\t\t\tType: pulumi.String(\"METHOD\"),\n\t\t\t},\n\t\t\tProperties: pulumi.String(\"{\\\"description\\\":\\\"Example description\\\"}\"),\n\t\t\tRestApiId: exampleRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "location": { "$ref": "#/types/aws:apigateway/DocumentationPartLocation:DocumentationPartLocation", "description": "The location of the targeted API entity of the to-be-created documentation part. See below.\n" }, "properties": { "type": "string", "description": "A content map of API-specific key-value pairs describing the targeted API entity. The map must be encoded as a JSON string, e.g., \"{ \\\"description\\\": \\\"The API does ...\\\" }\". Only Swagger-compliant key-value pairs can be exported and, hence, published.\n" }, "restApiId": { "type": "string", "description": "The ID of the associated Rest API\n" } }, "required": [ "location", "properties", "restApiId" ], "inputProperties": { "location": { "$ref": "#/types/aws:apigateway/DocumentationPartLocation:DocumentationPartLocation", "description": "The location of the targeted API entity of the to-be-created documentation part. See below.\n" }, "properties": { "type": "string", "description": "A content map of API-specific key-value pairs describing the targeted API entity. The map must be encoded as a JSON string, e.g., \"{ \\\"description\\\": \\\"The API does ...\\\" }\". Only Swagger-compliant key-value pairs can be exported and, hence, published.\n" }, "restApiId": { "type": "string", "description": "The ID of the associated Rest API\n" } }, "requiredInputs": [ "location", "properties", "restApiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering DocumentationPart resources.\n", "properties": { "location": { "$ref": "#/types/aws:apigateway/DocumentationPartLocation:DocumentationPartLocation", "description": "The location of the targeted API entity of the to-be-created documentation part. See below.\n" }, "properties": { "type": "string", "description": "A content map of API-specific key-value pairs describing the targeted API entity. The map must be encoded as a JSON string, e.g., \"{ \\\"description\\\": \\\"The API does ...\\\" }\". Only Swagger-compliant key-value pairs can be exported and, hence, published.\n" }, "restApiId": { "type": "string", "description": "The ID of the associated Rest API\n" } }, "type": "object" } }, "aws:apigateway/documentationVersion:DocumentationVersion": { "description": "Provides a resource to manage an API Gateway Documentation Version.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRestApi = new aws.apigateway.RestApi(\"example\", {});\nconst exampleDocumentationPart = new aws.apigateway.DocumentationPart(\"example\", {\n location: {\n type: \"API\",\n },\n properties: \"{\\\"description\\\":\\\"Example\\\"}\",\n restApiId: exampleRestApi.id,\n});\nconst exampleDocumentationVersion = new aws.apigateway.DocumentationVersion(\"example\", {\n description: \"Example description\",\n restApiId: exampleRestApi.id,\n version: \"example_version\",\n}, { dependsOn: [exampleDocumentationPart] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_rest_api = aws.apigateway.RestApi(\"exampleRestApi\")\nexample_documentation_version = aws.apigateway.DocumentationVersion(\"exampleDocumentationVersion\",\n description=\"Example description\",\n rest_api_id=example_rest_api.id,\n version=\"example_version\")\nexample_documentation_part = aws.apigateway.DocumentationPart(\"exampleDocumentationPart\",\n location={\n \"type\": \"API\",\n },\n properties=\"{\\\"description\\\":\\\"Example\\\"}\",\n rest_api_id=example_rest_api.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleRestApi = new Aws.ApiGateway.RestApi(\"exampleRestApi\", new Aws.ApiGateway.RestApiArgs\n {\n });\n var exampleDocumentationVersion = new Aws.ApiGateway.DocumentationVersion(\"exampleDocumentationVersion\", new Aws.ApiGateway.DocumentationVersionArgs\n {\n Description = \"Example description\",\n RestApiId = exampleRestApi.Id,\n Version = \"example_version\",\n });\n var exampleDocumentationPart = new Aws.ApiGateway.DocumentationPart(\"exampleDocumentationPart\", new Aws.ApiGateway.DocumentationPartArgs\n {\n Location = new Aws.ApiGateway.Inputs.DocumentationPartLocationArgs\n {\n Type = \"API\",\n },\n Properties = \"{\\\"description\\\":\\\"Example\\\"}\",\n RestApiId = exampleRestApi.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRestApi, err := apigateway.NewRestApi(ctx, \"exampleRestApi\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewDocumentationVersion(ctx, \"exampleDocumentationVersion\", \u0026apigateway.DocumentationVersionArgs{\n\t\t\tDescription: pulumi.String(\"Example description\"),\n\t\t\tRestApiId: exampleRestApi.ID(),\n\t\t\tVersion: pulumi.String(\"example_version\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewDocumentationPart(ctx, \"exampleDocumentationPart\", \u0026apigateway.DocumentationPartArgs{\n\t\t\tLocation: \u0026apigateway.DocumentationPartLocationArgs{\n\t\t\t\tType: pulumi.String(\"API\"),\n\t\t\t},\n\t\t\tProperties: pulumi.String(\"{\\\"description\\\":\\\"Example\\\"}\"),\n\t\t\tRestApiId: exampleRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "The description of the API documentation version.\n" }, "restApiId": { "type": "string", "description": "The ID of the associated Rest API\n" }, "version": { "type": "string", "description": "The version identifier of the API documentation snapshot.\n" } }, "required": [ "restApiId", "version" ], "inputProperties": { "description": { "type": "string", "description": "The description of the API documentation version.\n" }, "restApiId": { "type": "string", "description": "The ID of the associated Rest API\n" }, "version": { "type": "string", "description": "The version identifier of the API documentation snapshot.\n" } }, "requiredInputs": [ "restApiId", "version" ], "stateInputs": { "description": "Input properties used for looking up and filtering DocumentationVersion resources.\n", "properties": { "description": { "type": "string", "description": "The description of the API documentation version.\n" }, "restApiId": { "type": "string", "description": "The ID of the associated Rest API\n" }, "version": { "type": "string", "description": "The version identifier of the API documentation snapshot.\n" } }, "type": "object" } }, "aws:apigateway/domainName:DomainName": { "description": "Registers a custom domain name for use with AWS API Gateway. Additional information about this functionality\ncan be found in the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html).\n\nThis resource just establishes ownership of and the TLS settings for\na particular domain name. An API can be attached to a particular path\nunder the registered domain name using\nthe `aws.apigateway.BasePathMapping` resource.\n\nAPI Gateway domains can be defined as either 'edge-optimized' or 'regional'. In an edge-optimized configuration,\nAPI Gateway internally creates and manages a CloudFront distribution to route requests on the given hostname. In\naddition to this resource it's necessary to create a DNS record corresponding to the given domain name which is an alias\n(either Route53 alias or traditional CNAME) to the Cloudfront domain name exported in the `cloudfront_domain_name`\nattribute.\n\nIn a regional configuration, API Gateway does not create a CloudFront distribution to route requests to the API, though\na distribution can be created if needed. In either case, it is necessary to create a DNS record corresponding to the\ngiven domain name which is an alias (either Route53 alias or traditional CNAME) to the regional domain name exported in\nthe `regional_domain_name` attribute.\n\n\u003e **Note:** API Gateway requires the use of AWS Certificate Manager (ACM) certificates instead of Identity and Access Management (IAM) certificates in regions that support ACM. Regions that support ACM can be found in the [Regions and Endpoints Documentation](https://docs.aws.amazon.com/general/latest/gr/rande.html#acm_region). To import an existing private key and certificate into ACM or request an ACM certificate, see the `aws.acm.Certificate` resource.\n\n\u003e **Note:** The `aws.apigateway.DomainName` resource expects dependency on the `aws.acm.CertificateValidation` as \nonly verified certificates can be used. This can be made either explicitly by adding the \n`depends_on = [aws_acm_certificate_validation.cert]` attribute. Or implicitly by referring certificate ARN \nfrom the validation resource where it will be available after the resource creation: \n`regional_certificate_arn = aws_acm_certificate_validation.cert.certificate_arn`.\n\n\u003e **Note:** All arguments including the private key will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Edge Optimized (ACM Certificate)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleDomainName = new aws.apigateway.DomainName(\"example\", {\n certificateArn: aws_acm_certificate_validation_example.certificateArn,\n domainName: \"api.example.com\",\n});\n// Example DNS record using Route53.\n// Route53 is not specifically required; any DNS host can be used.\nconst exampleRecord = new aws.route53.Record(\"example\", {\n aliases: [{\n evaluateTargetHealth: true,\n name: exampleDomainName.cloudfrontDomainName,\n zoneId: exampleDomainName.cloudfrontZoneId,\n }],\n name: exampleDomainName.domainName,\n type: \"A\",\n zoneId: aws_route53_zone_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_domain_name = aws.apigateway.DomainName(\"exampleDomainName\",\n certificate_arn=aws_acm_certificate_validation[\"example\"][\"certificate_arn\"],\n domain_name=\"api.example.com\")\n# Example DNS record using Route53.\n# Route53 is not specifically required; any DNS host can be used.\nexample_record = aws.route53.Record(\"exampleRecord\",\n aliases=[{\n \"evaluateTargetHealth\": True,\n \"name\": example_domain_name.cloudfront_domain_name,\n \"zone_id\": example_domain_name.cloudfront_zone_id,\n }],\n name=example_domain_name.domain_name,\n type=\"A\",\n zone_id=aws_route53_zone[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleDomainName = new Aws.ApiGateway.DomainName(\"exampleDomainName\", new Aws.ApiGateway.DomainNameArgs\n {\n CertificateArn = aws_acm_certificate_validation.Example.Certificate_arn,\n DomainName = \"api.example.com\",\n });\n // Example DNS record using Route53.\n // Route53 is not specifically required; any DNS host can be used.\n var exampleRecord = new Aws.Route53.Record(\"exampleRecord\", new Aws.Route53.RecordArgs\n {\n Aliases = \n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n EvaluateTargetHealth = true,\n Name = exampleDomainName.CloudfrontDomainName,\n ZoneId = exampleDomainName.CloudfrontZoneId,\n },\n },\n Name = exampleDomainName.Domain,\n Type = \"A\",\n ZoneId = aws_route53_zone.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomainName, err := apigateway.NewDomainName(ctx, \"exampleDomainName\", \u0026apigateway.DomainNameArgs{\n\t\t\tCertificateArn: pulumi.String(aws_acm_certificate_validation.Example.Certificate_arn),\n\t\t\tDomainName: pulumi.String(\"api.example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"exampleRecord\", \u0026route53.RecordArgs{\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t\tName: exampleDomainName.CloudfrontDomainName,\n\t\t\t\t\tZoneId: exampleDomainName.CloudfrontZoneId,\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: exampleDomainName.DomainName,\n\t\t\tType: pulumi.String(\"A\"),\n\t\t\tZoneId: pulumi.String(aws_route53_zone.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Regional (ACM Certificate)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleDomainName = new aws.apigateway.DomainName(\"example\", {\n domainName: \"api.example.com\",\n endpointConfiguration: {\n types: \"REGIONAL\",\n },\n regionalCertificateArn: aws_acm_certificate_validation_example.certificateArn,\n});\n// Example DNS record using Route53.\n// Route53 is not specifically required; any DNS host can be used.\nconst exampleRecord = new aws.route53.Record(\"example\", {\n aliases: [{\n evaluateTargetHealth: true,\n name: exampleDomainName.regionalDomainName,\n zoneId: exampleDomainName.regionalZoneId,\n }],\n name: exampleDomainName.domainName,\n type: \"A\",\n zoneId: aws_route53_zone_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_domain_name = aws.apigateway.DomainName(\"exampleDomainName\",\n domain_name=\"api.example.com\",\n endpoint_configuration={\n \"types\": \"REGIONAL\",\n },\n regional_certificate_arn=aws_acm_certificate_validation[\"example\"][\"certificate_arn\"])\n# Example DNS record using Route53.\n# Route53 is not specifically required; any DNS host can be used.\nexample_record = aws.route53.Record(\"exampleRecord\",\n aliases=[{\n \"evaluateTargetHealth\": True,\n \"name\": example_domain_name.regional_domain_name,\n \"zone_id\": example_domain_name.regional_zone_id,\n }],\n name=example_domain_name.domain_name,\n type=\"A\",\n zone_id=aws_route53_zone[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleDomainName = new Aws.ApiGateway.DomainName(\"exampleDomainName\", new Aws.ApiGateway.DomainNameArgs\n {\n DomainName = \"api.example.com\",\n EndpointConfiguration = new Aws.ApiGateway.Inputs.DomainNameEndpointConfigurationArgs\n {\n Types = \"REGIONAL\",\n },\n RegionalCertificateArn = aws_acm_certificate_validation.Example.Certificate_arn,\n });\n // Example DNS record using Route53.\n // Route53 is not specifically required; any DNS host can be used.\n var exampleRecord = new Aws.Route53.Record(\"exampleRecord\", new Aws.Route53.RecordArgs\n {\n Aliases = \n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n EvaluateTargetHealth = true,\n Name = exampleDomainName.RegionalDomainName,\n ZoneId = exampleDomainName.RegionalZoneId,\n },\n },\n Name = exampleDomainName.Domain,\n Type = \"A\",\n ZoneId = aws_route53_zone.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomainName, err := apigateway.NewDomainName(ctx, \"exampleDomainName\", \u0026apigateway.DomainNameArgs{\n\t\t\tDomainName: pulumi.String(\"api.example.com\"),\n\t\t\tEndpointConfiguration: \u0026apigateway.DomainNameEndpointConfigurationArgs{\n\t\t\t\tTypes: pulumi.String(\"REGIONAL\"),\n\t\t\t},\n\t\t\tRegionalCertificateArn: pulumi.String(aws_acm_certificate_validation.Example.Certificate_arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"exampleRecord\", \u0026route53.RecordArgs{\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t\tName: exampleDomainName.RegionalDomainName,\n\t\t\t\t\tZoneId: exampleDomainName.RegionalZoneId,\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: exampleDomainName.DomainName,\n\t\t\tType: pulumi.String(\"A\"),\n\t\t\tZoneId: pulumi.String(aws_route53_zone.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "certificateArn": { "type": "string", "description": "The ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with `certificate_name`, `certificate_body`, `certificate_chain`, `certificate_private_key`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateBody": { "type": "string", "description": "The certificate issued for the domain name\nbeing registered, in PEM format. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and\n`regional_certificate_name`.\n" }, "certificateChain": { "type": "string", "description": "The certificate for the CA that issued the\ncertificate, along with any intermediate CA certificates required to\ncreate an unbroken chain to a certificate trusted by the intended API clients. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`,\n`regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateName": { "type": "string", "description": "The unique name to use when registering this\ncertificate as an IAM server certificate. Conflicts with `certificate_arn`, `regional_certificate_arn`, and\n`regional_certificate_name`. Required if `certificate_arn` is not set.\n" }, "certificatePrivateKey": { "type": "string", "description": "The private key associated with the\ndomain certificate given in `certificate_body`. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateUploadDate": { "type": "string", "description": "The upload date associated with the domain certificate.\n" }, "cloudfrontDomainName": { "type": "string", "description": "The hostname created by Cloudfront to represent\nthe distribution that implements this domain name mapping.\n" }, "cloudfrontZoneId": { "type": "string", "description": "For convenience, the hosted zone ID (`Z2FDTNDATAQYW2`)\nthat can be used to create a Route53 alias record for the distribution.\n" }, "domainName": { "type": "string", "description": "The fully-qualified domain name to register\n", "language": { "csharp": { "name": "Domain" } } }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/DomainNameEndpointConfiguration:DomainNameEndpointConfiguration", "description": "Configuration block defining API endpoint information including type. Defined below.\n" }, "regionalCertificateArn": { "type": "string", "description": "The ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and `certificate_private_key`.\n" }, "regionalCertificateName": { "type": "string", "description": "The user-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and\n`certificate_private_key`.\n" }, "regionalDomainName": { "type": "string", "description": "The hostname for the custom domain's regional endpoint.\n" }, "regionalZoneId": { "type": "string", "description": "The hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.\n" }, "securityPolicy": { "type": "string", "description": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are `TLS_1_0` and `TLS_1_2`. Must be configured to perform drift detection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "certificateUploadDate", "cloudfrontDomainName", "cloudfrontZoneId", "domainName", "endpointConfiguration", "regionalDomainName", "regionalZoneId", "securityPolicy" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with `certificate_name`, `certificate_body`, `certificate_chain`, `certificate_private_key`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateBody": { "type": "string", "description": "The certificate issued for the domain name\nbeing registered, in PEM format. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and\n`regional_certificate_name`.\n" }, "certificateChain": { "type": "string", "description": "The certificate for the CA that issued the\ncertificate, along with any intermediate CA certificates required to\ncreate an unbroken chain to a certificate trusted by the intended API clients. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`,\n`regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateName": { "type": "string", "description": "The unique name to use when registering this\ncertificate as an IAM server certificate. Conflicts with `certificate_arn`, `regional_certificate_arn`, and\n`regional_certificate_name`. Required if `certificate_arn` is not set.\n" }, "certificatePrivateKey": { "type": "string", "description": "The private key associated with the\ndomain certificate given in `certificate_body`. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "domainName": { "type": "string", "description": "The fully-qualified domain name to register\n", "language": { "csharp": { "name": "Domain" } } }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/DomainNameEndpointConfiguration:DomainNameEndpointConfiguration", "description": "Configuration block defining API endpoint information including type. Defined below.\n" }, "regionalCertificateArn": { "type": "string", "description": "The ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and `certificate_private_key`.\n" }, "regionalCertificateName": { "type": "string", "description": "The user-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and\n`certificate_private_key`.\n" }, "securityPolicy": { "type": "string", "description": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are `TLS_1_0` and `TLS_1_2`. Must be configured to perform drift detection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainName resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "certificateArn": { "type": "string", "description": "The ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with `certificate_name`, `certificate_body`, `certificate_chain`, `certificate_private_key`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateBody": { "type": "string", "description": "The certificate issued for the domain name\nbeing registered, in PEM format. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and\n`regional_certificate_name`.\n" }, "certificateChain": { "type": "string", "description": "The certificate for the CA that issued the\ncertificate, along with any intermediate CA certificates required to\ncreate an unbroken chain to a certificate trusted by the intended API clients. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`,\n`regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateName": { "type": "string", "description": "The unique name to use when registering this\ncertificate as an IAM server certificate. Conflicts with `certificate_arn`, `regional_certificate_arn`, and\n`regional_certificate_name`. Required if `certificate_arn` is not set.\n" }, "certificatePrivateKey": { "type": "string", "description": "The private key associated with the\ndomain certificate given in `certificate_body`. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateUploadDate": { "type": "string", "description": "The upload date associated with the domain certificate.\n" }, "cloudfrontDomainName": { "type": "string", "description": "The hostname created by Cloudfront to represent\nthe distribution that implements this domain name mapping.\n" }, "cloudfrontZoneId": { "type": "string", "description": "For convenience, the hosted zone ID (`Z2FDTNDATAQYW2`)\nthat can be used to create a Route53 alias record for the distribution.\n" }, "domainName": { "type": "string", "description": "The fully-qualified domain name to register\n", "language": { "csharp": { "name": "Domain" } } }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/DomainNameEndpointConfiguration:DomainNameEndpointConfiguration", "description": "Configuration block defining API endpoint information including type. Defined below.\n" }, "regionalCertificateArn": { "type": "string", "description": "The ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and `certificate_private_key`.\n" }, "regionalCertificateName": { "type": "string", "description": "The user-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and\n`certificate_private_key`.\n" }, "regionalDomainName": { "type": "string", "description": "The hostname for the custom domain's regional endpoint.\n" }, "regionalZoneId": { "type": "string", "description": "The hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.\n" }, "securityPolicy": { "type": "string", "description": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are `TLS_1_0` and `TLS_1_2`. Must be configured to perform drift detection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:apigateway/integration:Integration": { "description": "Provides an HTTP Method Integration for an API Gateway Integration.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n restApi: myDemoAPI.id,\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n authorization: \"NONE\",\n httpMethod: \"GET\",\n resourceId: myDemoResource.id,\n restApi: myDemoAPI.id,\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n cacheKeyParameters: [\"method.request.path.param\"],\n cacheNamespace: \"foobar\",\n httpMethod: myDemoMethod.httpMethod,\n requestParameters: {\n \"integration.request.header.X-Authorization\": \"'static'\",\n },\n // Transforms the incoming XML request to JSON\n requestTemplates: {\n \"application/xml\": `{\n \"body\" : $input.json('$')\n}\n`,\n },\n resourceId: myDemoResource.id,\n restApi: myDemoAPI.id,\n timeoutMilliseconds: 29000,\n type: \"MOCK\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"myDemoAPI\", description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"myDemoResource\",\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\",\n rest_api=my_demo_api.id)\nmy_demo_method = aws.apigateway.Method(\"myDemoMethod\",\n authorization=\"NONE\",\n http_method=\"GET\",\n resource_id=my_demo_resource.id,\n rest_api=my_demo_api.id)\nmy_demo_integration = aws.apigateway.Integration(\"myDemoIntegration\",\n cache_key_parameters=[\"method.request.path.param\"],\n cache_namespace=\"foobar\",\n http_method=my_demo_method.http_method,\n request_parameters={\n \"integration.request.header.X-Authorization\": \"'static'\",\n },\n request_templates={\n \"application/xml\": \"\"\"{\n \"body\" : $input.json('$')\n}\n\n\"\"\",\n },\n resource_id=my_demo_resource.id,\n rest_api=my_demo_api.id,\n timeout_milliseconds=29000,\n type=\"MOCK\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"myDemoAPI\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n var myDemoResource = new Aws.ApiGateway.Resource(\"myDemoResource\", new Aws.ApiGateway.ResourceArgs\n {\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n RestApi = myDemoAPI.Id,\n });\n var myDemoMethod = new Aws.ApiGateway.Method(\"myDemoMethod\", new Aws.ApiGateway.MethodArgs\n {\n Authorization = \"NONE\",\n HttpMethod = \"GET\",\n ResourceId = myDemoResource.Id,\n RestApi = myDemoAPI.Id,\n });\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"myDemoIntegration\", new Aws.ApiGateway.IntegrationArgs\n {\n CacheKeyParameters = \n {\n \"method.request.path.param\",\n },\n CacheNamespace = \"foobar\",\n HttpMethod = myDemoMethod.HttpMethod,\n RequestParameters = \n {\n { \"integration.request.header.X-Authorization\", \"'static'\" },\n },\n RequestTemplates = \n {\n { \"application/xml\", @\"{\n \"\"body\"\" : $input.json('$')\n}\n\n\" },\n },\n ResourceId = myDemoResource.Id,\n RestApi = myDemoAPI.Id,\n TimeoutMilliseconds = 29000,\n Type = \"MOCK\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"myDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"myDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"myDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"myDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tCacheKeyParameters: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"method.request.path.param\"),\n\t\t\t},\n\t\t\tCacheNamespace: pulumi.String(\"foobar\"),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tRequestParameters: pulumi.Map{\n\t\t\t\t\"integration.request.header.X-Authorization\": pulumi.String(\"'static'\"),\n\t\t\t},\n\t\t\tRequestTemplates: pulumi.Map{\n\t\t\t\t\"application/xml\": pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"body\\\" : \", \"$\", \"input.json('\", \"$\", \"')\\n\", \"}\\n\", \"\\n\")),\n\t\t\t},\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tTimeoutMilliseconds: pulumi.Int(29000),\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## VPC Link\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst name = config.require(\"name\");\nconst subnetId = config.require(\"subnetId\");\n\nconst testLoadBalancer = new aws.lb.LoadBalancer(\"test\", {\n internal: true,\n loadBalancerType: \"network\",\n subnets: [subnetId],\n});\nconst testVpcLink = new aws.apigateway.VpcLink(\"test\", {\n targetArn: testLoadBalancer.arn,\n});\nconst testRestApi = new aws.apigateway.RestApi(\"test\", {});\nconst testResource = new aws.apigateway.Resource(\"test\", {\n parentId: testRestApi.rootResourceId,\n pathPart: \"test\",\n restApi: testRestApi.id,\n});\nconst testMethod = new aws.apigateway.Method(\"test\", {\n authorization: \"NONE\",\n httpMethod: \"GET\",\n requestModels: {\n \"application/json\": \"Error\",\n },\n resourceId: testResource.id,\n restApi: testRestApi.id,\n});\nconst testIntegration = new aws.apigateway.Integration(\"test\", {\n connectionId: testVpcLink.id,\n connectionType: \"VPC_LINK\",\n contentHandling: \"CONVERT_TO_TEXT\",\n httpMethod: testMethod.httpMethod,\n integrationHttpMethod: \"GET\",\n passthroughBehavior: \"WHEN_NO_MATCH\",\n requestParameters: {\n \"integration.request.header.X-Authorization\": \"'static'\",\n \"integration.request.header.X-Foo\": \"'Bar'\",\n },\n requestTemplates: {\n \"application/json\": \"\",\n \"application/xml\": `#set($inputRoot = $input.path('$'))\n{ }`,\n },\n resourceId: testResource.id,\n restApi: testRestApi.id,\n type: \"HTTP\",\n uri: \"https://www.google.de\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nname = config.require_object(\"name\")\nsubnet_id = config.require_object(\"subnetId\")\ntest_load_balancer = aws.lb.LoadBalancer(\"testLoadBalancer\",\n internal=True,\n load_balancer_type=\"network\",\n subnets=[subnet_id])\ntest_vpc_link = aws.apigateway.VpcLink(\"testVpcLink\", target_arn=test_load_balancer.arn)\ntest_rest_api = aws.apigateway.RestApi(\"testRestApi\")\ntest_resource = aws.apigateway.Resource(\"testResource\",\n parent_id=test_rest_api.root_resource_id,\n path_part=\"test\",\n rest_api=test_rest_api.id)\ntest_method = aws.apigateway.Method(\"testMethod\",\n authorization=\"NONE\",\n http_method=\"GET\",\n request_models={\n \"application/json\": \"Error\",\n },\n resource_id=test_resource.id,\n rest_api=test_rest_api.id)\ntest_integration = aws.apigateway.Integration(\"testIntegration\",\n connection_id=test_vpc_link.id,\n connection_type=\"VPC_LINK\",\n content_handling=\"CONVERT_TO_TEXT\",\n http_method=test_method.http_method,\n integration_http_method=\"GET\",\n passthrough_behavior=\"WHEN_NO_MATCH\",\n request_parameters={\n \"integration.request.header.X-Authorization\": \"'static'\",\n \"integration.request.header.X-Foo\": \"'Bar'\",\n },\n request_templates={\n \"application/json\": \"\",\n \"application/xml\": \"\"\"#set($inputRoot = $input.path('$'))\n{ }\n\"\"\",\n },\n resource_id=test_resource.id,\n rest_api=test_rest_api.id,\n type=\"HTTP\",\n uri=\"https://www.google.de\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var name = config.RequireObject\u003cdynamic\u003e(\"name\");\n var subnetId = config.RequireObject\u003cdynamic\u003e(\"subnetId\");\n var testLoadBalancer = new Aws.LB.LoadBalancer(\"testLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n Internal = true,\n LoadBalancerType = \"network\",\n Subnets = \n {\n subnetId,\n },\n });\n var testVpcLink = new Aws.ApiGateway.VpcLink(\"testVpcLink\", new Aws.ApiGateway.VpcLinkArgs\n {\n TargetArn = testLoadBalancer.Arn,\n });\n var testRestApi = new Aws.ApiGateway.RestApi(\"testRestApi\", new Aws.ApiGateway.RestApiArgs\n {\n });\n var testResource = new Aws.ApiGateway.Resource(\"testResource\", new Aws.ApiGateway.ResourceArgs\n {\n ParentId = testRestApi.RootResourceId,\n PathPart = \"test\",\n RestApi = testRestApi.Id,\n });\n var testMethod = new Aws.ApiGateway.Method(\"testMethod\", new Aws.ApiGateway.MethodArgs\n {\n Authorization = \"NONE\",\n HttpMethod = \"GET\",\n RequestModels = \n {\n { \"application/json\", \"Error\" },\n },\n ResourceId = testResource.Id,\n RestApi = testRestApi.Id,\n });\n var testIntegration = new Aws.ApiGateway.Integration(\"testIntegration\", new Aws.ApiGateway.IntegrationArgs\n {\n ConnectionId = testVpcLink.Id,\n ConnectionType = \"VPC_LINK\",\n ContentHandling = \"CONVERT_TO_TEXT\",\n HttpMethod = testMethod.HttpMethod,\n IntegrationHttpMethod = \"GET\",\n PassthroughBehavior = \"WHEN_NO_MATCH\",\n RequestParameters = \n {\n { \"integration.request.header.X-Authorization\", \"'static'\" },\n { \"integration.request.header.X-Foo\", \"'Bar'\" },\n },\n RequestTemplates = \n {\n { \"application/json\", \"\" },\n { \"application/xml\", @\"#set($inputRoot = $input.path('$'))\n{ }\n\" },\n },\n ResourceId = testResource.Id,\n RestApi = testRestApi.Id,\n Type = \"HTTP\",\n Uri = \"https://www.google.de\",\n });\n }\n\n}\n```\n", "properties": { "cacheKeyParameters": { "type": "array", "items": { "type": "string" }, "description": "A list of cache key parameters for the integration.\n" }, "cacheNamespace": { "type": "string", "description": "The integration's cache namespace.\n" }, "connectionId": { "type": "string", "description": "The id of the VpcLink used for the integration. **Required** if `connection_type` is `VPC_LINK`\n" }, "connectionType": { "type": "string", "description": "The integration input's [connectionType](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/#connectionType). Valid values are `INTERNET` (default for connections through the public routable internet), and `VPC_LINK` (for private connections between API Gateway and a network load balancer in a VPC).\n" }, "contentHandling": { "type": "string", "description": "Specifies how to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the passthroughBehaviors is configured to support payload pass-through.\n" }, "credentials": { "type": "string", "description": "The credentials required for the integration. For `AWS` integrations, 2 options are available. To specify an IAM Role for Amazon API Gateway to assume, use the role's ARN. To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::\\*:user/\\*`.\n" }, "httpMethod": { "type": "string", "description": "The HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTION`, `ANY`)\nwhen calling the associated resource.\n" }, "integrationHttpMethod": { "type": "string", "description": "The integration HTTP method\n(`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONs`, `ANY`, `PATCH`) specifying how API Gateway will interact with the back end.\n**Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nNot all methods are compatible with all `AWS` integrations.\ne.g. Lambda function [can only be invoked](https://github.com/awslabs/aws-apigateway-importer/issues/9#issuecomment-129651005) via `POST`.\n" }, "passthroughBehavior": { "type": "string", "description": "The integration passthrough behavior (`WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`). **Required** if `request_templates` is used.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of request query string parameters and headers that should be passed to the backend responder.\nFor example: `request_parameters = { \"integration.request.header.X-Some-Other-Header\" = \"method.request.header.X-Some-Header\" }`\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of the integration's request templates.\n" }, "resourceId": { "type": "string", "description": "The API resource ID.\n" }, "restApi": { "type": "string", "description": "The ID of the associated REST API.\n" }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds.\n" }, "type": { "type": "string", "description": "The integration input's [type](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/). Valid values are `HTTP` (for HTTP backends), `MOCK` (not calling any real backend), `AWS` (for AWS services), `AWS_PROXY` (for Lambda proxy integration) and `HTTP_PROXY` (for HTTP proxy integration). An `HTTP` or `HTTP_PROXY` integration with a `connection_type` of `VPC_LINK` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.\n" }, "uri": { "type": "string", "description": "The input's URI. **Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nFor HTTP integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification . For AWS integrations, the URI should be of the form `arn:aws:apigateway:{region}:{subdomain.service|service}:{path|action}/{service_api}`. `region`, `subdomain` and `service` are used to determine the right endpoint.\ne.g. `arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:012345678901:function:my-func/invocations`. For private integrations, the URI parameter is not used for routing requests to your endpoint, but is used for setting the Host header and for certificate validation.\n" } }, "required": [ "cacheNamespace", "httpMethod", "passthroughBehavior", "resourceId", "restApi", "type" ], "inputProperties": { "cacheKeyParameters": { "type": "array", "items": { "type": "string" }, "description": "A list of cache key parameters for the integration.\n" }, "cacheNamespace": { "type": "string", "description": "The integration's cache namespace.\n" }, "connectionId": { "type": "string", "description": "The id of the VpcLink used for the integration. **Required** if `connection_type` is `VPC_LINK`\n" }, "connectionType": { "type": "string", "description": "The integration input's [connectionType](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/#connectionType). Valid values are `INTERNET` (default for connections through the public routable internet), and `VPC_LINK` (for private connections between API Gateway and a network load balancer in a VPC).\n" }, "contentHandling": { "type": "string", "description": "Specifies how to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the passthroughBehaviors is configured to support payload pass-through.\n" }, "credentials": { "type": "string", "description": "The credentials required for the integration. For `AWS` integrations, 2 options are available. To specify an IAM Role for Amazon API Gateway to assume, use the role's ARN. To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::\\*:user/\\*`.\n" }, "httpMethod": { "type": "string", "description": "The HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTION`, `ANY`)\nwhen calling the associated resource.\n" }, "integrationHttpMethod": { "type": "string", "description": "The integration HTTP method\n(`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONs`, `ANY`, `PATCH`) specifying how API Gateway will interact with the back end.\n**Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nNot all methods are compatible with all `AWS` integrations.\ne.g. Lambda function [can only be invoked](https://github.com/awslabs/aws-apigateway-importer/issues/9#issuecomment-129651005) via `POST`.\n" }, "passthroughBehavior": { "type": "string", "description": "The integration passthrough behavior (`WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`). **Required** if `request_templates` is used.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of request query string parameters and headers that should be passed to the backend responder.\nFor example: `request_parameters = { \"integration.request.header.X-Some-Other-Header\" = \"method.request.header.X-Some-Header\" }`\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of the integration's request templates.\n" }, "resourceId": { "type": "string", "description": "The API resource ID.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API.\n" }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds.\n" }, "type": { "type": "string", "description": "The integration input's [type](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/). Valid values are `HTTP` (for HTTP backends), `MOCK` (not calling any real backend), `AWS` (for AWS services), `AWS_PROXY` (for Lambda proxy integration) and `HTTP_PROXY` (for HTTP proxy integration). An `HTTP` or `HTTP_PROXY` integration with a `connection_type` of `VPC_LINK` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.\n" }, "uri": { "type": "string", "description": "The input's URI. **Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nFor HTTP integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification . For AWS integrations, the URI should be of the form `arn:aws:apigateway:{region}:{subdomain.service|service}:{path|action}/{service_api}`. `region`, `subdomain` and `service` are used to determine the right endpoint.\ne.g. `arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:012345678901:function:my-func/invocations`. For private integrations, the URI parameter is not used for routing requests to your endpoint, but is used for setting the Host header and for certificate validation.\n" } }, "requiredInputs": [ "httpMethod", "resourceId", "restApi", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Integration resources.\n", "properties": { "cacheKeyParameters": { "type": "array", "items": { "type": "string" }, "description": "A list of cache key parameters for the integration.\n" }, "cacheNamespace": { "type": "string", "description": "The integration's cache namespace.\n" }, "connectionId": { "type": "string", "description": "The id of the VpcLink used for the integration. **Required** if `connection_type` is `VPC_LINK`\n" }, "connectionType": { "type": "string", "description": "The integration input's [connectionType](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/#connectionType). Valid values are `INTERNET` (default for connections through the public routable internet), and `VPC_LINK` (for private connections between API Gateway and a network load balancer in a VPC).\n" }, "contentHandling": { "type": "string", "description": "Specifies how to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the passthroughBehaviors is configured to support payload pass-through.\n" }, "credentials": { "type": "string", "description": "The credentials required for the integration. For `AWS` integrations, 2 options are available. To specify an IAM Role for Amazon API Gateway to assume, use the role's ARN. To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::\\*:user/\\*`.\n" }, "httpMethod": { "type": "string", "description": "The HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTION`, `ANY`)\nwhen calling the associated resource.\n" }, "integrationHttpMethod": { "type": "string", "description": "The integration HTTP method\n(`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONs`, `ANY`, `PATCH`) specifying how API Gateway will interact with the back end.\n**Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nNot all methods are compatible with all `AWS` integrations.\ne.g. Lambda function [can only be invoked](https://github.com/awslabs/aws-apigateway-importer/issues/9#issuecomment-129651005) via `POST`.\n" }, "passthroughBehavior": { "type": "string", "description": "The integration passthrough behavior (`WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`). **Required** if `request_templates` is used.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of request query string parameters and headers that should be passed to the backend responder.\nFor example: `request_parameters = { \"integration.request.header.X-Some-Other-Header\" = \"method.request.header.X-Some-Header\" }`\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of the integration's request templates.\n" }, "resourceId": { "type": "string", "description": "The API resource ID.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API.\n" }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds.\n" }, "type": { "type": "string", "description": "The integration input's [type](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/). Valid values are `HTTP` (for HTTP backends), `MOCK` (not calling any real backend), `AWS` (for AWS services), `AWS_PROXY` (for Lambda proxy integration) and `HTTP_PROXY` (for HTTP proxy integration). An `HTTP` or `HTTP_PROXY` integration with a `connection_type` of `VPC_LINK` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.\n" }, "uri": { "type": "string", "description": "The input's URI. **Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nFor HTTP integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification . For AWS integrations, the URI should be of the form `arn:aws:apigateway:{region}:{subdomain.service|service}:{path|action}/{service_api}`. `region`, `subdomain` and `service` are used to determine the right endpoint.\ne.g. `arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:012345678901:function:my-func/invocations`. For private integrations, the URI parameter is not used for routing requests to your endpoint, but is used for setting the Host header and for certificate validation.\n" } }, "type": "object" } }, "aws:apigateway/integrationResponse:IntegrationResponse": { "description": "Provides an HTTP Method Integration Response for an API Gateway Resource.\n\n\u003e **Note:** Depends on having `aws.apigateway.Integration` inside your rest api. To ensure this\nyou might need to add an explicit `depends_on` for clean runs.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n restApi: myDemoAPI.id,\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n authorization: \"NONE\",\n httpMethod: \"GET\",\n resourceId: myDemoResource.id,\n restApi: myDemoAPI.id,\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n httpMethod: myDemoMethod.httpMethod,\n resourceId: myDemoResource.id,\n restApi: myDemoAPI.id,\n type: \"MOCK\",\n});\nconst response200 = new aws.apigateway.MethodResponse(\"response_200\", {\n httpMethod: myDemoMethod.httpMethod,\n resourceId: myDemoResource.id,\n restApi: myDemoAPI.id,\n statusCode: \"200\",\n});\nconst myDemoIntegrationResponse = new aws.apigateway.IntegrationResponse(\"MyDemoIntegrationResponse\", {\n httpMethod: myDemoMethod.httpMethod,\n resourceId: myDemoResource.id,\n // Transforms the backend JSON response to XML\n responseTemplates: {\n \"application/xml\": `#set($inputRoot = $input.path('$'))\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\n\u003cmessage\u003e\n $inputRoot.body\n\u003c/message\u003e\n`,\n },\n restApi: myDemoAPI.id,\n statusCode: response200.statusCode,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"myDemoAPI\", description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"myDemoResource\",\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\",\n rest_api=my_demo_api.id)\nmy_demo_method = aws.apigateway.Method(\"myDemoMethod\",\n authorization=\"NONE\",\n http_method=\"GET\",\n resource_id=my_demo_resource.id,\n rest_api=my_demo_api.id)\nmy_demo_integration = aws.apigateway.Integration(\"myDemoIntegration\",\n http_method=my_demo_method.http_method,\n resource_id=my_demo_resource.id,\n rest_api=my_demo_api.id,\n type=\"MOCK\")\nresponse200 = aws.apigateway.MethodResponse(\"response200\",\n http_method=my_demo_method.http_method,\n resource_id=my_demo_resource.id,\n rest_api=my_demo_api.id,\n status_code=\"200\")\nmy_demo_integration_response = aws.apigateway.IntegrationResponse(\"myDemoIntegrationResponse\",\n http_method=my_demo_method.http_method,\n resource_id=my_demo_resource.id,\n response_templates={\n \"application/xml\": \"\"\"#set($inputRoot = $input.path('$'))\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\n\u003cmessage\u003e\n $inputRoot.body\n\u003c/message\u003e\n\n\"\"\",\n },\n rest_api=my_demo_api.id,\n status_code=response200.status_code)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"myDemoAPI\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n var myDemoResource = new Aws.ApiGateway.Resource(\"myDemoResource\", new Aws.ApiGateway.ResourceArgs\n {\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n RestApi = myDemoAPI.Id,\n });\n var myDemoMethod = new Aws.ApiGateway.Method(\"myDemoMethod\", new Aws.ApiGateway.MethodArgs\n {\n Authorization = \"NONE\",\n HttpMethod = \"GET\",\n ResourceId = myDemoResource.Id,\n RestApi = myDemoAPI.Id,\n });\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"myDemoIntegration\", new Aws.ApiGateway.IntegrationArgs\n {\n HttpMethod = myDemoMethod.HttpMethod,\n ResourceId = myDemoResource.Id,\n RestApi = myDemoAPI.Id,\n Type = \"MOCK\",\n });\n var response200 = new Aws.ApiGateway.MethodResponse(\"response200\", new Aws.ApiGateway.MethodResponseArgs\n {\n HttpMethod = myDemoMethod.HttpMethod,\n ResourceId = myDemoResource.Id,\n RestApi = myDemoAPI.Id,\n StatusCode = \"200\",\n });\n var myDemoIntegrationResponse = new Aws.ApiGateway.IntegrationResponse(\"myDemoIntegrationResponse\", new Aws.ApiGateway.IntegrationResponseArgs\n {\n HttpMethod = myDemoMethod.HttpMethod,\n ResourceId = myDemoResource.Id,\n ResponseTemplates = \n {\n { \"application/xml\", @\"#set($inputRoot = $input.path('$'))\n\u003c?xml version=\"\"1.0\"\" encoding=\"\"UTF-8\"\"?\u003e\n\u003cmessage\u003e\n $inputRoot.body\n\u003c/message\u003e\n\n\" },\n },\n RestApi = myDemoAPI.Id,\n StatusCode = response200.StatusCode,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"myDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"myDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"myDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"myDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tresponse200, err := apigateway.NewMethodResponse(ctx, \"response200\", \u0026apigateway.MethodResponseArgs{\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegrationResponse(ctx, \"myDemoIntegrationResponse\", \u0026apigateway.IntegrationResponseArgs{\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tResponseTemplates: pulumi.Map{\n\t\t\t\t\"application/xml\": pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"#set(\", \"$\", \"inputRoot = \", \"$\", \"input.path('\", \"$\", \"'))\\n\", \"\u003c?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?\u003e\\n\", \"\u003cmessage\u003e\\n\", \" \", \"$\", \"inputRoot.body\\n\", \"\u003c/message\u003e\\n\", \"\\n\")),\n\t\t\t},\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tStatusCode: response200.StatusCode,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "contentHandling": { "type": "string", "description": "Specifies how to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.\n" }, "httpMethod": { "type": "string", "description": "The HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n" }, "resourceId": { "type": "string", "description": "The API resource ID\n" }, "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of response parameters that can be read from the backend response.\nFor example: `response_parameters = { \"method.response.header.X-Some-Header\" = \"integration.response.header.X-Some-Other-Header\" }`\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the templates used to transform the integration response body\n" }, "restApi": { "type": "string", "description": "The ID of the associated REST API\n" }, "selectionPattern": { "type": "string", "description": "Specifies the regular expression pattern used to choose\nan integration response based on the response from the backend. Setting this to `-` makes the integration the default one.\nIf the backend is an `AWS` Lambda function, the AWS Lambda function error header is matched.\nFor all other `HTTP` and `AWS` backends, the HTTP status code is matched.\n" }, "statusCode": { "type": "string", "description": "The HTTP status code\n" } }, "required": [ "httpMethod", "resourceId", "restApi", "statusCode" ], "inputProperties": { "contentHandling": { "type": "string", "description": "Specifies how to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.\n" }, "httpMethod": { "type": "string", "description": "The HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n" }, "resourceId": { "type": "string", "description": "The API resource ID\n" }, "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of response parameters that can be read from the backend response.\nFor example: `response_parameters = { \"method.response.header.X-Some-Header\" = \"integration.response.header.X-Some-Other-Header\" }`\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the templates used to transform the integration response body\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "selectionPattern": { "type": "string", "description": "Specifies the regular expression pattern used to choose\nan integration response based on the response from the backend. Setting this to `-` makes the integration the default one.\nIf the backend is an `AWS` Lambda function, the AWS Lambda function error header is matched.\nFor all other `HTTP` and `AWS` backends, the HTTP status code is matched.\n" }, "statusCode": { "type": "string", "description": "The HTTP status code\n" } }, "requiredInputs": [ "httpMethod", "resourceId", "restApi", "statusCode" ], "stateInputs": { "description": "Input properties used for looking up and filtering IntegrationResponse resources.\n", "properties": { "contentHandling": { "type": "string", "description": "Specifies how to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.\n" }, "httpMethod": { "type": "string", "description": "The HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n" }, "resourceId": { "type": "string", "description": "The API resource ID\n" }, "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of response parameters that can be read from the backend response.\nFor example: `response_parameters = { \"method.response.header.X-Some-Header\" = \"integration.response.header.X-Some-Other-Header\" }`\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the templates used to transform the integration response body\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "selectionPattern": { "type": "string", "description": "Specifies the regular expression pattern used to choose\nan integration response based on the response from the backend. Setting this to `-` makes the integration the default one.\nIf the backend is an `AWS` Lambda function, the AWS Lambda function error header is matched.\nFor all other `HTTP` and `AWS` backends, the HTTP status code is matched.\n" }, "statusCode": { "type": "string", "description": "The HTTP status code\n" } }, "type": "object" } }, "aws:apigateway/method:Method": { "description": "Provides a HTTP Method for an API Gateway Resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n restApi: myDemoAPI.id,\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n authorization: \"NONE\",\n httpMethod: \"GET\",\n resourceId: myDemoResource.id,\n restApi: myDemoAPI.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"myDemoAPI\", description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"myDemoResource\",\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\",\n rest_api=my_demo_api.id)\nmy_demo_method = aws.apigateway.Method(\"myDemoMethod\",\n authorization=\"NONE\",\n http_method=\"GET\",\n resource_id=my_demo_resource.id,\n rest_api=my_demo_api.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"myDemoAPI\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n var myDemoResource = new Aws.ApiGateway.Resource(\"myDemoResource\", new Aws.ApiGateway.ResourceArgs\n {\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n RestApi = myDemoAPI.Id,\n });\n var myDemoMethod = new Aws.ApiGateway.Method(\"myDemoMethod\", new Aws.ApiGateway.MethodArgs\n {\n Authorization = \"NONE\",\n HttpMethod = \"GET\",\n ResourceId = myDemoResource.Id,\n RestApi = myDemoAPI.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"myDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"myDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethod(ctx, \"myDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Usage with Cognito User Pool Authorizer\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst cognitoUserPoolName = config.require(\"cognitoUserPoolName\");\n\nconst thisUserPools = pulumi.output(aws.cognito.getUserPools({\n name: cognitoUserPoolName,\n}, { async: true }));\nconst thisRestApi = new aws.apigateway.RestApi(\"this\", {});\nconst thisResource = new aws.apigateway.Resource(\"this\", {\n parentId: thisRestApi.rootResourceId,\n pathPart: \"{proxy+}\",\n restApi: thisRestApi.id,\n});\nconst thisAuthorizer = new aws.apigateway.Authorizer(\"this\", {\n providerArns: thisUserPools.arns,\n restApi: thisRestApi.id,\n type: \"COGNITO_USER_POOLS\",\n});\nconst any = new aws.apigateway.Method(\"any\", {\n authorization: \"COGNITO_USER_POOLS\",\n authorizerId: thisAuthorizer.id,\n httpMethod: \"ANY\",\n requestParameters: {\n \"method.request.path.proxy\": true,\n },\n resourceId: thisResource.id,\n restApi: thisRestApi.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ncognito_user_pool_name = config.require_object(\"cognitoUserPoolName\")\nthis_user_pools = aws.cognito.get_user_pools(name=cognito_user_pool_name)\nthis_rest_api = aws.apigateway.RestApi(\"thisRestApi\")\nthis_resource = aws.apigateway.Resource(\"thisResource\",\n parent_id=this_rest_api.root_resource_id,\n path_part=\"{proxy+}\",\n rest_api=this_rest_api.id)\nthis_authorizer = aws.apigateway.Authorizer(\"thisAuthorizer\",\n provider_arns=this_user_pools.arns,\n rest_api=this_rest_api.id,\n type=\"COGNITO_USER_POOLS\")\nany = aws.apigateway.Method(\"any\",\n authorization=\"COGNITO_USER_POOLS\",\n authorizer_id=this_authorizer.id,\n http_method=\"ANY\",\n request_parameters={\n \"method.request.path.proxy\": True,\n },\n resource_id=this_resource.id,\n rest_api=this_rest_api.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var cognitoUserPoolName = config.RequireObject\u003cdynamic\u003e(\"cognitoUserPoolName\");\n var thisUserPools = Output.Create(Aws.Cognito.GetUserPools.InvokeAsync(new Aws.Cognito.GetUserPoolsArgs\n {\n Name = cognitoUserPoolName,\n }));\n var thisRestApi = new Aws.ApiGateway.RestApi(\"thisRestApi\", new Aws.ApiGateway.RestApiArgs\n {\n });\n var thisResource = new Aws.ApiGateway.Resource(\"thisResource\", new Aws.ApiGateway.ResourceArgs\n {\n ParentId = thisRestApi.RootResourceId,\n PathPart = \"{proxy+}\",\n RestApi = thisRestApi.Id,\n });\n var thisAuthorizer = new Aws.ApiGateway.Authorizer(\"thisAuthorizer\", new Aws.ApiGateway.AuthorizerArgs\n {\n ProviderArns = thisUserPools.Apply(thisUserPools =\u003e thisUserPools.Arns),\n RestApi = thisRestApi.Id,\n Type = \"COGNITO_USER_POOLS\",\n });\n var any = new Aws.ApiGateway.Method(\"any\", new Aws.ApiGateway.MethodArgs\n {\n Authorization = \"COGNITO_USER_POOLS\",\n AuthorizerId = thisAuthorizer.Id,\n HttpMethod = \"ANY\",\n RequestParameters = \n {\n { \"method.request.path.proxy\", true },\n },\n ResourceId = thisResource.Id,\n RestApi = thisRestApi.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tthisUserPools, err := cognito.GetUserPools(ctx, \u0026cognito.GetUserPoolsArgs{\n\t\t\tName: cognitoUserPoolName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tthisRestApi, err := apigateway.NewRestApi(ctx, \"thisRestApi\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tthisResource, err := apigateway.NewResource(ctx, \"thisResource\", \u0026apigateway.ResourceArgs{\n\t\t\tParentId: thisRestApi.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"{proxy+}\"),\n\t\t\tRestApi: thisRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tthisAuthorizer, err := apigateway.NewAuthorizer(ctx, \"thisAuthorizer\", \u0026apigateway.AuthorizerArgs{\n\t\t\tProviderArns: toPulumiStringArray(thisUserPools.Arns),\n\t\t\tRestApi: thisRestApi.ID(),\n\t\t\tType: pulumi.String(\"COGNITO_USER_POOLS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethod(ctx, \"any\", \u0026apigateway.MethodArgs{\n\t\t\tAuthorization: pulumi.String(\"COGNITO_USER_POOLS\"),\n\t\t\tAuthorizerId: thisAuthorizer.ID(),\n\t\t\tHttpMethod: pulumi.String(\"ANY\"),\n\t\t\tRequestParameters: pulumi.Map{\n\t\t\t\t\"method.request.path.proxy\": pulumi.Bool(true),\n\t\t\t},\n\t\t\tResourceId: thisResource.ID(),\n\t\t\tRestApi: thisRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\nfunc toPulumiStringArray(arr []string) pulumi.StringArray {\n\tvar pulumiArr pulumi.StringArray\n\tfor _, v := range arr {\n\t\tpulumiArr = append(pulumiArr, pulumi.String(v))\n\t}\n\treturn pulumiArr\n}\n```\n", "properties": { "apiKeyRequired": { "type": "boolean", "description": "Specify if the method requires an API key\n" }, "authorization": { "type": "string", "description": "The type of authorization used for the method (`NONE`, `CUSTOM`, `AWS_IAM`, `COGNITO_USER_POOLS`)\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "The authorization scopes used when the authorization is `COGNITO_USER_POOLS`\n" }, "authorizerId": { "type": "string", "description": "The authorizer id to be used when the authorization is `CUSTOM` or `COGNITO_USER_POOLS`\n" }, "httpMethod": { "type": "string", "description": "The HTTP Method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of the API models used for the request's content type\nwhere key is the content type (e.g. `application/json`)\nand value is either `Error`, `Empty` (built-in models) or `aws.apigateway.Model`'s `name`.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of request parameters (from the path, query string and headers) that should be passed to the integration. The boolean value indicates whether the parameter is required (`true`) or optional (`false`).\nFor example: `request_parameters = {\"method.request.header.X-Some-Header\" = true \"method.request.querystring.some-query-param\" = true}` would define that the header `X-Some-Header` and the query string `some-query-param` must be provided in the request.\n" }, "requestValidatorId": { "type": "string", "description": "The ID of a `aws.apigateway.RequestValidator`\n" }, "resourceId": { "type": "string", "description": "The API resource ID\n" }, "restApi": { "type": "string", "description": "The ID of the associated REST API\n" } }, "required": [ "authorization", "httpMethod", "resourceId", "restApi" ], "inputProperties": { "apiKeyRequired": { "type": "boolean", "description": "Specify if the method requires an API key\n" }, "authorization": { "type": "string", "description": "The type of authorization used for the method (`NONE`, `CUSTOM`, `AWS_IAM`, `COGNITO_USER_POOLS`)\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "The authorization scopes used when the authorization is `COGNITO_USER_POOLS`\n" }, "authorizerId": { "type": "string", "description": "The authorizer id to be used when the authorization is `CUSTOM` or `COGNITO_USER_POOLS`\n" }, "httpMethod": { "type": "string", "description": "The HTTP Method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of the API models used for the request's content type\nwhere key is the content type (e.g. `application/json`)\nand value is either `Error`, `Empty` (built-in models) or `aws.apigateway.Model`'s `name`.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of request parameters (from the path, query string and headers) that should be passed to the integration. The boolean value indicates whether the parameter is required (`true`) or optional (`false`).\nFor example: `request_parameters = {\"method.request.header.X-Some-Header\" = true \"method.request.querystring.some-query-param\" = true}` would define that the header `X-Some-Header` and the query string `some-query-param` must be provided in the request.\n" }, "requestValidatorId": { "type": "string", "description": "The ID of a `aws.apigateway.RequestValidator`\n" }, "resourceId": { "type": "string", "description": "The API resource ID\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" } }, "requiredInputs": [ "authorization", "httpMethod", "resourceId", "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering Method resources.\n", "properties": { "apiKeyRequired": { "type": "boolean", "description": "Specify if the method requires an API key\n" }, "authorization": { "type": "string", "description": "The type of authorization used for the method (`NONE`, `CUSTOM`, `AWS_IAM`, `COGNITO_USER_POOLS`)\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "The authorization scopes used when the authorization is `COGNITO_USER_POOLS`\n" }, "authorizerId": { "type": "string", "description": "The authorizer id to be used when the authorization is `CUSTOM` or `COGNITO_USER_POOLS`\n" }, "httpMethod": { "type": "string", "description": "The HTTP Method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of the API models used for the request's content type\nwhere key is the content type (e.g. `application/json`)\nand value is either `Error`, `Empty` (built-in models) or `aws.apigateway.Model`'s `name`.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of request parameters (from the path, query string and headers) that should be passed to the integration. The boolean value indicates whether the parameter is required (`true`) or optional (`false`).\nFor example: `request_parameters = {\"method.request.header.X-Some-Header\" = true \"method.request.querystring.some-query-param\" = true}` would define that the header `X-Some-Header` and the query string `some-query-param` must be provided in the request.\n" }, "requestValidatorId": { "type": "string", "description": "The ID of a `aws.apigateway.RequestValidator`\n" }, "resourceId": { "type": "string", "description": "The API resource ID\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" } }, "type": "object" } }, "aws:apigateway/methodResponse:MethodResponse": { "description": "Provides an HTTP Method Response for an API Gateway Resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n restApi: myDemoAPI.id,\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n authorization: \"NONE\",\n httpMethod: \"GET\",\n resourceId: myDemoResource.id,\n restApi: myDemoAPI.id,\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n httpMethod: myDemoMethod.httpMethod,\n resourceId: myDemoResource.id,\n restApi: myDemoAPI.id,\n type: \"MOCK\",\n});\nconst response200 = new aws.apigateway.MethodResponse(\"response_200\", {\n httpMethod: myDemoMethod.httpMethod,\n resourceId: myDemoResource.id,\n restApi: myDemoAPI.id,\n statusCode: \"200\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"myDemoAPI\", description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"myDemoResource\",\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\",\n rest_api=my_demo_api.id)\nmy_demo_method = aws.apigateway.Method(\"myDemoMethod\",\n authorization=\"NONE\",\n http_method=\"GET\",\n resource_id=my_demo_resource.id,\n rest_api=my_demo_api.id)\nmy_demo_integration = aws.apigateway.Integration(\"myDemoIntegration\",\n http_method=my_demo_method.http_method,\n resource_id=my_demo_resource.id,\n rest_api=my_demo_api.id,\n type=\"MOCK\")\nresponse200 = aws.apigateway.MethodResponse(\"response200\",\n http_method=my_demo_method.http_method,\n resource_id=my_demo_resource.id,\n rest_api=my_demo_api.id,\n status_code=\"200\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"myDemoAPI\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n var myDemoResource = new Aws.ApiGateway.Resource(\"myDemoResource\", new Aws.ApiGateway.ResourceArgs\n {\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n RestApi = myDemoAPI.Id,\n });\n var myDemoMethod = new Aws.ApiGateway.Method(\"myDemoMethod\", new Aws.ApiGateway.MethodArgs\n {\n Authorization = \"NONE\",\n HttpMethod = \"GET\",\n ResourceId = myDemoResource.Id,\n RestApi = myDemoAPI.Id,\n });\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"myDemoIntegration\", new Aws.ApiGateway.IntegrationArgs\n {\n HttpMethod = myDemoMethod.HttpMethod,\n ResourceId = myDemoResource.Id,\n RestApi = myDemoAPI.Id,\n Type = \"MOCK\",\n });\n var response200 = new Aws.ApiGateway.MethodResponse(\"response200\", new Aws.ApiGateway.MethodResponseArgs\n {\n HttpMethod = myDemoMethod.HttpMethod,\n ResourceId = myDemoResource.Id,\n RestApi = myDemoAPI.Id,\n StatusCode = \"200\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"myDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"myDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"myDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"myDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodResponse(ctx, \"response200\", \u0026apigateway.MethodResponseArgs{\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "httpMethod": { "type": "string", "description": "The HTTP Method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n" }, "resourceId": { "type": "string", "description": "The API resource ID\n" }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of the API models used for the response's content type\n" }, "responseParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of response parameters that can be sent to the caller.\nFor example: `response_parameters = { \"method.response.header.X-Some-Header\" = true }`\nwould define that the header `X-Some-Header` can be provided on the response.\n" }, "restApi": { "type": "string", "description": "The ID of the associated REST API\n" }, "statusCode": { "type": "string", "description": "The HTTP status code\n" } }, "required": [ "httpMethod", "resourceId", "restApi", "statusCode" ], "inputProperties": { "httpMethod": { "type": "string", "description": "The HTTP Method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n" }, "resourceId": { "type": "string", "description": "The API resource ID\n" }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of the API models used for the response's content type\n" }, "responseParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of response parameters that can be sent to the caller.\nFor example: `response_parameters = { \"method.response.header.X-Some-Header\" = true }`\nwould define that the header `X-Some-Header` can be provided on the response.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "statusCode": { "type": "string", "description": "The HTTP status code\n" } }, "requiredInputs": [ "httpMethod", "resourceId", "restApi", "statusCode" ], "stateInputs": { "description": "Input properties used for looking up and filtering MethodResponse resources.\n", "properties": { "httpMethod": { "type": "string", "description": "The HTTP Method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n" }, "resourceId": { "type": "string", "description": "The API resource ID\n" }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of the API models used for the response's content type\n" }, "responseParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of response parameters that can be sent to the caller.\nFor example: `response_parameters = { \"method.response.header.X-Some-Header\" = true }`\nwould define that the header `X-Some-Header` can be provided on the response.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "statusCode": { "type": "string", "description": "The HTTP status code\n" } }, "type": "object" } }, "aws:apigateway/methodSettings:MethodSettings": { "description": "Provides an API Gateway Method Settings, e.g. logging or monitoring.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRestApi = new aws.apigateway.RestApi(\"test\", {\n description: \"This is my API for demonstration purposes\",\n});\nconst testResource = new aws.apigateway.Resource(\"test\", {\n parentId: testRestApi.rootResourceId,\n pathPart: \"mytestresource\",\n restApi: testRestApi.id,\n});\nconst testMethod = new aws.apigateway.Method(\"test\", {\n authorization: \"NONE\",\n httpMethod: \"GET\",\n resourceId: testResource.id,\n restApi: testRestApi.id,\n});\nconst testIntegration = new aws.apigateway.Integration(\"test\", {\n httpMethod: testMethod.httpMethod,\n requestTemplates: {\n \"application/xml\": `{\n \"body\" : $input.json('$')\n}\n`,\n },\n resourceId: testResource.id,\n restApi: testRestApi.id,\n type: \"MOCK\",\n});\nconst testDeployment = new aws.apigateway.Deployment(\"test\", {\n restApi: testRestApi.id,\n stageName: \"dev\",\n}, { dependsOn: [testIntegration] });\nconst testStage = new aws.apigateway.Stage(\"test\", {\n deployment: testDeployment.id,\n restApi: testRestApi.id,\n stageName: \"prod\",\n});\nconst methodSettings = new aws.apigateway.MethodSettings(\"s\", {\n methodPath: pulumi.interpolate`${testResource.pathPart}/${testMethod.httpMethod}`,\n restApi: testRestApi.id,\n settings: {\n loggingLevel: \"INFO\",\n metricsEnabled: true,\n },\n stageName: testStage.stageName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_rest_api = aws.apigateway.RestApi(\"testRestApi\", description=\"This is my API for demonstration purposes\")\ntest_deployment = aws.apigateway.Deployment(\"testDeployment\",\n rest_api=test_rest_api.id,\n stage_name=\"dev\")\ntest_stage = aws.apigateway.Stage(\"testStage\",\n deployment=test_deployment.id,\n rest_api=test_rest_api.id,\n stage_name=\"prod\")\ntest_resource = aws.apigateway.Resource(\"testResource\",\n parent_id=test_rest_api.root_resource_id,\n path_part=\"mytestresource\",\n rest_api=test_rest_api.id)\ntest_method = aws.apigateway.Method(\"testMethod\",\n authorization=\"NONE\",\n http_method=\"GET\",\n resource_id=test_resource.id,\n rest_api=test_rest_api.id)\nmethod_settings = aws.apigateway.MethodSettings(\"methodSettings\",\n method_path=pulumi.Output.all(test_resource.path_part, test_method.http_method).apply(lambda path_part, http_method: f\"{path_part}/{http_method}\"),\n rest_api=test_rest_api.id,\n settings={\n \"loggingLevel\": \"INFO\",\n \"metricsEnabled\": True,\n },\n stage_name=test_stage.stage_name)\ntest_integration = aws.apigateway.Integration(\"testIntegration\",\n http_method=test_method.http_method,\n request_templates={\n \"application/xml\": \"\"\"{\n \"body\" : $input.json('$')\n}\n\n\"\"\",\n },\n resource_id=test_resource.id,\n rest_api=test_rest_api.id,\n type=\"MOCK\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testRestApi = new Aws.ApiGateway.RestApi(\"testRestApi\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n var testDeployment = new Aws.ApiGateway.Deployment(\"testDeployment\", new Aws.ApiGateway.DeploymentArgs\n {\n RestApi = testRestApi.Id,\n StageName = \"dev\",\n });\n var testStage = new Aws.ApiGateway.Stage(\"testStage\", new Aws.ApiGateway.StageArgs\n {\n Deployment = testDeployment.Id,\n RestApi = testRestApi.Id,\n StageName = \"prod\",\n });\n var testResource = new Aws.ApiGateway.Resource(\"testResource\", new Aws.ApiGateway.ResourceArgs\n {\n ParentId = testRestApi.RootResourceId,\n PathPart = \"mytestresource\",\n RestApi = testRestApi.Id,\n });\n var testMethod = new Aws.ApiGateway.Method(\"testMethod\", new Aws.ApiGateway.MethodArgs\n {\n Authorization = \"NONE\",\n HttpMethod = \"GET\",\n ResourceId = testResource.Id,\n RestApi = testRestApi.Id,\n });\n var methodSettings = new Aws.ApiGateway.MethodSettings(\"methodSettings\", new Aws.ApiGateway.MethodSettingsArgs\n {\n MethodPath = Output.Tuple(testResource.PathPart, testMethod.HttpMethod).Apply(values =\u003e\n {\n var pathPart = values.Item1;\n var httpMethod = values.Item2;\n return $\"{pathPart}/{httpMethod}\";\n }),\n RestApi = testRestApi.Id,\n Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs\n {\n LoggingLevel = \"INFO\",\n MetricsEnabled = true,\n },\n StageName = testStage.StageName,\n });\n var testIntegration = new Aws.ApiGateway.Integration(\"testIntegration\", new Aws.ApiGateway.IntegrationArgs\n {\n HttpMethod = testMethod.HttpMethod,\n RequestTemplates = \n {\n { \"application/xml\", @\"{\n \"\"body\"\" : $input.json('$')\n}\n\n\" },\n },\n ResourceId = testResource.Id,\n RestApi = testRestApi.Id,\n Type = \"MOCK\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestRestApi, err := apigateway.NewRestApi(ctx, \"testRestApi\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestDeployment, err := apigateway.NewDeployment(ctx, \"testDeployment\", \u0026apigateway.DeploymentArgs{\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tStageName: pulumi.String(\"dev\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStage, err := apigateway.NewStage(ctx, \"testStage\", \u0026apigateway.StageArgs{\n\t\t\tDeployment: testDeployment.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tStageName: pulumi.String(\"prod\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestResource, err := apigateway.NewResource(ctx, \"testResource\", \u0026apigateway.ResourceArgs{\n\t\t\tParentId: testRestApi.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mytestresource\"),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestMethod, err := apigateway.NewMethod(ctx, \"testMethod\", \u0026apigateway.MethodArgs{\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tResourceId: testResource.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodSettings(ctx, \"methodSettings\", \u0026apigateway.MethodSettingsArgs{\n\t\t\tMethodPath: pulumi.All(testResource.PathPart, testMethod.HttpMethod).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tpathPart := _args[0].(string)\n\t\t\t\thttpMethod := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v\", pathPart, \"/\", httpMethod), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tSettings: \u0026apigateway.MethodSettingsSettingsArgs{\n\t\t\t\tLoggingLevel: pulumi.String(\"INFO\"),\n\t\t\t\tMetricsEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tStageName: testStage.StageName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"testIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tHttpMethod: testMethod.HttpMethod,\n\t\t\tRequestTemplates: pulumi.Map{\n\t\t\t\t\"application/xml\": pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"body\\\" : \", \"$\", \"input.json('\", \"$\", \"')\\n\", \"}\\n\", \"\\n\")),\n\t\t\t},\n\t\t\tResourceId: testResource.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "methodPath": { "type": "string", "description": "Method path defined as `{resource_path}/{http_method}` for an individual method override, or `*/*` for overriding all methods in the stage.\n" }, "restApi": { "type": "string", "description": "The ID of the REST API\n" }, "settings": { "$ref": "#/types/aws:apigateway/MethodSettingsSettings:MethodSettingsSettings", "description": "The settings block, see below.\n" }, "stageName": { "type": "string", "description": "The name of the stage\n" } }, "required": [ "methodPath", "restApi", "settings", "stageName" ], "inputProperties": { "methodPath": { "type": "string", "description": "Method path defined as `{resource_path}/{http_method}` for an individual method override, or `*/*` for overriding all methods in the stage.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the REST API\n" }, "settings": { "$ref": "#/types/aws:apigateway/MethodSettingsSettings:MethodSettingsSettings", "description": "The settings block, see below.\n" }, "stageName": { "type": "string", "description": "The name of the stage\n" } }, "requiredInputs": [ "methodPath", "restApi", "settings", "stageName" ], "stateInputs": { "description": "Input properties used for looking up and filtering MethodSettings resources.\n", "properties": { "methodPath": { "type": "string", "description": "Method path defined as `{resource_path}/{http_method}` for an individual method override, or `*/*` for overriding all methods in the stage.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the REST API\n" }, "settings": { "$ref": "#/types/aws:apigateway/MethodSettingsSettings:MethodSettingsSettings", "description": "The settings block, see below.\n" }, "stageName": { "type": "string", "description": "The name of the stage\n" } }, "type": "object" } }, "aws:apigateway/model:Model": { "description": "Provides a Model for a REST API Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoModel = new aws.apigateway.Model(\"MyDemoModel\", {\n contentType: \"application/json\",\n description: \"a JSON schema\",\n restApi: myDemoAPI.id,\n schema: `{\n \"type\": \"object\"\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"myDemoAPI\", description=\"This is my API for demonstration purposes\")\nmy_demo_model = aws.apigateway.Model(\"myDemoModel\",\n content_type=\"application/json\",\n description=\"a JSON schema\",\n rest_api=my_demo_api.id,\n schema=\"\"\"{\n \"type\": \"object\"\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"myDemoAPI\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n var myDemoModel = new Aws.ApiGateway.Model(\"myDemoModel\", new Aws.ApiGateway.ModelArgs\n {\n ContentType = \"application/json\",\n Description = \"a JSON schema\",\n RestApi = myDemoAPI.Id,\n Schema = @\"{\n \"\"type\"\": \"\"object\"\"\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"myDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewModel(ctx, \"myDemoModel\", \u0026apigateway.ModelArgs{\n\t\t\tContentType: pulumi.String(\"application/json\"),\n\t\t\tDescription: pulumi.String(\"a JSON schema\"),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tSchema: pulumi.String(fmt.Sprintf(\"%v%v%v%v\", \"{\\n\", \" \\\"type\\\": \\\"object\\\"\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "contentType": { "type": "string", "description": "The content type of the model\n" }, "description": { "type": "string", "description": "The description of the model\n" }, "name": { "type": "string", "description": "The name of the model\n" }, "restApi": { "type": "string", "description": "The ID of the associated REST API\n" }, "schema": { "type": "string", "description": "The schema of the model in a JSON form\n" } }, "required": [ "contentType", "name", "restApi" ], "inputProperties": { "contentType": { "type": "string", "description": "The content type of the model\n" }, "description": { "type": "string", "description": "The description of the model\n" }, "name": { "type": "string", "description": "The name of the model\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "schema": { "type": "string", "description": "The schema of the model in a JSON form\n" } }, "requiredInputs": [ "contentType", "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering Model resources.\n", "properties": { "contentType": { "type": "string", "description": "The content type of the model\n" }, "description": { "type": "string", "description": "The description of the model\n" }, "name": { "type": "string", "description": "The name of the model\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "schema": { "type": "string", "description": "The schema of the model in a JSON form\n" } }, "type": "object" } }, "aws:apigateway/requestValidator:RequestValidator": { "description": "Manages an API Gateway Request Validator.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigateway.RequestValidator(\"example\", {\n restApi: aws_api_gateway_rest_api_example.id,\n validateRequestBody: true,\n validateRequestParameters: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.RequestValidator(\"example\",\n rest_api=aws_api_gateway_rest_api[\"example\"][\"id\"],\n validate_request_body=True,\n validate_request_parameters=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGateway.RequestValidator(\"example\", new Aws.ApiGateway.RequestValidatorArgs\n {\n RestApi = aws_api_gateway_rest_api.Example.Id,\n ValidateRequestBody = true,\n ValidateRequestParameters = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigateway.NewRequestValidator(ctx, \"example\", \u0026apigateway.RequestValidatorArgs{\n\t\t\tRestApi: pulumi.String(aws_api_gateway_rest_api.Example.Id),\n\t\t\tValidateRequestBody: pulumi.Bool(true),\n\t\t\tValidateRequestParameters: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name of the request validator\n" }, "restApi": { "type": "string", "description": "The ID of the associated Rest API\n" }, "validateRequestBody": { "type": "boolean", "description": "Boolean whether to validate request body. Defaults to `false`.\n" }, "validateRequestParameters": { "type": "boolean", "description": "Boolean whether to validate request parameters. Defaults to `false`.\n" } }, "required": [ "name", "restApi" ], "inputProperties": { "name": { "type": "string", "description": "The name of the request validator\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated Rest API\n" }, "validateRequestBody": { "type": "boolean", "description": "Boolean whether to validate request body. Defaults to `false`.\n" }, "validateRequestParameters": { "type": "boolean", "description": "Boolean whether to validate request parameters. Defaults to `false`.\n" } }, "requiredInputs": [ "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering RequestValidator resources.\n", "properties": { "name": { "type": "string", "description": "The name of the request validator\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated Rest API\n" }, "validateRequestBody": { "type": "boolean", "description": "Boolean whether to validate request body. Defaults to `false`.\n" }, "validateRequestParameters": { "type": "boolean", "description": "Boolean whether to validate request parameters. Defaults to `false`.\n" } }, "type": "object" } }, "aws:apigateway/resource:Resource": { "description": "Provides an API Gateway Resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n restApi: myDemoAPI.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"myDemoAPI\", description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"myDemoResource\",\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\",\n rest_api=my_demo_api.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"myDemoAPI\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n var myDemoResource = new Aws.ApiGateway.Resource(\"myDemoResource\", new Aws.ApiGateway.ResourceArgs\n {\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n RestApi = myDemoAPI.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"myDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewResource(ctx, \"myDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "parentId": { "type": "string", "description": "The ID of the parent API resource\n" }, "path": { "type": "string", "description": "The complete path for this API resource, including all parent paths.\n" }, "pathPart": { "type": "string", "description": "The last path segment of this API resource.\n" }, "restApi": { "type": "string", "description": "The ID of the associated REST API\n" } }, "required": [ "parentId", "path", "pathPart", "restApi" ], "inputProperties": { "parentId": { "type": "string", "description": "The ID of the parent API resource\n" }, "pathPart": { "type": "string", "description": "The last path segment of this API resource.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" } }, "requiredInputs": [ "parentId", "pathPart", "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering Resource resources.\n", "properties": { "parentId": { "type": "string", "description": "The ID of the parent API resource\n" }, "path": { "type": "string", "description": "The complete path for this API resource, including all parent paths.\n" }, "pathPart": { "type": "string", "description": "The last path segment of this API resource.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" } }, "type": "object" } }, "aws:apigateway/response:Response": { "description": "Provides an API Gateway Gateway Response for a REST API Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.apigateway.RestApi(\"main\", {});\nconst test = new aws.apigateway.Response(\"test\", {\n responseParameters: {\n \"gatewayresponse.header.Authorization\": \"'Basic'\",\n },\n responseTemplates: {\n \"application/json\": \"{'message':$context.error.messageString}\",\n },\n responseType: \"UNAUTHORIZED\",\n restApiId: main.id,\n statusCode: \"401\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.apigateway.RestApi(\"main\")\ntest = aws.apigateway.Response(\"test\",\n response_parameters={\n \"gatewayresponse.header.Authorization\": \"'Basic'\",\n },\n response_templates={\n \"application/json\": \"{'message':$context.error.messageString}\",\n },\n response_type=\"UNAUTHORIZED\",\n rest_api_id=main.id,\n status_code=\"401\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.ApiGateway.RestApi(\"main\", new Aws.ApiGateway.RestApiArgs\n {\n });\n var test = new Aws.ApiGateway.Response(\"test\", new Aws.ApiGateway.ResponseArgs\n {\n ResponseParameters = \n {\n { \"gatewayresponse.header.Authorization\", \"'Basic'\" },\n },\n ResponseTemplates = \n {\n { \"application/json\", \"{'message':$context.error.messageString}\" },\n },\n ResponseType = \"UNAUTHORIZED\",\n RestApiId = main.Id,\n StatusCode = \"401\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := apigateway.NewRestApi(ctx, \"main\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewResponse(ctx, \"test\", \u0026apigateway.ResponseArgs{\n\t\t\tResponseParameters: pulumi.Map{\n\t\t\t\t\"gatewayresponse.header.Authorization\": pulumi.String(\"'Basic'\"),\n\t\t\t},\n\t\t\tResponseTemplates: pulumi.Map{\n\t\t\t\t\"application/json\": pulumi.String(fmt.Sprintf(\"%v%v%v\", \"{'message':\", \"$\", \"context.error.messageString}\")),\n\t\t\t},\n\t\t\tResponseType: pulumi.String(\"UNAUTHORIZED\"),\n\t\t\tRestApiId: main.ID(),\n\t\t\tStatusCode: pulumi.String(\"401\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the parameters (paths, query strings and headers) of the Gateway Response.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the templates used to transform the response body.\n" }, "responseType": { "type": "string", "description": "The response type of the associated GatewayResponse.\n" }, "restApiId": { "type": "string", "description": "The string identifier of the associated REST API.\n" }, "statusCode": { "type": "string", "description": "The HTTP status code of the Gateway Response.\n" } }, "required": [ "responseType", "restApiId" ], "inputProperties": { "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the parameters (paths, query strings and headers) of the Gateway Response.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the templates used to transform the response body.\n" }, "responseType": { "type": "string", "description": "The response type of the associated GatewayResponse.\n" }, "restApiId": { "type": "string", "description": "The string identifier of the associated REST API.\n" }, "statusCode": { "type": "string", "description": "The HTTP status code of the Gateway Response.\n" } }, "requiredInputs": [ "responseType", "restApiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Response resources.\n", "properties": { "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the parameters (paths, query strings and headers) of the Gateway Response.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the templates used to transform the response body.\n" }, "responseType": { "type": "string", "description": "The response type of the associated GatewayResponse.\n" }, "restApiId": { "type": "string", "description": "The string identifier of the associated REST API.\n" }, "statusCode": { "type": "string", "description": "The HTTP status code of the Gateway Response.\n" } }, "type": "object" } }, "aws:apigateway/restApi:RestApi": { "description": "Provides an API Gateway REST API.\n\n\u003e **Note:** Amazon API Gateway Version 1 resources are used for creating and deploying REST APIs. To create and deploy WebSocket and HTTP APIs, use Amazon API Gateway Version 2.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n description: \"This is my API for demonstration purposes\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"myDemoAPI\", description=\"This is my API for demonstration purposes\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"myDemoAPI\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigateway.NewRestApi(ctx, \"myDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Regional Endpoint Type\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigateway.RestApi(\"example\", {\n endpointConfiguration: {\n types: \"REGIONAL\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.RestApi(\"example\", endpoint_configuration={\n \"types\": \"REGIONAL\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGateway.RestApi(\"example\", new Aws.ApiGateway.RestApiArgs\n {\n EndpointConfiguration = new Aws.ApiGateway.Inputs.RestApiEndpointConfigurationArgs\n {\n Types = \"REGIONAL\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigateway.NewRestApi(ctx, \"example\", \u0026apigateway.RestApiArgs{\n\t\t\tEndpointConfiguration: \u0026apigateway.RestApiEndpointConfigurationArgs{\n\t\t\t\tTypes: pulumi.String(\"REGIONAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiKeySource": { "type": "string", "description": "The source of the API key for requests. Valid values are HEADER (default) and AUTHORIZER.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "binaryMediaTypes": { "type": "array", "items": { "type": "string" }, "description": "The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.\n" }, "body": { "type": "string", "description": "An OpenAPI specification that defines the set of routes and integrations to create as part of the REST API.\n" }, "createdDate": { "type": "string", "description": "The creation date of the REST API\n" }, "description": { "type": "string", "description": "The description of the REST API\n" }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/RestApiEndpointConfiguration:RestApiEndpointConfiguration", "description": "Nested argument defining API endpoint configuration including endpoint type. Defined below.\n" }, "executionArn": { "type": "string", "description": "The execution ARN part to be used in `lambda_permission`'s `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g. `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j`, which can be concatenated with allowed stage, method and resource path.\n" }, "minimumCompressionSize": { "type": "integer", "description": "Minimum response size to compress for the REST API. Integer between -1 and 10485760 (10MB). Setting a value greater than -1 will enable compression, -1 disables compression (default).\n" }, "name": { "type": "string", "description": "The name of the REST API\n" }, "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the API Gateway.\n" }, "rootResourceId": { "type": "string", "description": "The resource ID of the REST API's root\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "createdDate", "endpointConfiguration", "executionArn", "name", "rootResourceId" ], "inputProperties": { "apiKeySource": { "type": "string", "description": "The source of the API key for requests. Valid values are HEADER (default) and AUTHORIZER.\n" }, "binaryMediaTypes": { "type": "array", "items": { "type": "string" }, "description": "The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.\n" }, "body": { "type": "string", "description": "An OpenAPI specification that defines the set of routes and integrations to create as part of the REST API.\n" }, "description": { "type": "string", "description": "The description of the REST API\n" }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/RestApiEndpointConfiguration:RestApiEndpointConfiguration", "description": "Nested argument defining API endpoint configuration including endpoint type. Defined below.\n" }, "minimumCompressionSize": { "type": "integer", "description": "Minimum response size to compress for the REST API. Integer between -1 and 10485760 (10MB). Setting a value greater than -1 will enable compression, -1 disables compression (default).\n" }, "name": { "type": "string", "description": "The name of the REST API\n" }, "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the API Gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering RestApi resources.\n", "properties": { "apiKeySource": { "type": "string", "description": "The source of the API key for requests. Valid values are HEADER (default) and AUTHORIZER.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "binaryMediaTypes": { "type": "array", "items": { "type": "string" }, "description": "The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.\n" }, "body": { "type": "string", "description": "An OpenAPI specification that defines the set of routes and integrations to create as part of the REST API.\n" }, "createdDate": { "type": "string", "description": "The creation date of the REST API\n" }, "description": { "type": "string", "description": "The description of the REST API\n" }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/RestApiEndpointConfiguration:RestApiEndpointConfiguration", "description": "Nested argument defining API endpoint configuration including endpoint type. Defined below.\n" }, "executionArn": { "type": "string", "description": "The execution ARN part to be used in `lambda_permission`'s `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g. `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j`, which can be concatenated with allowed stage, method and resource path.\n" }, "minimumCompressionSize": { "type": "integer", "description": "Minimum response size to compress for the REST API. Integer between -1 and 10485760 (10MB). Setting a value greater than -1 will enable compression, -1 disables compression (default).\n" }, "name": { "type": "string", "description": "The name of the REST API\n" }, "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the API Gateway.\n" }, "rootResourceId": { "type": "string", "description": "The resource ID of the REST API's root\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:apigateway/stage:Stage": { "description": "Provides an API Gateway Stage.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRestApi = new aws.apigateway.RestApi(\"test\", {\n description: \"This is my API for demonstration purposes\",\n});\nconst testResource = new aws.apigateway.Resource(\"test\", {\n parentId: testRestApi.rootResourceId,\n pathPart: \"mytestresource\",\n restApi: testRestApi.id,\n});\nconst testMethod = new aws.apigateway.Method(\"test\", {\n authorization: \"NONE\",\n httpMethod: \"GET\",\n resourceId: testResource.id,\n restApi: testRestApi.id,\n});\nconst testIntegration = new aws.apigateway.Integration(\"test\", {\n httpMethod: testMethod.httpMethod,\n resourceId: testResource.id,\n restApi: testRestApi.id,\n type: \"MOCK\",\n});\nconst testDeployment = new aws.apigateway.Deployment(\"test\", {\n restApi: testRestApi.id,\n stageName: \"dev\",\n}, { dependsOn: [testIntegration] });\nconst testStage = new aws.apigateway.Stage(\"test\", {\n deployment: testDeployment.id,\n restApi: testRestApi.id,\n stageName: \"prod\",\n});\nconst methodSettings = new aws.apigateway.MethodSettings(\"s\", {\n methodPath: pulumi.interpolate`${testResource.pathPart}/${testMethod.httpMethod}`,\n restApi: testRestApi.id,\n settings: {\n loggingLevel: \"INFO\",\n metricsEnabled: true,\n },\n stageName: testStage.stageName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_rest_api = aws.apigateway.RestApi(\"testRestApi\", description=\"This is my API for demonstration purposes\")\ntest_deployment = aws.apigateway.Deployment(\"testDeployment\",\n rest_api=test_rest_api.id,\n stage_name=\"dev\")\ntest_stage = aws.apigateway.Stage(\"testStage\",\n deployment=test_deployment.id,\n rest_api=test_rest_api.id,\n stage_name=\"prod\")\ntest_resource = aws.apigateway.Resource(\"testResource\",\n parent_id=test_rest_api.root_resource_id,\n path_part=\"mytestresource\",\n rest_api=test_rest_api.id)\ntest_method = aws.apigateway.Method(\"testMethod\",\n authorization=\"NONE\",\n http_method=\"GET\",\n resource_id=test_resource.id,\n rest_api=test_rest_api.id)\nmethod_settings = aws.apigateway.MethodSettings(\"methodSettings\",\n method_path=pulumi.Output.all(test_resource.path_part, test_method.http_method).apply(lambda path_part, http_method: f\"{path_part}/{http_method}\"),\n rest_api=test_rest_api.id,\n settings={\n \"loggingLevel\": \"INFO\",\n \"metricsEnabled\": True,\n },\n stage_name=test_stage.stage_name)\ntest_integration = aws.apigateway.Integration(\"testIntegration\",\n http_method=test_method.http_method,\n resource_id=test_resource.id,\n rest_api=test_rest_api.id,\n type=\"MOCK\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testRestApi = new Aws.ApiGateway.RestApi(\"testRestApi\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n var testDeployment = new Aws.ApiGateway.Deployment(\"testDeployment\", new Aws.ApiGateway.DeploymentArgs\n {\n RestApi = testRestApi.Id,\n StageName = \"dev\",\n });\n var testStage = new Aws.ApiGateway.Stage(\"testStage\", new Aws.ApiGateway.StageArgs\n {\n Deployment = testDeployment.Id,\n RestApi = testRestApi.Id,\n StageName = \"prod\",\n });\n var testResource = new Aws.ApiGateway.Resource(\"testResource\", new Aws.ApiGateway.ResourceArgs\n {\n ParentId = testRestApi.RootResourceId,\n PathPart = \"mytestresource\",\n RestApi = testRestApi.Id,\n });\n var testMethod = new Aws.ApiGateway.Method(\"testMethod\", new Aws.ApiGateway.MethodArgs\n {\n Authorization = \"NONE\",\n HttpMethod = \"GET\",\n ResourceId = testResource.Id,\n RestApi = testRestApi.Id,\n });\n var methodSettings = new Aws.ApiGateway.MethodSettings(\"methodSettings\", new Aws.ApiGateway.MethodSettingsArgs\n {\n MethodPath = Output.Tuple(testResource.PathPart, testMethod.HttpMethod).Apply(values =\u003e\n {\n var pathPart = values.Item1;\n var httpMethod = values.Item2;\n return $\"{pathPart}/{httpMethod}\";\n }),\n RestApi = testRestApi.Id,\n Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs\n {\n LoggingLevel = \"INFO\",\n MetricsEnabled = true,\n },\n StageName = testStage.StageName,\n });\n var testIntegration = new Aws.ApiGateway.Integration(\"testIntegration\", new Aws.ApiGateway.IntegrationArgs\n {\n HttpMethod = testMethod.HttpMethod,\n ResourceId = testResource.Id,\n RestApi = testRestApi.Id,\n Type = \"MOCK\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestRestApi, err := apigateway.NewRestApi(ctx, \"testRestApi\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestDeployment, err := apigateway.NewDeployment(ctx, \"testDeployment\", \u0026apigateway.DeploymentArgs{\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tStageName: pulumi.String(\"dev\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStage, err := apigateway.NewStage(ctx, \"testStage\", \u0026apigateway.StageArgs{\n\t\t\tDeployment: testDeployment.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tStageName: pulumi.String(\"prod\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestResource, err := apigateway.NewResource(ctx, \"testResource\", \u0026apigateway.ResourceArgs{\n\t\t\tParentId: testRestApi.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mytestresource\"),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestMethod, err := apigateway.NewMethod(ctx, \"testMethod\", \u0026apigateway.MethodArgs{\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tResourceId: testResource.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodSettings(ctx, \"methodSettings\", \u0026apigateway.MethodSettingsArgs{\n\t\t\tMethodPath: pulumi.All(testResource.PathPart, testMethod.HttpMethod).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tpathPart := _args[0].(string)\n\t\t\t\thttpMethod := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v\", pathPart, \"/\", httpMethod), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tSettings: \u0026apigateway.MethodSettingsSettingsArgs{\n\t\t\t\tLoggingLevel: pulumi.String(\"INFO\"),\n\t\t\t\tMetricsEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tStageName: testStage.StageName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"testIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tHttpMethod: testMethod.HttpMethod,\n\t\t\tResourceId: testResource.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessLogSettings": { "$ref": "#/types/aws:apigateway/StageAccessLogSettings:StageAccessLogSettings", "description": "Enables access logs for the API stage. Detailed below.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "cacheClusterEnabled": { "type": "boolean", "description": "Specifies whether a cache cluster is enabled for the stage\n" }, "cacheClusterSize": { "type": "string", "description": "The size of the cache cluster for the stage, if enabled.\nAllowed values include `0.5`, `1.6`, `6.1`, `13.5`, `28.4`, `58.2`, `118` and `237`.\n" }, "clientCertificateId": { "type": "string", "description": "The identifier of a client certificate for the stage.\n" }, "deployment": { "type": "string", "description": "The ID of the deployment that the stage points to\n" }, "description": { "type": "string", "description": "The description of the stage\n" }, "documentationVersion": { "type": "string", "description": "The version of the associated API documentation\n" }, "executionArn": { "type": "string", "description": "The execution ARN to be used in `lambda_permission`'s `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g. `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j/prod`\n" }, "invokeUrl": { "type": "string", "description": "The URL to invoke the API pointing to the stage,\ne.g. `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/prod`\n" }, "restApi": { "type": "string", "description": "The ID of the associated REST API\n" }, "stageName": { "type": "string", "description": "The name of the stage\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that defines the stage variables\n" }, "xrayTracingEnabled": { "type": "boolean", "description": "Whether active tracing with X-ray is enabled. Defaults to `false`.\n" } }, "required": [ "arn", "deployment", "executionArn", "invokeUrl", "restApi", "stageName" ], "inputProperties": { "accessLogSettings": { "$ref": "#/types/aws:apigateway/StageAccessLogSettings:StageAccessLogSettings", "description": "Enables access logs for the API stage. Detailed below.\n" }, "cacheClusterEnabled": { "type": "boolean", "description": "Specifies whether a cache cluster is enabled for the stage\n" }, "cacheClusterSize": { "type": "string", "description": "The size of the cache cluster for the stage, if enabled.\nAllowed values include `0.5`, `1.6`, `6.1`, `13.5`, `28.4`, `58.2`, `118` and `237`.\n" }, "clientCertificateId": { "type": "string", "description": "The identifier of a client certificate for the stage.\n" }, "deployment": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/deployment:Deployment" } ], "description": "The ID of the deployment that the stage points to\n" }, "description": { "type": "string", "description": "The description of the stage\n" }, "documentationVersion": { "type": "string", "description": "The version of the associated API documentation\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "stageName": { "type": "string", "description": "The name of the stage\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that defines the stage variables\n" }, "xrayTracingEnabled": { "type": "boolean", "description": "Whether active tracing with X-ray is enabled. Defaults to `false`.\n" } }, "requiredInputs": [ "deployment", "restApi", "stageName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Stage resources.\n", "properties": { "accessLogSettings": { "$ref": "#/types/aws:apigateway/StageAccessLogSettings:StageAccessLogSettings", "description": "Enables access logs for the API stage. Detailed below.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "cacheClusterEnabled": { "type": "boolean", "description": "Specifies whether a cache cluster is enabled for the stage\n" }, "cacheClusterSize": { "type": "string", "description": "The size of the cache cluster for the stage, if enabled.\nAllowed values include `0.5`, `1.6`, `6.1`, `13.5`, `28.4`, `58.2`, `118` and `237`.\n" }, "clientCertificateId": { "type": "string", "description": "The identifier of a client certificate for the stage.\n" }, "deployment": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/deployment:Deployment" } ], "description": "The ID of the deployment that the stage points to\n" }, "description": { "type": "string", "description": "The description of the stage\n" }, "documentationVersion": { "type": "string", "description": "The version of the associated API documentation\n" }, "executionArn": { "type": "string", "description": "The execution ARN to be used in `lambda_permission`'s `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g. `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j/prod`\n" }, "invokeUrl": { "type": "string", "description": "The URL to invoke the API pointing to the stage,\ne.g. `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/prod`\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The ID of the associated REST API\n" }, "stageName": { "type": "string", "description": "The name of the stage\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that defines the stage variables\n" }, "xrayTracingEnabled": { "type": "boolean", "description": "Whether active tracing with X-ray is enabled. Defaults to `false`.\n" } }, "type": "object" } }, "aws:apigateway/usagePlan:UsagePlan": { "description": "Provides an API Gateway Usage Plan.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myapi = new aws.apigateway.RestApi(\"myapi\", {});\nconst dev = new aws.apigateway.Deployment(\"dev\", {\n restApi: myapi.id,\n stageName: \"dev\",\n});\nconst prod = new aws.apigateway.Deployment(\"prod\", {\n restApi: myapi.id,\n stageName: \"prod\",\n});\nconst myUsagePlan = new aws.apigateway.UsagePlan(\"MyUsagePlan\", {\n apiStages: [\n {\n apiId: myapi.id,\n stage: dev.stageName,\n },\n {\n apiId: myapi.id,\n stage: prod.stageName,\n },\n ],\n description: \"my description\",\n productCode: \"MYCODE\",\n quotaSettings: {\n limit: 20,\n offset: 2,\n period: \"WEEK\",\n },\n throttleSettings: {\n burstLimit: 5,\n rateLimit: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmyapi = aws.apigateway.RestApi(\"myapi\")\ndev = aws.apigateway.Deployment(\"dev\",\n rest_api=myapi.id,\n stage_name=\"dev\")\nprod = aws.apigateway.Deployment(\"prod\",\n rest_api=myapi.id,\n stage_name=\"prod\")\nmy_usage_plan = aws.apigateway.UsagePlan(\"myUsagePlan\",\n api_stages=[\n {\n \"api_id\": myapi.id,\n \"stage\": dev.stage_name,\n },\n {\n \"api_id\": myapi.id,\n \"stage\": prod.stage_name,\n },\n ],\n description=\"my description\",\n product_code=\"MYCODE\",\n quota_settings={\n \"limit\": 20,\n \"offset\": 2,\n \"period\": \"WEEK\",\n },\n throttle_settings={\n \"burstLimit\": 5,\n \"rate_limit\": 10,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myapi = new Aws.ApiGateway.RestApi(\"myapi\", new Aws.ApiGateway.RestApiArgs\n {\n });\n var dev = new Aws.ApiGateway.Deployment(\"dev\", new Aws.ApiGateway.DeploymentArgs\n {\n RestApi = myapi.Id,\n StageName = \"dev\",\n });\n var prod = new Aws.ApiGateway.Deployment(\"prod\", new Aws.ApiGateway.DeploymentArgs\n {\n RestApi = myapi.Id,\n StageName = \"prod\",\n });\n var myUsagePlan = new Aws.ApiGateway.UsagePlan(\"myUsagePlan\", new Aws.ApiGateway.UsagePlanArgs\n {\n ApiStages = \n {\n new Aws.ApiGateway.Inputs.UsagePlanApiStageArgs\n {\n ApiId = myapi.Id,\n Stage = dev.StageName,\n },\n new Aws.ApiGateway.Inputs.UsagePlanApiStageArgs\n {\n ApiId = myapi.Id,\n Stage = prod.StageName,\n },\n },\n Description = \"my description\",\n ProductCode = \"MYCODE\",\n QuotaSettings = new Aws.ApiGateway.Inputs.UsagePlanQuotaSettingsArgs\n {\n Limit = 20,\n Offset = 2,\n Period = \"WEEK\",\n },\n ThrottleSettings = new Aws.ApiGateway.Inputs.UsagePlanThrottleSettingsArgs\n {\n BurstLimit = 5,\n RateLimit = 10,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyapi, err := apigateway.NewRestApi(ctx, \"myapi\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdev, err := apigateway.NewDeployment(ctx, \"dev\", \u0026apigateway.DeploymentArgs{\n\t\t\tRestApi: myapi.ID(),\n\t\t\tStageName: pulumi.String(\"dev\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprod, err := apigateway.NewDeployment(ctx, \"prod\", \u0026apigateway.DeploymentArgs{\n\t\t\tRestApi: myapi.ID(),\n\t\t\tStageName: pulumi.String(\"prod\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewUsagePlan(ctx, \"myUsagePlan\", \u0026apigateway.UsagePlanArgs{\n\t\t\tApiStages: apigateway.UsagePlanApiStageArray{\n\t\t\t\t\u0026apigateway.UsagePlanApiStageArgs{\n\t\t\t\t\tApiId: myapi.ID(),\n\t\t\t\t\tStage: dev.StageName,\n\t\t\t\t},\n\t\t\t\t\u0026apigateway.UsagePlanApiStageArgs{\n\t\t\t\t\tApiId: myapi.ID(),\n\t\t\t\t\tStage: prod.StageName,\n\t\t\t\t},\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tProductCode: pulumi.String(\"MYCODE\"),\n\t\t\tQuotaSettings: \u0026apigateway.UsagePlanQuotaSettingsArgs{\n\t\t\t\tLimit: pulumi.Int(20),\n\t\t\t\tOffset: pulumi.Int(2),\n\t\t\t\tPeriod: pulumi.String(\"WEEK\"),\n\t\t\t},\n\t\t\tThrottleSettings: \u0026apigateway.UsagePlanThrottleSettingsArgs{\n\t\t\t\tBurstLimit: pulumi.Int(5),\n\t\t\t\tRateLimit: pulumi.Float64(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiStages": { "type": "array", "items": { "$ref": "#/types/aws:apigateway/UsagePlanApiStage:UsagePlanApiStage" }, "description": "The associated API stages of the usage plan.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "description": { "type": "string", "description": "The description of a usage plan.\n" }, "name": { "type": "string", "description": "The name of the usage plan.\n" }, "productCode": { "type": "string", "description": "The AWS Markeplace product identifier to associate with the usage plan as a SaaS product on AWS Marketplace.\n" }, "quotaSettings": { "$ref": "#/types/aws:apigateway/UsagePlanQuotaSettings:UsagePlanQuotaSettings", "description": "The quota settings of the usage plan.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "throttleSettings": { "$ref": "#/types/aws:apigateway/UsagePlanThrottleSettings:UsagePlanThrottleSettings", "description": "The throttling limits of the usage plan.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "apiStages": { "type": "array", "items": { "$ref": "#/types/aws:apigateway/UsagePlanApiStage:UsagePlanApiStage" }, "description": "The associated API stages of the usage plan.\n" }, "description": { "type": "string", "description": "The description of a usage plan.\n" }, "name": { "type": "string", "description": "The name of the usage plan.\n" }, "productCode": { "type": "string", "description": "The AWS Markeplace product identifier to associate with the usage plan as a SaaS product on AWS Marketplace.\n" }, "quotaSettings": { "$ref": "#/types/aws:apigateway/UsagePlanQuotaSettings:UsagePlanQuotaSettings", "description": "The quota settings of the usage plan.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "throttleSettings": { "$ref": "#/types/aws:apigateway/UsagePlanThrottleSettings:UsagePlanThrottleSettings", "description": "The throttling limits of the usage plan.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering UsagePlan resources.\n", "properties": { "apiStages": { "type": "array", "items": { "$ref": "#/types/aws:apigateway/UsagePlanApiStage:UsagePlanApiStage" }, "description": "The associated API stages of the usage plan.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "description": { "type": "string", "description": "The description of a usage plan.\n" }, "name": { "type": "string", "description": "The name of the usage plan.\n" }, "productCode": { "type": "string", "description": "The AWS Markeplace product identifier to associate with the usage plan as a SaaS product on AWS Marketplace.\n" }, "quotaSettings": { "$ref": "#/types/aws:apigateway/UsagePlanQuotaSettings:UsagePlanQuotaSettings", "description": "The quota settings of the usage plan.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "throttleSettings": { "$ref": "#/types/aws:apigateway/UsagePlanThrottleSettings:UsagePlanThrottleSettings", "description": "The throttling limits of the usage plan.\n" } }, "type": "object" } }, "aws:apigateway/usagePlanKey:UsagePlanKey": { "description": "Provides an API Gateway Usage Plan Key.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.apigateway.RestApi(\"test\", {});\nconst myusageplan = new aws.apigateway.UsagePlan(\"myusageplan\", {\n apiStages: [{\n apiId: test.id,\n stage: aws_api_gateway_deployment_foo.stageName,\n }],\n});\nconst mykey = new aws.apigateway.ApiKey(\"mykey\", {});\nconst main = new aws.apigateway.UsagePlanKey(\"main\", {\n keyId: mykey.id,\n keyType: \"API_KEY\",\n usagePlanId: myusageplan.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.apigateway.RestApi(\"test\")\nmyusageplan = aws.apigateway.UsagePlan(\"myusageplan\", api_stages=[{\n \"api_id\": test.id,\n \"stage\": aws_api_gateway_deployment[\"foo\"][\"stage_name\"],\n}])\nmykey = aws.apigateway.ApiKey(\"mykey\")\nmain = aws.apigateway.UsagePlanKey(\"main\",\n key_id=mykey.id,\n key_type=\"API_KEY\",\n usage_plan_id=myusageplan.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.ApiGateway.RestApi(\"test\", new Aws.ApiGateway.RestApiArgs\n {\n });\n var myusageplan = new Aws.ApiGateway.UsagePlan(\"myusageplan\", new Aws.ApiGateway.UsagePlanArgs\n {\n ApiStages = \n {\n new Aws.ApiGateway.Inputs.UsagePlanApiStageArgs\n {\n ApiId = test.Id,\n Stage = aws_api_gateway_deployment.Foo.Stage_name,\n },\n },\n });\n var mykey = new Aws.ApiGateway.ApiKey(\"mykey\", new Aws.ApiGateway.ApiKeyArgs\n {\n });\n var main = new Aws.ApiGateway.UsagePlanKey(\"main\", new Aws.ApiGateway.UsagePlanKeyArgs\n {\n KeyId = mykey.Id,\n KeyType = \"API_KEY\",\n UsagePlanId = myusageplan.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := apigateway.NewRestApi(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyusageplan, err := apigateway.NewUsagePlan(ctx, \"myusageplan\", \u0026apigateway.UsagePlanArgs{\n\t\t\tApiStages: apigateway.UsagePlanApiStageArray{\n\t\t\t\t\u0026apigateway.UsagePlanApiStageArgs{\n\t\t\t\t\tApiId: test.ID(),\n\t\t\t\t\tStage: pulumi.String(aws_api_gateway_deployment.Foo.Stage_name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmykey, err := apigateway.NewApiKey(ctx, \"mykey\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewUsagePlanKey(ctx, \"main\", \u0026apigateway.UsagePlanKeyArgs{\n\t\t\tKeyId: mykey.ID(),\n\t\t\tKeyType: pulumi.String(\"API_KEY\"),\n\t\t\tUsagePlanId: myusageplan.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "keyId": { "type": "string", "description": "The identifier of the API key resource.\n" }, "keyType": { "type": "string", "description": "The type of the API key resource. Currently, the valid key type is API_KEY.\n" }, "name": { "type": "string", "description": "The name of a usage plan key.\n" }, "usagePlanId": { "type": "string", "description": "The Id of the usage plan resource representing to associate the key to.\n" }, "value": { "type": "string", "description": "The value of a usage plan key.\n" } }, "required": [ "keyId", "keyType", "name", "usagePlanId", "value" ], "inputProperties": { "keyId": { "type": "string", "description": "The identifier of the API key resource.\n" }, "keyType": { "type": "string", "description": "The type of the API key resource. Currently, the valid key type is API_KEY.\n" }, "usagePlanId": { "type": "string", "description": "The Id of the usage plan resource representing to associate the key to.\n" } }, "requiredInputs": [ "keyId", "keyType", "usagePlanId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UsagePlanKey resources.\n", "properties": { "keyId": { "type": "string", "description": "The identifier of the API key resource.\n" }, "keyType": { "type": "string", "description": "The type of the API key resource. Currently, the valid key type is API_KEY.\n" }, "name": { "type": "string", "description": "The name of a usage plan key.\n" }, "usagePlanId": { "type": "string", "description": "The Id of the usage plan resource representing to associate the key to.\n" }, "value": { "type": "string", "description": "The value of a usage plan key.\n" } }, "type": "object" } }, "aws:apigateway/vpcLink:VpcLink": { "description": "Provides an API Gateway VPC Link.\n\n\u003e **Note:** Amazon API Gateway Version 1 VPC Links enable private integrations that connect REST APIs to private resources in a VPC.\nTo enable private integration for HTTP APIs, use the `Amazon API Gateway Version 2 VPC Link` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLoadBalancer = new aws.lb.LoadBalancer(\"example\", {\n internal: true,\n loadBalancerType: \"network\",\n subnetMappings: [{\n subnetId: \"12345\",\n }],\n});\nconst exampleVpcLink = new aws.apigateway.VpcLink(\"example\", {\n description: \"example description\",\n targetArn: exampleLoadBalancer.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_load_balancer = aws.lb.LoadBalancer(\"exampleLoadBalancer\",\n internal=True,\n load_balancer_type=\"network\",\n subnet_mappings=[{\n \"subnet_id\": \"12345\",\n }])\nexample_vpc_link = aws.apigateway.VpcLink(\"exampleVpcLink\",\n description=\"example description\",\n target_arn=example_load_balancer.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleLoadBalancer = new Aws.LB.LoadBalancer(\"exampleLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n Internal = true,\n LoadBalancerType = \"network\",\n SubnetMappings = \n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = \"12345\",\n },\n },\n });\n var exampleVpcLink = new Aws.ApiGateway.VpcLink(\"exampleVpcLink\", new Aws.ApiGateway.VpcLinkArgs\n {\n Description = \"example description\",\n TargetArn = exampleLoadBalancer.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLoadBalancer, err := lb.NewLoadBalancer(ctx, \"exampleLoadBalancer\", \u0026lb.LoadBalancerArgs{\n\t\t\tInternal: pulumi.Bool(true),\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.String(\"12345\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewVpcLink(ctx, \"exampleVpcLink\", \u0026apigateway.VpcLinkArgs{\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tTargetArn: exampleLoadBalancer.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string" }, "description": { "type": "string", "description": "The description of the VPC link.\n" }, "name": { "type": "string", "description": "The name used to label and identify the VPC link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "targetArn": { "type": "string", "description": "The list of network load balancer arns in the VPC targeted by the VPC link. Currently AWS only supports 1 target.\n" } }, "required": [ "arn", "name", "targetArn" ], "inputProperties": { "description": { "type": "string", "description": "The description of the VPC link.\n" }, "name": { "type": "string", "description": "The name used to label and identify the VPC link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "targetArn": { "type": "string", "description": "The list of network load balancer arns in the VPC targeted by the VPC link. Currently AWS only supports 1 target.\n" } }, "requiredInputs": [ "targetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcLink resources.\n", "properties": { "arn": { "type": "string" }, "description": { "type": "string", "description": "The description of the VPC link.\n" }, "name": { "type": "string", "description": "The name used to label and identify the VPC link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "targetArn": { "type": "string", "description": "The list of network load balancer arns in the VPC targeted by the VPC link. Currently AWS only supports 1 target.\n" } }, "type": "object" } }, "aws:apigatewayv2/api:Api": { "description": "Manages an Amazon API Gateway Version 2 API.\n\n\u003e **Note:** Amazon API Gateway Version 2 resources are used for creating and deploying WebSocket and HTTP APIs. To create and deploy REST APIs, use Amazon API Gateway Version 1.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic WebSocket API\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Api(\"example\", {\n protocolType: \"WEBSOCKET\",\n routeSelectionExpression: \"$request.body.action\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Api(\"example\",\n protocol_type=\"WEBSOCKET\",\n route_selection_expression=\"$request.body.action\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.Api(\"example\", new Aws.ApiGatewayV2.ApiArgs\n {\n ProtocolType = \"WEBSOCKET\",\n RouteSelectionExpression = \"$request.body.action\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewApi(ctx, \"example\", \u0026apigatewayv2.ApiArgs{\n\t\t\tProtocolType: pulumi.String(\"WEBSOCKET\"),\n\t\t\tRouteSelectionExpression: pulumi.String(fmt.Sprintf(\"%v%v\", \"$\", \"request.body.action\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Basic HTTP API\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Api(\"example\", {\n protocolType: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Api(\"example\", protocol_type=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.Api(\"example\", new Aws.ApiGatewayV2.ApiArgs\n {\n ProtocolType = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewApi(ctx, \"example\", \u0026apigatewayv2.ApiArgs{\n\t\t\tProtocolType: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiEndpoint": { "type": "string", "description": "The URI of the API, of the form `{api-id}.execute-api.{region}.amazonaws.com`.\n" }, "apiKeySelectionExpression": { "type": "string", "description": "An [API key selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions).\nValid values: `$context.authorizer.usageIdentifierKey`, `$request.header.x-api-key`. Defaults to `$request.header.x-api-key`.\nApplicable for WebSocket APIs.\n" }, "arn": { "type": "string", "description": "The ARN of the API.\n" }, "corsConfiguration": { "$ref": "#/types/aws:apigatewayv2/ApiCorsConfiguration:ApiCorsConfiguration", "description": "The cross-origin resource sharing (CORS) [configuration](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html). Applicable for HTTP APIs.\n" }, "credentialsArn": { "type": "string", "description": "Part of _quick create_. Specifies any credentials required for the integration. Applicable for HTTP APIs.\n" }, "description": { "type": "string", "description": "The description of the API.\n" }, "executionArn": { "type": "string", "description": "The ARN prefix to be used in an `aws.lambda.Permission`'s `source_arn` attribute\nor in an `aws.iam.Policy` to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html).\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details.\n" }, "name": { "type": "string", "description": "The name of the API.\n" }, "protocolType": { "type": "string", "description": "The API protocol. Valid values: `HTTP`, `WEBSOCKET`.\n" }, "routeKey": { "type": "string", "description": "Part of _quick create_. Specifies any [route key](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-routes.html). Applicable for HTTP APIs.\n" }, "routeSelectionExpression": { "type": "string", "description": "The [route selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-selection-expressions) for the API.\nDefaults to `$request.method $request.path`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the API.\n" }, "target": { "type": "string", "description": "Part of _quick create_. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes.\nFor HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN.\nThe type of the integration will be `HTTP_PROXY` or `AWS_PROXY`, respectively. Applicable for HTTP APIs.\n" }, "version": { "type": "string", "description": "A version identifier for the API.\n" } }, "required": [ "apiEndpoint", "arn", "executionArn", "name", "protocolType" ], "inputProperties": { "apiKeySelectionExpression": { "type": "string", "description": "An [API key selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions).\nValid values: `$context.authorizer.usageIdentifierKey`, `$request.header.x-api-key`. Defaults to `$request.header.x-api-key`.\nApplicable for WebSocket APIs.\n" }, "corsConfiguration": { "$ref": "#/types/aws:apigatewayv2/ApiCorsConfiguration:ApiCorsConfiguration", "description": "The cross-origin resource sharing (CORS) [configuration](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html). Applicable for HTTP APIs.\n" }, "credentialsArn": { "type": "string", "description": "Part of _quick create_. Specifies any credentials required for the integration. Applicable for HTTP APIs.\n" }, "description": { "type": "string", "description": "The description of the API.\n" }, "name": { "type": "string", "description": "The name of the API.\n" }, "protocolType": { "type": "string", "description": "The API protocol. Valid values: `HTTP`, `WEBSOCKET`.\n" }, "routeKey": { "type": "string", "description": "Part of _quick create_. Specifies any [route key](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-routes.html). Applicable for HTTP APIs.\n" }, "routeSelectionExpression": { "type": "string", "description": "The [route selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-selection-expressions) for the API.\nDefaults to `$request.method $request.path`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the API.\n" }, "target": { "type": "string", "description": "Part of _quick create_. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes.\nFor HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN.\nThe type of the integration will be `HTTP_PROXY` or `AWS_PROXY`, respectively. Applicable for HTTP APIs.\n" }, "version": { "type": "string", "description": "A version identifier for the API.\n" } }, "requiredInputs": [ "protocolType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Api resources.\n", "properties": { "apiEndpoint": { "type": "string", "description": "The URI of the API, of the form `{api-id}.execute-api.{region}.amazonaws.com`.\n" }, "apiKeySelectionExpression": { "type": "string", "description": "An [API key selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions).\nValid values: `$context.authorizer.usageIdentifierKey`, `$request.header.x-api-key`. Defaults to `$request.header.x-api-key`.\nApplicable for WebSocket APIs.\n" }, "arn": { "type": "string", "description": "The ARN of the API.\n" }, "corsConfiguration": { "$ref": "#/types/aws:apigatewayv2/ApiCorsConfiguration:ApiCorsConfiguration", "description": "The cross-origin resource sharing (CORS) [configuration](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html). Applicable for HTTP APIs.\n" }, "credentialsArn": { "type": "string", "description": "Part of _quick create_. Specifies any credentials required for the integration. Applicable for HTTP APIs.\n" }, "description": { "type": "string", "description": "The description of the API.\n" }, "executionArn": { "type": "string", "description": "The ARN prefix to be used in an `aws.lambda.Permission`'s `source_arn` attribute\nor in an `aws.iam.Policy` to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html).\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details.\n" }, "name": { "type": "string", "description": "The name of the API.\n" }, "protocolType": { "type": "string", "description": "The API protocol. Valid values: `HTTP`, `WEBSOCKET`.\n" }, "routeKey": { "type": "string", "description": "Part of _quick create_. Specifies any [route key](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-routes.html). Applicable for HTTP APIs.\n" }, "routeSelectionExpression": { "type": "string", "description": "The [route selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-selection-expressions) for the API.\nDefaults to `$request.method $request.path`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the API.\n" }, "target": { "type": "string", "description": "Part of _quick create_. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes.\nFor HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN.\nThe type of the integration will be `HTTP_PROXY` or `AWS_PROXY`, respectively. Applicable for HTTP APIs.\n" }, "version": { "type": "string", "description": "A version identifier for the API.\n" } }, "type": "object" } }, "aws:apigatewayv2/apiMapping:ApiMapping": { "description": "Manages an Amazon API Gateway Version 2 API mapping.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.ApiMapping(\"example\", {\n apiId: aws_apigatewayv2_api_example.id,\n domainName: aws_apigatewayv2_domain_name_example.id,\n stage: aws_apigatewayv2_stage_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.ApiMapping(\"example\",\n api_id=aws_apigatewayv2_api[\"example\"][\"id\"],\n domain_name=aws_apigatewayv2_domain_name[\"example\"][\"id\"],\n stage=aws_apigatewayv2_stage[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.ApiMapping(\"example\", new Aws.ApiGatewayV2.ApiMappingArgs\n {\n ApiId = aws_apigatewayv2_api.Example.Id,\n DomainName = aws_apigatewayv2_domain_name.Example.Id,\n Stage = aws_apigatewayv2_stage.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewApiMapping(ctx, \"example\", \u0026apigatewayv2.ApiMappingArgs{\n\t\t\tApiId: pulumi.String(aws_apigatewayv2_api.Example.Id),\n\t\t\tDomainName: pulumi.String(aws_apigatewayv2_domain_name.Example.Id),\n\t\t\tStage: pulumi.String(aws_apigatewayv2_stage.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "apiMappingKey": { "type": "string", "description": "The [API mapping key](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-mapping-template-reference.html).\n" }, "domainName": { "type": "string", "description": "The domain name. Use the `aws.apigatewayv2.DomainName` resource to configure a domain name.\n" }, "stage": { "type": "string", "description": "The API stage. Use the `aws.apigatewayv2.Stage` resource to configure an API stage.\n" } }, "required": [ "apiId", "domainName", "stage" ], "inputProperties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "apiMappingKey": { "type": "string", "description": "The [API mapping key](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-mapping-template-reference.html).\n" }, "domainName": { "type": "string", "description": "The domain name. Use the `aws.apigatewayv2.DomainName` resource to configure a domain name.\n" }, "stage": { "type": "string", "description": "The API stage. Use the `aws.apigatewayv2.Stage` resource to configure an API stage.\n" } }, "requiredInputs": [ "apiId", "domainName", "stage" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApiMapping resources.\n", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "apiMappingKey": { "type": "string", "description": "The [API mapping key](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-mapping-template-reference.html).\n" }, "domainName": { "type": "string", "description": "The domain name. Use the `aws.apigatewayv2.DomainName` resource to configure a domain name.\n" }, "stage": { "type": "string", "description": "The API stage. Use the `aws.apigatewayv2.Stage` resource to configure an API stage.\n" } }, "type": "object" } }, "aws:apigatewayv2/authorizer:Authorizer": { "description": "Manages an Amazon API Gateway Version 2 authorizer.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic WebSocket API\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Authorizer(\"example\", {\n apiId: aws_apigatewayv2_api_example.id,\n authorizerType: \"REQUEST\",\n authorizerUri: aws_lambda_function_example.invokeArn,\n identitySources: [\"route.request.header.Auth\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Authorizer(\"example\",\n api_id=aws_apigatewayv2_api[\"example\"][\"id\"],\n authorizer_type=\"REQUEST\",\n authorizer_uri=aws_lambda_function[\"example\"][\"invoke_arn\"],\n identity_sources=[\"route.request.header.Auth\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.Authorizer(\"example\", new Aws.ApiGatewayV2.AuthorizerArgs\n {\n ApiId = aws_apigatewayv2_api.Example.Id,\n AuthorizerType = \"REQUEST\",\n AuthorizerUri = aws_lambda_function.Example.Invoke_arn,\n IdentitySources = \n {\n \"route.request.header.Auth\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewAuthorizer(ctx, \"example\", \u0026apigatewayv2.AuthorizerArgs{\n\t\t\tApiId: pulumi.String(aws_apigatewayv2_api.Example.Id),\n\t\t\tAuthorizerType: pulumi.String(\"REQUEST\"),\n\t\t\tAuthorizerUri: pulumi.String(aws_lambda_function.Example.Invoke_arn),\n\t\t\tIdentitySources: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"route.request.header.Auth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Basic HTTP API\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Authorizer(\"example\", {\n apiId: aws_apigatewayv2_api_example.id,\n authorizerType: \"JWT\",\n identitySources: [\"$request.header.Authorization\"],\n jwtConfiguration: {\n audiences: [\"example\"],\n issuer: pulumi.interpolate`https://${aws_cognito_user_pool_example.endpoint}`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Authorizer(\"example\",\n api_id=aws_apigatewayv2_api[\"example\"][\"id\"],\n authorizer_type=\"JWT\",\n identity_sources=[\"$request.header.Authorization\"],\n jwt_configuration={\n \"audience\": [\"example\"],\n \"issuer\": f\"https://{aws_cognito_user_pool['example']['endpoint']}\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.Authorizer(\"example\", new Aws.ApiGatewayV2.AuthorizerArgs\n {\n ApiId = aws_apigatewayv2_api.Example.Id,\n AuthorizerType = \"JWT\",\n IdentitySources = \n {\n \"$request.header.Authorization\",\n },\n JwtConfiguration = new Aws.ApiGatewayV2.Inputs.AuthorizerJwtConfigurationArgs\n {\n Audience = \n {\n \"example\",\n },\n Issuer = $\"https://{aws_cognito_user_pool.Example.Endpoint}\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewAuthorizer(ctx, \"example\", \u0026apigatewayv2.AuthorizerArgs{\n\t\t\tApiId: pulumi.String(aws_apigatewayv2_api.Example.Id),\n\t\t\tAuthorizerType: pulumi.String(\"JWT\"),\n\t\t\tIdentitySources: pulumi.StringArray{\n\t\t\t\tpulumi.String(fmt.Sprintf(\"%v%v\", \"$\", \"request.header.Authorization\")),\n\t\t\t},\n\t\t\tJwtConfiguration: \u0026apigatewayv2.AuthorizerJwtConfigurationArgs{\n\t\t\t\tAudience: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t},\n\t\t\t\tIssuer: pulumi.String(fmt.Sprintf(\"%v%v\", \"https://\", aws_cognito_user_pool.Example.Endpoint)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "authorizerCredentialsArn": { "type": "string", "description": "The required credentials as an IAM role for API Gateway to invoke the authorizer.\nSupported only for `REQUEST` authorizers.\n" }, "authorizerType": { "type": "string", "description": "The authorizer type. Valid values: `JWT`, `REQUEST`.\nFor WebSocket APIs, specify `REQUEST` for a Lambda function using incoming request parameters.\nFor HTTP APIs, specify `JWT` to use JSON Web Tokens.\n" }, "authorizerUri": { "type": "string", "description": "The authorizer's Uniform Resource Identifier (URI).\nFor `REQUEST` authorizers this must be a well-formed Lambda function URI, such as the `invoke_arn` attribute of the `aws.lambda.Function` resource.\nSupported only for `REQUEST` authorizers.\n" }, "identitySources": { "type": "array", "items": { "type": "string" }, "description": "The identity sources for which authorization is requested.\nFor `REQUEST` authorizers the value is a list of one or more mapping expressions of the specified request parameters.\nFor `JWT` authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests.\n" }, "jwtConfiguration": { "$ref": "#/types/aws:apigatewayv2/AuthorizerJwtConfiguration:AuthorizerJwtConfiguration", "description": "The configuration of a JWT authorizer. Required for the `JWT` authorizer type.\nSupported only for HTTP APIs.\n" }, "name": { "type": "string", "description": "The name of the authorizer.\n" } }, "required": [ "apiId", "authorizerType", "identitySources", "name" ], "inputProperties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "authorizerCredentialsArn": { "type": "string", "description": "The required credentials as an IAM role for API Gateway to invoke the authorizer.\nSupported only for `REQUEST` authorizers.\n" }, "authorizerType": { "type": "string", "description": "The authorizer type. Valid values: `JWT`, `REQUEST`.\nFor WebSocket APIs, specify `REQUEST` for a Lambda function using incoming request parameters.\nFor HTTP APIs, specify `JWT` to use JSON Web Tokens.\n" }, "authorizerUri": { "type": "string", "description": "The authorizer's Uniform Resource Identifier (URI).\nFor `REQUEST` authorizers this must be a well-formed Lambda function URI, such as the `invoke_arn` attribute of the `aws.lambda.Function` resource.\nSupported only for `REQUEST` authorizers.\n" }, "identitySources": { "type": "array", "items": { "type": "string" }, "description": "The identity sources for which authorization is requested.\nFor `REQUEST` authorizers the value is a list of one or more mapping expressions of the specified request parameters.\nFor `JWT` authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests.\n" }, "jwtConfiguration": { "$ref": "#/types/aws:apigatewayv2/AuthorizerJwtConfiguration:AuthorizerJwtConfiguration", "description": "The configuration of a JWT authorizer. Required for the `JWT` authorizer type.\nSupported only for HTTP APIs.\n" }, "name": { "type": "string", "description": "The name of the authorizer.\n" } }, "requiredInputs": [ "apiId", "authorizerType", "identitySources" ], "stateInputs": { "description": "Input properties used for looking up and filtering Authorizer resources.\n", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "authorizerCredentialsArn": { "type": "string", "description": "The required credentials as an IAM role for API Gateway to invoke the authorizer.\nSupported only for `REQUEST` authorizers.\n" }, "authorizerType": { "type": "string", "description": "The authorizer type. Valid values: `JWT`, `REQUEST`.\nFor WebSocket APIs, specify `REQUEST` for a Lambda function using incoming request parameters.\nFor HTTP APIs, specify `JWT` to use JSON Web Tokens.\n" }, "authorizerUri": { "type": "string", "description": "The authorizer's Uniform Resource Identifier (URI).\nFor `REQUEST` authorizers this must be a well-formed Lambda function URI, such as the `invoke_arn` attribute of the `aws.lambda.Function` resource.\nSupported only for `REQUEST` authorizers.\n" }, "identitySources": { "type": "array", "items": { "type": "string" }, "description": "The identity sources for which authorization is requested.\nFor `REQUEST` authorizers the value is a list of one or more mapping expressions of the specified request parameters.\nFor `JWT` authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests.\n" }, "jwtConfiguration": { "$ref": "#/types/aws:apigatewayv2/AuthorizerJwtConfiguration:AuthorizerJwtConfiguration", "description": "The configuration of a JWT authorizer. Required for the `JWT` authorizer type.\nSupported only for HTTP APIs.\n" }, "name": { "type": "string", "description": "The name of the authorizer.\n" } }, "type": "object" } }, "aws:apigatewayv2/deployment:Deployment": { "description": "Manages an Amazon API Gateway Version 2 deployment.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n\u003e **Note:** Creating a deployment for an API requires at least one `aws.apigatewayv2.Route` resource associated with that API. To avoid race conditions when all resources are being created together, you need to add implicit resource references via the `triggers` argument or explicit resource references using the [resource `dependsOn` meta-argument](https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Deployment(\"example\", {\n apiId: aws_apigatewayv2_route_example.apiId,\n description: \"Example deployment\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Deployment(\"example\",\n api_id=aws_apigatewayv2_route[\"example\"][\"api_id\"],\n description=\"Example deployment\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.Deployment(\"example\", new Aws.ApiGatewayV2.DeploymentArgs\n {\n ApiId = aws_apigatewayv2_route.Example.Api_id,\n Description = \"Example deployment\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewDeployment(ctx, \"example\", \u0026apigatewayv2.DeploymentArgs{\n\t\t\tApiId: pulumi.String(aws_apigatewayv2_route.Example.Api_id),\n\t\t\tDescription: pulumi.String(\"Example deployment\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "autoDeployed": { "type": "boolean", "description": "Whether the deployment was automatically released.\n" }, "description": { "type": "string", "description": "The description for the deployment resource.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of arbitrary keys and values that, when changed, will trigger a redeployment.\n" } }, "required": [ "apiId", "autoDeployed" ], "inputProperties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "description": { "type": "string", "description": "The description for the deployment resource.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of arbitrary keys and values that, when changed, will trigger a redeployment.\n" } }, "requiredInputs": [ "apiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Deployment resources.\n", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "autoDeployed": { "type": "boolean", "description": "Whether the deployment was automatically released.\n" }, "description": { "type": "string", "description": "The description for the deployment resource.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of arbitrary keys and values that, when changed, will trigger a redeployment.\n" } }, "type": "object" } }, "aws:apigatewayv2/domainName:DomainName": { "description": "Manages an Amazon API Gateway Version 2 domain name.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html).\n\n\u003e **Note:** This resource establishes ownership of and the TLS settings for\na particular domain name. An API stage can be associated with the domain name using the `aws.apigatewayv2.ApiMapping` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.DomainName(\"example\", {\n domainName: \"ws-api.example.com\",\n domainNameConfiguration: {\n certificateArn: aws_acm_certificate_example.arn,\n endpointType: \"REGIONAL\",\n securityPolicy: \"TLS_1_2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.DomainName(\"example\",\n domain_name=\"ws-api.example.com\",\n domain_name_configuration={\n \"certificate_arn\": aws_acm_certificate[\"example\"][\"arn\"],\n \"endpoint_type\": \"REGIONAL\",\n \"security_policy\": \"TLS_1_2\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.DomainName(\"example\", new Aws.ApiGatewayV2.DomainNameArgs\n {\n DomainName = \"ws-api.example.com\",\n DomainNameConfiguration = new Aws.ApiGatewayV2.Inputs.DomainNameDomainNameConfigurationArgs\n {\n CertificateArn = aws_acm_certificate.Example.Arn,\n EndpointType = \"REGIONAL\",\n SecurityPolicy = \"TLS_1_2\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewDomainName(ctx, \"example\", \u0026apigatewayv2.DomainNameArgs{\n\t\t\tDomainName: pulumi.String(\"ws-api.example.com\"),\n\t\t\tDomainNameConfiguration: \u0026apigatewayv2.DomainNameDomainNameConfigurationArgs{\n\t\t\t\tCertificateArn: pulumi.String(aws_acm_certificate.Example.Arn),\n\t\t\t\tEndpointType: pulumi.String(\"REGIONAL\"),\n\t\t\t\tSecurityPolicy: pulumi.String(\"TLS_1_2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiMappingSelectionExpression": { "type": "string", "description": "The [API mapping selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-mapping-selection-expressions) for the domain name.\n" }, "arn": { "type": "string", "description": "The ARN of the domain name.\n" }, "domainName": { "type": "string", "description": "The domain name.\n", "language": { "csharp": { "name": "Domain" } } }, "domainNameConfiguration": { "$ref": "#/types/aws:apigatewayv2/DomainNameDomainNameConfiguration:DomainNameDomainNameConfiguration", "description": "The domain name configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the domain name.\n" } }, "required": [ "apiMappingSelectionExpression", "arn", "domainName", "domainNameConfiguration" ], "inputProperties": { "domainName": { "type": "string", "description": "The domain name.\n", "language": { "csharp": { "name": "Domain" } } }, "domainNameConfiguration": { "$ref": "#/types/aws:apigatewayv2/DomainNameDomainNameConfiguration:DomainNameDomainNameConfiguration", "description": "The domain name configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the domain name.\n" } }, "requiredInputs": [ "domainName", "domainNameConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainName resources.\n", "properties": { "apiMappingSelectionExpression": { "type": "string", "description": "The [API mapping selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-mapping-selection-expressions) for the domain name.\n" }, "arn": { "type": "string", "description": "The ARN of the domain name.\n" }, "domainName": { "type": "string", "description": "The domain name.\n", "language": { "csharp": { "name": "Domain" } } }, "domainNameConfiguration": { "$ref": "#/types/aws:apigatewayv2/DomainNameDomainNameConfiguration:DomainNameDomainNameConfiguration", "description": "The domain name configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the domain name.\n" } }, "type": "object" } }, "aws:apigatewayv2/integration:Integration": { "description": "Manages an Amazon API Gateway Version 2 integration.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Integration(\"example\", {\n apiId: aws_apigatewayv2_api_example.id,\n integrationType: \"MOCK\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Integration(\"example\",\n api_id=aws_apigatewayv2_api[\"example\"][\"id\"],\n integration_type=\"MOCK\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.Integration(\"example\", new Aws.ApiGatewayV2.IntegrationArgs\n {\n ApiId = aws_apigatewayv2_api.Example.Id,\n IntegrationType = \"MOCK\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewIntegration(ctx, \"example\", \u0026apigatewayv2.IntegrationArgs{\n\t\t\tApiId: pulumi.String(aws_apigatewayv2_api.Example.Id),\n\t\t\tIntegrationType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "connectionId": { "type": "string", "description": "The ID of the VPC link for a private integration. Supported only for HTTP APIs.\n" }, "connectionType": { "type": "string", "description": "The type of the network connection to the integration endpoint. Valid values: `INTERNET`, `VPC_LINK`. Default is `INTERNET`.\n" }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`. Supported only for WebSocket APIs.\n" }, "credentialsArn": { "type": "string", "description": "The credentials required for the integration, if any.\n" }, "description": { "type": "string", "description": "The description of the integration.\n" }, "integrationMethod": { "type": "string", "description": "The integration's HTTP method. Must be specified if `integration_type` is not `MOCK`.\n" }, "integrationResponseSelectionExpression": { "type": "string", "description": "The [integration response selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-integration-response-selection-expressions) for the integration.\n" }, "integrationType": { "type": "string", "description": "The integration type of an integration.\nValid values: `AWS`, `AWS_PROXY`, `HTTP`, `HTTP_PROXY`, `MOCK`.\n" }, "integrationUri": { "type": "string", "description": "The URI of the Lambda function for a Lambda proxy integration, when `integration_type` is `AWS_PROXY`.\nFor an `HTTP` integration, specify a fully-qualified URL. For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service.\n" }, "passthroughBehavior": { "type": "string", "description": "The pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the `request_templates` attribute.\nValid values: `WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`. Default is `WHEN_NO_MATCH`. Supported only for WebSocket APIs.\n" }, "payloadFormatVersion": { "type": "string", "description": "The [format of the payload](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.proxy-format) sent to an integration. Valid values: `1.0`, `2.0`. Default is `1.0`.\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. Supported only for WebSocket APIs.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration.\n" }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.\n" } }, "required": [ "apiId", "integrationResponseSelectionExpression", "integrationType" ], "inputProperties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "connectionId": { "type": "string", "description": "The ID of the VPC link for a private integration. Supported only for HTTP APIs.\n" }, "connectionType": { "type": "string", "description": "The type of the network connection to the integration endpoint. Valid values: `INTERNET`, `VPC_LINK`. Default is `INTERNET`.\n" }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`. Supported only for WebSocket APIs.\n" }, "credentialsArn": { "type": "string", "description": "The credentials required for the integration, if any.\n" }, "description": { "type": "string", "description": "The description of the integration.\n" }, "integrationMethod": { "type": "string", "description": "The integration's HTTP method. Must be specified if `integration_type` is not `MOCK`.\n" }, "integrationType": { "type": "string", "description": "The integration type of an integration.\nValid values: `AWS`, `AWS_PROXY`, `HTTP`, `HTTP_PROXY`, `MOCK`.\n" }, "integrationUri": { "type": "string", "description": "The URI of the Lambda function for a Lambda proxy integration, when `integration_type` is `AWS_PROXY`.\nFor an `HTTP` integration, specify a fully-qualified URL. For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service.\n" }, "passthroughBehavior": { "type": "string", "description": "The pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the `request_templates` attribute.\nValid values: `WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`. Default is `WHEN_NO_MATCH`. Supported only for WebSocket APIs.\n" }, "payloadFormatVersion": { "type": "string", "description": "The [format of the payload](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.proxy-format) sent to an integration. Valid values: `1.0`, `2.0`. Default is `1.0`.\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. Supported only for WebSocket APIs.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration.\n" }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.\n" } }, "requiredInputs": [ "apiId", "integrationType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Integration resources.\n", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "connectionId": { "type": "string", "description": "The ID of the VPC link for a private integration. Supported only for HTTP APIs.\n" }, "connectionType": { "type": "string", "description": "The type of the network connection to the integration endpoint. Valid values: `INTERNET`, `VPC_LINK`. Default is `INTERNET`.\n" }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`. Supported only for WebSocket APIs.\n" }, "credentialsArn": { "type": "string", "description": "The credentials required for the integration, if any.\n" }, "description": { "type": "string", "description": "The description of the integration.\n" }, "integrationMethod": { "type": "string", "description": "The integration's HTTP method. Must be specified if `integration_type` is not `MOCK`.\n" }, "integrationResponseSelectionExpression": { "type": "string", "description": "The [integration response selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-integration-response-selection-expressions) for the integration.\n" }, "integrationType": { "type": "string", "description": "The integration type of an integration.\nValid values: `AWS`, `AWS_PROXY`, `HTTP`, `HTTP_PROXY`, `MOCK`.\n" }, "integrationUri": { "type": "string", "description": "The URI of the Lambda function for a Lambda proxy integration, when `integration_type` is `AWS_PROXY`.\nFor an `HTTP` integration, specify a fully-qualified URL. For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service.\n" }, "passthroughBehavior": { "type": "string", "description": "The pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the `request_templates` attribute.\nValid values: `WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`. Default is `WHEN_NO_MATCH`. Supported only for WebSocket APIs.\n" }, "payloadFormatVersion": { "type": "string", "description": "The [format of the payload](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.proxy-format) sent to an integration. Valid values: `1.0`, `2.0`. Default is `1.0`.\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. Supported only for WebSocket APIs.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration.\n" }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.\n" } }, "type": "object" } }, "aws:apigatewayv2/integrationResponse:IntegrationResponse": { "description": "Manages an Amazon API Gateway Version 2 integration response.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.IntegrationResponse(\"example\", {\n apiId: aws_apigatewayv2_api_example.id,\n integrationId: aws_apigatewayv2_integration_example.id,\n integrationResponseKey: \"/200/\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.IntegrationResponse(\"example\",\n api_id=aws_apigatewayv2_api[\"example\"][\"id\"],\n integration_id=aws_apigatewayv2_integration[\"example\"][\"id\"],\n integration_response_key=\"/200/\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.IntegrationResponse(\"example\", new Aws.ApiGatewayV2.IntegrationResponseArgs\n {\n ApiId = aws_apigatewayv2_api.Example.Id,\n IntegrationId = aws_apigatewayv2_integration.Example.Id,\n IntegrationResponseKey = \"/200/\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewIntegrationResponse(ctx, \"example\", \u0026apigatewayv2.IntegrationResponseArgs{\n\t\t\tApiId: pulumi.String(aws_apigatewayv2_api.Example.Id),\n\t\t\tIntegrationId: pulumi.String(aws_apigatewayv2_integration.Example.Id),\n\t\t\tIntegrationResponseKey: pulumi.String(\"/200/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`.\n" }, "integrationId": { "type": "string", "description": "The identifier of the `aws.apigatewayv2.Integration`.\n" }, "integrationResponseKey": { "type": "string", "description": "The integration response key.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration response.\n" } }, "required": [ "apiId", "integrationId", "integrationResponseKey" ], "inputProperties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`.\n" }, "integrationId": { "type": "string", "description": "The identifier of the `aws.apigatewayv2.Integration`.\n" }, "integrationResponseKey": { "type": "string", "description": "The integration response key.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration response.\n" } }, "requiredInputs": [ "apiId", "integrationId", "integrationResponseKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering IntegrationResponse resources.\n", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`.\n" }, "integrationId": { "type": "string", "description": "The identifier of the `aws.apigatewayv2.Integration`.\n" }, "integrationResponseKey": { "type": "string", "description": "The integration response key.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration response.\n" } }, "type": "object" } }, "aws:apigatewayv2/model:Model": { "description": "Manages an Amazon API Gateway Version 2 [model](https://docs.aws.amazon.com/apigateway/latest/developerguide/models-mappings.html#models-mappings-models).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Model(\"example\", {\n apiId: aws_apigatewayv2_api_example.id,\n contentType: \"application/json\",\n schema: `{\n \"$schema\": \"http://json-schema.org/draft-04/schema#\",\n \"title\": \"ExampleModel\",\n \"type\": \"object\",\n \"properties\": {\n \"id\": { \"type\": \"string\" }\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Model(\"example\",\n api_id=aws_apigatewayv2_api[\"example\"][\"id\"],\n content_type=\"application/json\",\n schema=\"\"\"{\n \"$schema\": \"http://json-schema.org/draft-04/schema#\",\n \"title\": \"ExampleModel\",\n \"type\": \"object\",\n \"properties\": {\n \"id\": { \"type\": \"string\" }\n }\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.Model(\"example\", new Aws.ApiGatewayV2.ModelArgs\n {\n ApiId = aws_apigatewayv2_api.Example.Id,\n ContentType = \"application/json\",\n Schema = @\"{\n \"\"$schema\"\": \"\"http://json-schema.org/draft-04/schema#\"\",\n \"\"title\"\": \"\"ExampleModel\"\",\n \"\"type\"\": \"\"object\"\",\n \"\"properties\"\": {\n \"\"id\"\": { \"\"type\"\": \"\"string\"\" }\n }\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewModel(ctx, \"example\", \u0026apigatewayv2.ModelArgs{\n\t\t\tApiId: pulumi.String(aws_apigatewayv2_api.Example.Id),\n\t\t\tContentType: pulumi.String(\"application/json\"),\n\t\t\tSchema: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"\", \"$\", \"schema\\\": \\\"http://json-schema.org/draft-04/schema#\\\",\\n\", \" \\\"title\\\": \\\"ExampleModel\\\",\\n\", \" \\\"type\\\": \\\"object\\\",\\n\", \" \\\"properties\\\": {\\n\", \" \\\"id\\\": { \\\"type\\\": \\\"string\\\" }\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "contentType": { "type": "string", "description": "The content-type for the model, for example, `application/json`.\n" }, "description": { "type": "string", "description": "The description of the model.\n" }, "name": { "type": "string", "description": "The name of the model. Must be alphanumeric.\n" }, "schema": { "type": "string", "description": "The schema for the model. This should be a [JSON schema draft 4](https://tools.ietf.org/html/draft-zyp-json-schema-04) model.\n" } }, "required": [ "apiId", "contentType", "name", "schema" ], "inputProperties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "contentType": { "type": "string", "description": "The content-type for the model, for example, `application/json`.\n" }, "description": { "type": "string", "description": "The description of the model.\n" }, "name": { "type": "string", "description": "The name of the model. Must be alphanumeric.\n" }, "schema": { "type": "string", "description": "The schema for the model. This should be a [JSON schema draft 4](https://tools.ietf.org/html/draft-zyp-json-schema-04) model.\n" } }, "requiredInputs": [ "apiId", "contentType", "schema" ], "stateInputs": { "description": "Input properties used for looking up and filtering Model resources.\n", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "contentType": { "type": "string", "description": "The content-type for the model, for example, `application/json`.\n" }, "description": { "type": "string", "description": "The description of the model.\n" }, "name": { "type": "string", "description": "The name of the model. Must be alphanumeric.\n" }, "schema": { "type": "string", "description": "The schema for the model. This should be a [JSON schema draft 4](https://tools.ietf.org/html/draft-zyp-json-schema-04) model.\n" } }, "type": "object" } }, "aws:apigatewayv2/route:Route": { "description": "Manages an Amazon API Gateway Version 2 route.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Route(\"example\", {\n apiId: aws_apigatewayv2_api_example.id,\n routeKey: \"$default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Route(\"example\",\n api_id=aws_apigatewayv2_api[\"example\"][\"id\"],\n route_key=\"$default\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.Route(\"example\", new Aws.ApiGatewayV2.RouteArgs\n {\n ApiId = aws_apigatewayv2_api.Example.Id,\n RouteKey = \"$default\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewRoute(ctx, \"example\", \u0026apigatewayv2.RouteArgs{\n\t\t\tApiId: pulumi.String(aws_apigatewayv2_api.Example.Id),\n\t\t\tRouteKey: pulumi.String(fmt.Sprintf(\"%v%v\", \"$\", \"default\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "apiKeyRequired": { "type": "boolean", "description": "Boolean whether an API key is required for the route. Defaults to `false`.\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "The authorization scopes supported by this route. The scopes are used with a JWT authorizer to authorize the method invocation.\n" }, "authorizationType": { "type": "string", "description": "The authorization type for the route.\nFor WebSocket APIs, valid values are `NONE` for open access, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer.\nFor HTTP APIs, valid values are `NONE` for open access, or `JWT` for using JSON Web Tokens.\nDefaults to `NONE`.\n" }, "authorizerId": { "type": "string", "description": "The identifier of the `aws.apigatewayv2.Authorizer` resource to be associated with this route, if the authorizationType is `CUSTOM`.\n" }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route.\n" }, "operationName": { "type": "string", "description": "The operation name for the route.\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The request models for the route.\n" }, "routeKey": { "type": "string", "description": "The route key for the route.\n" }, "routeResponseSelectionExpression": { "type": "string", "description": "The [route response selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-response-selection-expressions) for the route.\n" }, "target": { "type": "string", "description": "The target for the route.\n" } }, "required": [ "apiId", "routeKey" ], "inputProperties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "apiKeyRequired": { "type": "boolean", "description": "Boolean whether an API key is required for the route. Defaults to `false`.\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "The authorization scopes supported by this route. The scopes are used with a JWT authorizer to authorize the method invocation.\n" }, "authorizationType": { "type": "string", "description": "The authorization type for the route.\nFor WebSocket APIs, valid values are `NONE` for open access, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer.\nFor HTTP APIs, valid values are `NONE` for open access, or `JWT` for using JSON Web Tokens.\nDefaults to `NONE`.\n" }, "authorizerId": { "type": "string", "description": "The identifier of the `aws.apigatewayv2.Authorizer` resource to be associated with this route, if the authorizationType is `CUSTOM`.\n" }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route.\n" }, "operationName": { "type": "string", "description": "The operation name for the route.\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The request models for the route.\n" }, "routeKey": { "type": "string", "description": "The route key for the route.\n" }, "routeResponseSelectionExpression": { "type": "string", "description": "The [route response selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-response-selection-expressions) for the route.\n" }, "target": { "type": "string", "description": "The target for the route.\n" } }, "requiredInputs": [ "apiId", "routeKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering Route resources.\n", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "apiKeyRequired": { "type": "boolean", "description": "Boolean whether an API key is required for the route. Defaults to `false`.\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "The authorization scopes supported by this route. The scopes are used with a JWT authorizer to authorize the method invocation.\n" }, "authorizationType": { "type": "string", "description": "The authorization type for the route.\nFor WebSocket APIs, valid values are `NONE` for open access, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer.\nFor HTTP APIs, valid values are `NONE` for open access, or `JWT` for using JSON Web Tokens.\nDefaults to `NONE`.\n" }, "authorizerId": { "type": "string", "description": "The identifier of the `aws.apigatewayv2.Authorizer` resource to be associated with this route, if the authorizationType is `CUSTOM`.\n" }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route.\n" }, "operationName": { "type": "string", "description": "The operation name for the route.\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The request models for the route.\n" }, "routeKey": { "type": "string", "description": "The route key for the route.\n" }, "routeResponseSelectionExpression": { "type": "string", "description": "The [route response selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-response-selection-expressions) for the route.\n" }, "target": { "type": "string", "description": "The target for the route.\n" } }, "type": "object" } }, "aws:apigatewayv2/routeResponse:RouteResponse": { "description": "Manages an Amazon API Gateway Version 2 route response.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.RouteResponse(\"example\", {\n apiId: aws_apigatewayv2_api_example.id,\n routeId: aws_apigatewayv2_route_example.id,\n routeResponseKey: \"$default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.RouteResponse(\"example\",\n api_id=aws_apigatewayv2_api[\"example\"][\"id\"],\n route_id=aws_apigatewayv2_route[\"example\"][\"id\"],\n route_response_key=\"$default\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.RouteResponse(\"example\", new Aws.ApiGatewayV2.RouteResponseArgs\n {\n ApiId = aws_apigatewayv2_api.Example.Id,\n RouteId = aws_apigatewayv2_route.Example.Id,\n RouteResponseKey = \"$default\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewRouteResponse(ctx, \"example\", \u0026apigatewayv2.RouteResponseArgs{\n\t\t\tApiId: pulumi.String(aws_apigatewayv2_api.Example.Id),\n\t\t\tRouteId: pulumi.String(aws_apigatewayv2_route.Example.Id),\n\t\t\tRouteResponseKey: pulumi.String(fmt.Sprintf(\"%v%v\", \"$\", \"default\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route response.\n" }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The response models for the route response.\n" }, "routeId": { "type": "string", "description": "The identifier of the `aws.apigatewayv2.Route`.\n" }, "routeResponseKey": { "type": "string", "description": "The route response key.\n" } }, "required": [ "apiId", "routeId", "routeResponseKey" ], "inputProperties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route response.\n" }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The response models for the route response.\n" }, "routeId": { "type": "string", "description": "The identifier of the `aws.apigatewayv2.Route`.\n" }, "routeResponseKey": { "type": "string", "description": "The route response key.\n" } }, "requiredInputs": [ "apiId", "routeId", "routeResponseKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteResponse resources.\n", "properties": { "apiId": { "type": "string", "description": "The API identifier.\n" }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route response.\n" }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The response models for the route response.\n" }, "routeId": { "type": "string", "description": "The identifier of the `aws.apigatewayv2.Route`.\n" }, "routeResponseKey": { "type": "string", "description": "The route response key.\n" } }, "type": "object" } }, "aws:apigatewayv2/stage:Stage": { "description": "Manages an Amazon API Gateway Version 2 stage.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Stage(\"example\", {\n apiId: aws_apigatewayv2_api_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Stage(\"example\", api_id=aws_apigatewayv2_api[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.Stage(\"example\", new Aws.ApiGatewayV2.StageArgs\n {\n ApiId = aws_apigatewayv2_api.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewStage(ctx, \"example\", \u0026apigatewayv2.StageArgs{\n\t\t\tApiId: pulumi.String(aws_apigatewayv2_api.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessLogSettings": { "$ref": "#/types/aws:apigatewayv2/StageAccessLogSettings:StageAccessLogSettings", "description": "Settings for logging access in this stage.\nUse the `aws.apigateway.Account` resource to configure [permissions for CloudWatch Logging](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html#set-up-access-logging-permissions).\n" }, "apiId": { "type": "string", "description": "The API identifier.\n" }, "arn": { "type": "string", "description": "The ARN of the stage.\n" }, "autoDeploy": { "type": "boolean", "description": "Whether updates to an API automatically trigger a new deployment. Defaults to `false`.\n" }, "clientCertificateId": { "type": "string", "description": "The identifier of a client certificate for the stage. Use the `aws.apigateway.ClientCertificate` resource to configure a client certificate.\nSupported only for WebSocket APIs.\n" }, "defaultRouteSettings": { "$ref": "#/types/aws:apigatewayv2/StageDefaultRouteSettings:StageDefaultRouteSettings", "description": "The default route settings for the stage.\n" }, "deploymentId": { "type": "string", "description": "The deployment identifier of the stage. Use the `aws.apigatewayv2.Deployment` resource to configure a deployment.\n" }, "description": { "type": "string", "description": "The description for the stage.\n" }, "executionArn": { "type": "string", "description": "The ARN prefix to be used in an `aws.lambda.Permission`'s `source_arn` attribute\nor in an `aws.iam.Policy` to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html).\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details.\nSet only for WebSocket APIs.\n" }, "invokeUrl": { "type": "string", "description": "The URL to invoke the API pointing to the stage,\ne.g. `wss://z4675bid1j.execute-api.eu-west-2.amazonaws.com/example-stage`, or `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/`\n" }, "name": { "type": "string", "description": "The name of the stage.\n" }, "routeSettings": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/StageRouteSetting:StageRouteSetting" }, "description": "Route settings for the stage.\n" }, "stageVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that defines the stage variables for the stage.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the stage.\n" } }, "required": [ "apiId", "arn", "executionArn", "invokeUrl", "name" ], "inputProperties": { "accessLogSettings": { "$ref": "#/types/aws:apigatewayv2/StageAccessLogSettings:StageAccessLogSettings", "description": "Settings for logging access in this stage.\nUse the `aws.apigateway.Account` resource to configure [permissions for CloudWatch Logging](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html#set-up-access-logging-permissions).\n" }, "apiId": { "type": "string", "description": "The API identifier.\n" }, "autoDeploy": { "type": "boolean", "description": "Whether updates to an API automatically trigger a new deployment. Defaults to `false`.\n" }, "clientCertificateId": { "type": "string", "description": "The identifier of a client certificate for the stage. Use the `aws.apigateway.ClientCertificate` resource to configure a client certificate.\nSupported only for WebSocket APIs.\n" }, "defaultRouteSettings": { "$ref": "#/types/aws:apigatewayv2/StageDefaultRouteSettings:StageDefaultRouteSettings", "description": "The default route settings for the stage.\n" }, "deploymentId": { "type": "string", "description": "The deployment identifier of the stage. Use the `aws.apigatewayv2.Deployment` resource to configure a deployment.\n" }, "description": { "type": "string", "description": "The description for the stage.\n" }, "name": { "type": "string", "description": "The name of the stage.\n" }, "routeSettings": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/StageRouteSetting:StageRouteSetting" }, "description": "Route settings for the stage.\n" }, "stageVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that defines the stage variables for the stage.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the stage.\n" } }, "requiredInputs": [ "apiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Stage resources.\n", "properties": { "accessLogSettings": { "$ref": "#/types/aws:apigatewayv2/StageAccessLogSettings:StageAccessLogSettings", "description": "Settings for logging access in this stage.\nUse the `aws.apigateway.Account` resource to configure [permissions for CloudWatch Logging](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html#set-up-access-logging-permissions).\n" }, "apiId": { "type": "string", "description": "The API identifier.\n" }, "arn": { "type": "string", "description": "The ARN of the stage.\n" }, "autoDeploy": { "type": "boolean", "description": "Whether updates to an API automatically trigger a new deployment. Defaults to `false`.\n" }, "clientCertificateId": { "type": "string", "description": "The identifier of a client certificate for the stage. Use the `aws.apigateway.ClientCertificate` resource to configure a client certificate.\nSupported only for WebSocket APIs.\n" }, "defaultRouteSettings": { "$ref": "#/types/aws:apigatewayv2/StageDefaultRouteSettings:StageDefaultRouteSettings", "description": "The default route settings for the stage.\n" }, "deploymentId": { "type": "string", "description": "The deployment identifier of the stage. Use the `aws.apigatewayv2.Deployment` resource to configure a deployment.\n" }, "description": { "type": "string", "description": "The description for the stage.\n" }, "executionArn": { "type": "string", "description": "The ARN prefix to be used in an `aws.lambda.Permission`'s `source_arn` attribute\nor in an `aws.iam.Policy` to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html).\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details.\nSet only for WebSocket APIs.\n" }, "invokeUrl": { "type": "string", "description": "The URL to invoke the API pointing to the stage,\ne.g. `wss://z4675bid1j.execute-api.eu-west-2.amazonaws.com/example-stage`, or `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/`\n" }, "name": { "type": "string", "description": "The name of the stage.\n" }, "routeSettings": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/StageRouteSetting:StageRouteSetting" }, "description": "Route settings for the stage.\n" }, "stageVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that defines the stage variables for the stage.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the stage.\n" } }, "type": "object" } }, "aws:apigatewayv2/vpcLink:VpcLink": { "description": "Manages an Amazon API Gateway Version 2 VPC Link.\n\n\u003e **Note:** Amazon API Gateway Version 2 VPC Links enable private integrations that connect HTTP APIs to private resources in a VPC.\nTo enable private integration for REST APIs, use the `Amazon API Gateway Version 1 VPC Link` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.VpcLink(\"example\", {\n securityGroupIds: [data.aws_security_group.example.id],\n subnetIds: data.aws_subnet_ids.example.ids,\n tags: {\n Usage: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.VpcLink(\"example\",\n security_group_ids=[data[\"aws_security_group\"][\"example\"][\"id\"]],\n subnet_ids=data[\"aws_subnet_ids\"][\"example\"][\"ids\"],\n tags={\n \"Usage\": \"example\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ApiGatewayV2.VpcLink(\"example\", new Aws.ApiGatewayV2.VpcLinkArgs\n {\n SecurityGroupIds = \n {\n data.Aws_security_group.Example.Id,\n },\n SubnetIds = data.Aws_subnet_ids.Example.Ids,\n Tags = \n {\n { \"Usage\", \"example\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = apigatewayv2.NewVpcLink(ctx, \"example\", \u0026apigatewayv2.VpcLinkArgs{\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(data.Aws_security_group.Example.Id),\n\t\t\t},\n\t\t\tSubnetIds: data.Aws_subnet_ids.Example.Ids,\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Usage\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The VPC Link ARN.\n" }, "name": { "type": "string", "description": "The name of the VPC Link.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs for the VPC Link.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Subnet IDs for the VPC Link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the VPC Link.\n" } }, "required": [ "arn", "name", "securityGroupIds", "subnetIds" ], "inputProperties": { "name": { "type": "string", "description": "The name of the VPC Link.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs for the VPC Link.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Subnet IDs for the VPC Link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the VPC Link.\n" } }, "requiredInputs": [ "securityGroupIds", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcLink resources.\n", "properties": { "arn": { "type": "string", "description": "The VPC Link ARN.\n" }, "name": { "type": "string", "description": "The name of the VPC Link.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs for the VPC Link.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Subnet IDs for the VPC Link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the VPC Link.\n" } }, "type": "object" } }, "aws:appautoscaling/policy:Policy": { "description": "Provides an Application AutoScaling Policy resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### DynamoDB Table Autoscaling\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dynamodbTableReadTarget = new aws.appautoscaling.Target(\"dynamodb_table_read_target\", {\n maxCapacity: 100,\n minCapacity: 5,\n resourceId: \"table/tableName\",\n scalableDimension: \"dynamodb:table:ReadCapacityUnits\",\n serviceNamespace: \"dynamodb\",\n});\nconst dynamodbTableReadPolicy = new aws.appautoscaling.Policy(\"dynamodb_table_read_policy\", {\n policyType: \"TargetTrackingScaling\",\n resourceId: dynamodbTableReadTarget.resourceId,\n scalableDimension: dynamodbTableReadTarget.scalableDimension,\n serviceNamespace: dynamodbTableReadTarget.serviceNamespace,\n targetTrackingScalingPolicyConfiguration: {\n predefinedMetricSpecification: {\n predefinedMetricType: \"DynamoDBReadCapacityUtilization\",\n },\n targetValue: 70,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndynamodb_table_read_target = aws.appautoscaling.Target(\"dynamodbTableReadTarget\",\n max_capacity=100,\n min_capacity=5,\n resource_id=\"table/tableName\",\n scalable_dimension=\"dynamodb:table:ReadCapacityUnits\",\n service_namespace=\"dynamodb\")\ndynamodb_table_read_policy = aws.appautoscaling.Policy(\"dynamodbTableReadPolicy\",\n policy_type=\"TargetTrackingScaling\",\n resource_id=dynamodb_table_read_target.resource_id,\n scalable_dimension=dynamodb_table_read_target.scalable_dimension,\n service_namespace=dynamodb_table_read_target.service_namespace,\n target_tracking_scaling_policy_configuration={\n \"predefinedMetricSpecification\": {\n \"predefinedMetricType\": \"DynamoDBReadCapacityUtilization\",\n },\n \"targetValue\": 70,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dynamodbTableReadTarget = new Aws.AppAutoScaling.Target(\"dynamodbTableReadTarget\", new Aws.AppAutoScaling.TargetArgs\n {\n MaxCapacity = 100,\n MinCapacity = 5,\n ResourceId = \"table/tableName\",\n ScalableDimension = \"dynamodb:table:ReadCapacityUnits\",\n ServiceNamespace = \"dynamodb\",\n });\n var dynamodbTableReadPolicy = new Aws.AppAutoScaling.Policy(\"dynamodbTableReadPolicy\", new Aws.AppAutoScaling.PolicyArgs\n {\n PolicyType = \"TargetTrackingScaling\",\n ResourceId = dynamodbTableReadTarget.ResourceId,\n ScalableDimension = dynamodbTableReadTarget.ScalableDimension,\n ServiceNamespace = dynamodbTableReadTarget.ServiceNamespace,\n TargetTrackingScalingPolicyConfiguration = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationArgs\n {\n PredefinedMetricSpecification = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs\n {\n PredefinedMetricType = \"DynamoDBReadCapacityUtilization\",\n },\n TargetValue = 70,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdynamodbTableReadTarget, err := appautoscaling.NewTarget(ctx, \"dynamodbTableReadTarget\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(100),\n\t\t\tMinCapacity: pulumi.Int(5),\n\t\t\tResourceId: pulumi.String(\"table/tableName\"),\n\t\t\tScalableDimension: pulumi.String(\"dynamodb:table:ReadCapacityUnits\"),\n\t\t\tServiceNamespace: pulumi.String(\"dynamodb\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewPolicy(ctx, \"dynamodbTableReadPolicy\", \u0026appautoscaling.PolicyArgs{\n\t\t\tPolicyType: pulumi.String(\"TargetTrackingScaling\"),\n\t\t\tResourceId: dynamodbTableReadTarget.ResourceId,\n\t\t\tScalableDimension: dynamodbTableReadTarget.ScalableDimension,\n\t\t\tServiceNamespace: dynamodbTableReadTarget.ServiceNamespace,\n\t\t\tTargetTrackingScalingPolicyConfiguration: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationArgs{\n\t\t\t\tPredefinedMetricSpecification: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs{\n\t\t\t\t\tPredefinedMetricType: pulumi.String(\"DynamoDBReadCapacityUtilization\"),\n\t\t\t\t},\n\t\t\t\tTargetValue: pulumi.Float64(70),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### ECS Service Autoscaling\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecsTarget = new aws.appautoscaling.Target(\"ecs_target\", {\n maxCapacity: 4,\n minCapacity: 1,\n resourceId: \"service/clusterName/serviceName\",\n scalableDimension: \"ecs:service:DesiredCount\",\n serviceNamespace: \"ecs\",\n});\nconst ecsPolicy = new aws.appautoscaling.Policy(\"ecs_policy\", {\n policyType: \"StepScaling\",\n resourceId: ecsTarget.resourceId,\n scalableDimension: ecsTarget.scalableDimension,\n serviceNamespace: ecsTarget.serviceNamespace,\n stepScalingPolicyConfiguration: {\n adjustmentType: \"ChangeInCapacity\",\n cooldown: 60,\n metricAggregationType: \"Maximum\",\n stepAdjustments: [{\n metricIntervalUpperBound: \"0\",\n scalingAdjustment: -1,\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_target = aws.appautoscaling.Target(\"ecsTarget\",\n max_capacity=4,\n min_capacity=1,\n resource_id=\"service/clusterName/serviceName\",\n scalable_dimension=\"ecs:service:DesiredCount\",\n service_namespace=\"ecs\")\necs_policy = aws.appautoscaling.Policy(\"ecsPolicy\",\n policy_type=\"StepScaling\",\n resource_id=ecs_target.resource_id,\n scalable_dimension=ecs_target.scalable_dimension,\n service_namespace=ecs_target.service_namespace,\n step_scaling_policy_configuration={\n \"adjustment_type\": \"ChangeInCapacity\",\n \"cooldown\": 60,\n \"metric_aggregation_type\": \"Maximum\",\n \"stepAdjustment\": [{\n \"metricIntervalUpperBound\": 0,\n \"scaling_adjustment\": -1,\n }],\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ecsTarget = new Aws.AppAutoScaling.Target(\"ecsTarget\", new Aws.AppAutoScaling.TargetArgs\n {\n MaxCapacity = 4,\n MinCapacity = 1,\n ResourceId = \"service/clusterName/serviceName\",\n ScalableDimension = \"ecs:service:DesiredCount\",\n ServiceNamespace = \"ecs\",\n });\n var ecsPolicy = new Aws.AppAutoScaling.Policy(\"ecsPolicy\", new Aws.AppAutoScaling.PolicyArgs\n {\n PolicyType = \"StepScaling\",\n ResourceId = ecsTarget.ResourceId,\n ScalableDimension = ecsTarget.ScalableDimension,\n ServiceNamespace = ecsTarget.ServiceNamespace,\n StepScalingPolicyConfiguration = new Aws.AppAutoScaling.Inputs.PolicyStepScalingPolicyConfigurationArgs\n {\n AdjustmentType = \"ChangeInCapacity\",\n Cooldown = 60,\n MetricAggregationType = \"Maximum\",\n StepAdjustment = \n {\n \n {\n { \"metricIntervalUpperBound\", 0 },\n { \"scalingAdjustment\", -1 },\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tecsTarget, err := appautoscaling.NewTarget(ctx, \"ecsTarget\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(4),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tResourceId: pulumi.String(\"service/clusterName/serviceName\"),\n\t\t\tScalableDimension: pulumi.String(\"ecs:service:DesiredCount\"),\n\t\t\tServiceNamespace: pulumi.String(\"ecs\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewPolicy(ctx, \"ecsPolicy\", \u0026appautoscaling.PolicyArgs{\n\t\t\tPolicyType: pulumi.String(\"StepScaling\"),\n\t\t\tResourceId: ecsTarget.ResourceId,\n\t\t\tScalableDimension: ecsTarget.ScalableDimension,\n\t\t\tServiceNamespace: ecsTarget.ServiceNamespace,\n\t\t\tStepScalingPolicyConfiguration: \u0026appautoscaling.PolicyStepScalingPolicyConfigurationArgs{\n\t\t\t\tAdjustmentType: pulumi.String(\"ChangeInCapacity\"),\n\t\t\t\tCooldown: pulumi.Int(60),\n\t\t\t\tMetricAggregationType: pulumi.String(\"Maximum\"),\n\t\t\t\tStepAdjustment: pulumi.MapArray{\n\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\"metricIntervalUpperBound\": pulumi.Float64(0),\n\t\t\t\t\t\t\"scalingAdjustment\": -1,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Aurora Read Replica Autoscaling\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst replicasTarget = new aws.appautoscaling.Target(\"replicas\", {\n maxCapacity: 15,\n minCapacity: 1,\n resourceId: pulumi.interpolate`cluster:${aws_rds_cluster_example.id}`,\n scalableDimension: \"rds:cluster:ReadReplicaCount\",\n serviceNamespace: \"rds\",\n});\nconst replicasPolicy = new aws.appautoscaling.Policy(\"replicas\", {\n policyType: \"TargetTrackingScaling\",\n resourceId: replicasTarget.resourceId,\n scalableDimension: replicasTarget.scalableDimension,\n serviceNamespace: replicasTarget.serviceNamespace,\n targetTrackingScalingPolicyConfiguration: {\n predefinedMetricSpecification: {\n predefinedMetricType: \"RDSReaderAverageCPUUtilization\",\n },\n scaleInCooldown: 300,\n scaleOutCooldown: 300,\n targetValue: 75,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreplicas_target = aws.appautoscaling.Target(\"replicasTarget\",\n max_capacity=15,\n min_capacity=1,\n resource_id=f\"cluster:{aws_rds_cluster['example']['id']}\",\n scalable_dimension=\"rds:cluster:ReadReplicaCount\",\n service_namespace=\"rds\")\nreplicas_policy = aws.appautoscaling.Policy(\"replicasPolicy\",\n policy_type=\"TargetTrackingScaling\",\n resource_id=replicas_target.resource_id,\n scalable_dimension=replicas_target.scalable_dimension,\n service_namespace=replicas_target.service_namespace,\n target_tracking_scaling_policy_configuration={\n \"predefinedMetricSpecification\": {\n \"predefinedMetricType\": \"RDSReaderAverageCPUUtilization\",\n },\n \"scaleInCooldown\": 300,\n \"scaleOutCooldown\": 300,\n \"targetValue\": 75,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var replicasTarget = new Aws.AppAutoScaling.Target(\"replicasTarget\", new Aws.AppAutoScaling.TargetArgs\n {\n MaxCapacity = 15,\n MinCapacity = 1,\n ResourceId = $\"cluster:{aws_rds_cluster.Example.Id}\",\n ScalableDimension = \"rds:cluster:ReadReplicaCount\",\n ServiceNamespace = \"rds\",\n });\n var replicasPolicy = new Aws.AppAutoScaling.Policy(\"replicasPolicy\", new Aws.AppAutoScaling.PolicyArgs\n {\n PolicyType = \"TargetTrackingScaling\",\n ResourceId = replicasTarget.ResourceId,\n ScalableDimension = replicasTarget.ScalableDimension,\n ServiceNamespace = replicasTarget.ServiceNamespace,\n TargetTrackingScalingPolicyConfiguration = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationArgs\n {\n PredefinedMetricSpecification = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs\n {\n PredefinedMetricType = \"RDSReaderAverageCPUUtilization\",\n },\n ScaleInCooldown = 300,\n ScaleOutCooldown = 300,\n TargetValue = 75,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treplicasTarget, err := appautoscaling.NewTarget(ctx, \"replicasTarget\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(15),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tResourceId: pulumi.String(fmt.Sprintf(\"%v%v\", \"cluster:\", aws_rds_cluster.Example.Id)),\n\t\t\tScalableDimension: pulumi.String(\"rds:cluster:ReadReplicaCount\"),\n\t\t\tServiceNamespace: pulumi.String(\"rds\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewPolicy(ctx, \"replicasPolicy\", \u0026appautoscaling.PolicyArgs{\n\t\t\tPolicyType: pulumi.String(\"TargetTrackingScaling\"),\n\t\t\tResourceId: replicasTarget.ResourceId,\n\t\t\tScalableDimension: replicasTarget.ScalableDimension,\n\t\t\tServiceNamespace: replicasTarget.ServiceNamespace,\n\t\t\tTargetTrackingScalingPolicyConfiguration: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationArgs{\n\t\t\t\tPredefinedMetricSpecification: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs{\n\t\t\t\t\tPredefinedMetricType: pulumi.String(\"RDSReaderAverageCPUUtilization\"),\n\t\t\t\t},\n\t\t\t\tScaleInCooldown: pulumi.Int(300),\n\t\t\t\tScaleOutCooldown: pulumi.Int(300),\n\t\t\t\tTargetValue: pulumi.Float64(75),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to the scaling policy.\n" }, "name": { "type": "string", "description": "The name of the policy.\n" }, "policyType": { "type": "string", "description": "The policy type. Valid values are `StepScaling` and `TargetTrackingScaling`. Defaults to `StepScaling`. Certain services only support only one policy type. For more information see the [Target Tracking Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) and [Step Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) documentation.\n" }, "resourceId": { "type": "string", "description": "The resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](http://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "scalableDimension": { "type": "string", "description": "The scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](http://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "serviceNamespace": { "type": "string", "description": "The AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](http://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "stepScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyStepScalingPolicyConfiguration:PolicyStepScalingPolicyConfiguration", "description": "Step scaling policy configuration, requires `policy_type = \"StepScaling\"` (default). See supported fields below.\n" }, "targetTrackingScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfiguration:PolicyTargetTrackingScalingPolicyConfiguration", "description": "A target tracking policy, requires `policy_type = \"TargetTrackingScaling\"`. See supported fields below.\n" } }, "required": [ "arn", "name", "resourceId", "scalableDimension", "serviceNamespace" ], "inputProperties": { "name": { "type": "string", "description": "The name of the policy.\n" }, "policyType": { "type": "string", "description": "The policy type. Valid values are `StepScaling` and `TargetTrackingScaling`. Defaults to `StepScaling`. Certain services only support only one policy type. For more information see the [Target Tracking Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) and [Step Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) documentation.\n" }, "resourceId": { "type": "string", "description": "The resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](http://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "scalableDimension": { "type": "string", "description": "The scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](http://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "serviceNamespace": { "type": "string", "description": "The AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](http://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "stepScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyStepScalingPolicyConfiguration:PolicyStepScalingPolicyConfiguration", "description": "Step scaling policy configuration, requires `policy_type = \"StepScaling\"` (default). See supported fields below.\n" }, "targetTrackingScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfiguration:PolicyTargetTrackingScalingPolicyConfiguration", "description": "A target tracking policy, requires `policy_type = \"TargetTrackingScaling\"`. See supported fields below.\n" } }, "requiredInputs": [ "resourceId", "scalableDimension", "serviceNamespace" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to the scaling policy.\n" }, "name": { "type": "string", "description": "The name of the policy.\n" }, "policyType": { "type": "string", "description": "The policy type. Valid values are `StepScaling` and `TargetTrackingScaling`. Defaults to `StepScaling`. Certain services only support only one policy type. For more information see the [Target Tracking Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) and [Step Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) documentation.\n" }, "resourceId": { "type": "string", "description": "The resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](http://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "scalableDimension": { "type": "string", "description": "The scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](http://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "serviceNamespace": { "type": "string", "description": "The AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](http://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "stepScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyStepScalingPolicyConfiguration:PolicyStepScalingPolicyConfiguration", "description": "Step scaling policy configuration, requires `policy_type = \"StepScaling\"` (default). See supported fields below.\n" }, "targetTrackingScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfiguration:PolicyTargetTrackingScalingPolicyConfiguration", "description": "A target tracking policy, requires `policy_type = \"TargetTrackingScaling\"`. See supported fields below.\n" } }, "type": "object" } }, "aws:appautoscaling/scheduledAction:ScheduledAction": { "description": "Provides an Application AutoScaling ScheduledAction resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### DynamoDB Table Autoscaling\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dynamodbTarget = new aws.appautoscaling.Target(\"dynamodb\", {\n maxCapacity: 100,\n minCapacity: 5,\n resourceId: \"table/tableName\",\n scalableDimension: \"dynamodb:table:ReadCapacityUnits\",\n serviceNamespace: \"dynamodb\",\n});\nconst dynamodbScheduledAction = new aws.appautoscaling.ScheduledAction(\"dynamodb\", {\n resourceId: dynamodbTarget.resourceId,\n scalableDimension: dynamodbTarget.scalableDimension,\n scalableTargetAction: {\n maxCapacity: 200,\n minCapacity: 1,\n },\n schedule: \"at(2006-01-02T15:04:05)\",\n serviceNamespace: dynamodbTarget.serviceNamespace,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndynamodb_target = aws.appautoscaling.Target(\"dynamodbTarget\",\n max_capacity=100,\n min_capacity=5,\n resource_id=\"table/tableName\",\n scalable_dimension=\"dynamodb:table:ReadCapacityUnits\",\n service_namespace=\"dynamodb\")\ndynamodb_scheduled_action = aws.appautoscaling.ScheduledAction(\"dynamodbScheduledAction\",\n resource_id=dynamodb_target.resource_id,\n scalable_dimension=dynamodb_target.scalable_dimension,\n scalable_target_action={\n \"max_capacity\": 200,\n \"min_capacity\": 1,\n },\n schedule=\"at(2006-01-02T15:04:05)\",\n service_namespace=dynamodb_target.service_namespace)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dynamodbTarget = new Aws.AppAutoScaling.Target(\"dynamodbTarget\", new Aws.AppAutoScaling.TargetArgs\n {\n MaxCapacity = 100,\n MinCapacity = 5,\n ResourceId = \"table/tableName\",\n ScalableDimension = \"dynamodb:table:ReadCapacityUnits\",\n ServiceNamespace = \"dynamodb\",\n });\n var dynamodbScheduledAction = new Aws.AppAutoScaling.ScheduledAction(\"dynamodbScheduledAction\", new Aws.AppAutoScaling.ScheduledActionArgs\n {\n ResourceId = dynamodbTarget.ResourceId,\n ScalableDimension = dynamodbTarget.ScalableDimension,\n ScalableTargetAction = new Aws.AppAutoScaling.Inputs.ScheduledActionScalableTargetActionArgs\n {\n MaxCapacity = 200,\n MinCapacity = 1,\n },\n Schedule = \"at(2006-01-02T15:04:05)\",\n ServiceNamespace = dynamodbTarget.ServiceNamespace,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdynamodbTarget, err := appautoscaling.NewTarget(ctx, \"dynamodbTarget\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(100),\n\t\t\tMinCapacity: pulumi.Int(5),\n\t\t\tResourceId: pulumi.String(\"table/tableName\"),\n\t\t\tScalableDimension: pulumi.String(\"dynamodb:table:ReadCapacityUnits\"),\n\t\t\tServiceNamespace: pulumi.String(\"dynamodb\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewScheduledAction(ctx, \"dynamodbScheduledAction\", \u0026appautoscaling.ScheduledActionArgs{\n\t\t\tResourceId: dynamodbTarget.ResourceId,\n\t\t\tScalableDimension: dynamodbTarget.ScalableDimension,\n\t\t\tScalableTargetAction: \u0026appautoscaling.ScheduledActionScalableTargetActionArgs{\n\t\t\t\tMaxCapacity: pulumi.Int(200),\n\t\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\t},\n\t\t\tSchedule: pulumi.String(\"at(2006-01-02T15:04:05)\"),\n\t\t\tServiceNamespace: dynamodbTarget.ServiceNamespace,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### ECS Service Autoscaling\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecsTarget = new aws.appautoscaling.Target(\"ecs\", {\n maxCapacity: 4,\n minCapacity: 1,\n resourceId: \"service/clusterName/serviceName\",\n scalableDimension: \"ecs:service:DesiredCount\",\n serviceNamespace: \"ecs\",\n});\nconst ecsScheduledAction = new aws.appautoscaling.ScheduledAction(\"ecs\", {\n resourceId: ecsTarget.resourceId,\n scalableDimension: ecsTarget.scalableDimension,\n scalableTargetAction: {\n maxCapacity: 10,\n minCapacity: 1,\n },\n schedule: \"at(2006-01-02T15:04:05)\",\n serviceNamespace: ecsTarget.serviceNamespace,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_target = aws.appautoscaling.Target(\"ecsTarget\",\n max_capacity=4,\n min_capacity=1,\n resource_id=\"service/clusterName/serviceName\",\n scalable_dimension=\"ecs:service:DesiredCount\",\n service_namespace=\"ecs\")\necs_scheduled_action = aws.appautoscaling.ScheduledAction(\"ecsScheduledAction\",\n resource_id=ecs_target.resource_id,\n scalable_dimension=ecs_target.scalable_dimension,\n scalable_target_action={\n \"max_capacity\": 10,\n \"min_capacity\": 1,\n },\n schedule=\"at(2006-01-02T15:04:05)\",\n service_namespace=ecs_target.service_namespace)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ecsTarget = new Aws.AppAutoScaling.Target(\"ecsTarget\", new Aws.AppAutoScaling.TargetArgs\n {\n MaxCapacity = 4,\n MinCapacity = 1,\n ResourceId = \"service/clusterName/serviceName\",\n ScalableDimension = \"ecs:service:DesiredCount\",\n ServiceNamespace = \"ecs\",\n });\n var ecsScheduledAction = new Aws.AppAutoScaling.ScheduledAction(\"ecsScheduledAction\", new Aws.AppAutoScaling.ScheduledActionArgs\n {\n ResourceId = ecsTarget.ResourceId,\n ScalableDimension = ecsTarget.ScalableDimension,\n ScalableTargetAction = new Aws.AppAutoScaling.Inputs.ScheduledActionScalableTargetActionArgs\n {\n MaxCapacity = 10,\n MinCapacity = 1,\n },\n Schedule = \"at(2006-01-02T15:04:05)\",\n ServiceNamespace = ecsTarget.ServiceNamespace,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tecsTarget, err := appautoscaling.NewTarget(ctx, \"ecsTarget\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(4),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tResourceId: pulumi.String(\"service/clusterName/serviceName\"),\n\t\t\tScalableDimension: pulumi.String(\"ecs:service:DesiredCount\"),\n\t\t\tServiceNamespace: pulumi.String(\"ecs\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewScheduledAction(ctx, \"ecsScheduledAction\", \u0026appautoscaling.ScheduledActionArgs{\n\t\t\tResourceId: ecsTarget.ResourceId,\n\t\t\tScalableDimension: ecsTarget.ScalableDimension,\n\t\t\tScalableTargetAction: \u0026appautoscaling.ScheduledActionScalableTargetActionArgs{\n\t\t\t\tMaxCapacity: pulumi.Int(10),\n\t\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\t},\n\t\t\tSchedule: pulumi.String(\"at(2006-01-02T15:04:05)\"),\n\t\t\tServiceNamespace: ecsTarget.ServiceNamespace,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the scheduled action.\n" }, "endTime": { "type": "string", "description": "The date and time for the scheduled action to end. Specify the following format: 2006-01-02T15:04:05Z\n" }, "name": { "type": "string", "description": "The name of the scheduled action.\n" }, "resourceId": { "type": "string", "description": "The identifier of the resource associated with the scheduled action. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-ResourceId)\n" }, "scalableDimension": { "type": "string", "description": "The scalable dimension. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-ScalableDimension) Example: ecs:service:DesiredCount\n" }, "scalableTargetAction": { "$ref": "#/types/aws:appautoscaling/ScheduledActionScalableTargetAction:ScheduledActionScalableTargetAction", "description": "The new minimum and maximum capacity. You can set both values or just one. See below\n" }, "schedule": { "type": "string", "description": "The schedule for this action. The following formats are supported: At expressions - at(yyyy-mm-ddThh:mm:ss), Rate expressions - rate(valueunit), Cron expressions - cron(fields). In UTC. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-Schedule)\n" }, "serviceNamespace": { "type": "string", "description": "The namespace of the AWS service. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-ServiceNamespace) Example: ecs\n" }, "startTime": { "type": "string", "description": "The date and time for the scheduled action to start. Specify the following format: 2006-01-02T15:04:05Z\n" } }, "required": [ "arn", "name", "resourceId", "serviceNamespace" ], "inputProperties": { "endTime": { "type": "string", "description": "The date and time for the scheduled action to end. Specify the following format: 2006-01-02T15:04:05Z\n" }, "name": { "type": "string", "description": "The name of the scheduled action.\n" }, "resourceId": { "type": "string", "description": "The identifier of the resource associated with the scheduled action. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-ResourceId)\n" }, "scalableDimension": { "type": "string", "description": "The scalable dimension. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-ScalableDimension) Example: ecs:service:DesiredCount\n" }, "scalableTargetAction": { "$ref": "#/types/aws:appautoscaling/ScheduledActionScalableTargetAction:ScheduledActionScalableTargetAction", "description": "The new minimum and maximum capacity. You can set both values or just one. See below\n" }, "schedule": { "type": "string", "description": "The schedule for this action. The following formats are supported: At expressions - at(yyyy-mm-ddThh:mm:ss), Rate expressions - rate(valueunit), Cron expressions - cron(fields). In UTC. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-Schedule)\n" }, "serviceNamespace": { "type": "string", "description": "The namespace of the AWS service. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-ServiceNamespace) Example: ecs\n" }, "startTime": { "type": "string", "description": "The date and time for the scheduled action to start. Specify the following format: 2006-01-02T15:04:05Z\n" } }, "requiredInputs": [ "resourceId", "serviceNamespace" ], "stateInputs": { "description": "Input properties used for looking up and filtering ScheduledAction resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the scheduled action.\n" }, "endTime": { "type": "string", "description": "The date and time for the scheduled action to end. Specify the following format: 2006-01-02T15:04:05Z\n" }, "name": { "type": "string", "description": "The name of the scheduled action.\n" }, "resourceId": { "type": "string", "description": "The identifier of the resource associated with the scheduled action. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-ResourceId)\n" }, "scalableDimension": { "type": "string", "description": "The scalable dimension. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-ScalableDimension) Example: ecs:service:DesiredCount\n" }, "scalableTargetAction": { "$ref": "#/types/aws:appautoscaling/ScheduledActionScalableTargetAction:ScheduledActionScalableTargetAction", "description": "The new minimum and maximum capacity. You can set both values or just one. See below\n" }, "schedule": { "type": "string", "description": "The schedule for this action. The following formats are supported: At expressions - at(yyyy-mm-ddThh:mm:ss), Rate expressions - rate(valueunit), Cron expressions - cron(fields). In UTC. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-Schedule)\n" }, "serviceNamespace": { "type": "string", "description": "The namespace of the AWS service. Documentation can be found in the parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/ApplicationAutoScaling/latest/APIReference/API_PutScheduledAction.html#ApplicationAutoScaling-PutScheduledAction-request-ServiceNamespace) Example: ecs\n" }, "startTime": { "type": "string", "description": "The date and time for the scheduled action to start. Specify the following format: 2006-01-02T15:04:05Z\n" } }, "type": "object" } }, "aws:appautoscaling/target:Target": { "description": "Provides an Application AutoScaling ScalableTarget resource. To manage policies which get attached to the target, see the `aws.appautoscaling.Policy` resource.\n\n\u003e **NOTE:** The [Application Auto Scaling service automatically attempts to manage IAM Service-Linked Roles](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles) when registering certain service namespaces for the first time. To manually manage this role, see the `aws.iam.ServiceLinkedRole` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### DynamoDB Table Autoscaling\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dynamodbTableReadTarget = new aws.appautoscaling.Target(\"dynamodb_table_read_target\", {\n maxCapacity: 100,\n minCapacity: 5,\n resourceId: pulumi.interpolate`table/${aws_dynamodb_table_example.name}`,\n scalableDimension: \"dynamodb:table:ReadCapacityUnits\",\n serviceNamespace: \"dynamodb\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndynamodb_table_read_target = aws.appautoscaling.Target(\"dynamodbTableReadTarget\",\n max_capacity=100,\n min_capacity=5,\n resource_id=f\"table/{aws_dynamodb_table['example']['name']}\",\n scalable_dimension=\"dynamodb:table:ReadCapacityUnits\",\n service_namespace=\"dynamodb\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dynamodbTableReadTarget = new Aws.AppAutoScaling.Target(\"dynamodbTableReadTarget\", new Aws.AppAutoScaling.TargetArgs\n {\n MaxCapacity = 100,\n MinCapacity = 5,\n ResourceId = $\"table/{aws_dynamodb_table.Example.Name}\",\n ScalableDimension = \"dynamodb:table:ReadCapacityUnits\",\n ServiceNamespace = \"dynamodb\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appautoscaling.NewTarget(ctx, \"dynamodbTableReadTarget\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(100),\n\t\t\tMinCapacity: pulumi.Int(5),\n\t\t\tResourceId: pulumi.String(fmt.Sprintf(\"%v%v\", \"table/\", aws_dynamodb_table.Example.Name)),\n\t\t\tScalableDimension: pulumi.String(\"dynamodb:table:ReadCapacityUnits\"),\n\t\t\tServiceNamespace: pulumi.String(\"dynamodb\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### DynamoDB Index Autoscaling\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dynamodbIndexReadTarget = new aws.appautoscaling.Target(\"dynamodb_index_read_target\", {\n maxCapacity: 100,\n minCapacity: 5,\n resourceId: pulumi.interpolate`table/${aws_dynamodb_table_example.name}/index/${var_index_name}`,\n scalableDimension: \"dynamodb:index:ReadCapacityUnits\",\n serviceNamespace: \"dynamodb\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndynamodb_index_read_target = aws.appautoscaling.Target(\"dynamodbIndexReadTarget\",\n max_capacity=100,\n min_capacity=5,\n resource_id=f\"table/{aws_dynamodb_table['example']['name']}/index/{var['index_name']}\",\n scalable_dimension=\"dynamodb:index:ReadCapacityUnits\",\n service_namespace=\"dynamodb\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dynamodbIndexReadTarget = new Aws.AppAutoScaling.Target(\"dynamodbIndexReadTarget\", new Aws.AppAutoScaling.TargetArgs\n {\n MaxCapacity = 100,\n MinCapacity = 5,\n ResourceId = $\"table/{aws_dynamodb_table.Example.Name}/index/{@var.Index_name}\",\n ScalableDimension = \"dynamodb:index:ReadCapacityUnits\",\n ServiceNamespace = \"dynamodb\",\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### ECS Service Autoscaling\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecsTarget = new aws.appautoscaling.Target(\"ecs_target\", {\n maxCapacity: 4,\n minCapacity: 1,\n resourceId: pulumi.interpolate`service/${aws_ecs_cluster_example.name}/${aws_ecs_service_example.name}`,\n scalableDimension: \"ecs:service:DesiredCount\",\n serviceNamespace: \"ecs\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_target = aws.appautoscaling.Target(\"ecsTarget\",\n max_capacity=4,\n min_capacity=1,\n resource_id=f\"service/{aws_ecs_cluster['example']['name']}/{aws_ecs_service['example']['name']}\",\n scalable_dimension=\"ecs:service:DesiredCount\",\n service_namespace=\"ecs\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ecsTarget = new Aws.AppAutoScaling.Target(\"ecsTarget\", new Aws.AppAutoScaling.TargetArgs\n {\n MaxCapacity = 4,\n MinCapacity = 1,\n ResourceId = $\"service/{aws_ecs_cluster.Example.Name}/{aws_ecs_service.Example.Name}\",\n ScalableDimension = \"ecs:service:DesiredCount\",\n ServiceNamespace = \"ecs\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appautoscaling.NewTarget(ctx, \"ecsTarget\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(4),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tResourceId: pulumi.String(fmt.Sprintf(\"%v%v%v%v\", \"service/\", aws_ecs_cluster.Example.Name, \"/\", aws_ecs_service.Example.Name)),\n\t\t\tScalableDimension: pulumi.String(\"ecs:service:DesiredCount\"),\n\t\t\tServiceNamespace: pulumi.String(\"ecs\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Aurora Read Replica Autoscaling\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst replicas = new aws.appautoscaling.Target(\"replicas\", {\n maxCapacity: 15,\n minCapacity: 1,\n resourceId: pulumi.interpolate`cluster:${aws_rds_cluster_example.id}`,\n scalableDimension: \"rds:cluster:ReadReplicaCount\",\n serviceNamespace: \"rds\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreplicas = aws.appautoscaling.Target(\"replicas\",\n max_capacity=15,\n min_capacity=1,\n resource_id=f\"cluster:{aws_rds_cluster['example']['id']}\",\n scalable_dimension=\"rds:cluster:ReadReplicaCount\",\n service_namespace=\"rds\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var replicas = new Aws.AppAutoScaling.Target(\"replicas\", new Aws.AppAutoScaling.TargetArgs\n {\n MaxCapacity = 15,\n MinCapacity = 1,\n ResourceId = $\"cluster:{aws_rds_cluster.Example.Id}\",\n ScalableDimension = \"rds:cluster:ReadReplicaCount\",\n ServiceNamespace = \"rds\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appautoscaling.NewTarget(ctx, \"replicas\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(15),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tResourceId: pulumi.String(fmt.Sprintf(\"%v%v\", \"cluster:\", aws_rds_cluster.Example.Id)),\n\t\t\tScalableDimension: pulumi.String(\"rds:cluster:ReadReplicaCount\"),\n\t\t\tServiceNamespace: pulumi.String(\"rds\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "maxCapacity": { "type": "integer", "description": "The max capacity of the scalable target.\n" }, "minCapacity": { "type": "integer", "description": "The min capacity of the scalable target.\n" }, "resourceId": { "type": "string", "description": "The resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that allows Application AutoScaling to modify your scalable target on your behalf. This defaults to an IAM Service-Linked Role for most services and custom IAM Roles are ignored by the API for those namespaces. See the [AWS Application Auto Scaling documentation](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles) for more information about how this service interacts with IAM.\n" }, "scalableDimension": { "type": "string", "description": "The scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "serviceNamespace": { "type": "string", "description": "The AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" } }, "required": [ "maxCapacity", "minCapacity", "resourceId", "roleArn", "scalableDimension", "serviceNamespace" ], "inputProperties": { "maxCapacity": { "type": "integer", "description": "The max capacity of the scalable target.\n" }, "minCapacity": { "type": "integer", "description": "The min capacity of the scalable target.\n" }, "resourceId": { "type": "string", "description": "The resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that allows Application AutoScaling to modify your scalable target on your behalf. This defaults to an IAM Service-Linked Role for most services and custom IAM Roles are ignored by the API for those namespaces. See the [AWS Application Auto Scaling documentation](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles) for more information about how this service interacts with IAM.\n" }, "scalableDimension": { "type": "string", "description": "The scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "serviceNamespace": { "type": "string", "description": "The AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" } }, "requiredInputs": [ "maxCapacity", "minCapacity", "resourceId", "scalableDimension", "serviceNamespace" ], "stateInputs": { "description": "Input properties used for looking up and filtering Target resources.\n", "properties": { "maxCapacity": { "type": "integer", "description": "The max capacity of the scalable target.\n" }, "minCapacity": { "type": "integer", "description": "The min capacity of the scalable target.\n" }, "resourceId": { "type": "string", "description": "The resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that allows Application AutoScaling to modify your scalable target on your behalf. This defaults to an IAM Service-Linked Role for most services and custom IAM Roles are ignored by the API for those namespaces. See the [AWS Application Auto Scaling documentation](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles) for more information about how this service interacts with IAM.\n" }, "scalableDimension": { "type": "string", "description": "The scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "serviceNamespace": { "type": "string", "description": "The AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" } }, "type": "object" } }, "aws:applicationloadbalancing/listener:Listener": { "description": "Provides a Load Balancer Listener resource.\n\n\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Forward Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"443\",\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Redirect Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [{\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n type: \"redirect\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[{\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n \"type\": \"redirect\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n Type = \"redirect\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tRedirect: \u0026lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Fixed-response Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [{\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n type: \"fixed-response\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[{\n \"fixedResponse\": {\n \"content_type\": \"text/plain\",\n \"messageBody\": \"Fixed response content\",\n \"status_code\": \"200\",\n },\n \"type\": \"fixed-response\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n Type = \"fixed-response\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Authenticate-cognito Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [\n {\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n type: \"authenticate-cognito\",\n },\n {\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n },\n ],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[\n {\n \"authenticateCognito\": {\n \"userPoolArn\": pool.arn,\n \"userPoolClientId\": client.id,\n \"userPoolDomain\": domain.domain,\n },\n \"type\": \"authenticate-cognito\",\n },\n {\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n },\n ],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n });\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\", new Aws.Cognito.UserPoolDomainArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n Type = \"authenticate-cognito\",\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Authenticate-oidc Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [\n {\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n type: \"authenticate-oidc\",\n },\n {\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n },\n ],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[\n {\n \"authenticateOidc\": {\n \"authorizationEndpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"tokenEndpoint\": \"https://example.com/token_endpoint\",\n \"userInfoEndpoint\": \"https://example.com/user_info_endpoint\",\n },\n \"type\": \"authenticate-oidc\",\n },\n {\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n },\n ],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n Type = \"authenticate-oidc\",\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "required": [ "arn", "defaultActions", "loadBalancerArn", "port", "sslPolicy" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "requiredInputs": [ "defaultActions", "loadBalancerArn", "port" ], "stateInputs": { "description": "Input properties used for looking up and filtering Listener resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "type": "object" }, "deprecationMessage": "aws.applicationloadbalancing.Listener has been deprecated in favor of aws.alb.Listener" }, "aws:applicationloadbalancing/listenerCertificate:ListenerCertificate": { "description": "Provides a Load Balancer Listener Certificate resource.\n\nThis resource is for additional certificates and does not replace the default certificate on the listener.\n\n\u003e **Note:** `aws.alb.ListenerCertificate` is known as `aws.lb.ListenerCertificate`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCertificate = new aws.acm.Certificate(\"example\", {});\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst exampleListenerCertificate = new aws.lb.ListenerCertificate(\"example\", {\n certificateArn: exampleCertificate.arn,\n listenerArn: frontEndListener.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_certificate = aws.acm.Certificate(\"exampleCertificate\")\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\")\nexample_listener_certificate = aws.lb.ListenerCertificate(\"exampleListenerCertificate\",\n certificate_arn=example_certificate.arn,\n listener_arn=front_end_listener.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleCertificate = new Aws.Acm.Certificate(\"exampleCertificate\", new Aws.Acm.CertificateArgs\n {\n });\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n });\n var exampleListenerCertificate = new Aws.LB.ListenerCertificate(\"exampleListenerCertificate\", new Aws.LB.ListenerCertificateArgs\n {\n CertificateArn = exampleCertificate.Arn,\n ListenerArn = frontEndListener.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCertificate, err := acm.NewCertificate(ctx, \"exampleCertificate\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"frontEndListener\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerCertificate(ctx, \"exampleListenerCertificate\", \u0026lb.ListenerCertificateArgs{\n\t\t\tCertificateArn: exampleCertificate.Arn,\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "required": [ "certificateArn", "listenerArn" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "requiredInputs": [ "certificateArn", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerCertificate resources.\n", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "type": "object" }, "deprecationMessage": "aws.applicationloadbalancing.ListenerCertificate has been deprecated in favor of aws.alb.ListenerCertificate" }, "aws:applicationloadbalancing/listenerRule:ListenerRule": { "description": "Provides a Load Balancer Listener Rule resource.\n\n\u003e **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst static = new aws.lb.ListenerRule(\"static\", {\n actions: [{\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n }],\n conditions: [\n {\n pathPattern: {\n values: [\"/static/*\"],\n },\n },\n {\n hostHeader: {\n values: [\"example.com\"],\n },\n },\n ],\n listenerArn: frontEndListener.arn,\n priority: 100,\n});\nconst hostBasedRouting = new aws.lb.ListenerRule(\"host_based_routing\", {\n actions: [{\n forward: {\n stickiness: {\n duration: 600,\n enabled: true,\n },\n targetGroups: [\n {\n arn: aws_lb_target_group_main.arn,\n weight: 80,\n },\n {\n arn: aws_lb_target_group_canary.arn,\n weight: 20,\n },\n ],\n },\n type: \"forward\",\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n priority: 99,\n});\nconst hostBasedWeightedRouting = new aws.lb.ListenerRule(\"host_based_weighted_routing\", {\n actions: [{\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mydomain.io\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n priority: 99,\n});\nconst redirectHttpToHttps = new aws.lb.ListenerRule(\"redirect_http_to_https\", {\n actions: [{\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n type: \"redirect\",\n }],\n conditions: [{\n httpHeader: {\n httpHeaderName: \"X-Forwarded-For\",\n values: [\"192.168.1.*\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n});\nconst healthCheck = new aws.lb.ListenerRule(\"health_check\", {\n actions: [{\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"HEALTHY\",\n statusCode: \"200\",\n },\n type: \"fixed-response\",\n }],\n conditions: [{\n queryStrings: [\n {\n key: \"health\",\n value: \"check\",\n },\n {\n value: \"bar\",\n },\n ],\n }],\n listenerArn: frontEndListener.arn,\n});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst admin = new aws.lb.ListenerRule(\"admin\", {\n actions: [\n {\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n type: \"authenticate-oidc\",\n },\n {\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n },\n ],\n listenerArn: frontEndListener.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\")\nstatic = aws.lb.ListenerRule(\"static\",\n actions=[{\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n }],\n conditions=[\n {\n \"pathPattern\": {\n \"values\": [\"/static/*\"],\n },\n },\n {\n \"hostHeader\": {\n \"values\": [\"example.com\"],\n },\n },\n ],\n listener_arn=front_end_listener.arn,\n priority=100)\nhost_based_routing = aws.lb.ListenerRule(\"hostBasedRouting\",\n actions=[{\n \"forward\": {\n \"stickiness\": {\n \"duration\": 600,\n \"enabled\": True,\n },\n \"targetGroup\": [\n {\n \"arn\": aws_lb_target_group[\"main\"][\"arn\"],\n \"weight\": 80,\n },\n {\n \"arn\": aws_lb_target_group[\"canary\"][\"arn\"],\n \"weight\": 20,\n },\n ],\n },\n \"type\": \"forward\",\n }],\n conditions=[{\n \"hostHeader\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }],\n listener_arn=front_end_listener.arn,\n priority=99)\nhost_based_weighted_routing = aws.lb.ListenerRule(\"hostBasedWeightedRouting\",\n actions=[{\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n }],\n conditions=[{\n \"hostHeader\": {\n \"values\": [\"my-service.*.mydomain.io\"],\n },\n }],\n listener_arn=front_end_listener.arn,\n priority=99)\nredirect_http_to_https = aws.lb.ListenerRule(\"redirectHttpToHttps\",\n actions=[{\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n \"type\": \"redirect\",\n }],\n conditions=[{\n \"httpHeader\": {\n \"httpHeaderName\": \"X-Forwarded-For\",\n \"values\": [\"192.168.1.*\"],\n },\n }],\n listener_arn=front_end_listener.arn)\nhealth_check = aws.lb.ListenerRule(\"healthCheck\",\n actions=[{\n \"fixedResponse\": {\n \"content_type\": \"text/plain\",\n \"messageBody\": \"HEALTHY\",\n \"status_code\": \"200\",\n },\n \"type\": \"fixed-response\",\n }],\n conditions=[{\n \"queryString\": [\n {\n \"key\": \"health\",\n \"value\": \"check\",\n },\n {\n \"value\": \"bar\",\n },\n ],\n }],\n listener_arn=front_end_listener.arn)\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nadmin = aws.lb.ListenerRule(\"admin\",\n actions=[\n {\n \"authenticateOidc\": {\n \"authorizationEndpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"tokenEndpoint\": \"https://example.com/token_endpoint\",\n \"userInfoEndpoint\": \"https://example.com/user_info_endpoint\",\n },\n \"type\": \"authenticate-oidc\",\n },\n {\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n },\n ],\n listener_arn=front_end_listener.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n });\n var @static = new Aws.LB.ListenerRule(\"static\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs\n {\n Values = \n {\n \"/static/*\",\n },\n },\n },\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"example.com\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 100,\n });\n var hostBasedRouting = new Aws.LB.ListenerRule(\"hostBasedRouting\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs\n {\n Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs\n {\n Duration = 600,\n Enabled = true,\n },\n TargetGroup = \n {\n \n {\n { \"arn\", aws_lb_target_group.Main.Arn },\n { \"weight\", 80 },\n },\n \n {\n { \"arn\", aws_lb_target_group.Canary.Arn },\n { \"weight\", 20 },\n },\n },\n },\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n });\n var hostBasedWeightedRouting = new Aws.LB.ListenerRule(\"hostBasedWeightedRouting\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"my-service.*.mydomain.io\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n });\n var redirectHttpToHttps = new Aws.LB.ListenerRule(\"redirectHttpToHttps\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n Type = \"redirect\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs\n {\n HttpHeaderName = \"X-Forwarded-For\",\n Values = \n {\n \"192.168.1.*\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n var healthCheck = new Aws.LB.ListenerRule(\"healthCheck\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"HEALTHY\",\n StatusCode = \"200\",\n },\n Type = \"fixed-response\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n QueryString = \n {\n \n {\n { \"key\", \"health\" },\n { \"value\", \"check\" },\n },\n \n {\n { \"value\", \"bar\" },\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n });\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\", new Aws.Cognito.UserPoolDomainArgs\n {\n });\n var admin = new Aws.LB.ListenerRule(\"admin\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n Type = \"authenticate-oidc\",\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"frontEndListener\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"static\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tPathPattern: \u0026lb.ListenerRuleConditionPathPatternArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"/static/*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"hostBasedRouting\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tForward: \u0026lb.ListenerRuleActionForwardArgs{\n\t\t\t\t\t\tStickiness: \u0026lb.ListenerRuleActionForwardStickinessArgs{\n\t\t\t\t\t\t\tDuration: pulumi.Int(600),\n\t\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTargetGroup: pulumi.MapArray{\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"arn\": pulumi.String(aws_lb_target_group.Main.Arn),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(80),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"arn\": pulumi.String(aws_lb_target_group.Canary.Arn),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(20),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"hostBasedWeightedRouting\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mydomain.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"redirectHttpToHttps\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tRedirect: \u0026lb.ListenerRuleActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHttpHeader: \u0026lb.ListenerRuleConditionHttpHeaderArgs{\n\t\t\t\t\t\tHttpHeaderName: pulumi.String(\"X-Forwarded-For\"),\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"192.168.1.*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"healthCheck\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerRuleActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"HEALTHY\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tQueryString: pulumi.Array{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"health\"),\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"check\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"bar\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"admin\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerRuleActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "required": [ "actions", "arn", "conditions", "listenerArn", "priority" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "requiredInputs": [ "actions", "conditions", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerRule resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "type": "object" }, "deprecationMessage": "aws.applicationloadbalancing.ListenerRule has been deprecated in favor of aws.alb.ListenerRule" }, "aws:applicationloadbalancing/loadBalancer:LoadBalancer": { "description": "Provides a Load Balancer resource.\n\n\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Application Load Balancer\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n accessLogs: {\n bucket: aws_s3_bucket_lb_logs.bucket,\n enabled: true,\n prefix: \"test-lb\",\n },\n enableDeletionProtection: true,\n internal: false,\n loadBalancerType: \"application\",\n securityGroups: [aws_security_group_lb_sg.id],\n subnets: [aws_subnet_public.map(v =\u003e v.id)],\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n access_logs={\n \"bucket\": aws_s3_bucket[\"lb_logs\"][\"bucket\"],\n \"enabled\": True,\n \"prefix\": \"test-lb\",\n },\n enable_deletion_protection=True,\n internal=False,\n load_balancer_type=\"application\",\n security_groups=[aws_security_group[\"lb_sg\"][\"id\"]],\n subnets=[[__item[\"id\"] for __item in aws_subnet[\"public\"]]],\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.LB.LoadBalancer(\"test\", new Aws.LB.LoadBalancerArgs\n {\n AccessLogs = new Aws.LB.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = aws_s3_bucket.Lb_logs.Bucket,\n Enabled = true,\n Prefix = \"test-lb\",\n },\n EnableDeletionProtection = true,\n Internal = false,\n LoadBalancerType = \"application\",\n SecurityGroups = \n {\n aws_security_group.Lb_sg.Id,\n },\n Subnets = \n {\n aws_subnet.Public.Select(__item =\u003e __item.Id).ToList(),\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Network Load Balancer\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n enableDeletionProtection: true,\n internal: false,\n loadBalancerType: \"network\",\n subnets: [aws_subnet_public.map(v =\u003e v.id)],\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n enable_deletion_protection=True,\n internal=False,\n load_balancer_type=\"network\",\n subnets=[[__item[\"id\"] for __item in aws_subnet[\"public\"]]],\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.LB.LoadBalancer(\"test\", new Aws.LB.LoadBalancerArgs\n {\n EnableDeletionProtection = true,\n Internal = false,\n LoadBalancerType = \"network\",\n Subnets = \n {\n aws_subnet.Public.Select(__item =\u003e __item.Id).ToList(),\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Specifying Elastic IPs\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n loadBalancerType: \"network\",\n subnetMappings: [\n {\n allocationId: aws_eip_example1.id,\n subnetId: aws_subnet_example1.id,\n },\n {\n allocationId: aws_eip_example2.id,\n subnetId: aws_subnet_example2.id,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n load_balancer_type=\"network\",\n subnet_mappings=[\n {\n \"allocation_id\": aws_eip[\"example1\"][\"id\"],\n \"subnet_id\": aws_subnet[\"example1\"][\"id\"],\n },\n {\n \"allocation_id\": aws_eip[\"example2\"][\"id\"],\n \"subnet_id\": aws_subnet[\"example2\"][\"id\"],\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.LB.LoadBalancer(\"example\", new Aws.LB.LoadBalancerArgs\n {\n LoadBalancerType = \"network\",\n SubnetMappings = \n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n AllocationId = aws_eip.Example1.Id,\n SubnetId = aws_subnet.Example1.Id,\n },\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n AllocationId = aws_eip.Example2.Id,\n SubnetId = aws_subnet.Example2.Id,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tAllocationId: pulumi.String(aws_eip.Example1.Id),\n\t\t\t\t\tSubnetId: pulumi.String(aws_subnet.Example1.Id),\n\t\t\t\t},\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tAllocationId: pulumi.String(aws_eip.Example2.Id),\n\t\t\t\t\tSubnetId: pulumi.String(aws_subnet.Example2.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessLogs": { "$ref": "#/types/aws:applicationloadbalancing/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the load balancer.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "$ref": "#/types/aws:alb/ipAddressType:IpAddressType", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "$ref": "#/types/aws:alb/loadBalancerType:LoadBalancerType", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "required": [ "arn", "arnSuffix", "dnsName", "internal", "ipAddressType", "name", "securityGroups", "subnetMappings", "subnets", "vpcId", "zoneId" ], "inputProperties": { "accessLogs": { "$ref": "#/types/aws:applicationloadbalancing/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "$ref": "#/types/aws:alb/ipAddressType:IpAddressType", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "$ref": "#/types/aws:alb/loadBalancerType:LoadBalancerType", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancer resources.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:applicationloadbalancing/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the load balancer.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "$ref": "#/types/aws:alb/ipAddressType:IpAddressType", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "$ref": "#/types/aws:alb/loadBalancerType:LoadBalancerType", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "type": "object" }, "deprecationMessage": "aws.applicationloadbalancing.LoadBalancer has been deprecated in favor of aws.alb.LoadBalancer" }, "aws:applicationloadbalancing/targetGroup:TargetGroup": { "description": "Provides a Target Group resource for use with Load Balancer resources.\n\n\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Instance Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst test = new aws.lb.TargetGroup(\"test\", {\n port: 80,\n protocol: \"HTTP\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\ntest = aws.lb.TargetGroup(\"test\",\n port=80,\n protocol=\"HTTP\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var test = new Aws.LB.TargetGroup(\"test\", new Aws.LB.TargetGroupArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### IP Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst ip_example = new aws.lb.TargetGroup(\"ip-example\", {\n port: 80,\n protocol: \"HTTP\",\n targetType: \"ip\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nip_example = aws.lb.TargetGroup(\"ip-example\",\n port=80,\n protocol=\"HTTP\",\n target_type=\"ip\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var ip_example = new Aws.LB.TargetGroup(\"ip-example\", new Aws.LB.TargetGroupArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n TargetType = \"ip\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"ip-example\", \u0026lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tTargetType: pulumi.String(\"ip\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Lambda Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda_example = new aws.lb.TargetGroup(\"lambda-example\", {\n targetType: \"lambda\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_example = aws.lb.TargetGroup(\"lambda-example\", target_type=\"lambda\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lambda_example = new Aws.LB.TargetGroup(\"lambda-example\", new Aws.LB.TargetGroupArgs\n {\n TargetType = \"lambda\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewTargetGroup(ctx, \"lambda-example\", \u0026lb.TargetGroupArgs{\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Target Group (matches `id`)\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:applicationloadbalancing/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:applicationloadbalancing/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "required": [ "arn", "arnSuffix", "healthCheck", "loadBalancingAlgorithmType", "name", "stickiness" ], "inputProperties": { "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:applicationloadbalancing/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:applicationloadbalancing/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Target Group (matches `id`)\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:applicationloadbalancing/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:applicationloadbalancing/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "type": "object" }, "deprecationMessage": "aws.applicationloadbalancing.TargetGroup has been deprecated in favor of aws.alb.TargetGroup" }, "aws:applicationloadbalancing/targetGroupAttachment:TargetGroupAttachment": { "description": "Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the `aws.elb.Attachment` resource.\n\n\u003e **Note:** `aws.alb.TargetGroupAttachment` is known as `aws.lb.TargetGroupAttachment`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {});\nconst testInstance = new aws.ec2.Instance(\"test\", {});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n port: 80,\n targetGroupArn: testTargetGroup.arn,\n targetId: testInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"testTargetGroup\")\ntest_instance = aws.ec2.Instance(\"testInstance\")\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"testTargetGroupAttachment\",\n port=80,\n target_group_arn=test_target_group.arn,\n target_id=test_instance.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testTargetGroup = new Aws.LB.TargetGroup(\"testTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var testInstance = new Aws.Ec2.Instance(\"testInstance\", new Aws.Ec2.InstanceArgs\n {\n });\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"testTargetGroupAttachment\", new Aws.LB.TargetGroupAttachmentArgs\n {\n Port = 80,\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testInstance.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"testTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := ec2.NewInstance(ctx, \"testInstance\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"testTargetGroupAttachment\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testInstance.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Usage with lambda\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {\n targetType: \"lambda\",\n});\nconst testFunction = new aws.lambda.Function(\"test\", {});\nconst withLb = new aws.lambda.Permission(\"with_lb\", {\n action: \"lambda:InvokeFunction\",\n function: testFunction.arn,\n principal: \"elasticloadbalancing.amazonaws.com\",\n sourceArn: testTargetGroup.arn,\n});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: testTargetGroup.arn,\n targetId: testFunction.arn,\n}, { dependsOn: [withLb] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"testTargetGroup\", target_type=\"lambda\")\ntest_function = aws.lambda_.Function(\"testFunction\")\nwith_lb = aws.lambda_.Permission(\"withLb\",\n action=\"lambda:InvokeFunction\",\n function=test_function.arn,\n principal=\"elasticloadbalancing.amazonaws.com\",\n source_arn=test_target_group.arn)\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"testTargetGroupAttachment\",\n target_group_arn=test_target_group.arn,\n target_id=test_function.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testTargetGroup = new Aws.LB.TargetGroup(\"testTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n TargetType = \"lambda\",\n });\n var testFunction = new Aws.Lambda.Function(\"testFunction\", new Aws.Lambda.FunctionArgs\n {\n });\n var withLb = new Aws.Lambda.Permission(\"withLb\", new Aws.Lambda.PermissionArgs\n {\n Action = \"lambda:InvokeFunction\",\n Function = testFunction.Arn,\n Principal = \"elasticloadbalancing.amazonaws.com\",\n SourceArn = testTargetGroup.Arn,\n });\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"testTargetGroupAttachment\", new Aws.LB.TargetGroupAttachmentArgs\n {\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testFunction.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"testTargetGroup\", \u0026lb.TargetGroupArgs{\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestFunction, err := lambda.NewFunction(ctx, \"testFunction\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"withLb\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testFunction.Arn,\n\t\t\tPrincipal: pulumi.String(\"elasticloadbalancing.amazonaws.com\"),\n\t\t\tSourceArn: testTargetGroup.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"testTargetGroupAttachment\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testFunction.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "required": [ "targetGroupArn", "targetId" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "requiredInputs": [ "targetGroupArn", "targetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroupAttachment resources.\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "type": "object" }, "deprecationMessage": "aws.applicationloadbalancing.TargetGroupAttachment has been deprecated in favor of aws.alb.TargetGroupAttachment" }, "aws:appmesh/mesh:Mesh": { "description": "Provides an AWS App Mesh service mesh resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst simple = new aws.appmesh.Mesh(\"simple\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsimple = aws.appmesh.Mesh(\"simple\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var simple = new Aws.AppMesh.Mesh(\"simple\", new Aws.AppMesh.MeshArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewMesh(ctx, \"simple\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Egress Filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst simple = new aws.appmesh.Mesh(\"simple\", {\n spec: {\n egressFilter: {\n type: \"ALLOW_ALL\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsimple = aws.appmesh.Mesh(\"simple\", spec={\n \"egressFilter\": {\n \"type\": \"ALLOW_ALL\",\n },\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var simple = new Aws.AppMesh.Mesh(\"simple\", new Aws.AppMesh.MeshArgs\n {\n Spec = new Aws.AppMesh.Inputs.MeshSpecArgs\n {\n EgressFilter = new Aws.AppMesh.Inputs.MeshSpecEgressFilterArgs\n {\n Type = \"ALLOW_ALL\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewMesh(ctx, \"simple\", \u0026appmesh.MeshArgs{\n\t\t\tSpec: \u0026appmesh.MeshSpecArgs{\n\t\t\t\tEgressFilter: \u0026appmesh.MeshSpecEgressFilterArgs{\n\t\t\t\t\tType: pulumi.String(\"ALLOW_ALL\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the service mesh.\n" }, "createdDate": { "type": "string", "description": "The creation date of the service mesh.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the service mesh.\n" }, "name": { "type": "string", "description": "The name to use for the service mesh.\n" }, "spec": { "$ref": "#/types/aws:appmesh/MeshSpec:MeshSpec", "description": "The service mesh specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name to use for the service mesh.\n" }, "spec": { "$ref": "#/types/aws:appmesh/MeshSpec:MeshSpec", "description": "The service mesh specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Mesh resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the service mesh.\n" }, "createdDate": { "type": "string", "description": "The creation date of the service mesh.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the service mesh.\n" }, "name": { "type": "string", "description": "The name to use for the service mesh.\n" }, "spec": { "$ref": "#/types/aws:appmesh/MeshSpec:MeshSpec", "description": "The service mesh specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:appmesh/route:Route": { "description": "Provides an AWS App Mesh route resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### HTTP Routing\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb = new aws.appmesh.Route(\"serviceb\", {\n meshName: aws_appmesh_mesh_simple.id,\n spec: {\n httpRoute: {\n action: {\n weightedTargets: [\n {\n virtualNode: aws_appmesh_virtual_node_serviceb1.name,\n weight: 90,\n },\n {\n virtualNode: aws_appmesh_virtual_node_serviceb2.name,\n weight: 10,\n },\n ],\n },\n match: {\n prefix: \"/\",\n },\n },\n },\n virtualRouterName: aws_appmesh_virtual_router_serviceb.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb = aws.appmesh.Route(\"serviceb\",\n mesh_name=aws_appmesh_mesh[\"simple\"][\"id\"],\n spec={\n \"httpRoute\": {\n \"action\": {\n \"weightedTarget\": [\n {\n \"virtualNode\": aws_appmesh_virtual_node[\"serviceb1\"][\"name\"],\n \"weight\": 90,\n },\n {\n \"virtualNode\": aws_appmesh_virtual_node[\"serviceb2\"][\"name\"],\n \"weight\": 10,\n },\n ],\n },\n \"match\": {\n \"prefix\": \"/\",\n },\n },\n },\n virtual_router_name=aws_appmesh_virtual_router[\"serviceb\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var serviceb = new Aws.AppMesh.Route(\"serviceb\", new Aws.AppMesh.RouteArgs\n {\n MeshName = aws_appmesh_mesh.Simple.Id,\n Spec = new Aws.AppMesh.Inputs.RouteSpecArgs\n {\n HttpRoute = new Aws.AppMesh.Inputs.RouteSpecHttpRouteArgs\n {\n Action = new Aws.AppMesh.Inputs.RouteSpecHttpRouteActionArgs\n {\n WeightedTarget = \n {\n \n {\n { \"virtualNode\", aws_appmesh_virtual_node.Serviceb1.Name },\n { \"weight\", 90 },\n },\n \n {\n { \"virtualNode\", aws_appmesh_virtual_node.Serviceb2.Name },\n { \"weight\", 10 },\n },\n },\n },\n Match = new Aws.AppMesh.Inputs.RouteSpecHttpRouteMatchArgs\n {\n Prefix = \"/\",\n },\n },\n },\n VirtualRouterName = aws_appmesh_virtual_router.Serviceb.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewRoute(ctx, \"serviceb\", \u0026appmesh.RouteArgs{\n\t\t\tMeshName: pulumi.String(aws_appmesh_mesh.Simple.Id),\n\t\t\tSpec: \u0026appmesh.RouteSpecArgs{\n\t\t\t\tHttpRoute: \u0026appmesh.RouteSpecHttpRouteArgs{\n\t\t\t\t\tAction: \u0026appmesh.RouteSpecHttpRouteActionArgs{\n\t\t\t\t\t\tWeightedTarget: pulumi.MapArray{\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"virtualNode\": pulumi.String(aws_appmesh_virtual_node.Serviceb1.Name),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(90),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"virtualNode\": pulumi.String(aws_appmesh_virtual_node.Serviceb2.Name),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(10),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tMatch: \u0026appmesh.RouteSpecHttpRouteMatchArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"/\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tVirtualRouterName: pulumi.String(aws_appmesh_virtual_router.Serviceb.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### HTTP Header Routing\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb = new aws.appmesh.Route(\"serviceb\", {\n meshName: aws_appmesh_mesh_simple.id,\n spec: {\n httpRoute: {\n action: {\n weightedTargets: [{\n virtualNode: aws_appmesh_virtual_node_serviceb.name,\n weight: 100,\n }],\n },\n match: {\n headers: [{\n match: {\n prefix: \"123\",\n },\n name: \"clientRequestId\",\n }],\n method: \"POST\",\n prefix: \"/\",\n scheme: \"https\",\n },\n },\n },\n virtualRouterName: aws_appmesh_virtual_router_serviceb.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb = aws.appmesh.Route(\"serviceb\",\n mesh_name=aws_appmesh_mesh[\"simple\"][\"id\"],\n spec={\n \"httpRoute\": {\n \"action\": {\n \"weightedTarget\": [{\n \"virtualNode\": aws_appmesh_virtual_node[\"serviceb\"][\"name\"],\n \"weight\": 100,\n }],\n },\n \"match\": {\n \"header\": [{\n \"match\": {\n \"prefix\": \"123\",\n },\n \"name\": \"clientRequestId\",\n }],\n \"method\": \"POST\",\n \"prefix\": \"/\",\n \"scheme\": \"https\",\n },\n },\n },\n virtual_router_name=aws_appmesh_virtual_router[\"serviceb\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var serviceb = new Aws.AppMesh.Route(\"serviceb\", new Aws.AppMesh.RouteArgs\n {\n MeshName = aws_appmesh_mesh.Simple.Id,\n Spec = new Aws.AppMesh.Inputs.RouteSpecArgs\n {\n HttpRoute = new Aws.AppMesh.Inputs.RouteSpecHttpRouteArgs\n {\n Action = new Aws.AppMesh.Inputs.RouteSpecHttpRouteActionArgs\n {\n WeightedTarget = \n {\n \n {\n { \"virtualNode\", aws_appmesh_virtual_node.Serviceb.Name },\n { \"weight\", 100 },\n },\n },\n },\n Match = new Aws.AppMesh.Inputs.RouteSpecHttpRouteMatchArgs\n {\n Header = \n {\n \n {\n { \"match\", \n {\n { \"prefix\", \"123\" },\n } },\n { \"name\", \"clientRequestId\" },\n },\n },\n Method = \"POST\",\n Prefix = \"/\",\n Scheme = \"https\",\n },\n },\n },\n VirtualRouterName = aws_appmesh_virtual_router.Serviceb.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewRoute(ctx, \"serviceb\", \u0026appmesh.RouteArgs{\n\t\t\tMeshName: pulumi.String(aws_appmesh_mesh.Simple.Id),\n\t\t\tSpec: \u0026appmesh.RouteSpecArgs{\n\t\t\t\tHttpRoute: \u0026appmesh.RouteSpecHttpRouteArgs{\n\t\t\t\t\tAction: \u0026appmesh.RouteSpecHttpRouteActionArgs{\n\t\t\t\t\t\tWeightedTarget: pulumi.MapArray{\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"virtualNode\": pulumi.String(aws_appmesh_virtual_node.Serviceb.Name),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(100),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tMatch: \u0026appmesh.RouteSpecHttpRouteMatchArgs{\n\t\t\t\t\t\tHeader: pulumi.MapArray{\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"match\": pulumi.Map{\n\t\t\t\t\t\t\t\t\t\"prefix\": pulumi.String(\"123\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\"name\": pulumi.String(\"clientRequestId\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tMethod: pulumi.String(\"POST\"),\n\t\t\t\t\t\tPrefix: pulumi.String(\"/\"),\n\t\t\t\t\t\tScheme: pulumi.String(\"https\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tVirtualRouterName: pulumi.String(aws_appmesh_virtual_router.Serviceb.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### TCP Routing\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb = new aws.appmesh.Route(\"serviceb\", {\n meshName: aws_appmesh_mesh_simple.id,\n spec: {\n tcpRoute: {\n action: {\n weightedTargets: [{\n virtualNode: aws_appmesh_virtual_node_serviceb1.name,\n weight: 100,\n }],\n },\n },\n },\n virtualRouterName: aws_appmesh_virtual_router_serviceb.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb = aws.appmesh.Route(\"serviceb\",\n mesh_name=aws_appmesh_mesh[\"simple\"][\"id\"],\n spec={\n \"tcpRoute\": {\n \"action\": {\n \"weightedTarget\": [{\n \"virtualNode\": aws_appmesh_virtual_node[\"serviceb1\"][\"name\"],\n \"weight\": 100,\n }],\n },\n },\n },\n virtual_router_name=aws_appmesh_virtual_router[\"serviceb\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var serviceb = new Aws.AppMesh.Route(\"serviceb\", new Aws.AppMesh.RouteArgs\n {\n MeshName = aws_appmesh_mesh.Simple.Id,\n Spec = new Aws.AppMesh.Inputs.RouteSpecArgs\n {\n TcpRoute = new Aws.AppMesh.Inputs.RouteSpecTcpRouteArgs\n {\n Action = new Aws.AppMesh.Inputs.RouteSpecTcpRouteActionArgs\n {\n WeightedTarget = \n {\n \n {\n { \"virtualNode\", aws_appmesh_virtual_node.Serviceb1.Name },\n { \"weight\", 100 },\n },\n },\n },\n },\n },\n VirtualRouterName = aws_appmesh_virtual_router.Serviceb.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewRoute(ctx, \"serviceb\", \u0026appmesh.RouteArgs{\n\t\t\tMeshName: pulumi.String(aws_appmesh_mesh.Simple.Id),\n\t\t\tSpec: \u0026appmesh.RouteSpecArgs{\n\t\t\t\tTcpRoute: \u0026appmesh.RouteSpecTcpRouteArgs{\n\t\t\t\t\tAction: \u0026appmesh.RouteSpecTcpRouteActionArgs{\n\t\t\t\t\t\tWeightedTarget: pulumi.MapArray{\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"virtualNode\": pulumi.String(aws_appmesh_virtual_node.Serviceb1.Name),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(100),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tVirtualRouterName: pulumi.String(aws_appmesh_virtual_router.Serviceb.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the route.\n" }, "createdDate": { "type": "string", "description": "The creation date of the route.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the route.\n" }, "meshName": { "type": "string", "description": "The name of the service mesh in which to create the route.\n" }, "name": { "type": "string", "description": "The name to use for the route.\n" }, "spec": { "$ref": "#/types/aws:appmesh/RouteSpec:RouteSpec", "description": "The route specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualRouterName": { "type": "string", "description": "The name of the virtual router in which to create the route.\n" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "name", "spec", "virtualRouterName" ], "inputProperties": { "meshName": { "type": "string", "description": "The name of the service mesh in which to create the route.\n" }, "name": { "type": "string", "description": "The name to use for the route.\n" }, "spec": { "$ref": "#/types/aws:appmesh/RouteSpec:RouteSpec", "description": "The route specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualRouterName": { "type": "string", "description": "The name of the virtual router in which to create the route.\n" } }, "requiredInputs": [ "meshName", "spec", "virtualRouterName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Route resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the route.\n" }, "createdDate": { "type": "string", "description": "The creation date of the route.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the route.\n" }, "meshName": { "type": "string", "description": "The name of the service mesh in which to create the route.\n" }, "name": { "type": "string", "description": "The name to use for the route.\n" }, "spec": { "$ref": "#/types/aws:appmesh/RouteSpec:RouteSpec", "description": "The route specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualRouterName": { "type": "string", "description": "The name of the virtual router in which to create the route.\n" } }, "type": "object" } }, "aws:appmesh/virtualNode:VirtualNode": { "description": "Provides an AWS App Mesh virtual node resource.\n\n## Breaking Changes\n\nBecause of backward incompatible API changes (read [here](https://github.com/awslabs/aws-app-mesh-examples/issues/92)), `aws.appmesh.VirtualNode` resource definitions created with provider versions earlier than v2.3.0 will need to be modified:\n\n* Rename the `service_name` attribute of the `dns` object to `hostname`.\n\n* Replace the `backends` attribute of the `spec` object with one or more `backend` configuration blocks,\nsetting `virtual_service_name` to the name of the service.\n\nThe state associated with existing resources will automatically be migrated.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb1 = new aws.appmesh.VirtualNode(\"serviceb1\", {\n meshName: aws_appmesh_mesh_simple.id,\n spec: {\n backends: [{\n virtualService: {\n virtualServiceName: \"servicea.simpleapp.local\",\n },\n }],\n listener: {\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n },\n serviceDiscovery: {\n dns: {\n hostname: \"serviceb.simpleapp.local\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb1 = aws.appmesh.VirtualNode(\"serviceb1\",\n mesh_name=aws_appmesh_mesh[\"simple\"][\"id\"],\n spec={\n \"backend\": [{\n \"virtualService\": {\n \"virtualServiceName\": \"servicea.simpleapp.local\",\n },\n }],\n \"listener\": {\n \"portMapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n },\n \"serviceDiscovery\": {\n \"dns\": {\n \"hostname\": \"serviceb.simpleapp.local\",\n },\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var serviceb1 = new Aws.AppMesh.VirtualNode(\"serviceb1\", new Aws.AppMesh.VirtualNodeArgs\n {\n MeshName = aws_appmesh_mesh.Simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualNodeSpecArgs\n {\n Backend = \n {\n \n {\n { \"virtualService\", \n {\n { \"virtualServiceName\", \"servicea.simpleapp.local\" },\n } },\n },\n },\n Listener = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n },\n ServiceDiscovery = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryArgs\n {\n Dns = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryDnsArgs\n {\n Hostname = \"serviceb.simpleapp.local\",\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewVirtualNode(ctx, \"serviceb1\", \u0026appmesh.VirtualNodeArgs{\n\t\t\tMeshName: pulumi.String(aws_appmesh_mesh.Simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualNodeSpecArgs{\n\t\t\t\tBackend: pulumi.MapArray{\n\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\"virtualService\": pulumi.Map{\n\t\t\t\t\t\t\t\"virtualServiceName\": pulumi.String(\"servicea.simpleapp.local\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tListener: \u0026appmesh.VirtualNodeSpecListenerArgs{\n\t\t\t\t\tPortMapping: \u0026appmesh.VirtualNodeSpecListenerPortMappingArgs{\n\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceDiscovery: \u0026appmesh.VirtualNodeSpecServiceDiscoveryArgs{\n\t\t\t\t\tDns: \u0026appmesh.VirtualNodeSpecServiceDiscoveryDnsArgs{\n\t\t\t\t\t\tHostname: pulumi.String(\"serviceb.simpleapp.local\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### AWS Cloud Map Service Discovery\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicediscovery.HttpNamespace(\"example\", {});\nconst serviceb1 = new aws.appmesh.VirtualNode(\"serviceb1\", {\n meshName: aws_appmesh_mesh_simple.id,\n spec: {\n backends: [{\n virtualService: {\n virtualServiceName: \"servicea.simpleapp.local\",\n },\n }],\n listener: {\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n },\n serviceDiscovery: {\n awsCloudMap: {\n attributes: {\n stack: \"blue\",\n },\n namespaceName: example.name,\n serviceName: \"serviceb1\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicediscovery.HttpNamespace(\"example\")\nserviceb1 = aws.appmesh.VirtualNode(\"serviceb1\",\n mesh_name=aws_appmesh_mesh[\"simple\"][\"id\"],\n spec={\n \"backend\": [{\n \"virtualService\": {\n \"virtualServiceName\": \"servicea.simpleapp.local\",\n },\n }],\n \"listener\": {\n \"portMapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n },\n \"serviceDiscovery\": {\n \"awsCloudMap\": {\n \"attributes\": {\n \"stack\": \"blue\",\n },\n \"namespaceName\": example.name,\n \"service_name\": \"serviceb1\",\n },\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ServiceDiscovery.HttpNamespace(\"example\", new Aws.ServiceDiscovery.HttpNamespaceArgs\n {\n });\n var serviceb1 = new Aws.AppMesh.VirtualNode(\"serviceb1\", new Aws.AppMesh.VirtualNodeArgs\n {\n MeshName = aws_appmesh_mesh.Simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualNodeSpecArgs\n {\n Backend = \n {\n \n {\n { \"virtualService\", \n {\n { \"virtualServiceName\", \"servicea.simpleapp.local\" },\n } },\n },\n },\n Listener = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n },\n ServiceDiscovery = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryArgs\n {\n AwsCloudMap = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryAwsCloudMapArgs\n {\n Attributes = \n {\n { \"stack\", \"blue\" },\n },\n NamespaceName = example.Name,\n ServiceName = \"serviceb1\",\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := servicediscovery.NewHttpNamespace(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appmesh.NewVirtualNode(ctx, \"serviceb1\", \u0026appmesh.VirtualNodeArgs{\n\t\t\tMeshName: pulumi.String(aws_appmesh_mesh.Simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualNodeSpecArgs{\n\t\t\t\tBackend: pulumi.MapArray{\n\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\"virtualService\": pulumi.Map{\n\t\t\t\t\t\t\t\"virtualServiceName\": pulumi.String(\"servicea.simpleapp.local\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tListener: \u0026appmesh.VirtualNodeSpecListenerArgs{\n\t\t\t\t\tPortMapping: \u0026appmesh.VirtualNodeSpecListenerPortMappingArgs{\n\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceDiscovery: \u0026appmesh.VirtualNodeSpecServiceDiscoveryArgs{\n\t\t\t\t\tAwsCloudMap: \u0026appmesh.VirtualNodeSpecServiceDiscoveryAwsCloudMapArgs{\n\t\t\t\t\t\tAttributes: pulumi.Map{\n\t\t\t\t\t\t\t\"stack\": pulumi.String(\"blue\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tNamespaceName: example.Name,\n\t\t\t\t\t\tServiceName: pulumi.String(\"serviceb1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Listener Health Check\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb1 = new aws.appmesh.VirtualNode(\"serviceb1\", {\n meshName: aws_appmesh_mesh_simple.id,\n spec: {\n backends: [{\n virtualService: {\n virtualServiceName: \"servicea.simpleapp.local\",\n },\n }],\n listener: {\n healthCheck: {\n healthyThreshold: 2,\n intervalMillis: 5000,\n path: \"/ping\",\n protocol: \"http\",\n timeoutMillis: 2000,\n unhealthyThreshold: 2,\n },\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n },\n serviceDiscovery: {\n dns: {\n hostname: \"serviceb.simpleapp.local\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb1 = aws.appmesh.VirtualNode(\"serviceb1\",\n mesh_name=aws_appmesh_mesh[\"simple\"][\"id\"],\n spec={\n \"backend\": [{\n \"virtualService\": {\n \"virtualServiceName\": \"servicea.simpleapp.local\",\n },\n }],\n \"listener\": {\n \"health_check\": {\n \"healthyThreshold\": 2,\n \"intervalMillis\": 5000,\n \"path\": \"/ping\",\n \"protocol\": \"http\",\n \"timeoutMillis\": 2000,\n \"unhealthyThreshold\": 2,\n },\n \"portMapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n },\n \"serviceDiscovery\": {\n \"dns\": {\n \"hostname\": \"serviceb.simpleapp.local\",\n },\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var serviceb1 = new Aws.AppMesh.VirtualNode(\"serviceb1\", new Aws.AppMesh.VirtualNodeArgs\n {\n MeshName = aws_appmesh_mesh.Simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualNodeSpecArgs\n {\n Backend = \n {\n \n {\n { \"virtualService\", \n {\n { \"virtualServiceName\", \"servicea.simpleapp.local\" },\n } },\n },\n },\n Listener = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerArgs\n {\n HealthCheck = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerHealthCheckArgs\n {\n HealthyThreshold = 2,\n IntervalMillis = 5000,\n Path = \"/ping\",\n Protocol = \"http\",\n TimeoutMillis = 2000,\n UnhealthyThreshold = 2,\n },\n PortMapping = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n },\n ServiceDiscovery = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryArgs\n {\n Dns = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryDnsArgs\n {\n Hostname = \"serviceb.simpleapp.local\",\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewVirtualNode(ctx, \"serviceb1\", \u0026appmesh.VirtualNodeArgs{\n\t\t\tMeshName: pulumi.String(aws_appmesh_mesh.Simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualNodeSpecArgs{\n\t\t\t\tBackend: pulumi.MapArray{\n\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\"virtualService\": pulumi.Map{\n\t\t\t\t\t\t\t\"virtualServiceName\": pulumi.String(\"servicea.simpleapp.local\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tListener: \u0026appmesh.VirtualNodeSpecListenerArgs{\n\t\t\t\t\tHealthCheck: \u0026appmesh.VirtualNodeSpecListenerHealthCheckArgs{\n\t\t\t\t\t\tHealthyThreshold: pulumi.Int(2),\n\t\t\t\t\t\tIntervalMillis: pulumi.Int(5000),\n\t\t\t\t\t\tPath: pulumi.String(\"/ping\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t\tTimeoutMillis: pulumi.Int(2000),\n\t\t\t\t\t\tUnhealthyThreshold: pulumi.Int(2),\n\t\t\t\t\t},\n\t\t\t\t\tPortMapping: \u0026appmesh.VirtualNodeSpecListenerPortMappingArgs{\n\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceDiscovery: \u0026appmesh.VirtualNodeSpecServiceDiscoveryArgs{\n\t\t\t\t\tDns: \u0026appmesh.VirtualNodeSpecServiceDiscoveryDnsArgs{\n\t\t\t\t\t\tHostname: pulumi.String(\"serviceb.simpleapp.local\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Logging\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb1 = new aws.appmesh.VirtualNode(\"serviceb1\", {\n meshName: aws_appmesh_mesh_simple.id,\n spec: {\n backends: [{\n virtualService: {\n virtualServiceName: \"servicea.simpleapp.local\",\n },\n }],\n listener: {\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n },\n logging: {\n accessLog: {\n file: {\n path: \"/dev/stdout\",\n },\n },\n },\n serviceDiscovery: {\n dns: {\n hostname: \"serviceb.simpleapp.local\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb1 = aws.appmesh.VirtualNode(\"serviceb1\",\n mesh_name=aws_appmesh_mesh[\"simple\"][\"id\"],\n spec={\n \"backend\": [{\n \"virtualService\": {\n \"virtualServiceName\": \"servicea.simpleapp.local\",\n },\n }],\n \"listener\": {\n \"portMapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n },\n \"logging\": {\n \"accessLog\": {\n \"file\": {\n \"path\": \"/dev/stdout\",\n },\n },\n },\n \"serviceDiscovery\": {\n \"dns\": {\n \"hostname\": \"serviceb.simpleapp.local\",\n },\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var serviceb1 = new Aws.AppMesh.VirtualNode(\"serviceb1\", new Aws.AppMesh.VirtualNodeArgs\n {\n MeshName = aws_appmesh_mesh.Simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualNodeSpecArgs\n {\n Backend = \n {\n \n {\n { \"virtualService\", \n {\n { \"virtualServiceName\", \"servicea.simpleapp.local\" },\n } },\n },\n },\n Listener = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n },\n Logging = new Aws.AppMesh.Inputs.VirtualNodeSpecLoggingArgs\n {\n AccessLog = new Aws.AppMesh.Inputs.VirtualNodeSpecLoggingAccessLogArgs\n {\n File = new Aws.AppMesh.Inputs.VirtualNodeSpecLoggingAccessLogFileArgs\n {\n Path = \"/dev/stdout\",\n },\n },\n },\n ServiceDiscovery = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryArgs\n {\n Dns = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryDnsArgs\n {\n Hostname = \"serviceb.simpleapp.local\",\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewVirtualNode(ctx, \"serviceb1\", \u0026appmesh.VirtualNodeArgs{\n\t\t\tMeshName: pulumi.String(aws_appmesh_mesh.Simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualNodeSpecArgs{\n\t\t\t\tBackend: pulumi.MapArray{\n\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\"virtualService\": pulumi.Map{\n\t\t\t\t\t\t\t\"virtualServiceName\": pulumi.String(\"servicea.simpleapp.local\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tListener: \u0026appmesh.VirtualNodeSpecListenerArgs{\n\t\t\t\t\tPortMapping: \u0026appmesh.VirtualNodeSpecListenerPortMappingArgs{\n\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLogging: \u0026appmesh.VirtualNodeSpecLoggingArgs{\n\t\t\t\t\tAccessLog: \u0026appmesh.VirtualNodeSpecLoggingAccessLogArgs{\n\t\t\t\t\t\tFile: \u0026appmesh.VirtualNodeSpecLoggingAccessLogFileArgs{\n\t\t\t\t\t\t\tPath: pulumi.String(\"/dev/stdout\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceDiscovery: \u0026appmesh.VirtualNodeSpecServiceDiscoveryArgs{\n\t\t\t\t\tDns: \u0026appmesh.VirtualNodeSpecServiceDiscoveryDnsArgs{\n\t\t\t\t\t\tHostname: pulumi.String(\"serviceb.simpleapp.local\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual node.\n" }, "createdDate": { "type": "string", "description": "The creation date of the virtual node.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the virtual node.\n" }, "meshName": { "type": "string", "description": "The name of the service mesh in which to create the virtual node.\n" }, "name": { "type": "string", "description": "The name to use for the virtual node.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualNodeSpec:VirtualNodeSpec", "description": "The virtual node specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "name", "spec" ], "inputProperties": { "meshName": { "type": "string", "description": "The name of the service mesh in which to create the virtual node.\n" }, "name": { "type": "string", "description": "The name to use for the virtual node.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualNodeSpec:VirtualNodeSpec", "description": "The virtual node specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "meshName", "spec" ], "stateInputs": { "description": "Input properties used for looking up and filtering VirtualNode resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual node.\n" }, "createdDate": { "type": "string", "description": "The creation date of the virtual node.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the virtual node.\n" }, "meshName": { "type": "string", "description": "The name of the service mesh in which to create the virtual node.\n" }, "name": { "type": "string", "description": "The name to use for the virtual node.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualNodeSpec:VirtualNodeSpec", "description": "The virtual node specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:appmesh/virtualRouter:VirtualRouter": { "description": "Provides an AWS App Mesh virtual router resource.\n\n## Breaking Changes\n\nBecause of backward incompatible API changes (read [here](https://github.com/awslabs/aws-app-mesh-examples/issues/92) and [here](https://github.com/awslabs/aws-app-mesh-examples/issues/94)), `aws.appmesh.VirtualRouter` resource definitions created with provider versions earlier than v2.3.0 will need to be modified:\n\n* Remove service `service_names` from the `spec` argument.\nAWS has created a `aws.appmesh.VirtualService` resource for each of service names.\nThese resource can be imported using `import`.\n\n* Add a `listener` configuration block to the `spec` argument.\n\nThe state associated with existing resources will automatically be migrated.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb = new aws.appmesh.VirtualRouter(\"serviceb\", {\n meshName: aws_appmesh_mesh_simple.id,\n spec: {\n listener: {\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb = aws.appmesh.VirtualRouter(\"serviceb\",\n mesh_name=aws_appmesh_mesh[\"simple\"][\"id\"],\n spec={\n \"listener\": {\n \"portMapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var serviceb = new Aws.AppMesh.VirtualRouter(\"serviceb\", new Aws.AppMesh.VirtualRouterArgs\n {\n MeshName = aws_appmesh_mesh.Simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualRouterSpecArgs\n {\n Listener = new Aws.AppMesh.Inputs.VirtualRouterSpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualRouterSpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewVirtualRouter(ctx, \"serviceb\", \u0026appmesh.VirtualRouterArgs{\n\t\t\tMeshName: pulumi.String(aws_appmesh_mesh.Simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualRouterSpecArgs{\n\t\t\t\tListener: \u0026appmesh.VirtualRouterSpecListenerArgs{\n\t\t\t\t\tPortMapping: \u0026appmesh.VirtualRouterSpecListenerPortMappingArgs{\n\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual router.\n" }, "createdDate": { "type": "string", "description": "The creation date of the virtual router.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the virtual router.\n" }, "meshName": { "type": "string", "description": "The name of the service mesh in which to create the virtual router.\n" }, "name": { "type": "string", "description": "The name to use for the virtual router.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualRouterSpec:VirtualRouterSpec", "description": "The virtual router specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "name", "spec" ], "inputProperties": { "meshName": { "type": "string", "description": "The name of the service mesh in which to create the virtual router.\n" }, "name": { "type": "string", "description": "The name to use for the virtual router.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualRouterSpec:VirtualRouterSpec", "description": "The virtual router specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "meshName", "spec" ], "stateInputs": { "description": "Input properties used for looking up and filtering VirtualRouter resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual router.\n" }, "createdDate": { "type": "string", "description": "The creation date of the virtual router.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the virtual router.\n" }, "meshName": { "type": "string", "description": "The name of the service mesh in which to create the virtual router.\n" }, "name": { "type": "string", "description": "The name to use for the virtual router.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualRouterSpec:VirtualRouterSpec", "description": "The virtual router specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:appmesh/virtualService:VirtualService": { "description": "Provides an AWS App Mesh virtual service resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Virtual Node Provider\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst servicea = new aws.appmesh.VirtualService(\"servicea\", {\n meshName: aws_appmesh_mesh_simple.id,\n spec: {\n provider: {\n virtualNode: {\n virtualNodeName: aws_appmesh_virtual_node_serviceb1.name,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservicea = aws.appmesh.VirtualService(\"servicea\",\n mesh_name=aws_appmesh_mesh[\"simple\"][\"id\"],\n spec={\n \"provider\": {\n \"virtualNode\": {\n \"virtualNodeName\": aws_appmesh_virtual_node[\"serviceb1\"][\"name\"],\n },\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var servicea = new Aws.AppMesh.VirtualService(\"servicea\", new Aws.AppMesh.VirtualServiceArgs\n {\n MeshName = aws_appmesh_mesh.Simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualServiceSpecArgs\n {\n Provider = new Aws.AppMesh.Inputs.VirtualServiceSpecProviderArgs\n {\n VirtualNode = new Aws.AppMesh.Inputs.VirtualServiceSpecProviderVirtualNodeArgs\n {\n VirtualNodeName = aws_appmesh_virtual_node.Serviceb1.Name,\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewVirtualService(ctx, \"servicea\", \u0026appmesh.VirtualServiceArgs{\n\t\t\tMeshName: pulumi.String(aws_appmesh_mesh.Simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualServiceSpecArgs{\n\t\t\t\tProvider: \u0026appmesh.VirtualServiceSpecProviderArgs{\n\t\t\t\t\tVirtualNode: \u0026appmesh.VirtualServiceSpecProviderVirtualNodeArgs{\n\t\t\t\t\t\tVirtualNodeName: pulumi.String(aws_appmesh_virtual_node.Serviceb1.Name),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Virtual Router Provider\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst servicea = new aws.appmesh.VirtualService(\"servicea\", {\n meshName: aws_appmesh_mesh_simple.id,\n spec: {\n provider: {\n virtualRouter: {\n virtualRouterName: aws_appmesh_virtual_router_serviceb.name,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservicea = aws.appmesh.VirtualService(\"servicea\",\n mesh_name=aws_appmesh_mesh[\"simple\"][\"id\"],\n spec={\n \"provider\": {\n \"virtualRouter\": {\n \"virtual_router_name\": aws_appmesh_virtual_router[\"serviceb\"][\"name\"],\n },\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var servicea = new Aws.AppMesh.VirtualService(\"servicea\", new Aws.AppMesh.VirtualServiceArgs\n {\n MeshName = aws_appmesh_mesh.Simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualServiceSpecArgs\n {\n Provider = new Aws.AppMesh.Inputs.VirtualServiceSpecProviderArgs\n {\n VirtualRouter = new Aws.AppMesh.Inputs.VirtualServiceSpecProviderVirtualRouterArgs\n {\n VirtualRouterName = aws_appmesh_virtual_router.Serviceb.Name,\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appmesh.NewVirtualService(ctx, \"servicea\", \u0026appmesh.VirtualServiceArgs{\n\t\t\tMeshName: pulumi.String(aws_appmesh_mesh.Simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualServiceSpecArgs{\n\t\t\t\tProvider: \u0026appmesh.VirtualServiceSpecProviderArgs{\n\t\t\t\t\tVirtualRouter: \u0026appmesh.VirtualServiceSpecProviderVirtualRouterArgs{\n\t\t\t\t\t\tVirtualRouterName: pulumi.String(aws_appmesh_virtual_router.Serviceb.Name),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual service.\n" }, "createdDate": { "type": "string", "description": "The creation date of the virtual service.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the virtual service.\n" }, "meshName": { "type": "string", "description": "The name of the service mesh in which to create the virtual service.\n" }, "name": { "type": "string", "description": "The name to use for the virtual service.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualServiceSpec:VirtualServiceSpec", "description": "The virtual service specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "name", "spec" ], "inputProperties": { "meshName": { "type": "string", "description": "The name of the service mesh in which to create the virtual service.\n" }, "name": { "type": "string", "description": "The name to use for the virtual service.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualServiceSpec:VirtualServiceSpec", "description": "The virtual service specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "meshName", "spec" ], "stateInputs": { "description": "Input properties used for looking up and filtering VirtualService resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual service.\n" }, "createdDate": { "type": "string", "description": "The creation date of the virtual service.\n" }, "lastUpdatedDate": { "type": "string", "description": "The last update date of the virtual service.\n" }, "meshName": { "type": "string", "description": "The name of the service mesh in which to create the virtual service.\n" }, "name": { "type": "string", "description": "The name to use for the virtual service.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualServiceSpec:VirtualServiceSpec", "description": "The virtual service specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:appsync/apiKey:ApiKey": { "description": "Provides an AppSync API Key.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGraphQLApi = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"API_KEY\",\n});\nconst exampleApiKey = new aws.appsync.ApiKey(\"example\", {\n apiId: exampleGraphQLApi.id,\n expires: \"2018-05-03T04:00:00Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_graph_ql_api = aws.appsync.GraphQLApi(\"exampleGraphQLApi\", authentication_type=\"API_KEY\")\nexample_api_key = aws.appsync.ApiKey(\"exampleApiKey\",\n api_id=example_graph_ql_api.id,\n expires=\"2018-05-03T04:00:00Z\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleGraphQLApi = new Aws.AppSync.GraphQLApi(\"exampleGraphQLApi\", new Aws.AppSync.GraphQLApiArgs\n {\n AuthenticationType = \"API_KEY\",\n });\n var exampleApiKey = new Aws.AppSync.ApiKey(\"exampleApiKey\", new Aws.AppSync.ApiKeyArgs\n {\n ApiId = exampleGraphQLApi.Id,\n Expires = \"2018-05-03T04:00:00Z\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleGraphQLApi, err := appsync.NewGraphQLApi(ctx, \"exampleGraphQLApi\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewApiKey(ctx, \"exampleApiKey\", \u0026appsync.ApiKeyArgs{\n\t\t\tApiId: exampleGraphQLApi.ID(),\n\t\t\tExpires: pulumi.String(\"2018-05-03T04:00:00Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The ID of the associated AppSync API\n" }, "description": { "type": "string", "description": "The API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "expires": { "type": "string", "description": "RFC3339 string representation of the expiry date. Rounded down to nearest hour. By default, it is 7 days from the date of creation.\n" }, "key": { "type": "string", "description": "The API key\n" } }, "required": [ "apiId", "description", "key" ], "inputProperties": { "apiId": { "type": "string", "description": "The ID of the associated AppSync API\n" }, "description": { "type": "string", "description": "The API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "expires": { "type": "string", "description": "RFC3339 string representation of the expiry date. Rounded down to nearest hour. By default, it is 7 days from the date of creation.\n" } }, "requiredInputs": [ "apiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApiKey resources.\n", "properties": { "apiId": { "type": "string", "description": "The ID of the associated AppSync API\n" }, "description": { "type": "string", "description": "The API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "expires": { "type": "string", "description": "RFC3339 string representation of the expiry date. Rounded down to nearest hour. By default, it is 7 days from the date of creation.\n" }, "key": { "type": "string", "description": "The API key\n" } }, "type": "object" } }, "aws:appsync/dataSource:DataSource": { "description": "Provides an AppSync DataSource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleTable = new aws.dynamodb.Table(\"example\", {\n attributes: [{\n name: \"UserId\",\n type: \"S\",\n }],\n hashKey: \"UserId\",\n readCapacity: 1,\n writeCapacity: 1,\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"appsync.amazonaws.com\"\n },\n \"Effect\": \"Allow\"\n }\n ]\n}\n`,\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"dynamodb:*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"${exampleTable.arn}\"\n ]\n }\n ]\n}\n`,\n role: exampleRole.id,\n});\nconst exampleGraphQLApi = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"API_KEY\",\n});\nconst exampleDataSource = new aws.appsync.DataSource(\"example\", {\n apiId: exampleGraphQLApi.id,\n dynamodbConfig: {\n tableName: exampleTable.name,\n },\n serviceRoleArn: exampleRole.arn,\n type: \"AMAZON_DYNAMODB\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_table = aws.dynamodb.Table(\"exampleTable\",\n attributes=[{\n \"name\": \"UserId\",\n \"type\": \"S\",\n }],\n hash_key=\"UserId\",\n read_capacity=1,\n write_capacity=1)\nexample_role = aws.iam.Role(\"exampleRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"appsync.amazonaws.com\"\n },\n \"Effect\": \"Allow\"\n }\n ]\n}\n\n\"\"\")\nexample_role_policy = aws.iam.RolePolicy(\"exampleRolePolicy\",\n policy=example_table.arn.apply(lambda arn: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": [\n \"dynamodb:*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"{arn}\"\n ]\n }}\n ]\n}}\n\n\"\"\"),\n role=example_role.id)\nexample_graph_ql_api = aws.appsync.GraphQLApi(\"exampleGraphQLApi\", authentication_type=\"API_KEY\")\nexample_data_source = aws.appsync.DataSource(\"exampleDataSource\",\n api_id=example_graph_ql_api.id,\n dynamodb_config={\n \"table_name\": example_table.name,\n },\n service_role_arn=example_role.arn,\n type=\"AMAZON_DYNAMODB\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleTable = new Aws.DynamoDB.Table(\"exampleTable\", new Aws.DynamoDB.TableArgs\n {\n Attributes = \n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"UserId\",\n Type = \"S\",\n },\n },\n HashKey = \"UserId\",\n ReadCapacity = 1,\n WriteCapacity = 1,\n });\n var exampleRole = new Aws.Iam.Role(\"exampleRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"appsync.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\"\n }\n ]\n}\n\n\",\n });\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"exampleRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = exampleTable.Arn.Apply(arn =\u003e @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": [\n \"\"dynamodb:*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": [\n \"\"{arn}\"\"\n ]\n }}\n ]\n}}\n\n\"),\n Role = exampleRole.Id,\n });\n var exampleGraphQLApi = new Aws.AppSync.GraphQLApi(\"exampleGraphQLApi\", new Aws.AppSync.GraphQLApiArgs\n {\n AuthenticationType = \"API_KEY\",\n });\n var exampleDataSource = new Aws.AppSync.DataSource(\"exampleDataSource\", new Aws.AppSync.DataSourceArgs\n {\n ApiId = exampleGraphQLApi.Id,\n DynamodbConfig = new Aws.AppSync.Inputs.DataSourceDynamodbConfigArgs\n {\n TableName = exampleTable.Name,\n },\n ServiceRoleArn = exampleRole.Arn,\n Type = \"AMAZON_DYNAMODB\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleTable, err := dynamodb.NewTable(ctx, \"exampleTable\", \u0026dynamodb.TableArgs{\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"UserId\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tHashKey: pulumi.String(\"UserId\"),\n\t\t\tReadCapacity: pulumi.Int(1),\n\t\t\tWriteCapacity: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"exampleRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"appsync.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"exampleRolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: exampleTable.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"dynamodb:*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": [\\n\", \" \\\"\", arn, \"\\\"\\n\", \" ]\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRole: exampleRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGraphQLApi, err := appsync.NewGraphQLApi(ctx, \"exampleGraphQLApi\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewDataSource(ctx, \"exampleDataSource\", \u0026appsync.DataSourceArgs{\n\t\t\tApiId: exampleGraphQLApi.ID(),\n\t\t\tDynamodbConfig: \u0026appsync.DataSourceDynamodbConfigArgs{\n\t\t\t\tTableName: exampleTable.Name,\n\t\t\t},\n\t\t\tServiceRoleArn: exampleRole.Arn,\n\t\t\tType: pulumi.String(\"AMAZON_DYNAMODB\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The API ID for the GraphQL API for the DataSource.\n" }, "arn": { "type": "string", "description": "The ARN\n" }, "description": { "type": "string", "description": "A description of the DataSource.\n" }, "dynamodbConfig": { "$ref": "#/types/aws:appsync/DataSourceDynamodbConfig:DataSourceDynamodbConfig", "description": "DynamoDB settings. See below\n" }, "elasticsearchConfig": { "$ref": "#/types/aws:appsync/DataSourceElasticsearchConfig:DataSourceElasticsearchConfig", "description": "Amazon Elasticsearch settings. See below\n" }, "httpConfig": { "$ref": "#/types/aws:appsync/DataSourceHttpConfig:DataSourceHttpConfig", "description": "HTTP settings. See below\n" }, "lambdaConfig": { "$ref": "#/types/aws:appsync/DataSourceLambdaConfig:DataSourceLambdaConfig", "description": "AWS Lambda settings. See below\n" }, "name": { "type": "string", "description": "A user-supplied name for the DataSource.\n" }, "serviceRoleArn": { "type": "string", "description": "The IAM service role ARN for the data source.\n" }, "type": { "type": "string", "description": "The type of the DataSource. Valid values: `AWS_LAMBDA`, `AMAZON_DYNAMODB`, `AMAZON_ELASTICSEARCH`, `HTTP`, `NONE`.\n" } }, "required": [ "apiId", "arn", "name", "type" ], "inputProperties": { "apiId": { "type": "string", "description": "The API ID for the GraphQL API for the DataSource.\n" }, "description": { "type": "string", "description": "A description of the DataSource.\n" }, "dynamodbConfig": { "$ref": "#/types/aws:appsync/DataSourceDynamodbConfig:DataSourceDynamodbConfig", "description": "DynamoDB settings. See below\n" }, "elasticsearchConfig": { "$ref": "#/types/aws:appsync/DataSourceElasticsearchConfig:DataSourceElasticsearchConfig", "description": "Amazon Elasticsearch settings. See below\n" }, "httpConfig": { "$ref": "#/types/aws:appsync/DataSourceHttpConfig:DataSourceHttpConfig", "description": "HTTP settings. See below\n" }, "lambdaConfig": { "$ref": "#/types/aws:appsync/DataSourceLambdaConfig:DataSourceLambdaConfig", "description": "AWS Lambda settings. See below\n" }, "name": { "type": "string", "description": "A user-supplied name for the DataSource.\n" }, "serviceRoleArn": { "type": "string", "description": "The IAM service role ARN for the data source.\n" }, "type": { "type": "string", "description": "The type of the DataSource. Valid values: `AWS_LAMBDA`, `AMAZON_DYNAMODB`, `AMAZON_ELASTICSEARCH`, `HTTP`, `NONE`.\n" } }, "requiredInputs": [ "apiId", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataSource resources.\n", "properties": { "apiId": { "type": "string", "description": "The API ID for the GraphQL API for the DataSource.\n" }, "arn": { "type": "string", "description": "The ARN\n" }, "description": { "type": "string", "description": "A description of the DataSource.\n" }, "dynamodbConfig": { "$ref": "#/types/aws:appsync/DataSourceDynamodbConfig:DataSourceDynamodbConfig", "description": "DynamoDB settings. See below\n" }, "elasticsearchConfig": { "$ref": "#/types/aws:appsync/DataSourceElasticsearchConfig:DataSourceElasticsearchConfig", "description": "Amazon Elasticsearch settings. See below\n" }, "httpConfig": { "$ref": "#/types/aws:appsync/DataSourceHttpConfig:DataSourceHttpConfig", "description": "HTTP settings. See below\n" }, "lambdaConfig": { "$ref": "#/types/aws:appsync/DataSourceLambdaConfig:DataSourceLambdaConfig", "description": "AWS Lambda settings. See below\n" }, "name": { "type": "string", "description": "A user-supplied name for the DataSource.\n" }, "serviceRoleArn": { "type": "string", "description": "The IAM service role ARN for the data source.\n" }, "type": { "type": "string", "description": "The type of the DataSource. Valid values: `AWS_LAMBDA`, `AMAZON_DYNAMODB`, `AMAZON_ELASTICSEARCH`, `HTTP`, `NONE`.\n" } }, "type": "object" } }, "aws:appsync/function:Function": { "description": "Provides an AppSync Function.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testGraphQLApi = new aws.appsync.GraphQLApi(\"test\", {\n authenticationType: \"API_KEY\",\n schema: `type Mutation {\n putPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n id: ID!\n title: String!\n}\n\ntype Query {\n singlePost(id: ID!): Post\n}\n\nschema {\n query: Query\n mutation: Mutation\n}\n`,\n});\nconst testDataSource = new aws.appsync.DataSource(\"test\", {\n apiId: testGraphQLApi.id,\n httpConfig: {\n endpoint: \"http://example.com\",\n },\n type: \"HTTP\",\n});\nconst testFunction = new aws.appsync.Function(\"test\", {\n apiId: testGraphQLApi.id,\n dataSource: testDataSource.name,\n name: \"tf_example\",\n requestMappingTemplate: `{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n`,\n responseMappingTemplate: `#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_graph_ql_api = aws.appsync.GraphQLApi(\"testGraphQLApi\",\n authentication_type=\"API_KEY\",\n schema=\"\"\"type Mutation {\n putPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n id: ID!\n title: String!\n}\n\ntype Query {\n singlePost(id: ID!): Post\n}\n\nschema {\n query: Query\n mutation: Mutation\n}\n\n\"\"\")\ntest_data_source = aws.appsync.DataSource(\"testDataSource\",\n api_id=test_graph_ql_api.id,\n http_config={\n \"endpoint\": \"http://example.com\",\n },\n type=\"HTTP\")\ntest_function = aws.appsync.Function(\"testFunction\",\n api_id=test_graph_ql_api.id,\n data_source=test_data_source.name,\n name=\"tf_example\",\n request_mapping_template=\"\"\"{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n\n\"\"\",\n response_mapping_template=\"\"\"#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testGraphQLApi = new Aws.AppSync.GraphQLApi(\"testGraphQLApi\", new Aws.AppSync.GraphQLApiArgs\n {\n AuthenticationType = \"API_KEY\",\n Schema = @\"type Mutation {\n putPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n id: ID!\n title: String!\n}\n\ntype Query {\n singlePost(id: ID!): Post\n}\n\nschema {\n query: Query\n mutation: Mutation\n}\n\n\",\n });\n var testDataSource = new Aws.AppSync.DataSource(\"testDataSource\", new Aws.AppSync.DataSourceArgs\n {\n ApiId = testGraphQLApi.Id,\n HttpConfig = new Aws.AppSync.Inputs.DataSourceHttpConfigArgs\n {\n Endpoint = \"http://example.com\",\n },\n Type = \"HTTP\",\n });\n var testFunction = new Aws.AppSync.Function(\"testFunction\", new Aws.AppSync.FunctionArgs\n {\n ApiId = testGraphQLApi.Id,\n DataSource = testDataSource.Name,\n Name = \"tf_example\",\n RequestMappingTemplate = @\"{\n \"\"version\"\": \"\"2018-05-29\"\",\n \"\"method\"\": \"\"GET\"\",\n \"\"resourcePath\"\": \"\"/\"\",\n \"\"params\"\":{\n \"\"headers\"\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n\n\",\n ResponseMappingTemplate = @\"#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestGraphQLApi, err := appsync.NewGraphQLApi(ctx, \"testGraphQLApi\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t\tSchema: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"type Mutation {\\n\", \" putPost(id: ID!, title: String!): Post\\n\", \"}\\n\", \"\\n\", \"type Post {\\n\", \" id: ID!\\n\", \" title: String!\\n\", \"}\\n\", \"\\n\", \"type Query {\\n\", \" singlePost(id: ID!): Post\\n\", \"}\\n\", \"\\n\", \"schema {\\n\", \" query: Query\\n\", \" mutation: Mutation\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestDataSource, err := appsync.NewDataSource(ctx, \"testDataSource\", \u0026appsync.DataSourceArgs{\n\t\t\tApiId: testGraphQLApi.ID(),\n\t\t\tHttpConfig: \u0026appsync.DataSourceHttpConfigArgs{\n\t\t\t\tEndpoint: pulumi.String(\"http://example.com\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewFunction(ctx, \"testFunction\", \u0026appsync.FunctionArgs{\n\t\t\tApiId: testGraphQLApi.ID(),\n\t\t\tDataSource: testDataSource.Name,\n\t\t\tName: pulumi.String(\"tf_example\"),\n\t\t\tRequestMappingTemplate: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"version\\\": \\\"2018-05-29\\\",\\n\", \" \\\"method\\\": \\\"GET\\\",\\n\", \" \\\"resourcePath\\\": \\\"/\\\",\\n\", \" \\\"params\\\":{\\n\", \" \\\"headers\\\": \", \"$\", \"utils.http.copyheaders(\", \"$\", \"ctx.request.headers)\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t\tResponseMappingTemplate: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"#if(\", \"$\", \"ctx.result.statusCode == 200)\\n\", \" \", \"$\", \"ctx.result.body\\n\", \"#else\\n\", \" \", \"$\", \"utils.appendError(\", \"$\", \"ctx.result.body, \", \"$\", \"ctx.result.statusCode)\\n\", \"#end\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The ID of the associated AppSync API.\n" }, "arn": { "type": "string", "description": "The ARN of the Function object.\n" }, "dataSource": { "type": "string", "description": "The Function DataSource name.\n" }, "description": { "type": "string", "description": "The Function description.\n" }, "functionId": { "type": "string", "description": "A unique ID representing the Function object.\n" }, "functionVersion": { "type": "string", "description": "The version of the request mapping template. Currently the supported value is `2018-05-29`.\n" }, "name": { "type": "string", "description": "The Function name. The function name does not have to be unique.\n" }, "requestMappingTemplate": { "type": "string", "description": "The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.\n" }, "responseMappingTemplate": { "type": "string", "description": "The Function response mapping template.\n" } }, "required": [ "apiId", "arn", "dataSource", "functionId", "name", "requestMappingTemplate", "responseMappingTemplate" ], "inputProperties": { "apiId": { "type": "string", "description": "The ID of the associated AppSync API.\n" }, "dataSource": { "type": "string", "description": "The Function DataSource name.\n" }, "description": { "type": "string", "description": "The Function description.\n" }, "functionVersion": { "type": "string", "description": "The version of the request mapping template. Currently the supported value is `2018-05-29`.\n" }, "name": { "type": "string", "description": "The Function name. The function name does not have to be unique.\n" }, "requestMappingTemplate": { "type": "string", "description": "The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.\n" }, "responseMappingTemplate": { "type": "string", "description": "The Function response mapping template.\n" } }, "requiredInputs": [ "apiId", "dataSource", "requestMappingTemplate", "responseMappingTemplate" ], "stateInputs": { "description": "Input properties used for looking up and filtering Function resources.\n", "properties": { "apiId": { "type": "string", "description": "The ID of the associated AppSync API.\n" }, "arn": { "type": "string", "description": "The ARN of the Function object.\n" }, "dataSource": { "type": "string", "description": "The Function DataSource name.\n" }, "description": { "type": "string", "description": "The Function description.\n" }, "functionId": { "type": "string", "description": "A unique ID representing the Function object.\n" }, "functionVersion": { "type": "string", "description": "The version of the request mapping template. Currently the supported value is `2018-05-29`.\n" }, "name": { "type": "string", "description": "The Function name. The function name does not have to be unique.\n" }, "requestMappingTemplate": { "type": "string", "description": "The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.\n" }, "responseMappingTemplate": { "type": "string", "description": "The Function response mapping template.\n" } }, "type": "object" } }, "aws:appsync/graphQLApi:GraphQLApi": { "description": "Provides an AppSync GraphQL API.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### API Key Authentication\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"API_KEY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.GraphQLApi(\"example\", authentication_type=\"API_KEY\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.AppSync.GraphQLApi(\"example\", new Aws.AppSync.GraphQLApiArgs\n {\n AuthenticationType = \"API_KEY\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### AWS Cognito User Pool Authentication\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"AMAZON_COGNITO_USER_POOLS\",\n userPoolConfig: {\n awsRegion: aws_region_current.name,\n defaultAction: \"DENY\",\n userPoolId: aws_cognito_user_pool_example.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.GraphQLApi(\"example\",\n authentication_type=\"AMAZON_COGNITO_USER_POOLS\",\n user_pool_config={\n \"awsRegion\": data[\"aws_region\"][\"current\"][\"name\"],\n \"default_action\": \"DENY\",\n \"user_pool_id\": aws_cognito_user_pool[\"example\"][\"id\"],\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.AppSync.GraphQLApi(\"example\", new Aws.AppSync.GraphQLApiArgs\n {\n AuthenticationType = \"AMAZON_COGNITO_USER_POOLS\",\n UserPoolConfig = new Aws.AppSync.Inputs.GraphQLApiUserPoolConfigArgs\n {\n AwsRegion = data.Aws_region.Current.Name,\n DefaultAction = \"DENY\",\n UserPoolId = aws_cognito_user_pool.Example.Id,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"AMAZON_COGNITO_USER_POOLS\"),\n\t\t\tUserPoolConfig: \u0026appsync.GraphQLApiUserPoolConfigArgs{\n\t\t\t\tAwsRegion: pulumi.String(data.Aws_region.Current.Name),\n\t\t\t\tDefaultAction: pulumi.String(\"DENY\"),\n\t\t\t\tUserPoolId: pulumi.String(aws_cognito_user_pool.Example.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### AWS IAM Authentication\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"AWS_IAM\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.GraphQLApi(\"example\", authentication_type=\"AWS_IAM\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.AppSync.GraphQLApi(\"example\", new Aws.AppSync.GraphQLApiArgs\n {\n AuthenticationType = \"AWS_IAM\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"AWS_IAM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### With Schema\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"AWS_IAM\",\n schema: `schema {\n\tquery: Query\n}\ntype Query {\n test: Int\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.GraphQLApi(\"example\",\n authentication_type=\"AWS_IAM\",\n schema=\"\"\"schema {\n\tquery: Query\n}\ntype Query {\n test: Int\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.AppSync.GraphQLApi(\"example\", new Aws.AppSync.GraphQLApiArgs\n {\n AuthenticationType = \"AWS_IAM\",\n Schema = @\"schema {\n\tquery: Query\n}\ntype Query {\n test: Int\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"AWS_IAM\"),\n\t\t\tSchema: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v\", \"schema {\\n\", \"\tquery: Query\\n\", \"}\\n\", \"type Query {\\n\", \" test: Int\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### OpenID Connect Authentication\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"OPENID_CONNECT\",\n openidConnectConfig: {\n issuer: \"https://example.com\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.GraphQLApi(\"example\",\n authentication_type=\"OPENID_CONNECT\",\n openid_connect_config={\n \"issuer\": \"https://example.com\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.AppSync.GraphQLApi(\"example\", new Aws.AppSync.GraphQLApiArgs\n {\n AuthenticationType = \"OPENID_CONNECT\",\n OpenidConnectConfig = new Aws.AppSync.Inputs.GraphQLApiOpenidConnectConfigArgs\n {\n Issuer = \"https://example.com\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"OPENID_CONNECT\"),\n\t\t\tOpenidConnectConfig: \u0026appsync.GraphQLApiOpenidConnectConfigArgs{\n\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### With Multiple Authentication Providers\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.GraphQLApi(\"example\", {\n additionalAuthenticationProviders: [{\n authenticationType: \"AWS_IAM\",\n }],\n authenticationType: \"API_KEY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.GraphQLApi(\"example\",\n additional_authentication_providers=[{\n \"authentication_type\": \"AWS_IAM\",\n }],\n authentication_type=\"API_KEY\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.AppSync.GraphQLApi(\"example\", new Aws.AppSync.GraphQLApiArgs\n {\n AdditionalAuthenticationProviders = \n {\n new Aws.AppSync.Inputs.GraphQLApiAdditionalAuthenticationProviderArgs\n {\n AuthenticationType = \"AWS_IAM\",\n },\n },\n AuthenticationType = \"API_KEY\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAdditionalAuthenticationProviders: appsync.GraphQLApiAdditionalAuthenticationProviderArray{\n\t\t\t\t\u0026appsync.GraphQLApiAdditionalAuthenticationProviderArgs{\n\t\t\t\t\tAuthenticationType: pulumi.String(\"AWS_IAM\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Enabling Logging\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRole = new aws.iam.Role(\"example\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"appsync.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n`,\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs\",\n role: exampleRole.name,\n});\nconst exampleGraphQLApi = new aws.appsync.GraphQLApi(\"example\", {\n logConfig: {\n cloudwatchLogsRoleArn: exampleRole.arn,\n fieldLogLevel: \"ERROR\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_role = aws.iam.Role(\"exampleRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"appsync.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n\n\"\"\")\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"exampleRolePolicyAttachment\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs\",\n role=example_role.name)\nexample_graph_ql_api = aws.appsync.GraphQLApi(\"exampleGraphQLApi\", log_config={\n \"cloudwatchLogsRoleArn\": example_role.arn,\n \"fieldLogLevel\": \"ERROR\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleRole = new Aws.Iam.Role(\"exampleRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"appsync.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"sts:AssumeRole\"\"\n }\n ]\n}\n\n\",\n });\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"exampleRolePolicyAttachment\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs\",\n Role = exampleRole.Name,\n });\n var exampleGraphQLApi = new Aws.AppSync.GraphQLApi(\"exampleGraphQLApi\", new Aws.AppSync.GraphQLApiArgs\n {\n LogConfig = new Aws.AppSync.Inputs.GraphQLApiLogConfigArgs\n {\n CloudwatchLogsRoleArn = exampleRole.Arn,\n FieldLogLevel = \"ERROR\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRole, err := iam.NewRole(ctx, \"exampleRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"appsync.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"exampleRolePolicyAttachment\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs\"),\n\t\t\tRole: exampleRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewGraphQLApi(ctx, \"exampleGraphQLApi\", \u0026appsync.GraphQLApiArgs{\n\t\t\tLogConfig: \u0026appsync.GraphQLApiLogConfigArgs{\n\t\t\t\tCloudwatchLogsRoleArn: exampleRole.Arn,\n\t\t\t\tFieldLogLevel: pulumi.String(\"ERROR\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "additionalAuthenticationProviders": { "type": "array", "items": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProvider:GraphQLApiAdditionalAuthenticationProvider" }, "description": "One or more additional authentication providers for the GraphqlApi. Defined below.\n" }, "arn": { "type": "string", "description": "The ARN\n" }, "authenticationType": { "type": "string", "description": "The authentication type. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`\n" }, "logConfig": { "$ref": "#/types/aws:appsync/GraphQLApiLogConfig:GraphQLApiLogConfig", "description": "Nested argument containing logging configuration. Defined below.\n" }, "name": { "type": "string", "description": "A user-supplied name for the GraphqlApi.\n" }, "openidConnectConfig": { "$ref": "#/types/aws:appsync/GraphQLApiOpenidConnectConfig:GraphQLApiOpenidConnectConfig", "description": "Nested argument containing OpenID Connect configuration. Defined below.\n" }, "schema": { "type": "string", "description": "The schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "uris": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of URIs associated with the API. e.g. `uris[\"GRAPHQL\"] = https://ID.appsync-api.REGION.amazonaws.com/graphql`\n" }, "userPoolConfig": { "$ref": "#/types/aws:appsync/GraphQLApiUserPoolConfig:GraphQLApiUserPoolConfig", "description": "The Amazon Cognito User Pool configuration. Defined below.\n" }, "xrayEnabled": { "type": "boolean", "description": "Whether tracing with X-ray is enabled. Defaults to false.\n" } }, "required": [ "arn", "authenticationType", "name", "uris" ], "inputProperties": { "additionalAuthenticationProviders": { "type": "array", "items": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProvider:GraphQLApiAdditionalAuthenticationProvider" }, "description": "One or more additional authentication providers for the GraphqlApi. Defined below.\n" }, "authenticationType": { "type": "string", "description": "The authentication type. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`\n" }, "logConfig": { "$ref": "#/types/aws:appsync/GraphQLApiLogConfig:GraphQLApiLogConfig", "description": "Nested argument containing logging configuration. Defined below.\n" }, "name": { "type": "string", "description": "A user-supplied name for the GraphqlApi.\n" }, "openidConnectConfig": { "$ref": "#/types/aws:appsync/GraphQLApiOpenidConnectConfig:GraphQLApiOpenidConnectConfig", "description": "Nested argument containing OpenID Connect configuration. Defined below.\n" }, "schema": { "type": "string", "description": "The schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "userPoolConfig": { "$ref": "#/types/aws:appsync/GraphQLApiUserPoolConfig:GraphQLApiUserPoolConfig", "description": "The Amazon Cognito User Pool configuration. Defined below.\n" }, "xrayEnabled": { "type": "boolean", "description": "Whether tracing with X-ray is enabled. Defaults to false.\n" } }, "requiredInputs": [ "authenticationType" ], "stateInputs": { "description": "Input properties used for looking up and filtering GraphQLApi resources.\n", "properties": { "additionalAuthenticationProviders": { "type": "array", "items": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProvider:GraphQLApiAdditionalAuthenticationProvider" }, "description": "One or more additional authentication providers for the GraphqlApi. Defined below.\n" }, "arn": { "type": "string", "description": "The ARN\n" }, "authenticationType": { "type": "string", "description": "The authentication type. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`\n" }, "logConfig": { "$ref": "#/types/aws:appsync/GraphQLApiLogConfig:GraphQLApiLogConfig", "description": "Nested argument containing logging configuration. Defined below.\n" }, "name": { "type": "string", "description": "A user-supplied name for the GraphqlApi.\n" }, "openidConnectConfig": { "$ref": "#/types/aws:appsync/GraphQLApiOpenidConnectConfig:GraphQLApiOpenidConnectConfig", "description": "Nested argument containing OpenID Connect configuration. Defined below.\n" }, "schema": { "type": "string", "description": "The schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "uris": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of URIs associated with the API. e.g. `uris[\"GRAPHQL\"] = https://ID.appsync-api.REGION.amazonaws.com/graphql`\n" }, "userPoolConfig": { "$ref": "#/types/aws:appsync/GraphQLApiUserPoolConfig:GraphQLApiUserPoolConfig", "description": "The Amazon Cognito User Pool configuration. Defined below.\n" }, "xrayEnabled": { "type": "boolean", "description": "Whether tracing with X-ray is enabled. Defaults to false.\n" } }, "type": "object" } }, "aws:appsync/resolver:Resolver": { "description": "Provides an AppSync Resolver.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testGraphQLApi = new aws.appsync.GraphQLApi(\"test\", {\n authenticationType: \"API_KEY\",\n schema: `type Mutation {\n\tputPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n\tid: ID!\n\ttitle: String!\n}\n\ntype Query {\n\tsinglePost(id: ID!): Post\n}\n\nschema {\n\tquery: Query\n\tmutation: Mutation\n}\n`,\n});\nconst testDataSource = new aws.appsync.DataSource(\"test\", {\n apiId: testGraphQLApi.id,\n httpConfig: {\n endpoint: \"http://example.com\",\n },\n type: \"HTTP\",\n});\n// UNIT type resolver (default)\nconst testResolver = new aws.appsync.Resolver(\"test\", {\n apiId: testGraphQLApi.id,\n cachingConfig: {\n cachingKeys: [\n \"$context.identity.sub\",\n \"$context.arguments.id\",\n ],\n ttl: 60,\n },\n dataSource: testDataSource.name,\n field: \"singlePost\",\n requestTemplate: `{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n`,\n responseTemplate: `#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n`,\n type: \"Query\",\n});\n// PIPELINE type resolver\nconst mutationPipelineTest = new aws.appsync.Resolver(\"Mutation_pipelineTest\", {\n apiId: testGraphQLApi.id,\n field: \"pipelineTest\",\n kind: \"PIPELINE\",\n pipelineConfig: {\n functions: [\n aws_appsync_function_test1.functionId,\n aws_appsync_function_test2.functionId,\n aws_appsync_function_test3.functionId,\n ],\n },\n requestTemplate: \"{}\",\n responseTemplate: \"$util.toJson($ctx.result)\",\n type: \"Mutation\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_graph_ql_api = aws.appsync.GraphQLApi(\"testGraphQLApi\",\n authentication_type=\"API_KEY\",\n schema=\"\"\"type Mutation {\n\tputPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n\tid: ID!\n\ttitle: String!\n}\n\ntype Query {\n\tsinglePost(id: ID!): Post\n}\n\nschema {\n\tquery: Query\n\tmutation: Mutation\n}\n\n\"\"\")\ntest_data_source = aws.appsync.DataSource(\"testDataSource\",\n api_id=test_graph_ql_api.id,\n http_config={\n \"endpoint\": \"http://example.com\",\n },\n type=\"HTTP\")\n# UNIT type resolver (default)\ntest_resolver = aws.appsync.Resolver(\"testResolver\",\n api_id=test_graph_ql_api.id,\n caching_config={\n \"cachingKeys\": [\n \"$context.identity.sub\",\n \"$context.arguments.id\",\n ],\n \"ttl\": 60,\n },\n data_source=test_data_source.name,\n field=\"singlePost\",\n request_template=\"\"\"{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n\n\"\"\",\n response_template=\"\"\"#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n\n\"\"\",\n type=\"Query\")\n# PIPELINE type resolver\nmutation_pipeline_test = aws.appsync.Resolver(\"mutationPipelineTest\",\n api_id=test_graph_ql_api.id,\n field=\"pipelineTest\",\n kind=\"PIPELINE\",\n pipeline_config={\n \"functions\": [\n aws_appsync_function[\"test1\"][\"function_id\"],\n aws_appsync_function[\"test2\"][\"function_id\"],\n aws_appsync_function[\"test3\"][\"function_id\"],\n ],\n },\n request_template=\"{}\",\n response_template=\"$util.toJson($ctx.result)\",\n type=\"Mutation\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testGraphQLApi = new Aws.AppSync.GraphQLApi(\"testGraphQLApi\", new Aws.AppSync.GraphQLApiArgs\n {\n AuthenticationType = \"API_KEY\",\n Schema = @\"type Mutation {\n\tputPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n\tid: ID!\n\ttitle: String!\n}\n\ntype Query {\n\tsinglePost(id: ID!): Post\n}\n\nschema {\n\tquery: Query\n\tmutation: Mutation\n}\n\n\",\n });\n var testDataSource = new Aws.AppSync.DataSource(\"testDataSource\", new Aws.AppSync.DataSourceArgs\n {\n ApiId = testGraphQLApi.Id,\n HttpConfig = new Aws.AppSync.Inputs.DataSourceHttpConfigArgs\n {\n Endpoint = \"http://example.com\",\n },\n Type = \"HTTP\",\n });\n // UNIT type resolver (default)\n var testResolver = new Aws.AppSync.Resolver(\"testResolver\", new Aws.AppSync.ResolverArgs\n {\n ApiId = testGraphQLApi.Id,\n CachingConfig = new Aws.AppSync.Inputs.ResolverCachingConfigArgs\n {\n CachingKeys = \n {\n \"$context.identity.sub\",\n \"$context.arguments.id\",\n },\n Ttl = 60,\n },\n DataSource = testDataSource.Name,\n Field = \"singlePost\",\n RequestTemplate = @\"{\n \"\"version\"\": \"\"2018-05-29\"\",\n \"\"method\"\": \"\"GET\"\",\n \"\"resourcePath\"\": \"\"/\"\",\n \"\"params\"\":{\n \"\"headers\"\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n\n\",\n ResponseTemplate = @\"#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n\n\",\n Type = \"Query\",\n });\n // PIPELINE type resolver\n var mutationPipelineTest = new Aws.AppSync.Resolver(\"mutationPipelineTest\", new Aws.AppSync.ResolverArgs\n {\n ApiId = testGraphQLApi.Id,\n Field = \"pipelineTest\",\n Kind = \"PIPELINE\",\n PipelineConfig = new Aws.AppSync.Inputs.ResolverPipelineConfigArgs\n {\n Functions = \n {\n aws_appsync_function.Test1.Function_id,\n aws_appsync_function.Test2.Function_id,\n aws_appsync_function.Test3.Function_id,\n },\n },\n RequestTemplate = \"{}\",\n ResponseTemplate = \"$util.toJson($ctx.result)\",\n Type = \"Mutation\",\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiId": { "type": "string", "description": "The API ID for the GraphQL API.\n" }, "arn": { "type": "string", "description": "The ARN\n" }, "cachingConfig": { "$ref": "#/types/aws:appsync/ResolverCachingConfig:ResolverCachingConfig", "description": "The CachingConfig.\n" }, "dataSource": { "type": "string", "description": "The DataSource name.\n" }, "field": { "type": "string", "description": "The field name from the schema defined in the GraphQL API.\n" }, "kind": { "type": "string", "description": "The resolver type. Valid values are `UNIT` and `PIPELINE`.\n" }, "pipelineConfig": { "$ref": "#/types/aws:appsync/ResolverPipelineConfig:ResolverPipelineConfig", "description": "The PipelineConfig.\n" }, "requestTemplate": { "type": "string", "description": "The request mapping template for UNIT resolver or 'before mapping template' for PIPELINE resolver.\n" }, "responseTemplate": { "type": "string", "description": "The response mapping template for UNIT resolver or 'after mapping template' for PIPELINE resolver.\n" }, "type": { "type": "string", "description": "The type name from the schema defined in the GraphQL API.\n" } }, "required": [ "apiId", "arn", "field", "requestTemplate", "responseTemplate", "type" ], "inputProperties": { "apiId": { "type": "string", "description": "The API ID for the GraphQL API.\n" }, "cachingConfig": { "$ref": "#/types/aws:appsync/ResolverCachingConfig:ResolverCachingConfig", "description": "The CachingConfig.\n" }, "dataSource": { "type": "string", "description": "The DataSource name.\n" }, "field": { "type": "string", "description": "The field name from the schema defined in the GraphQL API.\n" }, "kind": { "type": "string", "description": "The resolver type. Valid values are `UNIT` and `PIPELINE`.\n" }, "pipelineConfig": { "$ref": "#/types/aws:appsync/ResolverPipelineConfig:ResolverPipelineConfig", "description": "The PipelineConfig.\n" }, "requestTemplate": { "type": "string", "description": "The request mapping template for UNIT resolver or 'before mapping template' for PIPELINE resolver.\n" }, "responseTemplate": { "type": "string", "description": "The response mapping template for UNIT resolver or 'after mapping template' for PIPELINE resolver.\n" }, "type": { "type": "string", "description": "The type name from the schema defined in the GraphQL API.\n" } }, "requiredInputs": [ "apiId", "field", "requestTemplate", "responseTemplate", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Resolver resources.\n", "properties": { "apiId": { "type": "string", "description": "The API ID for the GraphQL API.\n" }, "arn": { "type": "string", "description": "The ARN\n" }, "cachingConfig": { "$ref": "#/types/aws:appsync/ResolverCachingConfig:ResolverCachingConfig", "description": "The CachingConfig.\n" }, "dataSource": { "type": "string", "description": "The DataSource name.\n" }, "field": { "type": "string", "description": "The field name from the schema defined in the GraphQL API.\n" }, "kind": { "type": "string", "description": "The resolver type. Valid values are `UNIT` and `PIPELINE`.\n" }, "pipelineConfig": { "$ref": "#/types/aws:appsync/ResolverPipelineConfig:ResolverPipelineConfig", "description": "The PipelineConfig.\n" }, "requestTemplate": { "type": "string", "description": "The request mapping template for UNIT resolver or 'before mapping template' for PIPELINE resolver.\n" }, "responseTemplate": { "type": "string", "description": "The response mapping template for UNIT resolver or 'after mapping template' for PIPELINE resolver.\n" }, "type": { "type": "string", "description": "The type name from the schema defined in the GraphQL API.\n" } }, "type": "object" } }, "aws:athena/database:Database": { "description": "Provides an Athena database.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst hogeBucket = new aws.s3.Bucket(\"hoge\", {});\nconst hogeDatabase = new aws.athena.Database(\"hoge\", {\n bucket: hogeBucket.bucket,\n name: \"database_name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nhoge_bucket = aws.s3.Bucket(\"hogeBucket\")\nhoge_database = aws.athena.Database(\"hogeDatabase\",\n bucket=hoge_bucket.bucket,\n name=\"database_name\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var hogeBucket = new Aws.S3.Bucket(\"hogeBucket\", new Aws.S3.BucketArgs\n {\n });\n var hogeDatabase = new Aws.Athena.Database(\"hogeDatabase\", new Aws.Athena.DatabaseArgs\n {\n Bucket = hogeBucket.BucketName,\n Name = \"database_name\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/athena\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\thogeBucket, err := s3.NewBucket(ctx, \"hogeBucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = athena.NewDatabase(ctx, \"hogeDatabase\", \u0026athena.DatabaseArgs{\n\t\t\tBucket: hogeBucket.Bucket,\n\t\t\tName: pulumi.String(\"database_name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "bucket": { "type": "string", "description": "Name of s3 bucket to save the results of the query execution.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:athena/DatabaseEncryptionConfiguration:DatabaseEncryptionConfiguration", "description": "The encryption key block AWS Athena uses to decrypt the data in S3, such as an AWS Key Management Service (AWS KMS) key. An `encryption_configuration` block is documented below.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all tables should be deleted from the database so that the database can be destroyed without error. The tables are *not* recoverable.\n" }, "name": { "type": "string", "description": "Name of the database to create.\n" } }, "required": [ "bucket", "name" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of s3 bucket to save the results of the query execution.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:athena/DatabaseEncryptionConfiguration:DatabaseEncryptionConfiguration", "description": "The encryption key block AWS Athena uses to decrypt the data in S3, such as an AWS Key Management Service (AWS KMS) key. An `encryption_configuration` block is documented below.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all tables should be deleted from the database so that the database can be destroyed without error. The tables are *not* recoverable.\n" }, "name": { "type": "string", "description": "Name of the database to create.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering Database resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of s3 bucket to save the results of the query execution.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:athena/DatabaseEncryptionConfiguration:DatabaseEncryptionConfiguration", "description": "The encryption key block AWS Athena uses to decrypt the data in S3, such as an AWS Key Management Service (AWS KMS) key. An `encryption_configuration` block is documented below.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all tables should be deleted from the database so that the database can be destroyed without error. The tables are *not* recoverable.\n" }, "name": { "type": "string", "description": "Name of the database to create.\n" } }, "type": "object" } }, "aws:athena/namedQuery:NamedQuery": { "description": "Provides an Athena Named Query resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst hogeBucket = new aws.s3.Bucket(\"hoge\", {});\nconst testKey = new aws.kms.Key(\"test\", {\n deletionWindowInDays: 7,\n description: \"Athena KMS Key\",\n});\nconst testWorkgroup = new aws.athena.Workgroup(\"test\", {\n configuration: {\n resultConfiguration: {\n encryptionConfiguration: {\n encryptionOption: \"SSE_KMS\",\n kmsKeyArn: testKey.arn,\n },\n },\n },\n});\nconst hogeDatabase = new aws.athena.Database(\"hoge\", {\n bucket: hogeBucket.id,\n name: \"users\",\n});\nconst foo = new aws.athena.NamedQuery(\"foo\", {\n database: hogeDatabase.name,\n query: pulumi.interpolate`SELECT * FROM ${hogeDatabase.name} limit 10;`,\n workgroup: testWorkgroup.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nhoge_bucket = aws.s3.Bucket(\"hogeBucket\")\ntest_key = aws.kms.Key(\"testKey\",\n deletion_window_in_days=7,\n description=\"Athena KMS Key\")\ntest_workgroup = aws.athena.Workgroup(\"testWorkgroup\", configuration={\n \"resultConfiguration\": {\n \"encryption_configuration\": {\n \"encryptionOption\": \"SSE_KMS\",\n \"kms_key_arn\": test_key.arn,\n },\n },\n})\nhoge_database = aws.athena.Database(\"hogeDatabase\",\n bucket=hoge_bucket.id,\n name=\"users\")\nfoo = aws.athena.NamedQuery(\"foo\",\n database=hoge_database.name,\n query=hoge_database.name.apply(lambda name: f\"SELECT * FROM {name} limit 10;\"),\n workgroup=test_workgroup.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var hogeBucket = new Aws.S3.Bucket(\"hogeBucket\", new Aws.S3.BucketArgs\n {\n });\n var testKey = new Aws.Kms.Key(\"testKey\", new Aws.Kms.KeyArgs\n {\n DeletionWindowInDays = 7,\n Description = \"Athena KMS Key\",\n });\n var testWorkgroup = new Aws.Athena.Workgroup(\"testWorkgroup\", new Aws.Athena.WorkgroupArgs\n {\n Configuration = new Aws.Athena.Inputs.WorkgroupConfigurationArgs\n {\n ResultConfiguration = new Aws.Athena.Inputs.WorkgroupConfigurationResultConfigurationArgs\n {\n EncryptionConfiguration = new Aws.Athena.Inputs.WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs\n {\n EncryptionOption = \"SSE_KMS\",\n KmsKeyArn = testKey.Arn,\n },\n },\n },\n });\n var hogeDatabase = new Aws.Athena.Database(\"hogeDatabase\", new Aws.Athena.DatabaseArgs\n {\n Bucket = hogeBucket.Id,\n Name = \"users\",\n });\n var foo = new Aws.Athena.NamedQuery(\"foo\", new Aws.Athena.NamedQueryArgs\n {\n Database = hogeDatabase.Name,\n Query = hogeDatabase.Name.Apply(name =\u003e $\"SELECT * FROM {name} limit 10;\"),\n Workgroup = testWorkgroup.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/athena\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\thogeBucket, err := s3.NewBucket(ctx, \"hogeBucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestKey, err := kms.NewKey(ctx, \"testKey\", \u0026kms.KeyArgs{\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tDescription: pulumi.String(\"Athena KMS Key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestWorkgroup, err := athena.NewWorkgroup(ctx, \"testWorkgroup\", \u0026athena.WorkgroupArgs{\n\t\t\tConfiguration: \u0026athena.WorkgroupConfigurationArgs{\n\t\t\t\tResultConfiguration: \u0026athena.WorkgroupConfigurationResultConfigurationArgs{\n\t\t\t\t\tEncryptionConfiguration: \u0026athena.WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs{\n\t\t\t\t\t\tEncryptionOption: pulumi.String(\"SSE_KMS\"),\n\t\t\t\t\t\tKmsKeyArn: testKey.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\thogeDatabase, err := athena.NewDatabase(ctx, \"hogeDatabase\", \u0026athena.DatabaseArgs{\n\t\t\tBucket: hogeBucket.ID(),\n\t\t\tName: pulumi.String(\"users\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = athena.NewNamedQuery(ctx, \"foo\", \u0026athena.NamedQueryArgs{\n\t\t\tDatabase: hogeDatabase.Name,\n\t\t\tQuery: hogeDatabase.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v\", \"SELECT * FROM \", name, \" limit 10;\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tWorkgroup: testWorkgroup.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "database": { "type": "string", "description": "The database to which the query belongs.\n" }, "description": { "type": "string", "description": "A brief explanation of the query. Maximum length of 1024.\n" }, "name": { "type": "string", "description": "The plain language name for the query. Maximum length of 128.\n" }, "query": { "type": "string", "description": "The text of the query itself. In other words, all query statements. Maximum length of 262144.\n" }, "workgroup": { "type": "string", "description": "The workgroup to which the query belongs. Defaults to `primary`\n" } }, "required": [ "database", "name", "query" ], "inputProperties": { "database": { "type": "string", "description": "The database to which the query belongs.\n" }, "description": { "type": "string", "description": "A brief explanation of the query. Maximum length of 1024.\n" }, "name": { "type": "string", "description": "The plain language name for the query. Maximum length of 128.\n" }, "query": { "type": "string", "description": "The text of the query itself. In other words, all query statements. Maximum length of 262144.\n" }, "workgroup": { "type": "string", "description": "The workgroup to which the query belongs. Defaults to `primary`\n" } }, "requiredInputs": [ "database", "query" ], "stateInputs": { "description": "Input properties used for looking up and filtering NamedQuery resources.\n", "properties": { "database": { "type": "string", "description": "The database to which the query belongs.\n" }, "description": { "type": "string", "description": "A brief explanation of the query. Maximum length of 1024.\n" }, "name": { "type": "string", "description": "The plain language name for the query. Maximum length of 128.\n" }, "query": { "type": "string", "description": "The text of the query itself. In other words, all query statements. Maximum length of 262144.\n" }, "workgroup": { "type": "string", "description": "The workgroup to which the query belongs. Defaults to `primary`\n" } }, "type": "object" } }, "aws:athena/workgroup:Workgroup": { "description": "Provides an Athena Workgroup.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.athena.Workgroup(\"example\", {\n configuration: {\n enforceWorkgroupConfiguration: true,\n publishCloudwatchMetricsEnabled: true,\n resultConfiguration: {\n encryptionConfiguration: {\n encryptionOption: \"SSE_KMS\",\n kmsKeyArn: aws_kms_key_example.arn,\n },\n outputLocation: \"s3://{aws_s3_bucket.example.bucket}/output/\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.athena.Workgroup(\"example\", configuration={\n \"enforceWorkgroupConfiguration\": True,\n \"publishCloudwatchMetricsEnabled\": True,\n \"resultConfiguration\": {\n \"encryption_configuration\": {\n \"encryptionOption\": \"SSE_KMS\",\n \"kms_key_arn\": aws_kms_key[\"example\"][\"arn\"],\n },\n \"output_location\": \"s3://{aws_s3_bucket.example.bucket}/output/\",\n },\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Athena.Workgroup(\"example\", new Aws.Athena.WorkgroupArgs\n {\n Configuration = new Aws.Athena.Inputs.WorkgroupConfigurationArgs\n {\n EnforceWorkgroupConfiguration = true,\n PublishCloudwatchMetricsEnabled = true,\n ResultConfiguration = new Aws.Athena.Inputs.WorkgroupConfigurationResultConfigurationArgs\n {\n EncryptionConfiguration = new Aws.Athena.Inputs.WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs\n {\n EncryptionOption = \"SSE_KMS\",\n KmsKeyArn = aws_kms_key.Example.Arn,\n },\n OutputLocation = \"s3://{aws_s3_bucket.example.bucket}/output/\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/athena\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = athena.NewWorkgroup(ctx, \"example\", \u0026athena.WorkgroupArgs{\n\t\t\tConfiguration: \u0026athena.WorkgroupConfigurationArgs{\n\t\t\t\tEnforceWorkgroupConfiguration: pulumi.Bool(true),\n\t\t\t\tPublishCloudwatchMetricsEnabled: pulumi.Bool(true),\n\t\t\t\tResultConfiguration: \u0026athena.WorkgroupConfigurationResultConfigurationArgs{\n\t\t\t\t\tEncryptionConfiguration: \u0026athena.WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs{\n\t\t\t\t\t\tEncryptionOption: pulumi.String(\"SSE_KMS\"),\n\t\t\t\t\t\tKmsKeyArn: pulumi.String(aws_kms_key.Example.Arn),\n\t\t\t\t\t},\n\t\t\t\t\tOutputLocation: pulumi.String(\"s3://{aws_s3_bucket.example.bucket}/output/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the workgroup\n" }, "configuration": { "$ref": "#/types/aws:athena/WorkgroupConfiguration:WorkgroupConfiguration", "description": "Configuration block with various settings for the workgroup. Documented below.\n" }, "description": { "type": "string", "description": "Description of the workgroup.\n" }, "forceDestroy": { "type": "boolean", "description": "The option to delete the workgroup and its contents even if the workgroup contains any named queries.\n" }, "name": { "type": "string", "description": "Name of the workgroup.\n" }, "state": { "type": "string", "description": "State of the workgroup. Valid values are `DISABLED` or `ENABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the workgroup.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "configuration": { "$ref": "#/types/aws:athena/WorkgroupConfiguration:WorkgroupConfiguration", "description": "Configuration block with various settings for the workgroup. Documented below.\n" }, "description": { "type": "string", "description": "Description of the workgroup.\n" }, "forceDestroy": { "type": "boolean", "description": "The option to delete the workgroup and its contents even if the workgroup contains any named queries.\n" }, "name": { "type": "string", "description": "Name of the workgroup.\n" }, "state": { "type": "string", "description": "State of the workgroup. Valid values are `DISABLED` or `ENABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the workgroup.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Workgroup resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the workgroup\n" }, "configuration": { "$ref": "#/types/aws:athena/WorkgroupConfiguration:WorkgroupConfiguration", "description": "Configuration block with various settings for the workgroup. Documented below.\n" }, "description": { "type": "string", "description": "Description of the workgroup.\n" }, "forceDestroy": { "type": "boolean", "description": "The option to delete the workgroup and its contents even if the workgroup contains any named queries.\n" }, "name": { "type": "string", "description": "Name of the workgroup.\n" }, "state": { "type": "string", "description": "State of the workgroup. Valid values are `DISABLED` or `ENABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the workgroup.\n" } }, "type": "object" } }, "aws:autoscaling/attachment:Attachment": { "description": "Provides an AutoScaling Attachment resource.\n\n\u003e **NOTE on AutoScaling Groups and ASG Attachments:** This provider currently provides\nboth a standalone ASG Attachment resource (describing an ASG attached to\nan ELB), and an AutoScaling Group resource with\n`load_balancers` defined in-line. At this time you cannot use an ASG with in-line\nload balancers in conjunction with an ASG Attachment resource. Doing so will cause a\nconflict and will overwrite attachments.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new load balancer attachment\nconst asgAttachmentBar = new aws.autoscaling.Attachment(\"asg_attachment_bar\", {\n autoscalingGroupName: aws_autoscaling_group_asg.id,\n elb: aws_elb_bar.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new load balancer attachment\nasg_attachment_bar = aws.autoscaling.Attachment(\"asgAttachmentBar\",\n autoscaling_group_name=aws_autoscaling_group[\"asg\"][\"id\"],\n elb=aws_elb[\"bar\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new load balancer attachment\n var asgAttachmentBar = new Aws.AutoScaling.Attachment(\"asgAttachmentBar\", new Aws.AutoScaling.AttachmentArgs\n {\n AutoscalingGroupName = aws_autoscaling_group.Asg.Id,\n Elb = aws_elb.Bar.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = autoscaling.NewAttachment(ctx, \"asgAttachmentBar\", \u0026autoscaling.AttachmentArgs{\n\t\t\tAutoscalingGroupName: pulumi.String(aws_autoscaling_group.Asg.Id),\n\t\t\tElb: pulumi.String(aws_elb.Bar.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new ALB Target Group attachment\nconst asgAttachmentBar = new aws.autoscaling.Attachment(\"asg_attachment_bar\", {\n albTargetGroupArn: aws_alb_target_group_test.arn,\n autoscalingGroupName: aws_autoscaling_group_asg.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new ALB Target Group attachment\nasg_attachment_bar = aws.autoscaling.Attachment(\"asgAttachmentBar\",\n alb_target_group_arn=aws_alb_target_group[\"test\"][\"arn\"],\n autoscaling_group_name=aws_autoscaling_group[\"asg\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new ALB Target Group attachment\n var asgAttachmentBar = new Aws.AutoScaling.Attachment(\"asgAttachmentBar\", new Aws.AutoScaling.AttachmentArgs\n {\n AlbTargetGroupArn = aws_alb_target_group.Test.Arn,\n AutoscalingGroupName = aws_autoscaling_group.Asg.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = autoscaling.NewAttachment(ctx, \"asgAttachmentBar\", \u0026autoscaling.AttachmentArgs{\n\t\t\tAlbTargetGroupArn: pulumi.String(aws_alb_target_group.Test.Arn),\n\t\t\tAutoscalingGroupName: pulumi.String(aws_autoscaling_group.Asg.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "albTargetGroupArn": { "type": "string", "description": "The ARN of an ALB Target Group.\n" }, "autoscalingGroupName": { "type": "string", "description": "Name of ASG to associate with the ELB.\n" }, "elb": { "type": "string", "description": "The name of the ELB.\n" } }, "required": [ "autoscalingGroupName" ], "inputProperties": { "albTargetGroupArn": { "type": "string", "description": "The ARN of an ALB Target Group.\n" }, "autoscalingGroupName": { "type": "string", "description": "Name of ASG to associate with the ELB.\n" }, "elb": { "type": "string", "description": "The name of the ELB.\n" } }, "requiredInputs": [ "autoscalingGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Attachment resources.\n", "properties": { "albTargetGroupArn": { "type": "string", "description": "The ARN of an ALB Target Group.\n" }, "autoscalingGroupName": { "type": "string", "description": "Name of ASG to associate with the ELB.\n" }, "elb": { "type": "string", "description": "The name of the ELB.\n" } }, "type": "object" } }, "aws:autoscaling/group:Group": { "description": "Provides an AutoScaling Group resource.\n\n\u003e **Note:** You must specify either `launch_configuration`, `launch_template`, or `mixed_instances_policy`.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.PlacementGroup(\"test\", {\n strategy: \"cluster\",\n});\nconst bar = new aws.autoscaling.Group(\"bar\", {\n desiredCapacity: 4,\n forceDelete: true,\n healthCheckGracePeriod: 300,\n healthCheckType: \"ELB\",\n initialLifecycleHooks: [{\n defaultResult: \"CONTINUE\",\n heartbeatTimeout: 2000,\n lifecycleTransition: \"autoscaling:EC2_INSTANCE_LAUNCHING\",\n name: \"foobar\",\n notificationMetadata: `{\n \"foo\": \"bar\"\n}\n`,\n notificationTargetArn: \"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n roleArn: \"arn:aws:iam::123456789012:role/S3Access\",\n }],\n launchConfiguration: aws_launch_configuration_foobar.name,\n maxSize: 5,\n minSize: 2,\n placementGroup: test.id,\n tags: [\n {\n key: \"foo\",\n propagateAtLaunch: true,\n value: \"bar\",\n },\n {\n key: \"lorem\",\n propagateAtLaunch: false,\n value: \"ipsum\",\n },\n ],\n vpcZoneIdentifiers: [\n aws_subnet_example1.id,\n aws_subnet_example2.id,\n ],\n}, { timeouts: {\n delete: \"15m\",\n} });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.PlacementGroup(\"test\", strategy=\"cluster\")\nbar = aws.autoscaling.Group(\"bar\",\n desired_capacity=4,\n force_delete=True,\n health_check_grace_period=300,\n health_check_type=\"ELB\",\n initial_lifecycle_hooks=[{\n \"default_result\": \"CONTINUE\",\n \"heartbeat_timeout\": 2000,\n \"lifecycle_transition\": \"autoscaling:EC2_INSTANCE_LAUNCHING\",\n \"name\": \"foobar\",\n \"notification_metadata\": \"\"\"{\n \"foo\": \"bar\"\n}\n\n\"\"\",\n \"notification_target_arn\": \"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n \"role_arn\": \"arn:aws:iam::123456789012:role/S3Access\",\n }],\n launch_configuration=aws_launch_configuration[\"foobar\"][\"name\"],\n max_size=5,\n min_size=2,\n placement_group=test.id,\n tags=[\n {\n \"key\": \"foo\",\n \"propagateAtLaunch\": True,\n \"value\": \"bar\",\n },\n {\n \"key\": \"lorem\",\n \"propagateAtLaunch\": False,\n \"value\": \"ipsum\",\n },\n ],\n vpc_zone_identifiers=[\n aws_subnet[\"example1\"][\"id\"],\n aws_subnet[\"example2\"][\"id\"],\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.Ec2.PlacementGroup(\"test\", new Aws.Ec2.PlacementGroupArgs\n {\n Strategy = \"cluster\",\n });\n var bar = new Aws.AutoScaling.Group(\"bar\", new Aws.AutoScaling.GroupArgs\n {\n DesiredCapacity = 4,\n ForceDelete = true,\n HealthCheckGracePeriod = 300,\n HealthCheckType = \"ELB\",\n InitialLifecycleHooks = \n {\n new Aws.AutoScaling.Inputs.GroupInitialLifecycleHookArgs\n {\n DefaultResult = \"CONTINUE\",\n HeartbeatTimeout = 2000,\n LifecycleTransition = \"autoscaling:EC2_INSTANCE_LAUNCHING\",\n Name = \"foobar\",\n NotificationMetadata = @\"{\n \"\"foo\"\": \"\"bar\"\"\n}\n\n\",\n NotificationTargetArn = \"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n RoleArn = \"arn:aws:iam::123456789012:role/S3Access\",\n },\n },\n LaunchConfiguration = aws_launch_configuration.Foobar.Name,\n MaxSize = 5,\n MinSize = 2,\n PlacementGroup = test.Id,\n Tags = \n {\n new Aws.AutoScaling.Inputs.GroupTagArgs\n {\n Key = \"foo\",\n PropagateAtLaunch = true,\n Value = \"bar\",\n },\n new Aws.AutoScaling.Inputs.GroupTagArgs\n {\n Key = \"lorem\",\n PropagateAtLaunch = false,\n Value = \"ipsum\",\n },\n },\n VpcZoneIdentifiers = \n {\n aws_subnet.Example1.Id,\n aws_subnet.Example2.Id,\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### With Latest Version Of Launch Template\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobar = new aws.ec2.LaunchTemplate(\"foobar\", {\n imageId: \"ami-1a2b3c\",\n instanceType: \"t2.micro\",\n namePrefix: \"foobar\",\n});\nconst bar = new aws.autoscaling.Group(\"bar\", {\n availabilityZones: [\"us-east-1a\"],\n desiredCapacity: 1,\n launchTemplate: {\n id: foobar.id,\n version: \"$Latest\",\n },\n maxSize: 1,\n minSize: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar = aws.ec2.LaunchTemplate(\"foobar\",\n image_id=\"ami-1a2b3c\",\n instance_type=\"t2.micro\",\n name_prefix=\"foobar\")\nbar = aws.autoscaling.Group(\"bar\",\n availability_zones=[\"us-east-1a\"],\n desired_capacity=1,\n launch_template={\n \"id\": foobar.id,\n \"version\": \"$Latest\",\n },\n max_size=1,\n min_size=1)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foobar = new Aws.Ec2.LaunchTemplate(\"foobar\", new Aws.Ec2.LaunchTemplateArgs\n {\n ImageId = \"ami-1a2b3c\",\n InstanceType = \"t2.micro\",\n NamePrefix = \"foobar\",\n });\n var bar = new Aws.AutoScaling.Group(\"bar\", new Aws.AutoScaling.GroupArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n DesiredCapacity = 1,\n LaunchTemplate = new Aws.AutoScaling.Inputs.GroupLaunchTemplateArgs\n {\n Id = foobar.Id,\n Version = \"$Latest\",\n },\n MaxSize = 1,\n MinSize = 1,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoobar, err := ec2.NewLaunchTemplate(ctx, \"foobar\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tImageId: pulumi.String(\"ami-1a2b3c\"),\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tNamePrefix: pulumi.String(\"foobar\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"bar\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tDesiredCapacity: pulumi.Int(1),\n\t\t\tLaunchTemplate: \u0026autoscaling.GroupLaunchTemplateArgs{\n\t\t\t\tId: foobar.ID(),\n\t\t\t\tVersion: pulumi.String(fmt.Sprintf(\"%v%v\", \"$\", \"Latest\")),\n\t\t\t},\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Mixed Instances Policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLaunchTemplate = new aws.ec2.LaunchTemplate(\"example\", {\n imageId: aws_ami_example.id,\n instanceType: \"c5.large\",\n namePrefix: \"example\",\n});\nconst exampleGroup = new aws.autoscaling.Group(\"example\", {\n availabilityZones: [\"us-east-1a\"],\n desiredCapacity: 1,\n maxSize: 1,\n minSize: 1,\n mixedInstancesPolicy: {\n launchTemplate: {\n launchTemplateSpecification: {\n launchTemplateId: exampleLaunchTemplate.id,\n },\n overrides: [\n {\n instanceType: \"c4.large\",\n weightedCapacity: \"3\",\n },\n {\n instanceType: \"c3.large\",\n weightedCapacity: \"2\",\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_launch_template = aws.ec2.LaunchTemplate(\"exampleLaunchTemplate\",\n image_id=data[\"aws_ami\"][\"example\"][\"id\"],\n instance_type=\"c5.large\",\n name_prefix=\"example\")\nexample_group = aws.autoscaling.Group(\"exampleGroup\",\n availability_zones=[\"us-east-1a\"],\n desired_capacity=1,\n max_size=1,\n min_size=1,\n mixed_instances_policy={\n \"launch_template\": {\n \"launchTemplateSpecification\": {\n \"launchTemplateId\": example_launch_template.id,\n },\n \"override\": [\n {\n \"instance_type\": \"c4.large\",\n \"weightedCapacity\": \"3\",\n },\n {\n \"instance_type\": \"c3.large\",\n \"weightedCapacity\": \"2\",\n },\n ],\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleLaunchTemplate = new Aws.Ec2.LaunchTemplate(\"exampleLaunchTemplate\", new Aws.Ec2.LaunchTemplateArgs\n {\n ImageId = data.Aws_ami.Example.Id,\n InstanceType = \"c5.large\",\n NamePrefix = \"example\",\n });\n var exampleGroup = new Aws.AutoScaling.Group(\"exampleGroup\", new Aws.AutoScaling.GroupArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n DesiredCapacity = 1,\n MaxSize = 1,\n MinSize = 1,\n MixedInstancesPolicy = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyArgs\n {\n LaunchTemplate = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateArgs\n {\n LaunchTemplateSpecification = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs\n {\n LaunchTemplateId = exampleLaunchTemplate.Id,\n },\n Override = \n {\n \n {\n { \"instanceType\", \"c4.large\" },\n { \"weightedCapacity\", \"3\" },\n },\n \n {\n { \"instanceType\", \"c3.large\" },\n { \"weightedCapacity\", \"2\" },\n },\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLaunchTemplate, err := ec2.NewLaunchTemplate(ctx, \"exampleLaunchTemplate\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tImageId: pulumi.String(data.Aws_ami.Example.Id),\n\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t\tNamePrefix: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"exampleGroup\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tDesiredCapacity: pulumi.Int(1),\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tMixedInstancesPolicy: \u0026autoscaling.GroupMixedInstancesPolicyArgs{\n\t\t\t\tLaunchTemplate: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateArgs{\n\t\t\t\t\tLaunchTemplateSpecification: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs{\n\t\t\t\t\t\tLaunchTemplateId: exampleLaunchTemplate.ID(),\n\t\t\t\t\t},\n\t\t\t\t\tOverride: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"instanceType\": pulumi.String(\"c4.large\"),\n\t\t\t\t\t\t\t\"weightedCapacity\": pulumi.String(\"3\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"instanceType\": pulumi.String(\"c3.large\"),\n\t\t\t\t\t\t\t\"weightedCapacity\": pulumi.String(\"2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Waiting for Capacity\n\nA newly-created ASG is initially empty and begins to scale to `min_size` (or\n`desired_capacity`, if specified) by launching instances using the provided\nLaunch Configuration. These instances take time to launch and boot.\n\nOn ASG Update, changes to these values also take time to result in the target\nnumber of instances providing service.\n\nThis provider provides two mechanisms to help consistently manage ASG scale up\ntime across dependent resources.\n\n#### Waiting for ASG Capacity\n\nThe first is default behavior. This provider waits after ASG creation for\n`min_size` (or `desired_capacity`, if specified) healthy instances to show up\nin the ASG before continuing.\n\nIf `min_size` or `desired_capacity` are changed in a subsequent update,\nthis provider will also wait for the correct number of healthy instances before\ncontinuing.\n\nThis provider considers an instance \"healthy\" when the ASG reports `HealthStatus:\n\"Healthy\"` and `LifecycleState: \"InService\"`. See the [AWS AutoScaling\nDocs](https://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/AutoScalingGroupLifecycle.html)\nfor more information on an ASG's lifecycle.\n\nThis provider will wait for healthy instances for up to\n`wait_for_capacity_timeout`. If ASG creation is taking more than a few minutes,\nit's worth investigating for scaling activity errors, which can be caused by\nproblems with the selected Launch Configuration.\n\nSetting `wait_for_capacity_timeout` to `\"0\"` disables ASG Capacity waiting.\n\n#### Waiting for ELB Capacity\n\nThe second mechanism is optional, and affects ASGs with attached ELBs specified\nvia the `load_balancers` attribute or with ALBs specified with `target_group_arns`.\n\nThe `min_elb_capacity` parameter causes this provider to wait for at least the\nrequested number of instances to show up `\"InService\"` in all attached ELBs\nduring ASG creation. It has no effect on ASG updates.\n\nIf `wait_for_elb_capacity` is set, this provider will wait for exactly that number\nof Instances to be `\"InService\"` in all attached ELBs on both creation and\nupdates.\n\nThese parameters can be used to ensure that service is being provided before\nthis provider moves on. If new instances don't pass the ELB's health checks for any\nreason, the deployment will time out, and the ASG will be marked as\ntainted (i.e. marked to be destroyed in a follow up run).\n\nAs with ASG Capacity, this provider will wait for up to `wait_for_capacity_timeout`\nfor the proper number of instances to be healthy.\n\n#### Troubleshooting Capacity Waiting Timeouts\n\nIf ASG creation takes more than a few minutes, this could indicate one of a\nnumber of configuration problems. See the [AWS Docs on Load Balancer\nTroubleshooting](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-troubleshooting.html)\nfor more information.\n", "properties": { "arn": { "type": "string", "description": "The ARN for this AutoScaling Group\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of one or more availability zones for the group. This parameter should not be specified when using `vpc_zone_identifier`.\n" }, "defaultCooldown": { "type": "integer", "description": "The amount of time, in seconds, after a scaling activity completes before another scaling activity can start.\n" }, "desiredCapacity": { "type": "integer", "description": "The number of Amazon EC2 instances that\nshould be running in the group. (See also Waiting for\nCapacity below.)\n" }, "enabledMetrics": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/metrics:Metric" }, "description": "A list of metrics to collect. The allowed values are `GroupDesiredCapacity`, `GroupInServiceCapacity`, `GroupPendingCapacity`, `GroupMinSize`, `GroupMaxSize`, `GroupInServiceInstances`, `GroupPendingInstances`, `GroupStandbyInstances`, `GroupStandbyCapacity`, `GroupTerminatingCapacity`, `GroupTerminatingInstances`, `GroupTotalCapacity`, `GroupTotalInstances`.\n" }, "forceDelete": { "type": "boolean", "description": "Allows deleting the autoscaling group without waiting\nfor all instances in the pool to terminate. You can force an autoscaling group to delete\neven if it's in the process of scaling a resource. Normally, this provider\ndrains all the instances before deleting the group. This bypasses that\nbehavior and potentially leaves resources dangling.\n" }, "healthCheckGracePeriod": { "type": "integer", "description": "Time (in seconds) after instance comes into service before checking health.\n" }, "healthCheckType": { "type": "string", "description": "\"EC2\" or \"ELB\". Controls how health checking is done.\n" }, "initialLifecycleHooks": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupInitialLifecycleHook:GroupInitialLifecycleHook" }, "description": "One or more\n[Lifecycle Hooks](http://docs.aws.amazon.com/autoscaling/latest/userguide/lifecycle-hooks.html)\nto attach to the autoscaling group **before** instances are launched. The\nsyntax is exactly the same as the separate\n`aws.autoscaling.LifecycleHook`\nresource, without the `autoscaling_group_name` attribute. Please note that this will only work when creating\na new autoscaling group. For all other use-cases, please use `aws.autoscaling.LifecycleHook` resource.\n" }, "launchConfiguration": { "type": "string", "description": "The name of the launch configuration to use.\n" }, "launchTemplate": { "$ref": "#/types/aws:autoscaling/GroupLaunchTemplate:GroupLaunchTemplate", "description": "Nested argument containing launch template settings along with the overrides to specify multiple instance types and weights. Defined below.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "A list of elastic load balancer names to add to the autoscaling\ngroup names. Only valid for classic load balancers. For ALBs, use `target_group_arns` instead.\n" }, "maxInstanceLifetime": { "type": "integer", "description": "The maximum amount of time, in seconds, that an instance can be in service, values must be either equal to 0 or between 604800 and 31536000 seconds.\n" }, "maxSize": { "type": "integer", "description": "The maximum size of the auto scale group.\n" }, "metricsGranularity": { "type": "string", "description": "The granularity to associate with the metrics to collect. The only valid value is `1Minute`. Default is `1Minute`.\n" }, "minElbCapacity": { "type": "integer", "description": "Setting this causes this provider to wait for\nthis number of instances from this autoscaling group to show up healthy in the\nELB only on creation. Updates will not wait on ELB instance number changes.\n(See also Waiting for Capacity below.)\n" }, "minSize": { "type": "integer", "description": "The minimum size of the auto scale group.\n(See also Waiting for Capacity below.)\n" }, "mixedInstancesPolicy": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicy:GroupMixedInstancesPolicy", "description": "Configuration block containing settings to define launch targets for Auto Scaling groups. Defined below.\n" }, "name": { "type": "string", "description": "The name of the auto scaling group. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "placementGroup": { "type": "string", "description": "The name of the placement group into which you'll launch your instances, if any.\n" }, "protectFromScaleIn": { "type": "boolean", "description": "Allows setting instance protection. The\nautoscaling group will not select instances with this setting for termination\nduring scale in events.\n" }, "serviceLinkedRoleArn": { "type": "string", "description": "The ARN of the service-linked role that the ASG will use to call other AWS services\n" }, "suspendedProcesses": { "type": "array", "items": { "type": "string" }, "description": "A list of processes to suspend for the AutoScaling Group. The allowed values are `Launch`, `Terminate`, `HealthCheck`, `ReplaceUnhealthy`, `AZRebalance`, `AlarmNotification`, `ScheduledActions`, `AddToLoadBalancer`.\nNote that if you suspend either the `Launch` or `Terminate` process types, it can prevent your autoscaling group from functioning properly.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupTag:GroupTag" }, "description": "Configuration block(s) containing resource tags. Conflicts with `tags`. Documented below.\n" }, "tagsCollection": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Set of maps containing resource tags. Conflicts with `tag`. Documented below.\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "A list of `aws.alb.TargetGroup` ARNs, for use with Application or Network Load Balancing.\n" }, "terminationPolicies": { "type": "array", "items": { "type": "string" }, "description": "A list of policies to decide how the instances in the auto scale group should be terminated. The allowed values are `OldestInstance`, `NewestInstance`, `OldestLaunchConfiguration`, `ClosestToNextInstanceHour`, `OldestLaunchTemplate`, `AllocationStrategy`, `Default`.\n" }, "vpcZoneIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to launch resources in.\n" }, "waitForCapacityTimeout": { "type": "string", "description": "A maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that this provider should\nwait for ASG instances to be healthy before timing out. (See also Waiting\nfor Capacity below.) Setting this to \"0\" causes\nthis provider to skip all Capacity Waiting behavior.\n" }, "waitForElbCapacity": { "type": "integer", "description": "Setting this will cause this provider to wait\nfor exactly this number of healthy instances from this autoscaling group in\nall attached load balancers on both create and update operations. (Takes\nprecedence over `min_elb_capacity` behavior.)\n(See also Waiting for Capacity below.)\n" } }, "required": [ "arn", "availabilityZones", "defaultCooldown", "desiredCapacity", "healthCheckType", "loadBalancers", "maxSize", "minSize", "name", "serviceLinkedRoleArn", "targetGroupArns", "vpcZoneIdentifiers" ], "inputProperties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of one or more availability zones for the group. This parameter should not be specified when using `vpc_zone_identifier`.\n" }, "defaultCooldown": { "type": "integer", "description": "The amount of time, in seconds, after a scaling activity completes before another scaling activity can start.\n" }, "desiredCapacity": { "type": "integer", "description": "The number of Amazon EC2 instances that\nshould be running in the group. (See also Waiting for\nCapacity below.)\n" }, "enabledMetrics": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/metrics:Metric" }, "description": "A list of metrics to collect. The allowed values are `GroupDesiredCapacity`, `GroupInServiceCapacity`, `GroupPendingCapacity`, `GroupMinSize`, `GroupMaxSize`, `GroupInServiceInstances`, `GroupPendingInstances`, `GroupStandbyInstances`, `GroupStandbyCapacity`, `GroupTerminatingCapacity`, `GroupTerminatingInstances`, `GroupTotalCapacity`, `GroupTotalInstances`.\n" }, "forceDelete": { "type": "boolean", "description": "Allows deleting the autoscaling group without waiting\nfor all instances in the pool to terminate. You can force an autoscaling group to delete\neven if it's in the process of scaling a resource. Normally, this provider\ndrains all the instances before deleting the group. This bypasses that\nbehavior and potentially leaves resources dangling.\n" }, "healthCheckGracePeriod": { "type": "integer", "description": "Time (in seconds) after instance comes into service before checking health.\n" }, "healthCheckType": { "type": "string", "description": "\"EC2\" or \"ELB\". Controls how health checking is done.\n" }, "initialLifecycleHooks": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupInitialLifecycleHook:GroupInitialLifecycleHook" }, "description": "One or more\n[Lifecycle Hooks](http://docs.aws.amazon.com/autoscaling/latest/userguide/lifecycle-hooks.html)\nto attach to the autoscaling group **before** instances are launched. The\nsyntax is exactly the same as the separate\n`aws.autoscaling.LifecycleHook`\nresource, without the `autoscaling_group_name` attribute. Please note that this will only work when creating\na new autoscaling group. For all other use-cases, please use `aws.autoscaling.LifecycleHook` resource.\n" }, "launchConfiguration": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/launchConfiguration:LaunchConfiguration" } ], "description": "The name of the launch configuration to use.\n" }, "launchTemplate": { "$ref": "#/types/aws:autoscaling/GroupLaunchTemplate:GroupLaunchTemplate", "description": "Nested argument containing launch template settings along with the overrides to specify multiple instance types and weights. Defined below.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "A list of elastic load balancer names to add to the autoscaling\ngroup names. Only valid for classic load balancers. For ALBs, use `target_group_arns` instead.\n" }, "maxInstanceLifetime": { "type": "integer", "description": "The maximum amount of time, in seconds, that an instance can be in service, values must be either equal to 0 or between 604800 and 31536000 seconds.\n" }, "maxSize": { "type": "integer", "description": "The maximum size of the auto scale group.\n" }, "metricsGranularity": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:autoscaling/metrics:MetricsGranularity" } ], "description": "The granularity to associate with the metrics to collect. The only valid value is `1Minute`. Default is `1Minute`.\n" }, "minElbCapacity": { "type": "integer", "description": "Setting this causes this provider to wait for\nthis number of instances from this autoscaling group to show up healthy in the\nELB only on creation. Updates will not wait on ELB instance number changes.\n(See also Waiting for Capacity below.)\n" }, "minSize": { "type": "integer", "description": "The minimum size of the auto scale group.\n(See also Waiting for Capacity below.)\n" }, "mixedInstancesPolicy": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicy:GroupMixedInstancesPolicy", "description": "Configuration block containing settings to define launch targets for Auto Scaling groups. Defined below.\n" }, "name": { "type": "string", "description": "The name of the auto scaling group. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "placementGroup": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/placementGroup:PlacementGroup" } ], "description": "The name of the placement group into which you'll launch your instances, if any.\n" }, "protectFromScaleIn": { "type": "boolean", "description": "Allows setting instance protection. The\nautoscaling group will not select instances with this setting for termination\nduring scale in events.\n" }, "serviceLinkedRoleArn": { "type": "string", "description": "The ARN of the service-linked role that the ASG will use to call other AWS services\n" }, "suspendedProcesses": { "type": "array", "items": { "type": "string" }, "description": "A list of processes to suspend for the AutoScaling Group. The allowed values are `Launch`, `Terminate`, `HealthCheck`, `ReplaceUnhealthy`, `AZRebalance`, `AlarmNotification`, `ScheduledActions`, `AddToLoadBalancer`.\nNote that if you suspend either the `Launch` or `Terminate` process types, it can prevent your autoscaling group from functioning properly.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupTag:GroupTag" }, "description": "Configuration block(s) containing resource tags. Conflicts with `tags`. Documented below.\n" }, "tagsCollection": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Set of maps containing resource tags. Conflicts with `tag`. Documented below.\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "A list of `aws.alb.TargetGroup` ARNs, for use with Application or Network Load Balancing.\n" }, "terminationPolicies": { "type": "array", "items": { "type": "string" }, "description": "A list of policies to decide how the instances in the auto scale group should be terminated. The allowed values are `OldestInstance`, `NewestInstance`, `OldestLaunchConfiguration`, `ClosestToNextInstanceHour`, `OldestLaunchTemplate`, `AllocationStrategy`, `Default`.\n" }, "vpcZoneIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to launch resources in.\n" }, "waitForCapacityTimeout": { "type": "string", "description": "A maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that this provider should\nwait for ASG instances to be healthy before timing out. (See also Waiting\nfor Capacity below.) Setting this to \"0\" causes\nthis provider to skip all Capacity Waiting behavior.\n" }, "waitForElbCapacity": { "type": "integer", "description": "Setting this will cause this provider to wait\nfor exactly this number of healthy instances from this autoscaling group in\nall attached load balancers on both create and update operations. (Takes\nprecedence over `min_elb_capacity` behavior.)\n(See also Waiting for Capacity below.)\n" } }, "requiredInputs": [ "maxSize", "minSize" ], "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN for this AutoScaling Group\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of one or more availability zones for the group. This parameter should not be specified when using `vpc_zone_identifier`.\n" }, "defaultCooldown": { "type": "integer", "description": "The amount of time, in seconds, after a scaling activity completes before another scaling activity can start.\n" }, "desiredCapacity": { "type": "integer", "description": "The number of Amazon EC2 instances that\nshould be running in the group. (See also Waiting for\nCapacity below.)\n" }, "enabledMetrics": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/metrics:Metric" }, "description": "A list of metrics to collect. The allowed values are `GroupDesiredCapacity`, `GroupInServiceCapacity`, `GroupPendingCapacity`, `GroupMinSize`, `GroupMaxSize`, `GroupInServiceInstances`, `GroupPendingInstances`, `GroupStandbyInstances`, `GroupStandbyCapacity`, `GroupTerminatingCapacity`, `GroupTerminatingInstances`, `GroupTotalCapacity`, `GroupTotalInstances`.\n" }, "forceDelete": { "type": "boolean", "description": "Allows deleting the autoscaling group without waiting\nfor all instances in the pool to terminate. You can force an autoscaling group to delete\neven if it's in the process of scaling a resource. Normally, this provider\ndrains all the instances before deleting the group. This bypasses that\nbehavior and potentially leaves resources dangling.\n" }, "healthCheckGracePeriod": { "type": "integer", "description": "Time (in seconds) after instance comes into service before checking health.\n" }, "healthCheckType": { "type": "string", "description": "\"EC2\" or \"ELB\". Controls how health checking is done.\n" }, "initialLifecycleHooks": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupInitialLifecycleHook:GroupInitialLifecycleHook" }, "description": "One or more\n[Lifecycle Hooks](http://docs.aws.amazon.com/autoscaling/latest/userguide/lifecycle-hooks.html)\nto attach to the autoscaling group **before** instances are launched. The\nsyntax is exactly the same as the separate\n`aws.autoscaling.LifecycleHook`\nresource, without the `autoscaling_group_name` attribute. Please note that this will only work when creating\na new autoscaling group. For all other use-cases, please use `aws.autoscaling.LifecycleHook` resource.\n" }, "launchConfiguration": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/launchConfiguration:LaunchConfiguration" } ], "description": "The name of the launch configuration to use.\n" }, "launchTemplate": { "$ref": "#/types/aws:autoscaling/GroupLaunchTemplate:GroupLaunchTemplate", "description": "Nested argument containing launch template settings along with the overrides to specify multiple instance types and weights. Defined below.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "A list of elastic load balancer names to add to the autoscaling\ngroup names. Only valid for classic load balancers. For ALBs, use `target_group_arns` instead.\n" }, "maxInstanceLifetime": { "type": "integer", "description": "The maximum amount of time, in seconds, that an instance can be in service, values must be either equal to 0 or between 604800 and 31536000 seconds.\n" }, "maxSize": { "type": "integer", "description": "The maximum size of the auto scale group.\n" }, "metricsGranularity": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:autoscaling/metrics:MetricsGranularity" } ], "description": "The granularity to associate with the metrics to collect. The only valid value is `1Minute`. Default is `1Minute`.\n" }, "minElbCapacity": { "type": "integer", "description": "Setting this causes this provider to wait for\nthis number of instances from this autoscaling group to show up healthy in the\nELB only on creation. Updates will not wait on ELB instance number changes.\n(See also Waiting for Capacity below.)\n" }, "minSize": { "type": "integer", "description": "The minimum size of the auto scale group.\n(See also Waiting for Capacity below.)\n" }, "mixedInstancesPolicy": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicy:GroupMixedInstancesPolicy", "description": "Configuration block containing settings to define launch targets for Auto Scaling groups. Defined below.\n" }, "name": { "type": "string", "description": "The name of the auto scaling group. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "placementGroup": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/placementGroup:PlacementGroup" } ], "description": "The name of the placement group into which you'll launch your instances, if any.\n" }, "protectFromScaleIn": { "type": "boolean", "description": "Allows setting instance protection. The\nautoscaling group will not select instances with this setting for termination\nduring scale in events.\n" }, "serviceLinkedRoleArn": { "type": "string", "description": "The ARN of the service-linked role that the ASG will use to call other AWS services\n" }, "suspendedProcesses": { "type": "array", "items": { "type": "string" }, "description": "A list of processes to suspend for the AutoScaling Group. The allowed values are `Launch`, `Terminate`, `HealthCheck`, `ReplaceUnhealthy`, `AZRebalance`, `AlarmNotification`, `ScheduledActions`, `AddToLoadBalancer`.\nNote that if you suspend either the `Launch` or `Terminate` process types, it can prevent your autoscaling group from functioning properly.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupTag:GroupTag" }, "description": "Configuration block(s) containing resource tags. Conflicts with `tags`. Documented below.\n" }, "tagsCollection": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Set of maps containing resource tags. Conflicts with `tag`. Documented below.\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "A list of `aws.alb.TargetGroup` ARNs, for use with Application or Network Load Balancing.\n" }, "terminationPolicies": { "type": "array", "items": { "type": "string" }, "description": "A list of policies to decide how the instances in the auto scale group should be terminated. The allowed values are `OldestInstance`, `NewestInstance`, `OldestLaunchConfiguration`, `ClosestToNextInstanceHour`, `OldestLaunchTemplate`, `AllocationStrategy`, `Default`.\n" }, "vpcZoneIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to launch resources in.\n" }, "waitForCapacityTimeout": { "type": "string", "description": "A maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that this provider should\nwait for ASG instances to be healthy before timing out. (See also Waiting\nfor Capacity below.) Setting this to \"0\" causes\nthis provider to skip all Capacity Waiting behavior.\n" }, "waitForElbCapacity": { "type": "integer", "description": "Setting this will cause this provider to wait\nfor exactly this number of healthy instances from this autoscaling group in\nall attached load balancers on both create and update operations. (Takes\nprecedence over `min_elb_capacity` behavior.)\n(See also Waiting for Capacity below.)\n" } }, "type": "object" } }, "aws:autoscaling/lifecycleHook:LifecycleHook": { "description": "Provides an AutoScaling Lifecycle Hook resource.\n\n\u003e **NOTE:** This provider has two types of ways you can add lifecycle hooks - via\nthe `initial_lifecycle_hook` attribute from the\n`aws.autoscaling.Group`\nresource, or via this one. Hooks added via this resource will not be added\nuntil the autoscaling group has been created, and depending on your\n`capacity`\nsettings, after the initial instances have been launched, creating unintended\nbehavior. If you need hooks to run on all instances, add them with\n`initial_lifecycle_hook` in\n`aws.autoscaling.Group`,\nbut take care to not duplicate those hooks with this resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobarGroup = new aws.autoscaling.Group(\"foobar\", {\n availabilityZones: [\"us-west-2a\"],\n healthCheckType: \"EC2\",\n tags: [{\n key: \"Foo\",\n propagateAtLaunch: true,\n value: \"foo-bar\",\n }],\n terminationPolicies: [\"OldestInstance\"],\n});\nconst foobarLifecycleHook = new aws.autoscaling.LifecycleHook(\"foobar\", {\n autoscalingGroupName: foobarGroup.name,\n defaultResult: \"CONTINUE\",\n heartbeatTimeout: 2000,\n lifecycleTransition: \"autoscaling:EC2_INSTANCE_LAUNCHING\",\n notificationMetadata: `{\n \"foo\": \"bar\"\n}\n`,\n notificationTargetArn: \"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n roleArn: \"arn:aws:iam::123456789012:role/S3Access\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar_group = aws.autoscaling.Group(\"foobarGroup\",\n availability_zones=[\"us-west-2a\"],\n health_check_type=\"EC2\",\n tags=[{\n \"key\": \"Foo\",\n \"propagateAtLaunch\": True,\n \"value\": \"foo-bar\",\n }],\n termination_policies=[\"OldestInstance\"])\nfoobar_lifecycle_hook = aws.autoscaling.LifecycleHook(\"foobarLifecycleHook\",\n autoscaling_group_name=foobar_group.name,\n default_result=\"CONTINUE\",\n heartbeat_timeout=2000,\n lifecycle_transition=\"autoscaling:EC2_INSTANCE_LAUNCHING\",\n notification_metadata=\"\"\"{\n \"foo\": \"bar\"\n}\n\n\"\"\",\n notification_target_arn=\"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n role_arn=\"arn:aws:iam::123456789012:role/S3Access\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foobarGroup = new Aws.AutoScaling.Group(\"foobarGroup\", new Aws.AutoScaling.GroupArgs\n {\n AvailabilityZones = \n {\n \"us-west-2a\",\n },\n HealthCheckType = \"EC2\",\n Tags = \n {\n new Aws.AutoScaling.Inputs.GroupTagArgs\n {\n Key = \"Foo\",\n PropagateAtLaunch = true,\n Value = \"foo-bar\",\n },\n },\n TerminationPolicies = \n {\n \"OldestInstance\",\n },\n });\n var foobarLifecycleHook = new Aws.AutoScaling.LifecycleHook(\"foobarLifecycleHook\", new Aws.AutoScaling.LifecycleHookArgs\n {\n AutoscalingGroupName = foobarGroup.Name,\n DefaultResult = \"CONTINUE\",\n HeartbeatTimeout = 2000,\n LifecycleTransition = \"autoscaling:EC2_INSTANCE_LAUNCHING\",\n NotificationMetadata = @\"{\n \"\"foo\"\": \"\"bar\"\"\n}\n\n\",\n NotificationTargetArn = \"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n RoleArn = \"arn:aws:iam::123456789012:role/S3Access\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoobarGroup, err := autoscaling.NewGroup(ctx, \"foobarGroup\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t},\n\t\t\tHealthCheckType: pulumi.String(\"EC2\"),\n\t\t\tTags: autoscaling.GroupTagArray{\n\t\t\t\t\u0026autoscaling.GroupTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"Foo\"),\n\t\t\t\t\tPropagateAtLaunch: pulumi.Bool(true),\n\t\t\t\t\tValue: pulumi.String(\"foo-bar\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTerminationPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"OldestInstance\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewLifecycleHook(ctx, \"foobarLifecycleHook\", \u0026autoscaling.LifecycleHookArgs{\n\t\t\tAutoscalingGroupName: foobarGroup.Name,\n\t\t\tDefaultResult: pulumi.String(\"CONTINUE\"),\n\t\t\tHeartbeatTimeout: pulumi.Int(2000),\n\t\t\tLifecycleTransition: pulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCHING\"),\n\t\t\tNotificationMetadata: pulumi.String(fmt.Sprintf(\"%v%v%v%v\", \"{\\n\", \" \\\"foo\\\": \\\"bar\\\"\\n\", \"}\\n\", \"\\n\")),\n\t\t\tNotificationTargetArn: pulumi.String(\"arn:aws:sqs:us-east-1:444455556666:queue1*\"),\n\t\t\tRoleArn: pulumi.String(\"arn:aws:iam::123456789012:role/S3Access\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "autoscalingGroupName": { "type": "string", "description": "The name of the Auto Scaling group to which you want to assign the lifecycle hook\n" }, "defaultResult": { "type": "string", "description": "Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs. The value for this parameter can be either CONTINUE or ABANDON. The default value for this parameter is ABANDON.\n" }, "heartbeatTimeout": { "type": "integer", "description": "Defines the amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the action defined in the DefaultResult parameter\n" }, "lifecycleTransition": { "type": "string", "description": "The instance state to which you want to attach the lifecycle hook. For a list of lifecycle hook types, see [describe-lifecycle-hook-types](https://docs.aws.amazon.com/cli/latest/reference/autoscaling/describe-lifecycle-hook-types.html#examples)\n" }, "name": { "type": "string", "description": "The name of the lifecycle hook.\n" }, "notificationMetadata": { "type": "string", "description": "Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.\n" }, "notificationTargetArn": { "type": "string", "description": "The ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook. This ARN target can be either an SQS queue or an SNS topic.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.\n" } }, "required": [ "autoscalingGroupName", "defaultResult", "lifecycleTransition", "name" ], "inputProperties": { "autoscalingGroupName": { "type": "string", "description": "The name of the Auto Scaling group to which you want to assign the lifecycle hook\n" }, "defaultResult": { "type": "string", "description": "Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs. The value for this parameter can be either CONTINUE or ABANDON. The default value for this parameter is ABANDON.\n" }, "heartbeatTimeout": { "type": "integer", "description": "Defines the amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the action defined in the DefaultResult parameter\n" }, "lifecycleTransition": { "type": "string", "description": "The instance state to which you want to attach the lifecycle hook. For a list of lifecycle hook types, see [describe-lifecycle-hook-types](https://docs.aws.amazon.com/cli/latest/reference/autoscaling/describe-lifecycle-hook-types.html#examples)\n" }, "name": { "type": "string", "description": "The name of the lifecycle hook.\n" }, "notificationMetadata": { "type": "string", "description": "Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.\n" }, "notificationTargetArn": { "type": "string", "description": "The ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook. This ARN target can be either an SQS queue or an SNS topic.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.\n" } }, "requiredInputs": [ "autoscalingGroupName", "lifecycleTransition" ], "stateInputs": { "description": "Input properties used for looking up and filtering LifecycleHook resources.\n", "properties": { "autoscalingGroupName": { "type": "string", "description": "The name of the Auto Scaling group to which you want to assign the lifecycle hook\n" }, "defaultResult": { "type": "string", "description": "Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs. The value for this parameter can be either CONTINUE or ABANDON. The default value for this parameter is ABANDON.\n" }, "heartbeatTimeout": { "type": "integer", "description": "Defines the amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the action defined in the DefaultResult parameter\n" }, "lifecycleTransition": { "type": "string", "description": "The instance state to which you want to attach the lifecycle hook. For a list of lifecycle hook types, see [describe-lifecycle-hook-types](https://docs.aws.amazon.com/cli/latest/reference/autoscaling/describe-lifecycle-hook-types.html#examples)\n" }, "name": { "type": "string", "description": "The name of the lifecycle hook.\n" }, "notificationMetadata": { "type": "string", "description": "Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.\n" }, "notificationTargetArn": { "type": "string", "description": "The ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook. This ARN target can be either an SQS queue or an SNS topic.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.\n" } }, "type": "object" } }, "aws:autoscaling/notification:Notification": { "description": "Provides an AutoScaling Group with Notification support, via SNS Topics. Each of\nthe `notifications` map to a [Notification Configuration](https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeNotificationConfigurations.html) inside Amazon Web\nServices, and are applied to each AutoScaling Group you supply.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sns.Topic(\"example\", {});\nconst bar = new aws.autoscaling.Group(\"bar\", {});\nconst foo = new aws.autoscaling.Group(\"foo\", {});\nconst exampleNotifications = new aws.autoscaling.Notification(\"example_notifications\", {\n groupNames: [\n bar.name,\n foo.name,\n ],\n notifications: [\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n ],\n topicArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sns.Topic(\"example\")\nbar = aws.autoscaling.Group(\"bar\")\nfoo = aws.autoscaling.Group(\"foo\")\nexample_notifications = aws.autoscaling.Notification(\"exampleNotifications\",\n group_names=[\n bar.name,\n foo.name,\n ],\n notifications=[\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n ],\n topic_arn=example.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Sns.Topic(\"example\", new Aws.Sns.TopicArgs\n {\n });\n var bar = new Aws.AutoScaling.Group(\"bar\", new Aws.AutoScaling.GroupArgs\n {\n });\n var foo = new Aws.AutoScaling.Group(\"foo\", new Aws.AutoScaling.GroupArgs\n {\n });\n var exampleNotifications = new Aws.AutoScaling.Notification(\"exampleNotifications\", new Aws.AutoScaling.NotificationArgs\n {\n GroupNames = \n {\n bar.Name,\n foo.Name,\n },\n Notifications = \n {\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n },\n TopicArn = example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sns.NewTopic(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := autoscaling.NewGroup(ctx, \"bar\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := autoscaling.NewGroup(ctx, \"foo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewNotification(ctx, \"exampleNotifications\", \u0026autoscaling.NotificationArgs{\n\t\t\tGroupNames: pulumi.StringArray{\n\t\t\t\tbar.Name,\n\t\t\t\tfoo.Name,\n\t\t\t},\n\t\t\tNotifications: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCH\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_TERMINATE\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\"),\n\t\t\t},\n\t\t\tTopicArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "groupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of AutoScaling Group Names\n" }, "notifications": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/notificationType:NotificationType" }, "description": "A list of Notification Types that trigger\nnotifications. Acceptable values are documented [in the AWS documentation here](https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_NotificationConfiguration.html)\n" }, "topicArn": { "type": "string", "description": "The Topic ARN for notifications to be sent through\n" } }, "required": [ "groupNames", "notifications", "topicArn" ], "inputProperties": { "groupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of AutoScaling Group Names\n" }, "notifications": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/notificationType:NotificationType" }, "description": "A list of Notification Types that trigger\nnotifications. Acceptable values are documented [in the AWS documentation here](https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_NotificationConfiguration.html)\n" }, "topicArn": { "type": "string", "description": "The Topic ARN for notifications to be sent through\n" } }, "requiredInputs": [ "groupNames", "notifications", "topicArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Notification resources.\n", "properties": { "groupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of AutoScaling Group Names\n" }, "notifications": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/notificationType:NotificationType" }, "description": "A list of Notification Types that trigger\nnotifications. Acceptable values are documented [in the AWS documentation here](https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_NotificationConfiguration.html)\n" }, "topicArn": { "type": "string", "description": "The Topic ARN for notifications to be sent through\n" } }, "type": "object" } }, "aws:autoscaling/policy:Policy": { "description": "Provides an AutoScaling Scaling Policy resource.\n\n\u003e **NOTE:** You may want to omit `desired_capacity` attribute from attached `aws.autoscaling.Group`\nwhen using autoscaling policies. It's good practice to pick either\n[manual](https://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/as-manual-scaling.html)\nor [dynamic](https://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/as-scale-based-on-demand.html)\n(policy-based) scaling.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.autoscaling.Group(\"bar\", {\n availabilityZones: [\"us-east-1a\"],\n forceDelete: true,\n healthCheckGracePeriod: 300,\n healthCheckType: \"ELB\",\n launchConfiguration: aws_launch_configuration_foo.name,\n maxSize: 5,\n minSize: 2,\n});\nconst bat = new aws.autoscaling.Policy(\"bat\", {\n adjustmentType: \"ChangeInCapacity\",\n autoscalingGroupName: bar.name,\n cooldown: 300,\n scalingAdjustment: 4,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.autoscaling.Group(\"bar\",\n availability_zones=[\"us-east-1a\"],\n force_delete=True,\n health_check_grace_period=300,\n health_check_type=\"ELB\",\n launch_configuration=aws_launch_configuration[\"foo\"][\"name\"],\n max_size=5,\n min_size=2)\nbat = aws.autoscaling.Policy(\"bat\",\n adjustment_type=\"ChangeInCapacity\",\n autoscaling_group_name=bar.name,\n cooldown=300,\n scaling_adjustment=4)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bar = new Aws.AutoScaling.Group(\"bar\", new Aws.AutoScaling.GroupArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n ForceDelete = true,\n HealthCheckGracePeriod = 300,\n HealthCheckType = \"ELB\",\n LaunchConfiguration = aws_launch_configuration.Foo.Name,\n MaxSize = 5,\n MinSize = 2,\n });\n var bat = new Aws.AutoScaling.Policy(\"bat\", new Aws.AutoScaling.PolicyArgs\n {\n AdjustmentType = \"ChangeInCapacity\",\n AutoscalingGroupName = bar.Name,\n Cooldown = 300,\n ScalingAdjustment = 4,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbar, err := autoscaling.NewGroup(ctx, \"bar\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tForceDelete: pulumi.Bool(true),\n\t\t\tHealthCheckGracePeriod: pulumi.Int(300),\n\t\t\tHealthCheckType: pulumi.String(\"ELB\"),\n\t\t\tLaunchConfiguration: pulumi.String(aws_launch_configuration.Foo.Name),\n\t\t\tMaxSize: pulumi.Int(5),\n\t\t\tMinSize: pulumi.Int(2),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewPolicy(ctx, \"bat\", \u0026autoscaling.PolicyArgs{\n\t\t\tAdjustmentType: pulumi.String(\"ChangeInCapacity\"),\n\t\t\tAutoscalingGroupName: bar.Name,\n\t\t\tCooldown: pulumi.Int(300),\n\t\t\tScalingAdjustment: pulumi.Int(4),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "adjustmentType": { "type": "string", "description": "Specifies whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are `ChangeInCapacity`, `ExactCapacity`, and `PercentChangeInCapacity`.\n" }, "arn": { "type": "string", "description": "The ARN assigned by AWS to the scaling policy.\n" }, "autoscalingGroupName": { "type": "string", "description": "The name of the autoscaling group.\n" }, "cooldown": { "type": "integer", "description": "The amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start.\n" }, "estimatedInstanceWarmup": { "type": "integer", "description": "The estimated time, in seconds, until a newly launched instance will contribute CloudWatch metrics. Without a value, AWS will default to the group's specified cooldown period.\n" }, "metricAggregationType": { "type": "string", "description": "The aggregation type for the policy's metrics. Valid values are \"Minimum\", \"Maximum\", and \"Average\". Without a value, AWS will treat the aggregation type as \"Average\".\n" }, "minAdjustmentMagnitude": { "type": "integer" }, "name": { "type": "string", "description": "The name of the dimension.\n" }, "policyType": { "type": "string", "description": "The policy type, either \"SimpleScaling\", \"StepScaling\" or \"TargetTrackingScaling\". If this value isn't provided, AWS will default to \"SimpleScaling.\"\n" }, "scalingAdjustment": { "type": "integer", "description": "The number of members by which to\nscale, when the adjustment bounds are breached. A positive value scales\nup. A negative value scales down.\n" }, "stepAdjustments": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyStepAdjustment:PolicyStepAdjustment" }, "description": "A set of adjustments that manage\ngroup scaling. These have the following structure:\n" }, "targetTrackingConfiguration": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfiguration:PolicyTargetTrackingConfiguration", "description": "A target tracking policy. These have the following structure:\n" } }, "required": [ "arn", "autoscalingGroupName", "metricAggregationType", "name" ], "inputProperties": { "adjustmentType": { "type": "string", "description": "Specifies whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are `ChangeInCapacity`, `ExactCapacity`, and `PercentChangeInCapacity`.\n" }, "autoscalingGroupName": { "type": "string", "description": "The name of the autoscaling group.\n" }, "cooldown": { "type": "integer", "description": "The amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start.\n" }, "estimatedInstanceWarmup": { "type": "integer", "description": "The estimated time, in seconds, until a newly launched instance will contribute CloudWatch metrics. Without a value, AWS will default to the group's specified cooldown period.\n" }, "metricAggregationType": { "type": "string", "description": "The aggregation type for the policy's metrics. Valid values are \"Minimum\", \"Maximum\", and \"Average\". Without a value, AWS will treat the aggregation type as \"Average\".\n" }, "minAdjustmentMagnitude": { "type": "integer" }, "name": { "type": "string", "description": "The name of the dimension.\n" }, "policyType": { "type": "string", "description": "The policy type, either \"SimpleScaling\", \"StepScaling\" or \"TargetTrackingScaling\". If this value isn't provided, AWS will default to \"SimpleScaling.\"\n" }, "scalingAdjustment": { "type": "integer", "description": "The number of members by which to\nscale, when the adjustment bounds are breached. A positive value scales\nup. A negative value scales down.\n" }, "stepAdjustments": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyStepAdjustment:PolicyStepAdjustment" }, "description": "A set of adjustments that manage\ngroup scaling. These have the following structure:\n" }, "targetTrackingConfiguration": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfiguration:PolicyTargetTrackingConfiguration", "description": "A target tracking policy. These have the following structure:\n" } }, "requiredInputs": [ "autoscalingGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "adjustmentType": { "type": "string", "description": "Specifies whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are `ChangeInCapacity`, `ExactCapacity`, and `PercentChangeInCapacity`.\n" }, "arn": { "type": "string", "description": "The ARN assigned by AWS to the scaling policy.\n" }, "autoscalingGroupName": { "type": "string", "description": "The name of the autoscaling group.\n" }, "cooldown": { "type": "integer", "description": "The amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start.\n" }, "estimatedInstanceWarmup": { "type": "integer", "description": "The estimated time, in seconds, until a newly launched instance will contribute CloudWatch metrics. Without a value, AWS will default to the group's specified cooldown period.\n" }, "metricAggregationType": { "type": "string", "description": "The aggregation type for the policy's metrics. Valid values are \"Minimum\", \"Maximum\", and \"Average\". Without a value, AWS will treat the aggregation type as \"Average\".\n" }, "minAdjustmentMagnitude": { "type": "integer" }, "name": { "type": "string", "description": "The name of the dimension.\n" }, "policyType": { "type": "string", "description": "The policy type, either \"SimpleScaling\", \"StepScaling\" or \"TargetTrackingScaling\". If this value isn't provided, AWS will default to \"SimpleScaling.\"\n" }, "scalingAdjustment": { "type": "integer", "description": "The number of members by which to\nscale, when the adjustment bounds are breached. A positive value scales\nup. A negative value scales down.\n" }, "stepAdjustments": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyStepAdjustment:PolicyStepAdjustment" }, "description": "A set of adjustments that manage\ngroup scaling. These have the following structure:\n" }, "targetTrackingConfiguration": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfiguration:PolicyTargetTrackingConfiguration", "description": "A target tracking policy. These have the following structure:\n" } }, "type": "object" } }, "aws:autoscaling/schedule:Schedule": { "description": "Provides an AutoScaling Schedule resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobarGroup = new aws.autoscaling.Group(\"foobar\", {\n availabilityZones: [\"us-west-2a\"],\n forceDelete: true,\n healthCheckGracePeriod: 300,\n healthCheckType: \"ELB\",\n maxSize: 1,\n minSize: 1,\n terminationPolicies: [\"OldestInstance\"],\n});\nconst foobarSchedule = new aws.autoscaling.Schedule(\"foobar\", {\n autoscalingGroupName: foobarGroup.name,\n desiredCapacity: 0,\n endTime: \"2016-12-12T06:00:00Z\",\n maxSize: 1,\n minSize: 0,\n scheduledActionName: \"foobar\",\n startTime: \"2016-12-11T18:00:00Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar_group = aws.autoscaling.Group(\"foobarGroup\",\n availability_zones=[\"us-west-2a\"],\n force_delete=True,\n health_check_grace_period=300,\n health_check_type=\"ELB\",\n max_size=1,\n min_size=1,\n termination_policies=[\"OldestInstance\"])\nfoobar_schedule = aws.autoscaling.Schedule(\"foobarSchedule\",\n autoscaling_group_name=foobar_group.name,\n desired_capacity=0,\n end_time=\"2016-12-12T06:00:00Z\",\n max_size=1,\n min_size=0,\n scheduled_action_name=\"foobar\",\n start_time=\"2016-12-11T18:00:00Z\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foobarGroup = new Aws.AutoScaling.Group(\"foobarGroup\", new Aws.AutoScaling.GroupArgs\n {\n AvailabilityZones = \n {\n \"us-west-2a\",\n },\n ForceDelete = true,\n HealthCheckGracePeriod = 300,\n HealthCheckType = \"ELB\",\n MaxSize = 1,\n MinSize = 1,\n TerminationPolicies = \n {\n \"OldestInstance\",\n },\n });\n var foobarSchedule = new Aws.AutoScaling.Schedule(\"foobarSchedule\", new Aws.AutoScaling.ScheduleArgs\n {\n AutoscalingGroupName = foobarGroup.Name,\n DesiredCapacity = 0,\n EndTime = \"2016-12-12T06:00:00Z\",\n MaxSize = 1,\n MinSize = 0,\n ScheduledActionName = \"foobar\",\n StartTime = \"2016-12-11T18:00:00Z\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoobarGroup, err := autoscaling.NewGroup(ctx, \"foobarGroup\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t},\n\t\t\tForceDelete: pulumi.Bool(true),\n\t\t\tHealthCheckGracePeriod: pulumi.Int(300),\n\t\t\tHealthCheckType: pulumi.String(\"ELB\"),\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tTerminationPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"OldestInstance\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewSchedule(ctx, \"foobarSchedule\", \u0026autoscaling.ScheduleArgs{\n\t\t\tAutoscalingGroupName: foobarGroup.Name,\n\t\t\tDesiredCapacity: pulumi.Int(0),\n\t\t\tEndTime: pulumi.String(\"2016-12-12T06:00:00Z\"),\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(0),\n\t\t\tScheduledActionName: pulumi.String(\"foobar\"),\n\t\t\tStartTime: pulumi.String(\"2016-12-11T18:00:00Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to the autoscaling schedule.\n" }, "autoscalingGroupName": { "type": "string", "description": "The name or Amazon Resource Name (ARN) of the Auto Scaling group.\n" }, "desiredCapacity": { "type": "integer", "description": "The number of EC2 instances that should be running in the group. Default 0. Set to -1 if you don't want to change the desired capacity at the scheduled time.\n" }, "endTime": { "type": "string", "description": "The time for this action to end, in \"YYYY-MM-DDThh:mm:ssZ\" format in UTC/GMT only (for example, 2014-06-01T00:00:00Z ).\nIf you try to schedule your action in the past, Auto Scaling returns an error message.\n" }, "maxSize": { "type": "integer", "description": "The maximum size for the Auto Scaling group. Default 0.\nSet to -1 if you don't want to change the maximum size at the scheduled time.\n" }, "minSize": { "type": "integer", "description": "The minimum size for the Auto Scaling group. Default 0.\nSet to -1 if you don't want to change the minimum size at the scheduled time.\n" }, "recurrence": { "type": "string", "description": "The time when recurring future actions will start. Start time is specified by the user following the Unix cron syntax format.\n" }, "scheduledActionName": { "type": "string", "description": "The name of this scaling action.\n" }, "startTime": { "type": "string", "description": "The time for this action to start, in \"YYYY-MM-DDThh:mm:ssZ\" format in UTC/GMT only (for example, 2014-06-01T00:00:00Z ).\nIf you try to schedule your action in the past, Auto Scaling returns an error message.\n" } }, "required": [ "arn", "autoscalingGroupName", "desiredCapacity", "endTime", "maxSize", "minSize", "recurrence", "scheduledActionName", "startTime" ], "inputProperties": { "autoscalingGroupName": { "type": "string", "description": "The name or Amazon Resource Name (ARN) of the Auto Scaling group.\n" }, "desiredCapacity": { "type": "integer", "description": "The number of EC2 instances that should be running in the group. Default 0. Set to -1 if you don't want to change the desired capacity at the scheduled time.\n" }, "endTime": { "type": "string", "description": "The time for this action to end, in \"YYYY-MM-DDThh:mm:ssZ\" format in UTC/GMT only (for example, 2014-06-01T00:00:00Z ).\nIf you try to schedule your action in the past, Auto Scaling returns an error message.\n" }, "maxSize": { "type": "integer", "description": "The maximum size for the Auto Scaling group. Default 0.\nSet to -1 if you don't want to change the maximum size at the scheduled time.\n" }, "minSize": { "type": "integer", "description": "The minimum size for the Auto Scaling group. Default 0.\nSet to -1 if you don't want to change the minimum size at the scheduled time.\n" }, "recurrence": { "type": "string", "description": "The time when recurring future actions will start. Start time is specified by the user following the Unix cron syntax format.\n" }, "scheduledActionName": { "type": "string", "description": "The name of this scaling action.\n" }, "startTime": { "type": "string", "description": "The time for this action to start, in \"YYYY-MM-DDThh:mm:ssZ\" format in UTC/GMT only (for example, 2014-06-01T00:00:00Z ).\nIf you try to schedule your action in the past, Auto Scaling returns an error message.\n" } }, "requiredInputs": [ "autoscalingGroupName", "scheduledActionName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Schedule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to the autoscaling schedule.\n" }, "autoscalingGroupName": { "type": "string", "description": "The name or Amazon Resource Name (ARN) of the Auto Scaling group.\n" }, "desiredCapacity": { "type": "integer", "description": "The number of EC2 instances that should be running in the group. Default 0. Set to -1 if you don't want to change the desired capacity at the scheduled time.\n" }, "endTime": { "type": "string", "description": "The time for this action to end, in \"YYYY-MM-DDThh:mm:ssZ\" format in UTC/GMT only (for example, 2014-06-01T00:00:00Z ).\nIf you try to schedule your action in the past, Auto Scaling returns an error message.\n" }, "maxSize": { "type": "integer", "description": "The maximum size for the Auto Scaling group. Default 0.\nSet to -1 if you don't want to change the maximum size at the scheduled time.\n" }, "minSize": { "type": "integer", "description": "The minimum size for the Auto Scaling group. Default 0.\nSet to -1 if you don't want to change the minimum size at the scheduled time.\n" }, "recurrence": { "type": "string", "description": "The time when recurring future actions will start. Start time is specified by the user following the Unix cron syntax format.\n" }, "scheduledActionName": { "type": "string", "description": "The name of this scaling action.\n" }, "startTime": { "type": "string", "description": "The time for this action to start, in \"YYYY-MM-DDThh:mm:ssZ\" format in UTC/GMT only (for example, 2014-06-01T00:00:00Z ).\nIf you try to schedule your action in the past, Auto Scaling returns an error message.\n" } }, "type": "object" } }, "aws:backup/plan:Plan": { "description": "Provides an AWS Backup plan resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Plan(\"example\", {\n rules: [{\n ruleName: \"tf_example_backup_rule\",\n schedule: \"cron(0 12 * * ? *)\",\n targetVaultName: aws_backup_vault_test.name,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Plan(\"example\", rules=[{\n \"rule_name\": \"tf_example_backup_rule\",\n \"schedule\": \"cron(0 12 * * ? *)\",\n \"targetVaultName\": aws_backup_vault[\"test\"][\"name\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Backup.Plan(\"example\", new Aws.Backup.PlanArgs\n {\n Rules = \n {\n new Aws.Backup.Inputs.PlanRuleArgs\n {\n RuleName = \"tf_example_backup_rule\",\n Schedule = \"cron(0 12 * * ? *)\",\n TargetVaultName = aws_backup_vault.Test.Name,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = backup.NewPlan(ctx, \"example\", \u0026backup.PlanArgs{\n\t\t\tRules: backup.PlanRuleArray{\n\t\t\t\t\u0026backup.PlanRuleArgs{\n\t\t\t\t\tRuleName: pulumi.String(\"tf_example_backup_rule\"),\n\t\t\t\t\tSchedule: pulumi.String(\"cron(0 12 * * ? *)\"),\n\t\t\t\t\tTargetVaultName: pulumi.String(aws_backup_vault.Test.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the backup plan.\n" }, "name": { "type": "string", "description": "The display name of a backup plan.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanRule:PlanRule" }, "description": "A rule object that specifies a scheduled task that is used to back up a selection of resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the plans you create.\n" }, "version": { "type": "string", "description": "Unique, randomly generated, Unicode, UTF-8 encoded string that serves as the version ID of the backup plan.\n" } }, "required": [ "arn", "name", "rules", "version" ], "inputProperties": { "name": { "type": "string", "description": "The display name of a backup plan.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanRule:PlanRule" }, "description": "A rule object that specifies a scheduled task that is used to back up a selection of resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the plans you create.\n" } }, "requiredInputs": [ "rules" ], "stateInputs": { "description": "Input properties used for looking up and filtering Plan resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the backup plan.\n" }, "name": { "type": "string", "description": "The display name of a backup plan.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanRule:PlanRule" }, "description": "A rule object that specifies a scheduled task that is used to back up a selection of resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the plans you create.\n" }, "version": { "type": "string", "description": "Unique, randomly generated, Unicode, UTF-8 encoded string that serves as the version ID of the backup plan.\n" } }, "type": "object" } }, "aws:backup/selection:Selection": { "description": "Manages selection conditions for AWS Backup plan resources.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### IAM Role\n\n\u003e For more information about creating and managing IAM Roles for backups and restores, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/iam-service-roles.html).\n\nThe below example creates an IAM role with the default managed IAM Policy for allowing AWS Backup to create backups.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRole = new aws.iam.Role(\"example\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\"sts:AssumeRole\"],\n \"Effect\": \"allow\",\n \"Principal\": {\n \"Service\": [\"backup.amazonaws.com\"]\n }\n }\n ]\n}\n`,\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup\",\n role: exampleRole.name,\n});\nconst exampleSelection = new aws.backup.Selection(\"example\", {\n iamRoleArn: exampleRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_role = aws.iam.Role(\"exampleRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\"sts:AssumeRole\"],\n \"Effect\": \"allow\",\n \"Principal\": {\n \"Service\": [\"backup.amazonaws.com\"]\n }\n }\n ]\n}\n\n\"\"\")\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"exampleRolePolicyAttachment\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup\",\n role=example_role.name)\nexample_selection = aws.backup.Selection(\"exampleSelection\", iam_role_arn=example_role.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleRole = new Aws.Iam.Role(\"exampleRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\"\"sts:AssumeRole\"\"],\n \"\"Effect\"\": \"\"allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": [\"\"backup.amazonaws.com\"\"]\n }\n }\n ]\n}\n\n\",\n });\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"exampleRolePolicyAttachment\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup\",\n Role = exampleRole.Name,\n });\n var exampleSelection = new Aws.Backup.Selection(\"exampleSelection\", new Aws.Backup.SelectionArgs\n {\n IamRoleArn = exampleRole.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/backup\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRole, err := iam.NewRole(ctx, \"exampleRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\\"sts:AssumeRole\\\"],\\n\", \" \\\"Effect\\\": \\\"allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": [\\\"backup.amazonaws.com\\\"]\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"exampleRolePolicyAttachment\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup\"),\n\t\t\tRole: exampleRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = backup.NewSelection(ctx, \"exampleSelection\", \u0026backup.SelectionArgs{\n\t\t\tIamRoleArn: exampleRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Selecting Backups By Tag\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Selection(\"example\", {\n iamRoleArn: aws_iam_role_example.arn,\n planId: aws_backup_plan_example.id,\n selectionTags: [{\n key: \"foo\",\n type: \"STRINGEQUALS\",\n value: \"bar\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Selection(\"example\",\n iam_role_arn=aws_iam_role[\"example\"][\"arn\"],\n plan_id=aws_backup_plan[\"example\"][\"id\"],\n selection_tags=[{\n \"key\": \"foo\",\n \"type\": \"STRINGEQUALS\",\n \"value\": \"bar\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Backup.Selection(\"example\", new Aws.Backup.SelectionArgs\n {\n IamRoleArn = aws_iam_role.Example.Arn,\n PlanId = aws_backup_plan.Example.Id,\n SelectionTags = \n {\n new Aws.Backup.Inputs.SelectionSelectionTagArgs\n {\n Key = \"foo\",\n Type = \"STRINGEQUALS\",\n Value = \"bar\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = backup.NewSelection(ctx, \"example\", \u0026backup.SelectionArgs{\n\t\t\tIamRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t\tPlanId: pulumi.String(aws_backup_plan.Example.Id),\n\t\t\tSelectionTags: backup.SelectionSelectionTagArray{\n\t\t\t\t\u0026backup.SelectionSelectionTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"foo\"),\n\t\t\t\t\tType: pulumi.String(\"STRINGEQUALS\"),\n\t\t\t\t\tValue: pulumi.String(\"bar\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Selecting Backups By Resource\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Selection(\"example\", {\n iamRoleArn: aws_iam_role_example.arn,\n planId: aws_backup_plan_example.id,\n resources: [\n aws_db_instance_example.arn,\n aws_ebs_volume_example.arn,\n aws_efs_file_system_example.arn,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Selection(\"example\",\n iam_role_arn=aws_iam_role[\"example\"][\"arn\"],\n plan_id=aws_backup_plan[\"example\"][\"id\"],\n resources=[\n aws_db_instance[\"example\"][\"arn\"],\n aws_ebs_volume[\"example\"][\"arn\"],\n aws_efs_file_system[\"example\"][\"arn\"],\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Backup.Selection(\"example\", new Aws.Backup.SelectionArgs\n {\n IamRoleArn = aws_iam_role.Example.Arn,\n PlanId = aws_backup_plan.Example.Id,\n Resources = \n {\n aws_db_instance.Example.Arn,\n aws_ebs_volume.Example.Arn,\n aws_efs_file_system.Example.Arn,\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/access-control.html#managed-policies) for additional information about using AWS managed policies or creating custom policies attached to the IAM role.\n" }, "name": { "type": "string", "description": "The display name of a resource selection document.\n" }, "planId": { "type": "string", "description": "The backup plan ID to be associated with the selection of resources.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan..\n" }, "selectionTags": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionSelectionTag:SelectionSelectionTag" }, "description": "Tag-based conditions used to specify a set of resources to assign to a backup plan.\n" } }, "required": [ "iamRoleArn", "name", "planId" ], "inputProperties": { "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/access-control.html#managed-policies) for additional information about using AWS managed policies or creating custom policies attached to the IAM role.\n" }, "name": { "type": "string", "description": "The display name of a resource selection document.\n" }, "planId": { "type": "string", "description": "The backup plan ID to be associated with the selection of resources.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan..\n" }, "selectionTags": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionSelectionTag:SelectionSelectionTag" }, "description": "Tag-based conditions used to specify a set of resources to assign to a backup plan.\n" } }, "requiredInputs": [ "iamRoleArn", "planId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Selection resources.\n", "properties": { "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/access-control.html#managed-policies) for additional information about using AWS managed policies or creating custom policies attached to the IAM role.\n" }, "name": { "type": "string", "description": "The display name of a resource selection document.\n" }, "planId": { "type": "string", "description": "The backup plan ID to be associated with the selection of resources.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan..\n" }, "selectionTags": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionSelectionTag:SelectionSelectionTag" }, "description": "Tag-based conditions used to specify a set of resources to assign to a backup plan.\n" } }, "type": "object" } }, "aws:backup/vault:Vault": { "description": "Provides an AWS Backup vault resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Vault(\"example\", {\n kmsKeyArn: aws_kms_key_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Vault(\"example\", kms_key_arn=aws_kms_key[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Backup.Vault(\"example\", new Aws.Backup.VaultArgs\n {\n KmsKeyArn = aws_kms_key.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = backup.NewVault(ctx, \"example\", \u0026backup.VaultArgs{\n\t\t\tKmsKeyArn: pulumi.String(aws_kms_key.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the vault.\n" }, "kmsKeyArn": { "type": "string", "description": "The server-side encryption key that is used to protect your backups.\n" }, "name": { "type": "string", "description": "Name of the backup vault to create.\n" }, "recoveryPoints": { "type": "integer", "description": "The number of recovery points that are stored in a backup vault.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create.\n" } }, "required": [ "arn", "kmsKeyArn", "name", "recoveryPoints" ], "inputProperties": { "kmsKeyArn": { "type": "string", "description": "The server-side encryption key that is used to protect your backups.\n" }, "name": { "type": "string", "description": "Name of the backup vault to create.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Vault resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the vault.\n" }, "kmsKeyArn": { "type": "string", "description": "The server-side encryption key that is used to protect your backups.\n" }, "name": { "type": "string", "description": "Name of the backup vault to create.\n" }, "recoveryPoints": { "type": "integer", "description": "The number of recovery points that are stored in a backup vault.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create.\n" } }, "type": "object" } }, "aws:batch/computeEnvironment:ComputeEnvironment": { "description": "Creates a AWS Batch compute environment. Compute environments contain the Amazon ECS container instances that are used to run containerized batch jobs.\n\nFor information about AWS Batch, see [What is AWS Batch?](http://docs.aws.amazon.com/batch/latest/userguide/what-is-batch.html) .\nFor information about compute environment, see [Compute Environments](http://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) .\n\n\u003e **Note:** To prevent a race condition during environment deletion, make sure to set `depends_on` to the related `aws.iam.RolePolicyAttachment`;\notherwise, the policy may be destroyed too soon and the compute environment will then get stuck in the `DELETING` state, see [Troubleshooting AWS Batch](http://docs.aws.amazon.com/batch/latest/userguide/troubleshooting.html) .\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecsInstanceRoleRole = new aws.iam.Role(\"ecs_instance_role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n\t{\n\t \"Action\": \"sts:AssumeRole\",\n\t \"Effect\": \"Allow\",\n\t \"Principal\": {\n\t\t\"Service\": \"ec2.amazonaws.com\"\n\t }\n\t}\n ]\n}\n`,\n});\nconst ecsInstanceRoleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"ecs_instance_role\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\",\n role: ecsInstanceRoleRole.name,\n});\nconst ecsInstanceRoleInstanceProfile = new aws.iam.InstanceProfile(\"ecs_instance_role\", {\n role: ecsInstanceRoleRole.name,\n});\nconst awsBatchServiceRoleRole = new aws.iam.Role(\"aws_batch_service_role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n\t{\n\t \"Action\": \"sts:AssumeRole\",\n\t \"Effect\": \"Allow\",\n\t \"Principal\": {\n\t\t\"Service\": \"batch.amazonaws.com\"\n\t }\n\t}\n ]\n}\n`,\n});\nconst awsBatchServiceRoleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"aws_batch_service_role\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\",\n role: awsBatchServiceRoleRole.name,\n});\nconst sampleSecurityGroup = new aws.ec2.SecurityGroup(\"sample\", {\n egress: [{\n cidrBlocks: [\"0.0.0.0/0\"],\n fromPort: 0,\n protocol: \"-1\",\n toPort: 0,\n }],\n});\nconst sampleVpc = new aws.ec2.Vpc(\"sample\", {\n cidrBlock: \"10.1.0.0/16\",\n});\nconst sampleSubnet = new aws.ec2.Subnet(\"sample\", {\n cidrBlock: \"10.1.1.0/24\",\n vpcId: sampleVpc.id,\n});\nconst sampleComputeEnvironment = new aws.batch.ComputeEnvironment(\"sample\", {\n computeEnvironmentName: \"sample\",\n computeResources: {\n instanceRole: ecsInstanceRoleInstanceProfile.arn,\n instanceTypes: [\"c4.large\"],\n maxVcpus: 16,\n minVcpus: 0,\n securityGroupIds: [sampleSecurityGroup.id],\n subnets: [sampleSubnet.id],\n type: \"EC2\",\n },\n serviceRole: awsBatchServiceRoleRole.arn,\n type: \"MANAGED\",\n}, { dependsOn: [awsBatchServiceRoleRolePolicyAttachment] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_instance_role_role = aws.iam.Role(\"ecsInstanceRoleRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n\t{\n\t \"Action\": \"sts:AssumeRole\",\n\t \"Effect\": \"Allow\",\n\t \"Principal\": {\n\t\t\"Service\": \"ec2.amazonaws.com\"\n\t }\n\t}\n ]\n}\n\n\"\"\")\necs_instance_role_role_policy_attachment = aws.iam.RolePolicyAttachment(\"ecsInstanceRoleRolePolicyAttachment\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\",\n role=ecs_instance_role_role.name)\necs_instance_role_instance_profile = aws.iam.InstanceProfile(\"ecsInstanceRoleInstanceProfile\", role=ecs_instance_role_role.name)\naws_batch_service_role_role = aws.iam.Role(\"awsBatchServiceRoleRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n\t{\n\t \"Action\": \"sts:AssumeRole\",\n\t \"Effect\": \"Allow\",\n\t \"Principal\": {\n\t\t\"Service\": \"batch.amazonaws.com\"\n\t }\n\t}\n ]\n}\n\n\"\"\")\naws_batch_service_role_role_policy_attachment = aws.iam.RolePolicyAttachment(\"awsBatchServiceRoleRolePolicyAttachment\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\",\n role=aws_batch_service_role_role.name)\nsample_security_group = aws.ec2.SecurityGroup(\"sampleSecurityGroup\", egress=[{\n \"cidr_blocks\": [\"0.0.0.0/0\"],\n \"from_port\": 0,\n \"protocol\": \"-1\",\n \"to_port\": 0,\n}])\nsample_vpc = aws.ec2.Vpc(\"sampleVpc\", cidr_block=\"10.1.0.0/16\")\nsample_subnet = aws.ec2.Subnet(\"sampleSubnet\",\n cidr_block=\"10.1.1.0/24\",\n vpc_id=sample_vpc.id)\nsample_compute_environment = aws.batch.ComputeEnvironment(\"sampleComputeEnvironment\",\n compute_environment_name=\"sample\",\n compute_resources={\n \"instanceRole\": ecs_instance_role_instance_profile.arn,\n \"instance_type\": [\"c4.large\"],\n \"maxVcpus\": 16,\n \"minVcpus\": 0,\n \"security_group_ids\": [sample_security_group.id],\n \"subnets\": [sample_subnet.id],\n \"type\": \"EC2\",\n },\n service_role=aws_batch_service_role_role.arn,\n type=\"MANAGED\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ecsInstanceRoleRole = new Aws.Iam.Role(\"ecsInstanceRoleRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n\t{\n\t \"\"Action\"\": \"\"sts:AssumeRole\"\",\n\t \"\"Effect\"\": \"\"Allow\"\",\n\t \"\"Principal\"\": {\n\t\t\"\"Service\"\": \"\"ec2.amazonaws.com\"\"\n\t }\n\t}\n ]\n}\n\n\",\n });\n var ecsInstanceRoleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"ecsInstanceRoleRolePolicyAttachment\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\",\n Role = ecsInstanceRoleRole.Name,\n });\n var ecsInstanceRoleInstanceProfile = new Aws.Iam.InstanceProfile(\"ecsInstanceRoleInstanceProfile\", new Aws.Iam.InstanceProfileArgs\n {\n Role = ecsInstanceRoleRole.Name,\n });\n var awsBatchServiceRoleRole = new Aws.Iam.Role(\"awsBatchServiceRoleRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n\t{\n\t \"\"Action\"\": \"\"sts:AssumeRole\"\",\n\t \"\"Effect\"\": \"\"Allow\"\",\n\t \"\"Principal\"\": {\n\t\t\"\"Service\"\": \"\"batch.amazonaws.com\"\"\n\t }\n\t}\n ]\n}\n\n\",\n });\n var awsBatchServiceRoleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"awsBatchServiceRoleRolePolicyAttachment\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\",\n Role = awsBatchServiceRoleRole.Name,\n });\n var sampleSecurityGroup = new Aws.Ec2.SecurityGroup(\"sampleSecurityGroup\", new Aws.Ec2.SecurityGroupArgs\n {\n Egress = \n {\n new Aws.Ec2.Inputs.SecurityGroupEgressArgs\n {\n CidrBlocks = \n {\n \"0.0.0.0/0\",\n },\n FromPort = 0,\n Protocol = \"-1\",\n ToPort = 0,\n },\n },\n });\n var sampleVpc = new Aws.Ec2.Vpc(\"sampleVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var sampleSubnet = new Aws.Ec2.Subnet(\"sampleSubnet\", new Aws.Ec2.SubnetArgs\n {\n CidrBlock = \"10.1.1.0/24\",\n VpcId = sampleVpc.Id,\n });\n var sampleComputeEnvironment = new Aws.Batch.ComputeEnvironment(\"sampleComputeEnvironment\", new Aws.Batch.ComputeEnvironmentArgs\n {\n ComputeEnvironmentName = \"sample\",\n ComputeResources = new Aws.Batch.Inputs.ComputeEnvironmentComputeResourcesArgs\n {\n InstanceRole = ecsInstanceRoleInstanceProfile.Arn,\n InstanceType = \n {\n \"c4.large\",\n },\n MaxVcpus = 16,\n MinVcpus = 0,\n SecurityGroupIds = \n {\n sampleSecurityGroup.Id,\n },\n Subnets = \n {\n sampleSubnet.Id,\n },\n Type = \"EC2\",\n },\n ServiceRole = awsBatchServiceRoleRole.Arn,\n Type = \"MANAGED\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/batch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tecsInstanceRoleRole, err := iam.NewRole(ctx, \"ecsInstanceRoleRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \"\t{\\n\", \"\t \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \"\t \\\"Effect\\\": \\\"Allow\\\",\\n\", \"\t \\\"Principal\\\": {\\n\", \"\t\t\\\"Service\\\": \\\"ec2.amazonaws.com\\\"\\n\", \"\t }\\n\", \"\t}\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"ecsInstanceRoleRolePolicyAttachment\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\"),\n\t\t\tRole: ecsInstanceRoleRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tecsInstanceRoleInstanceProfile, err := iam.NewInstanceProfile(ctx, \"ecsInstanceRoleInstanceProfile\", \u0026iam.InstanceProfileArgs{\n\t\t\tRole: ecsInstanceRoleRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tawsBatchServiceRoleRole, err := iam.NewRole(ctx, \"awsBatchServiceRoleRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \"\t{\\n\", \"\t \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \"\t \\\"Effect\\\": \\\"Allow\\\",\\n\", \"\t \\\"Principal\\\": {\\n\", \"\t\t\\\"Service\\\": \\\"batch.amazonaws.com\\\"\\n\", \"\t }\\n\", \"\t}\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"awsBatchServiceRoleRolePolicyAttachment\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\"),\n\t\t\tRole: awsBatchServiceRoleRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsampleSecurityGroup, err := ec2.NewSecurityGroup(ctx, \"sampleSecurityGroup\", \u0026ec2.SecurityGroupArgs{\n\t\t\tEgress: ec2.SecurityGroupEgressArray{\n\t\t\t\t\u0026ec2.SecurityGroupEgressArgs{\n\t\t\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t},\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsampleVpc, err := ec2.NewVpc(ctx, \"sampleVpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsampleSubnet, err := ec2.NewSubnet(ctx, \"sampleSubnet\", \u0026ec2.SubnetArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.1.0/24\"),\n\t\t\tVpcId: sampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = batch.NewComputeEnvironment(ctx, \"sampleComputeEnvironment\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"sample\"),\n\t\t\tComputeResources: \u0026batch.ComputeEnvironmentComputeResourcesArgs{\n\t\t\t\tInstanceRole: ecsInstanceRoleInstanceProfile.Arn,\n\t\t\t\tInstanceType: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"c4.large\"),\n\t\t\t\t},\n\t\t\t\tMaxVcpus: pulumi.Int(16),\n\t\t\t\tMinVcpus: pulumi.Int(0),\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsampleSecurityGroup.ID(),\n\t\t\t\t},\n\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\tsampleSubnet.ID(),\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"EC2\"),\n\t\t\t},\n\t\t\tServiceRole: awsBatchServiceRoleRole.Arn,\n\t\t\tType: pulumi.String(\"MANAGED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the compute environment.\n" }, "computeEnvironmentName": { "type": "string", "description": "The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed. If omitted, this provider will assign a random, unique name.\n" }, "computeEnvironmentNamePrefix": { "type": "string", "description": "Creates a unique compute environment name beginning with the specified prefix. Conflicts with `compute_environment_name`.\n" }, "computeResources": { "$ref": "#/types/aws:batch/ComputeEnvironmentComputeResources:ComputeEnvironmentComputeResources", "description": "Details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. See details below.\n" }, "ecsClusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the underlying Amazon ECS cluster used by the compute environment.\n" }, "serviceRole": { "type": "string", "description": "The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.\n" }, "state": { "type": "string", "description": "The state of the compute environment. If the state is `ENABLED`, then the compute environment accepts jobs from a queue and can scale out automatically based on queues. Valid items are `ENABLED` or `DISABLED`. Defaults to `ENABLED`.\n" }, "status": { "type": "string", "description": "The current status of the compute environment (for example, CREATING or VALID).\n" }, "statusReason": { "type": "string", "description": "A short, human-readable string to provide additional details about the current status of the compute environment.\n" }, "type": { "type": "string", "description": "The type of compute environment. Valid items are `EC2` or `SPOT`.\n" } }, "required": [ "arn", "computeEnvironmentName", "ecsClusterArn", "serviceRole", "status", "statusReason", "type" ], "inputProperties": { "computeEnvironmentName": { "type": "string", "description": "The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed. If omitted, this provider will assign a random, unique name.\n" }, "computeEnvironmentNamePrefix": { "type": "string", "description": "Creates a unique compute environment name beginning with the specified prefix. Conflicts with `compute_environment_name`.\n" }, "computeResources": { "$ref": "#/types/aws:batch/ComputeEnvironmentComputeResources:ComputeEnvironmentComputeResources", "description": "Details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. See details below.\n" }, "serviceRole": { "type": "string", "description": "The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.\n" }, "state": { "type": "string", "description": "The state of the compute environment. If the state is `ENABLED`, then the compute environment accepts jobs from a queue and can scale out automatically based on queues. Valid items are `ENABLED` or `DISABLED`. Defaults to `ENABLED`.\n" }, "type": { "type": "string", "description": "The type of compute environment. Valid items are `EC2` or `SPOT`.\n" } }, "requiredInputs": [ "serviceRole", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering ComputeEnvironment resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the compute environment.\n" }, "computeEnvironmentName": { "type": "string", "description": "The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed. If omitted, this provider will assign a random, unique name.\n" }, "computeEnvironmentNamePrefix": { "type": "string", "description": "Creates a unique compute environment name beginning with the specified prefix. Conflicts with `compute_environment_name`.\n" }, "computeResources": { "$ref": "#/types/aws:batch/ComputeEnvironmentComputeResources:ComputeEnvironmentComputeResources", "description": "Details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. See details below.\n" }, "ecsClusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the underlying Amazon ECS cluster used by the compute environment.\n" }, "serviceRole": { "type": "string", "description": "The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.\n" }, "state": { "type": "string", "description": "The state of the compute environment. If the state is `ENABLED`, then the compute environment accepts jobs from a queue and can scale out automatically based on queues. Valid items are `ENABLED` or `DISABLED`. Defaults to `ENABLED`.\n" }, "status": { "type": "string", "description": "The current status of the compute environment (for example, CREATING or VALID).\n" }, "statusReason": { "type": "string", "description": "A short, human-readable string to provide additional details about the current status of the compute environment.\n" }, "type": { "type": "string", "description": "The type of compute environment. Valid items are `EC2` or `SPOT`.\n" } }, "type": "object" } }, "aws:batch/jobDefinition:JobDefinition": { "description": "Provides a Batch Job Definition resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.batch.JobDefinition(\"test\", {\n containerProperties: `{\n\t\"command\": [\"ls\", \"-la\"],\n\t\"image\": \"busybox\",\n\t\"memory\": 1024,\n\t\"vcpus\": 1,\n\t\"volumes\": [\n {\n \"host\": {\n \"sourcePath\": \"/tmp\"\n },\n \"name\": \"tmp\"\n }\n ],\n\t\"environment\": [\n\t\t{\"name\": \"VARNAME\", \"value\": \"VARVAL\"}\n\t],\n\t\"mountPoints\": [\n\t\t{\n \"sourceVolume\": \"tmp\",\n \"containerPath\": \"/tmp\",\n \"readOnly\": false\n }\n\t],\n \"ulimits\": [\n {\n \"hardLimit\": 1024,\n \"name\": \"nofile\",\n \"softLimit\": 1024\n }\n ]\n}\n`,\n type: \"container\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.batch.JobDefinition(\"test\",\n container_properties=\"\"\"{\n\t\"command\": [\"ls\", \"-la\"],\n\t\"image\": \"busybox\",\n\t\"memory\": 1024,\n\t\"vcpus\": 1,\n\t\"volumes\": [\n {\n \"host\": {\n \"sourcePath\": \"/tmp\"\n },\n \"name\": \"tmp\"\n }\n ],\n\t\"environment\": [\n\t\t{\"name\": \"VARNAME\", \"value\": \"VARVAL\"}\n\t],\n\t\"mountPoints\": [\n\t\t{\n \"sourceVolume\": \"tmp\",\n \"containerPath\": \"/tmp\",\n \"readOnly\": false\n }\n\t],\n \"ulimits\": [\n {\n \"hardLimit\": 1024,\n \"name\": \"nofile\",\n \"softLimit\": 1024\n }\n ]\n}\n\n\"\"\",\n type=\"container\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.Batch.JobDefinition(\"test\", new Aws.Batch.JobDefinitionArgs\n {\n ContainerProperties = @\"{\n\t\"\"command\"\": [\"\"ls\"\", \"\"-la\"\"],\n\t\"\"image\"\": \"\"busybox\"\",\n\t\"\"memory\"\": 1024,\n\t\"\"vcpus\"\": 1,\n\t\"\"volumes\"\": [\n {\n \"\"host\"\": {\n \"\"sourcePath\"\": \"\"/tmp\"\"\n },\n \"\"name\"\": \"\"tmp\"\"\n }\n ],\n\t\"\"environment\"\": [\n\t\t{\"\"name\"\": \"\"VARNAME\"\", \"\"value\"\": \"\"VARVAL\"\"}\n\t],\n\t\"\"mountPoints\"\": [\n\t\t{\n \"\"sourceVolume\"\": \"\"tmp\"\",\n \"\"containerPath\"\": \"\"/tmp\"\",\n \"\"readOnly\"\": false\n }\n\t],\n \"\"ulimits\"\": [\n {\n \"\"hardLimit\"\": 1024,\n \"\"name\"\": \"\"nofile\"\",\n \"\"softLimit\"\": 1024\n }\n ]\n}\n\n\",\n Type = \"container\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = batch.NewJobDefinition(ctx, \"test\", \u0026batch.JobDefinitionArgs{\n\t\t\tContainerProperties: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \"\t\\\"command\\\": [\\\"ls\\\", \\\"-la\\\"],\\n\", \"\t\\\"image\\\": \\\"busybox\\\",\\n\", \"\t\\\"memory\\\": 1024,\\n\", \"\t\\\"vcpus\\\": 1,\\n\", \"\t\\\"volumes\\\": [\\n\", \" {\\n\", \" \\\"host\\\": {\\n\", \" \\\"sourcePath\\\": \\\"/tmp\\\"\\n\", \" },\\n\", \" \\\"name\\\": \\\"tmp\\\"\\n\", \" }\\n\", \" ],\\n\", \"\t\\\"environment\\\": [\\n\", \"\t\t{\\\"name\\\": \\\"VARNAME\\\", \\\"value\\\": \\\"VARVAL\\\"}\\n\", \"\t],\\n\", \"\t\\\"mountPoints\\\": [\\n\", \"\t\t{\\n\", \" \\\"sourceVolume\\\": \\\"tmp\\\",\\n\", \" \\\"containerPath\\\": \\\"/tmp\\\",\\n\", \" \\\"readOnly\\\": false\\n\", \" }\\n\", \"\t],\\n\", \" \\\"ulimits\\\": [\\n\", \" {\\n\", \" \\\"hardLimit\\\": 1024,\\n\", \" \\\"name\\\": \\\"nofile\\\",\\n\", \" \\\"softLimit\\\": 1024\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tType: pulumi.String(\"container\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the job definition.\n" }, "containerProperties": { "type": "string", "description": "A valid [container properties](http://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html)\nprovided as a single valid JSON document. This parameter is required if the `type` parameter is `container`.\n" }, "name": { "type": "string", "description": "Specifies the name of the job definition.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies the parameter substitution placeholders to set in the job definition.\n" }, "retryStrategy": { "$ref": "#/types/aws:batch/JobDefinitionRetryStrategy:JobDefinitionRetryStrategy", "description": "Specifies the retry strategy to use for failed jobs that are submitted with this job definition.\nMaximum number of `retry_strategy` is `1`. Defined below.\n" }, "revision": { "type": "integer", "description": "The revision of the job definition.\n" }, "timeout": { "$ref": "#/types/aws:batch/JobDefinitionTimeout:JobDefinitionTimeout", "description": "Specifies the timeout for jobs so that if a job runs longer, AWS Batch terminates the job. Maximum number of `timeout` is `1`. Defined below.\n" }, "type": { "type": "string", "description": "The type of job definition. Must be `container`\n" } }, "required": [ "arn", "name", "revision", "type" ], "inputProperties": { "containerProperties": { "type": "string", "description": "A valid [container properties](http://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html)\nprovided as a single valid JSON document. This parameter is required if the `type` parameter is `container`.\n" }, "name": { "type": "string", "description": "Specifies the name of the job definition.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies the parameter substitution placeholders to set in the job definition.\n" }, "retryStrategy": { "$ref": "#/types/aws:batch/JobDefinitionRetryStrategy:JobDefinitionRetryStrategy", "description": "Specifies the retry strategy to use for failed jobs that are submitted with this job definition.\nMaximum number of `retry_strategy` is `1`. Defined below.\n" }, "timeout": { "$ref": "#/types/aws:batch/JobDefinitionTimeout:JobDefinitionTimeout", "description": "Specifies the timeout for jobs so that if a job runs longer, AWS Batch terminates the job. Maximum number of `timeout` is `1`. Defined below.\n" }, "type": { "type": "string", "description": "The type of job definition. Must be `container`\n" } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering JobDefinition resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the job definition.\n" }, "containerProperties": { "type": "string", "description": "A valid [container properties](http://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html)\nprovided as a single valid JSON document. This parameter is required if the `type` parameter is `container`.\n" }, "name": { "type": "string", "description": "Specifies the name of the job definition.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies the parameter substitution placeholders to set in the job definition.\n" }, "retryStrategy": { "$ref": "#/types/aws:batch/JobDefinitionRetryStrategy:JobDefinitionRetryStrategy", "description": "Specifies the retry strategy to use for failed jobs that are submitted with this job definition.\nMaximum number of `retry_strategy` is `1`. Defined below.\n" }, "revision": { "type": "integer", "description": "The revision of the job definition.\n" }, "timeout": { "$ref": "#/types/aws:batch/JobDefinitionTimeout:JobDefinitionTimeout", "description": "Specifies the timeout for jobs so that if a job runs longer, AWS Batch terminates the job. Maximum number of `timeout` is `1`. Defined below.\n" }, "type": { "type": "string", "description": "The type of job definition. Must be `container`\n" } }, "type": "object" } }, "aws:batch/jobQueue:JobQueue": { "description": "Provides a Batch Job Queue resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testQueue = new aws.batch.JobQueue(\"test_queue\", {\n computeEnvironments: [\n aws_batch_compute_environment_test_environment_1.arn,\n aws_batch_compute_environment_test_environment_2.arn,\n ],\n priority: 1,\n state: \"ENABLED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_queue = aws.batch.JobQueue(\"testQueue\",\n compute_environments=[\n aws_batch_compute_environment[\"test_environment_1\"][\"arn\"],\n aws_batch_compute_environment[\"test_environment_2\"][\"arn\"],\n ],\n priority=1,\n state=\"ENABLED\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testQueue = new Aws.Batch.JobQueue(\"testQueue\", new Aws.Batch.JobQueueArgs\n {\n ComputeEnvironments = \n {\n aws_batch_compute_environment.Test_environment_1.Arn,\n aws_batch_compute_environment.Test_environment_2.Arn,\n },\n Priority = 1,\n State = \"ENABLED\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = batch.NewJobQueue(ctx, \"testQueue\", \u0026batch.JobQueueArgs{\n\t\t\tComputeEnvironments: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_batch_compute_environment.Test_environment_1.Arn),\n\t\t\t\tpulumi.String(aws_batch_compute_environment.Test_environment_2.Arn),\n\t\t\t},\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tState: pulumi.String(\"ENABLED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the job queue.\n" }, "computeEnvironments": { "type": "array", "items": { "type": "string" }, "description": "Specifies the set of compute environments\nmapped to a job queue and their order. The position of the compute environments\nin the list will dictate the order. You can associate up to 3 compute environments\nwith a job queue.\n" }, "name": { "type": "string", "description": "Specifies the name of the job queue.\n" }, "priority": { "type": "integer", "description": "The priority of the job queue. Job queues with a higher priority\nare evaluated first when associated with the same compute environment.\n" }, "state": { "type": "string", "description": "The state of the job queue. Must be one of: `ENABLED` or `DISABLED`\n" } }, "required": [ "arn", "computeEnvironments", "name", "priority", "state" ], "inputProperties": { "computeEnvironments": { "type": "array", "items": { "type": "string" }, "description": "Specifies the set of compute environments\nmapped to a job queue and their order. The position of the compute environments\nin the list will dictate the order. You can associate up to 3 compute environments\nwith a job queue.\n" }, "name": { "type": "string", "description": "Specifies the name of the job queue.\n" }, "priority": { "type": "integer", "description": "The priority of the job queue. Job queues with a higher priority\nare evaluated first when associated with the same compute environment.\n" }, "state": { "type": "string", "description": "The state of the job queue. Must be one of: `ENABLED` or `DISABLED`\n" } }, "requiredInputs": [ "computeEnvironments", "priority", "state" ], "stateInputs": { "description": "Input properties used for looking up and filtering JobQueue resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the job queue.\n" }, "computeEnvironments": { "type": "array", "items": { "type": "string" }, "description": "Specifies the set of compute environments\nmapped to a job queue and their order. The position of the compute environments\nin the list will dictate the order. You can associate up to 3 compute environments\nwith a job queue.\n" }, "name": { "type": "string", "description": "Specifies the name of the job queue.\n" }, "priority": { "type": "integer", "description": "The priority of the job queue. Job queues with a higher priority\nare evaluated first when associated with the same compute environment.\n" }, "state": { "type": "string", "description": "The state of the job queue. Must be one of: `ENABLED` or `DISABLED`\n" } }, "type": "object" } }, "aws:budgets/budget:Budget": { "description": "Provides a budgets budget resource. Budgets use the cost visualisation provided by Cost Explorer to show you the status of your budgets, to provide forecasts of your estimated costs, and to track your AWS usage, including your free tier usage.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec2 = new aws.budgets.Budget(\"ec2\", {\n budgetType: \"COST\",\n costFilters: {\n Service: \"Amazon Elastic Compute Cloud - Compute\",\n },\n limitAmount: \"1200\",\n limitUnit: \"USD\",\n notifications: [{\n comparisonOperator: \"GREATER_THAN\",\n notificationType: \"FORECASTED\",\n subscriberEmailAddresses: [\"test@example.com\"],\n threshold: 100,\n thresholdType: \"PERCENTAGE\",\n }],\n timePeriodEnd: \"2087-06-15_00:00\",\n timePeriodStart: \"2017-07-01_00:00\",\n timeUnit: \"MONTHLY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec2 = aws.budgets.Budget(\"ec2\",\n budget_type=\"COST\",\n cost_filters={\n \"Service\": \"Amazon Elastic Compute Cloud - Compute\",\n },\n limit_amount=\"1200\",\n limit_unit=\"USD\",\n notifications=[{\n \"comparison_operator\": \"GREATER_THAN\",\n \"notification_type\": \"FORECASTED\",\n \"subscriberEmailAddresses\": [\"test@example.com\"],\n \"threshold\": 100,\n \"thresholdType\": \"PERCENTAGE\",\n }],\n time_period_end=\"2087-06-15_00:00\",\n time_period_start=\"2017-07-01_00:00\",\n time_unit=\"MONTHLY\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ec2 = new Aws.Budgets.Budget(\"ec2\", new Aws.Budgets.BudgetArgs\n {\n BudgetType = \"COST\",\n CostFilters = \n {\n { \"Service\", \"Amazon Elastic Compute Cloud - Compute\" },\n },\n LimitAmount = \"1200\",\n LimitUnit = \"USD\",\n Notifications = \n {\n new Aws.Budgets.Inputs.BudgetNotificationArgs\n {\n ComparisonOperator = \"GREATER_THAN\",\n NotificationType = \"FORECASTED\",\n SubscriberEmailAddresses = \n {\n \"test@example.com\",\n },\n Threshold = 100,\n ThresholdType = \"PERCENTAGE\",\n },\n },\n TimePeriodEnd = \"2087-06-15_00:00\",\n TimePeriodStart = \"2017-07-01_00:00\",\n TimeUnit = \"MONTHLY\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = budgets.NewBudget(ctx, \"ec2\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"COST\"),\n\t\t\tCostFilters: pulumi.Map{\n\t\t\t\t\"Service\": pulumi.String(\"Amazon Elastic Compute Cloud - Compute\"),\n\t\t\t},\n\t\t\tLimitAmount: pulumi.String(\"1200\"),\n\t\t\tLimitUnit: pulumi.String(\"USD\"),\n\t\t\tNotifications: budgets.BudgetNotificationArray{\n\t\t\t\t\u0026budgets.BudgetNotificationArgs{\n\t\t\t\t\tComparisonOperator: pulumi.String(\"GREATER_THAN\"),\n\t\t\t\t\tNotificationType: pulumi.String(\"FORECASTED\"),\n\t\t\t\t\tSubscriberEmailAddresses: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"test@example.com\"),\n\t\t\t\t\t},\n\t\t\t\t\tThreshold: pulumi.Float64(100),\n\t\t\t\t\tThresholdType: pulumi.String(\"PERCENTAGE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTimePeriodEnd: pulumi.String(\"2087-06-15_00:00\"),\n\t\t\tTimePeriodStart: pulumi.String(\"2017-07-01_00:00\"),\n\t\t\tTimeUnit: pulumi.String(\"MONTHLY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nCreate a budget for *$100*.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cost = new aws.budgets.Budget(\"cost\", {\n // ...\n budgetType: \"COST\",\n limitAmount: \"100\",\n limitUnit: \"USD\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost = aws.budgets.Budget(\"cost\",\n budget_type=\"COST\",\n limit_amount=\"100\",\n limit_unit=\"USD\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var cost = new Aws.Budgets.Budget(\"cost\", new Aws.Budgets.BudgetArgs\n {\n BudgetType = \"COST\",\n LimitAmount = \"100\",\n LimitUnit = \"USD\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = budgets.NewBudget(ctx, \"cost\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"COST\"),\n\t\t\tLimitAmount: pulumi.String(\"100\"),\n\t\t\tLimitUnit: pulumi.String(\"USD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nCreate a budget for s3 with a limit of *3 GB* of storage.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = new aws.budgets.Budget(\"s3\", {\n // ...\n budgetType: \"USAGE\",\n limitAmount: \"3\",\n limitUnit: \"GB\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.budgets.Budget(\"s3\",\n budget_type=\"USAGE\",\n limit_amount=\"3\",\n limit_unit=\"GB\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var s3 = new Aws.Budgets.Budget(\"s3\", new Aws.Budgets.BudgetArgs\n {\n BudgetType = \"USAGE\",\n LimitAmount = \"3\",\n LimitUnit = \"GB\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = budgets.NewBudget(ctx, \"s3\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"USAGE\"),\n\t\t\tLimitAmount: pulumi.String(\"3\"),\n\t\t\tLimitUnit: pulumi.String(\"GB\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nCreate a Savings Plan Utilization Budget\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst savingsPlanUtilization = new aws.budgets.Budget(\"savings_plan_utilization\", {\n // ...\n budgetType: \"SAVINGS_PLANS_UTILIZATION\",\n costTypes: {\n includeCredit: false,\n includeDiscount: false,\n includeOtherSubscription: false,\n includeRecurring: false,\n includeRefund: false,\n includeSubscription: true,\n includeSupport: false,\n includeTax: false,\n includeUpfront: false,\n useBlended: false,\n },\n limitAmount: \"100.0\",\n limitUnit: \"PERCENTAGE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsavings_plan_utilization = aws.budgets.Budget(\"savingsPlanUtilization\",\n budget_type=\"SAVINGS_PLANS_UTILIZATION\",\n cost_types={\n \"includeCredit\": False,\n \"includeDiscount\": False,\n \"includeOtherSubscription\": False,\n \"includeRecurring\": False,\n \"includeRefund\": False,\n \"includeSubscription\": True,\n \"includeSupport\": False,\n \"includeTax\": False,\n \"includeUpfront\": False,\n \"useBlended\": False,\n },\n limit_amount=\"100.0\",\n limit_unit=\"PERCENTAGE\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var savingsPlanUtilization = new Aws.Budgets.Budget(\"savingsPlanUtilization\", new Aws.Budgets.BudgetArgs\n {\n BudgetType = \"SAVINGS_PLANS_UTILIZATION\",\n CostTypes = new Aws.Budgets.Inputs.BudgetCostTypesArgs\n {\n IncludeCredit = false,\n IncludeDiscount = false,\n IncludeOtherSubscription = false,\n IncludeRecurring = false,\n IncludeRefund = false,\n IncludeSubscription = true,\n IncludeSupport = false,\n IncludeTax = false,\n IncludeUpfront = false,\n UseBlended = false,\n },\n LimitAmount = \"100.0\",\n LimitUnit = \"PERCENTAGE\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = budgets.NewBudget(ctx, \"savingsPlanUtilization\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"SAVINGS_PLANS_UTILIZATION\"),\n\t\t\tCostTypes: \u0026budgets.BudgetCostTypesArgs{\n\t\t\t\tIncludeCredit: pulumi.Bool(false),\n\t\t\t\tIncludeDiscount: pulumi.Bool(false),\n\t\t\t\tIncludeOtherSubscription: pulumi.Bool(false),\n\t\t\t\tIncludeRecurring: pulumi.Bool(false),\n\t\t\t\tIncludeRefund: pulumi.Bool(false),\n\t\t\t\tIncludeSubscription: pulumi.Bool(true),\n\t\t\t\tIncludeSupport: pulumi.Bool(false),\n\t\t\t\tIncludeTax: pulumi.Bool(false),\n\t\t\t\tIncludeUpfront: pulumi.Bool(false),\n\t\t\t\tUseBlended: pulumi.Bool(false),\n\t\t\t},\n\t\t\tLimitAmount: pulumi.String(\"100.0\"),\n\t\t\tLimitUnit: pulumi.String(\"PERCENTAGE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nCreate a RI Utilization Budget\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst riUtilization = new aws.budgets.Budget(\"ri_utilization\", {\n // ...\n budgetType: \"RI_UTILIZATION\",\n // RI Utilization plans require a service cost filter to be set\n costFilters: {\n Service: \"Amazon Relational Database Service\",\n },\n //Cost types must be defined for RI budgets because the settings conflict with the defaults\n costTypes: {\n includeCredit: false,\n includeDiscount: false,\n includeOtherSubscription: false,\n includeRecurring: false,\n includeRefund: false,\n includeSubscription: true,\n includeSupport: false,\n includeTax: false,\n includeUpfront: false,\n useBlended: false,\n },\n limitAmount: \"100.0\", // RI utilization must be 100\n limitUnit: \"PERCENTAGE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nri_utilization = aws.budgets.Budget(\"riUtilization\",\n budget_type=\"RI_UTILIZATION\",\n cost_filters={\n \"Service\": \"Amazon Relational Database Service\",\n },\n cost_types={\n \"includeCredit\": False,\n \"includeDiscount\": False,\n \"includeOtherSubscription\": False,\n \"includeRecurring\": False,\n \"includeRefund\": False,\n \"includeSubscription\": True,\n \"includeSupport\": False,\n \"includeTax\": False,\n \"includeUpfront\": False,\n \"useBlended\": False,\n },\n limit_amount=\"100.0\",\n limit_unit=\"PERCENTAGE\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var riUtilization = new Aws.Budgets.Budget(\"riUtilization\", new Aws.Budgets.BudgetArgs\n {\n BudgetType = \"RI_UTILIZATION\",\n CostFilters = \n {\n { \"Service\", \"Amazon Relational Database Service\" },\n },\n CostTypes = new Aws.Budgets.Inputs.BudgetCostTypesArgs\n {\n IncludeCredit = false,\n IncludeDiscount = false,\n IncludeOtherSubscription = false,\n IncludeRecurring = false,\n IncludeRefund = false,\n IncludeSubscription = true,\n IncludeSupport = false,\n IncludeTax = false,\n IncludeUpfront = false,\n UseBlended = false,\n },\n LimitAmount = \"100.0\",\n LimitUnit = \"PERCENTAGE\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = budgets.NewBudget(ctx, \"riUtilization\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"RI_UTILIZATION\"),\n\t\t\tCostFilters: pulumi.Map{\n\t\t\t\t\"Service\": pulumi.String(\"Amazon Relational Database Service\"),\n\t\t\t},\n\t\t\tCostTypes: \u0026budgets.BudgetCostTypesArgs{\n\t\t\t\tIncludeCredit: pulumi.Bool(false),\n\t\t\t\tIncludeDiscount: pulumi.Bool(false),\n\t\t\t\tIncludeOtherSubscription: pulumi.Bool(false),\n\t\t\t\tIncludeRecurring: pulumi.Bool(false),\n\t\t\t\tIncludeRefund: pulumi.Bool(false),\n\t\t\t\tIncludeSubscription: pulumi.Bool(true),\n\t\t\t\tIncludeSupport: pulumi.Bool(false),\n\t\t\t\tIncludeTax: pulumi.Bool(false),\n\t\t\t\tIncludeUpfront: pulumi.Bool(false),\n\t\t\t\tUseBlended: pulumi.Bool(false),\n\t\t\t},\n\t\t\tLimitAmount: pulumi.String(\"100.0\"),\n\t\t\tLimitUnit: pulumi.String(\"PERCENTAGE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "The ID of the target account for budget. Will use current user's account_id by default if omitted.\n" }, "budgetType": { "type": "string", "description": "Whether this budget tracks monetary cost or usage.\n" }, "costFilters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of CostFilters key/value pairs to apply to the budget.\n" }, "costTypes": { "$ref": "#/types/aws:budgets/BudgetCostTypes:BudgetCostTypes", "description": "Object containing CostTypes The types of cost included in a budget, such as tax and subscriptions..\n" }, "limitAmount": { "type": "string", "description": "The amount of cost or usage being measured for a budget.\n" }, "limitUnit": { "type": "string", "description": "The unit of measurement used for the budget forecast, actual spend, or budget threshold, such as dollars or GB. See [Spend](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/data-type-spend.html) documentation.\n" }, "name": { "type": "string", "description": "The name of a budget. Unique within accounts.\n" }, "namePrefix": { "type": "string", "description": "The prefix of the name of a budget. Unique within accounts.\n" }, "notifications": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetNotification:BudgetNotification" }, "description": "Object containing Budget Notifications. Can be used multiple times to define more than one budget notification\n" }, "timePeriodEnd": { "type": "string", "description": "The end of the time period covered by the budget. There are no restrictions on the end date. Format: `2017-01-01_12:00`.\n" }, "timePeriodStart": { "type": "string", "description": "The start of the time period covered by the budget. The start date must come before the end date. Format: `2017-01-01_12:00`.\n" }, "timeUnit": { "type": "string", "description": "The length of time until a budget resets the actual and forecasted spend. Valid values: `MONTHLY`, `QUARTERLY`, `ANNUALLY`.\n" } }, "required": [ "accountId", "budgetType", "costFilters", "costTypes", "limitAmount", "limitUnit", "name", "namePrefix", "timePeriodStart", "timeUnit" ], "inputProperties": { "accountId": { "type": "string", "description": "The ID of the target account for budget. Will use current user's account_id by default if omitted.\n" }, "budgetType": { "type": "string", "description": "Whether this budget tracks monetary cost or usage.\n" }, "costFilters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of CostFilters key/value pairs to apply to the budget.\n" }, "costTypes": { "$ref": "#/types/aws:budgets/BudgetCostTypes:BudgetCostTypes", "description": "Object containing CostTypes The types of cost included in a budget, such as tax and subscriptions..\n" }, "limitAmount": { "type": "string", "description": "The amount of cost or usage being measured for a budget.\n" }, "limitUnit": { "type": "string", "description": "The unit of measurement used for the budget forecast, actual spend, or budget threshold, such as dollars or GB. See [Spend](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/data-type-spend.html) documentation.\n" }, "name": { "type": "string", "description": "The name of a budget. Unique within accounts.\n" }, "namePrefix": { "type": "string", "description": "The prefix of the name of a budget. Unique within accounts.\n" }, "notifications": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetNotification:BudgetNotification" }, "description": "Object containing Budget Notifications. Can be used multiple times to define more than one budget notification\n" }, "timePeriodEnd": { "type": "string", "description": "The end of the time period covered by the budget. There are no restrictions on the end date. Format: `2017-01-01_12:00`.\n" }, "timePeriodStart": { "type": "string", "description": "The start of the time period covered by the budget. The start date must come before the end date. Format: `2017-01-01_12:00`.\n" }, "timeUnit": { "type": "string", "description": "The length of time until a budget resets the actual and forecasted spend. Valid values: `MONTHLY`, `QUARTERLY`, `ANNUALLY`.\n" } }, "requiredInputs": [ "budgetType", "limitAmount", "limitUnit", "timePeriodStart", "timeUnit" ], "stateInputs": { "description": "Input properties used for looking up and filtering Budget resources.\n", "properties": { "accountId": { "type": "string", "description": "The ID of the target account for budget. Will use current user's account_id by default if omitted.\n" }, "budgetType": { "type": "string", "description": "Whether this budget tracks monetary cost or usage.\n" }, "costFilters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of CostFilters key/value pairs to apply to the budget.\n" }, "costTypes": { "$ref": "#/types/aws:budgets/BudgetCostTypes:BudgetCostTypes", "description": "Object containing CostTypes The types of cost included in a budget, such as tax and subscriptions..\n" }, "limitAmount": { "type": "string", "description": "The amount of cost or usage being measured for a budget.\n" }, "limitUnit": { "type": "string", "description": "The unit of measurement used for the budget forecast, actual spend, or budget threshold, such as dollars or GB. See [Spend](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/data-type-spend.html) documentation.\n" }, "name": { "type": "string", "description": "The name of a budget. Unique within accounts.\n" }, "namePrefix": { "type": "string", "description": "The prefix of the name of a budget. Unique within accounts.\n" }, "notifications": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetNotification:BudgetNotification" }, "description": "Object containing Budget Notifications. Can be used multiple times to define more than one budget notification\n" }, "timePeriodEnd": { "type": "string", "description": "The end of the time period covered by the budget. There are no restrictions on the end date. Format: `2017-01-01_12:00`.\n" }, "timePeriodStart": { "type": "string", "description": "The start of the time period covered by the budget. The start date must come before the end date. Format: `2017-01-01_12:00`.\n" }, "timeUnit": { "type": "string", "description": "The length of time until a budget resets the actual and forecasted spend. Valid values: `MONTHLY`, `QUARTERLY`, `ANNUALLY`.\n" } }, "type": "object" } }, "aws:cfg/aggregateAuthorization:AggregateAuthorization": { "description": "Manages an AWS Config Aggregate Authorization\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.AggregateAuthorization(\"example\", {\n accountId: \"123456789012\",\n region: \"eu-west-2\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.AggregateAuthorization(\"example\",\n account_id=\"123456789012\",\n region=\"eu-west-2\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Cfg.AggregateAuthorization(\"example\", new Aws.Cfg.AggregateAuthorizationArgs\n {\n AccountId = \"123456789012\",\n Region = \"eu-west-2\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cfg.NewAggregateAuthorization(ctx, \"example\", \u0026cfg.AggregateAuthorizationArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tRegion: pulumi.String(\"eu-west-2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "Account ID\n" }, "arn": { "type": "string", "description": "The ARN of the authorization\n" }, "region": { "type": "string", "description": "Region\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "accountId", "arn", "region" ], "inputProperties": { "accountId": { "type": "string", "description": "Account ID\n" }, "region": { "type": "string", "description": "Region\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "accountId", "region" ], "stateInputs": { "description": "Input properties used for looking up and filtering AggregateAuthorization resources.\n", "properties": { "accountId": { "type": "string", "description": "Account ID\n" }, "arn": { "type": "string", "description": "The ARN of the authorization\n" }, "region": { "type": "string", "description": "Region\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:cfg/configurationAggregator:ConfigurationAggregator": { "description": "Manages an AWS Config Configuration Aggregator\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Account Based Aggregation\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst account = new aws.cfg.ConfigurationAggregator(\"account\", {\n accountAggregationSource: {\n accountIds: [\"123456789012\"],\n regions: [\"us-west-2\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccount = aws.cfg.ConfigurationAggregator(\"account\", account_aggregation_source={\n \"accountIds\": [\"123456789012\"],\n \"regions\": [\"us-west-2\"],\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var account = new Aws.Cfg.ConfigurationAggregator(\"account\", new Aws.Cfg.ConfigurationAggregatorArgs\n {\n AccountAggregationSource = new Aws.Cfg.Inputs.ConfigurationAggregatorAccountAggregationSourceArgs\n {\n AccountIds = \n {\n \"123456789012\",\n },\n Regions = \n {\n \"us-west-2\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cfg.NewConfigurationAggregator(ctx, \"account\", \u0026cfg.ConfigurationAggregatorArgs{\n\t\t\tAccountAggregationSource: \u0026cfg.ConfigurationAggregatorAccountAggregationSourceArgs{\n\t\t\t\tAccountIds: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t\t},\n\t\t\t\tRegions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Organization Based Aggregation\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst organizationRole = new aws.iam.Role(\"organization\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"config.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n`,\n});\nconst organizationRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"organization\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\",\n role: organizationRole.name,\n});\nconst organizationConfigurationAggregator = new aws.cfg.ConfigurationAggregator(\"organization\", {\n organizationAggregationSource: {\n allRegions: true,\n roleArn: organizationRole.arn,\n },\n}, { dependsOn: [organizationRolePolicyAttachment] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norganization_role = aws.iam.Role(\"organizationRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"config.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n\n\"\"\")\norganization_configuration_aggregator = aws.cfg.ConfigurationAggregator(\"organizationConfigurationAggregator\", organization_aggregation_source={\n \"allRegions\": True,\n \"role_arn\": organization_role.arn,\n})\norganization_role_policy_attachment = aws.iam.RolePolicyAttachment(\"organizationRolePolicyAttachment\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\",\n role=organization_role.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var organizationRole = new Aws.Iam.Role(\"organizationRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Sid\"\": \"\"\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"config.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"sts:AssumeRole\"\"\n }\n ]\n}\n\n\",\n });\n var organizationConfigurationAggregator = new Aws.Cfg.ConfigurationAggregator(\"organizationConfigurationAggregator\", new Aws.Cfg.ConfigurationAggregatorArgs\n {\n OrganizationAggregationSource = new Aws.Cfg.Inputs.ConfigurationAggregatorOrganizationAggregationSourceArgs\n {\n AllRegions = true,\n RoleArn = organizationRole.Arn,\n },\n });\n var organizationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"organizationRolePolicyAttachment\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\",\n Role = organizationRole.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\torganizationRole, err := iam.NewRole(ctx, \"organizationRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"config.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewConfigurationAggregator(ctx, \"organizationConfigurationAggregator\", \u0026cfg.ConfigurationAggregatorArgs{\n\t\t\tOrganizationAggregationSource: \u0026cfg.ConfigurationAggregatorOrganizationAggregationSourceArgs{\n\t\t\t\tAllRegions: pulumi.Bool(true),\n\t\t\t\tRoleArn: organizationRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"organizationRolePolicyAttachment\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\"),\n\t\t\tRole: organizationRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorAccountAggregationSource:ConfigurationAggregatorAccountAggregationSource", "description": "The account(s) to aggregate config data from as documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the aggregator\n" }, "name": { "type": "string", "description": "The name of the configuration aggregator.\n" }, "organizationAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorOrganizationAggregationSource:ConfigurationAggregatorOrganizationAggregationSource", "description": "The organization to aggregate config data from as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "accountAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorAccountAggregationSource:ConfigurationAggregatorAccountAggregationSource", "description": "The account(s) to aggregate config data from as documented below.\n" }, "name": { "type": "string", "description": "The name of the configuration aggregator.\n" }, "organizationAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorOrganizationAggregationSource:ConfigurationAggregatorOrganizationAggregationSource", "description": "The organization to aggregate config data from as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationAggregator resources.\n", "properties": { "accountAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorAccountAggregationSource:ConfigurationAggregatorAccountAggregationSource", "description": "The account(s) to aggregate config data from as documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the aggregator\n" }, "name": { "type": "string", "description": "The name of the configuration aggregator.\n" }, "organizationAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorOrganizationAggregationSource:ConfigurationAggregatorOrganizationAggregationSource", "description": "The organization to aggregate config data from as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:cfg/deliveryChannel:DeliveryChannel": { "description": "Provides an AWS Config Delivery Channel.\n\n\u003e **Note:** Delivery Channel requires a `Configuration Recorder` to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"b\", {\n forceDestroy: true,\n});\nconst role = new aws.iam.Role(\"r\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"config.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst fooRecorder = new aws.cfg.Recorder(\"foo\", {\n roleArn: role.arn,\n});\nconst fooDeliveryChannel = new aws.cfg.DeliveryChannel(\"foo\", {\n s3BucketName: bucket.bucket,\n}, { dependsOn: [fooRecorder] });\nconst rolePolicy = new aws.iam.RolePolicy(\"p\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"s3:*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"${bucket.arn}\",\n \"${bucket.arn}/*\"\n ]\n }\n ]\n}\n`,\n role: role.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\", force_destroy=True)\nfoo_delivery_channel = aws.cfg.DeliveryChannel(\"fooDeliveryChannel\", s3_bucket_name=bucket.bucket)\nrole = aws.iam.Role(\"role\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"config.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\nfoo_recorder = aws.cfg.Recorder(\"fooRecorder\", role_arn=role.arn)\nrole_policy = aws.iam.RolePolicy(\"rolePolicy\",\n policy=pulumi.Output.all(bucket.arn, bucket.arn).apply(lambda bucketArn, bucketArn1: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": [\n \"s3:*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"{bucket_arn}\",\n \"{bucket_arn1}/*\"\n ]\n }}\n ]\n}}\n\n\"\"\"),\n role=role.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n ForceDestroy = true,\n });\n var fooDeliveryChannel = new Aws.Cfg.DeliveryChannel(\"fooDeliveryChannel\", new Aws.Cfg.DeliveryChannelArgs\n {\n S3BucketName = bucket.BucketName,\n });\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"config.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var fooRecorder = new Aws.Cfg.Recorder(\"fooRecorder\", new Aws.Cfg.RecorderArgs\n {\n RoleArn = role.Arn,\n });\n var rolePolicy = new Aws.Iam.RolePolicy(\"rolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = Output.Tuple(bucket.Arn, bucket.Arn).Apply(values =\u003e\n {\n var bucketArn = values.Item1;\n var bucketArn1 = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": [\n \"\"s3:*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": [\n \"\"{bucketArn}\"\",\n \"\"{bucketArn1}/*\"\"\n ]\n }}\n ]\n}}\n\n\";\n }),\n Role = role.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewDeliveryChannel(ctx, \"fooDeliveryChannel\", \u0026cfg.DeliveryChannelArgs{\n\t\t\tS3BucketName: bucket.Bucket,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"config.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRecorder(ctx, \"fooRecorder\", \u0026cfg.RecorderArgs{\n\t\t\tRoleArn: role.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"rolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.All(bucket.Arn, bucket.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucketArn := _args[0].(string)\n\t\t\t\tbucketArn1 := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"s3:*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": [\\n\", \" \\\"\", bucketArn, \"\\\",\\n\", \" \\\"\", bucketArn1, \"/*\\\"\\n\", \" ]\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRole: role.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name of the delivery channel. Defaults to `default`. Changing it recreates the resource.\n" }, "s3BucketName": { "type": "string", "description": "The name of the S3 bucket used to store the configuration history.\n" }, "s3KeyPrefix": { "type": "string", "description": "The prefix for the specified S3 bucket.\n" }, "snapshotDeliveryProperties": { "$ref": "#/types/aws:cfg/DeliveryChannelSnapshotDeliveryProperties:DeliveryChannelSnapshotDeliveryProperties", "description": "Options for how AWS Config delivers configuration snapshots. See below\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic that AWS Config delivers notifications to.\n" } }, "required": [ "name", "s3BucketName" ], "inputProperties": { "name": { "type": "string", "description": "The name of the delivery channel. Defaults to `default`. Changing it recreates the resource.\n" }, "s3BucketName": { "type": "string", "description": "The name of the S3 bucket used to store the configuration history.\n" }, "s3KeyPrefix": { "type": "string", "description": "The prefix for the specified S3 bucket.\n" }, "snapshotDeliveryProperties": { "$ref": "#/types/aws:cfg/DeliveryChannelSnapshotDeliveryProperties:DeliveryChannelSnapshotDeliveryProperties", "description": "Options for how AWS Config delivers configuration snapshots. See below\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic that AWS Config delivers notifications to.\n" } }, "requiredInputs": [ "s3BucketName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DeliveryChannel resources.\n", "properties": { "name": { "type": "string", "description": "The name of the delivery channel. Defaults to `default`. Changing it recreates the resource.\n" }, "s3BucketName": { "type": "string", "description": "The name of the S3 bucket used to store the configuration history.\n" }, "s3KeyPrefix": { "type": "string", "description": "The prefix for the specified S3 bucket.\n" }, "snapshotDeliveryProperties": { "$ref": "#/types/aws:cfg/DeliveryChannelSnapshotDeliveryProperties:DeliveryChannelSnapshotDeliveryProperties", "description": "Options for how AWS Config delivers configuration snapshots. See below\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic that AWS Config delivers notifications to.\n" } }, "type": "object" } }, "aws:cfg/organizationCustomRule:OrganizationCustomRule": { "description": "Manages a Config Organization Custom Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Managed Rules (those invoking an AWS managed rule), see the `aws_config_organization_managed__rule` resource.\n\n\u003e **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excluded_accounts` argument.\n\n\u003e **NOTE:** The proper Lambda permission to allow the AWS Config service invoke the Lambda Function must be in place before the rule will successfully create or update. See also the `aws.lambda.Permission` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplePermission = new aws.lambda.Permission(\"example\", {\n action: \"lambda:InvokeFunction\",\n function: aws_lambda_function_example.arn,\n principal: \"config.amazonaws.com\",\n});\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationCustomRule = new aws.cfg.OrganizationCustomRule(\"example\", {\n lambdaFunctionArn: aws_lambda_function_example.arn,\n triggerTypes: [\"ConfigurationItemChangeNotification\"],\n}, { dependsOn: [examplePermission, exampleOrganization] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_permission = aws.lambda_.Permission(\"examplePermission\",\n action=\"lambda:InvokeFunction\",\n function=aws_lambda_function[\"example\"][\"arn\"],\n principal=\"config.amazonaws.com\")\nexample_organization = aws.organizations.Organization(\"exampleOrganization\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_custom_rule = aws.cfg.OrganizationCustomRule(\"exampleOrganizationCustomRule\",\n lambda_function_arn=aws_lambda_function[\"example\"][\"arn\"],\n trigger_types=[\"ConfigurationItemChangeNotification\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var examplePermission = new Aws.Lambda.Permission(\"examplePermission\", new Aws.Lambda.PermissionArgs\n {\n Action = \"lambda:InvokeFunction\",\n Function = aws_lambda_function.Example.Arn,\n Principal = \"config.amazonaws.com\",\n });\n var exampleOrganization = new Aws.Organizations.Organization(\"exampleOrganization\", new Aws.Organizations.OrganizationArgs\n {\n AwsServiceAccessPrincipals = \n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n var exampleOrganizationCustomRule = new Aws.Cfg.OrganizationCustomRule(\"exampleOrganizationCustomRule\", new Aws.Cfg.OrganizationCustomRuleArgs\n {\n LambdaFunctionArn = aws_lambda_function.Example.Arn,\n TriggerTypes = \n {\n \"ConfigurationItemChangeNotification\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewPermission(ctx, \"examplePermission\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: pulumi.String(aws_lambda_function.Example.Arn),\n\t\t\tPrincipal: pulumi.String(\"config.amazonaws.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = organizations.NewOrganization(ctx, \"exampleOrganization\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationCustomRule(ctx, \"exampleOrganizationCustomRule\", \u0026cfg.OrganizationCustomRuleArgs{\n\t\t\tLambdaFunctionArn: pulumi.String(aws_lambda_function.Example.Arn),\n\t\t\tTriggerTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ConfigurationItemChangeNotification\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "lambdaFunctionArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" }, "triggerTypes": { "type": "array", "items": { "type": "string" }, "description": "List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`, and `ScheduledNotification`\n" } }, "required": [ "arn", "lambdaFunctionArn", "name", "triggerTypes" ], "inputProperties": { "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "lambdaFunctionArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" }, "triggerTypes": { "type": "array", "items": { "type": "string" }, "description": "List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`, and `ScheduledNotification`\n" } }, "requiredInputs": [ "lambdaFunctionArn", "triggerTypes" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationCustomRule resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "lambdaFunctionArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" }, "triggerTypes": { "type": "array", "items": { "type": "string" }, "description": "List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`, and `ScheduledNotification`\n" } }, "type": "object" } }, "aws:cfg/organizationManagedRule:OrganizationManagedRule": { "description": "Manages a Config Organization Managed Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Custom Rules (those invoking a custom Lambda Function), see the `aws.cfg.OrganizationCustomRule` resource.\n\n\u003e **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excluded_accounts` argument.\n\n\u003e **NOTE:** Every Organization account except those configured in the `excluded_accounts` argument must have a Configuration Recorder with proper IAM permissions before the rule will successfully create or update. See also the `aws.cfg.Recorder` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationManagedRule = new aws.cfg.OrganizationManagedRule(\"example\", {\n ruleIdentifier: \"IAM_PASSWORD_POLICY\",\n}, { dependsOn: [exampleOrganization] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_organization = aws.organizations.Organization(\"exampleOrganization\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_managed_rule = aws.cfg.OrganizationManagedRule(\"exampleOrganizationManagedRule\", rule_identifier=\"IAM_PASSWORD_POLICY\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleOrganization = new Aws.Organizations.Organization(\"exampleOrganization\", new Aws.Organizations.OrganizationArgs\n {\n AwsServiceAccessPrincipals = \n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n var exampleOrganizationManagedRule = new Aws.Cfg.OrganizationManagedRule(\"exampleOrganizationManagedRule\", new Aws.Cfg.OrganizationManagedRuleArgs\n {\n RuleIdentifier = \"IAM_PASSWORD_POLICY\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = organizations.NewOrganization(ctx, \"exampleOrganization\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationManagedRule(ctx, \"exampleOrganizationManagedRule\", \u0026cfg.OrganizationManagedRuleArgs{\n\t\t\tRuleIdentifier: pulumi.String(\"IAM_PASSWORD_POLICY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "ruleIdentifier": { "type": "string", "description": "Identifier of an available AWS Config Managed Rule to call. For available values, see the [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) documentation\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" } }, "required": [ "arn", "name", "ruleIdentifier" ], "inputProperties": { "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "ruleIdentifier": { "type": "string", "description": "Identifier of an available AWS Config Managed Rule to call. For available values, see the [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) documentation\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" } }, "requiredInputs": [ "ruleIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationManagedRule resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "ruleIdentifier": { "type": "string", "description": "Identifier of an available AWS Config Managed Rule to call. For available values, see the [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) documentation\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" } }, "type": "object" } }, "aws:cfg/recorder:Recorder": { "description": "Provides an AWS Config Configuration Recorder. Please note that this resource **does not start** the created recorder automatically.\n\n\u003e **Note:** _Starting_ the Configuration Recorder requires a `delivery channel` (while delivery channel creation requires Configuration Recorder). This is why `aws.cfg.RecorderStatus` is a separate resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst role = new aws.iam.Role(\"r\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"config.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst foo = new aws.cfg.Recorder(\"foo\", {\n roleArn: role.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nrole = aws.iam.Role(\"role\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"config.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\nfoo = aws.cfg.Recorder(\"foo\", role_arn=role.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"config.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var foo = new Aws.Cfg.Recorder(\"foo\", new Aws.Cfg.RecorderArgs\n {\n RoleArn = role.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"config.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tRoleArn: role.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name of the recorder. Defaults to `default`. Changing it recreates the resource.\n" }, "recordingGroup": { "$ref": "#/types/aws:cfg/RecorderRecordingGroup:RecorderRecordingGroup", "description": "Recording group - see below.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role.\nused to make read or write requests to the delivery channel and to describe the AWS resources associated with the account.\nSee [AWS Docs](http://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) for more details.\n" } }, "required": [ "name", "recordingGroup", "roleArn" ], "inputProperties": { "name": { "type": "string", "description": "The name of the recorder. Defaults to `default`. Changing it recreates the resource.\n" }, "recordingGroup": { "$ref": "#/types/aws:cfg/RecorderRecordingGroup:RecorderRecordingGroup", "description": "Recording group - see below.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role.\nused to make read or write requests to the delivery channel and to describe the AWS resources associated with the account.\nSee [AWS Docs](http://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) for more details.\n" } }, "requiredInputs": [ "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Recorder resources.\n", "properties": { "name": { "type": "string", "description": "The name of the recorder. Defaults to `default`. Changing it recreates the resource.\n" }, "recordingGroup": { "$ref": "#/types/aws:cfg/RecorderRecordingGroup:RecorderRecordingGroup", "description": "Recording group - see below.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role.\nused to make read or write requests to the delivery channel and to describe the AWS resources associated with the account.\nSee [AWS Docs](http://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) for more details.\n" } }, "type": "object" } }, "aws:cfg/recorderStatus:RecorderStatus": { "description": "Manages status (recording / stopped) of an AWS Config Configuration Recorder.\n\n\u003e **Note:** Starting Configuration Recorder requires a `Delivery Channel` to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"b\", {});\nconst fooDeliveryChannel = new aws.cfg.DeliveryChannel(\"foo\", {\n s3BucketName: bucket.bucket,\n});\nconst role = new aws.iam.Role(\"r\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"config.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst fooRecorder = new aws.cfg.Recorder(\"foo\", {\n roleArn: role.arn,\n});\nconst fooRecorderStatus = new aws.cfg.RecorderStatus(\"foo\", {\n isEnabled: true,\n}, { dependsOn: [fooDeliveryChannel] });\nconst rolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"a\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSConfigRole\",\n role: role.name,\n});\nconst rolePolicy = new aws.iam.RolePolicy(\"p\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"s3:*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"${bucket.arn}\",\n \"${bucket.arn}/*\"\n ]\n }\n ]\n}\n`,\n role: role.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_recorder_status = aws.cfg.RecorderStatus(\"fooRecorderStatus\", is_enabled=True)\nrole = aws.iam.Role(\"role\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"config.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\nrole_policy_attachment = aws.iam.RolePolicyAttachment(\"rolePolicyAttachment\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSConfigRole\",\n role=role.name)\nbucket = aws.s3.Bucket(\"bucket\")\nfoo_delivery_channel = aws.cfg.DeliveryChannel(\"fooDeliveryChannel\", s3_bucket_name=bucket.bucket)\nfoo_recorder = aws.cfg.Recorder(\"fooRecorder\", role_arn=role.arn)\nrole_policy = aws.iam.RolePolicy(\"rolePolicy\",\n policy=pulumi.Output.all(bucket.arn, bucket.arn).apply(lambda bucketArn, bucketArn1: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": [\n \"s3:*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"{bucket_arn}\",\n \"{bucket_arn1}/*\"\n ]\n }}\n ]\n}}\n\n\"\"\"),\n role=role.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooRecorderStatus = new Aws.Cfg.RecorderStatus(\"fooRecorderStatus\", new Aws.Cfg.RecorderStatusArgs\n {\n IsEnabled = true,\n });\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"config.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var rolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"rolePolicyAttachment\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSConfigRole\",\n Role = role.Name,\n });\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n });\n var fooDeliveryChannel = new Aws.Cfg.DeliveryChannel(\"fooDeliveryChannel\", new Aws.Cfg.DeliveryChannelArgs\n {\n S3BucketName = bucket.BucketName,\n });\n var fooRecorder = new Aws.Cfg.Recorder(\"fooRecorder\", new Aws.Cfg.RecorderArgs\n {\n RoleArn = role.Arn,\n });\n var rolePolicy = new Aws.Iam.RolePolicy(\"rolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = Output.Tuple(bucket.Arn, bucket.Arn).Apply(values =\u003e\n {\n var bucketArn = values.Item1;\n var bucketArn1 = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": [\n \"\"s3:*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": [\n \"\"{bucketArn}\"\",\n \"\"{bucketArn1}/*\"\"\n ]\n }}\n ]\n}}\n\n\";\n }),\n Role = role.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cfg.NewRecorderStatus(ctx, \"fooRecorderStatus\", \u0026cfg.RecorderStatusArgs{\n\t\t\tIsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"config.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"rolePolicyAttachment\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSConfigRole\"),\n\t\t\tRole: role.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucket(ctx, \"bucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewDeliveryChannel(ctx, \"fooDeliveryChannel\", \u0026cfg.DeliveryChannelArgs{\n\t\t\tS3BucketName: bucket.Bucket,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRecorder(ctx, \"fooRecorder\", \u0026cfg.RecorderArgs{\n\t\t\tRoleArn: role.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"rolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.All(bucket.Arn, bucket.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucketArn := _args[0].(string)\n\t\t\t\tbucketArn1 := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"s3:*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": [\\n\", \" \\\"\", bucketArn, \"\\\",\\n\", \" \\\"\", bucketArn1, \"/*\\\"\\n\", \" ]\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRole: role.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "isEnabled": { "type": "boolean", "description": "Whether the configuration recorder should be enabled or disabled.\n" }, "name": { "type": "string", "description": "The name of the recorder\n" } }, "required": [ "isEnabled", "name" ], "inputProperties": { "isEnabled": { "type": "boolean", "description": "Whether the configuration recorder should be enabled or disabled.\n" }, "name": { "type": "string", "description": "The name of the recorder\n" } }, "requiredInputs": [ "isEnabled" ], "stateInputs": { "description": "Input properties used for looking up and filtering RecorderStatus resources.\n", "properties": { "isEnabled": { "type": "boolean", "description": "Whether the configuration recorder should be enabled or disabled.\n" }, "name": { "type": "string", "description": "The name of the recorder\n" } }, "type": "object" } }, "aws:cfg/rule:Rule": { "description": "Provides an AWS Config Rule.\n\n\u003e **Note:** Config Rule requires an existing `Configuration Recorder` to be present. Use of `depends_on` is recommended (as shown below) to avoid race conditions.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### AWS Managed Rules\n\nAWS managed rules can be used by setting the source owner to `AWS` and the source identifier to the name of the managed rule. More information about AWS managed rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html).\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst role = new aws.iam.Role(\"r\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"config.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst foo = new aws.cfg.Recorder(\"foo\", {\n roleArn: role.arn,\n});\nconst rule = new aws.cfg.Rule(\"r\", {\n source: {\n owner: \"AWS\",\n sourceIdentifier: \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n}, { dependsOn: [foo] });\nconst rolePolicy = new aws.iam.RolePolicy(\"p\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n \t{\n \t\t\"Action\": \"config:Put*\",\n \t\t\"Effect\": \"Allow\",\n \t\t\"Resource\": \"*\"\n\n \t}\n ]\n}\n`,\n role: role.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nrule = aws.cfg.Rule(\"rule\", source={\n \"owner\": \"AWS\",\n \"sourceIdentifier\": \"S3_BUCKET_VERSIONING_ENABLED\",\n})\nrole = aws.iam.Role(\"role\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"config.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\nfoo = aws.cfg.Recorder(\"foo\", role_arn=role.arn)\nrole_policy = aws.iam.RolePolicy(\"rolePolicy\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n \t{\n \t\t\"Action\": \"config:Put*\",\n \t\t\"Effect\": \"Allow\",\n \t\t\"Resource\": \"*\"\n\n \t}\n ]\n}\n\n\"\"\",\n role=role.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var rule = new Aws.Cfg.Rule(\"rule\", new Aws.Cfg.RuleArgs\n {\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"AWS\",\n SourceIdentifier = \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n });\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"config.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var foo = new Aws.Cfg.Recorder(\"foo\", new Aws.Cfg.RecorderArgs\n {\n RoleArn = role.Arn,\n });\n var rolePolicy = new Aws.Iam.RolePolicy(\"rolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n \t{\n \t\t\"\"Action\"\": \"\"config:Put*\"\",\n \t\t\"\"Effect\"\": \"\"Allow\"\",\n \t\t\"\"Resource\"\": \"\"*\"\"\n\n \t}\n ]\n}\n\n\",\n Role = role.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cfg.NewRule(ctx, \"rule\", \u0026cfg.RuleArgs{\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"AWS\"),\n\t\t\t\tSourceIdentifier: pulumi.String(\"S3_BUCKET_VERSIONING_ENABLED\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"config.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tRoleArn: role.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"rolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" \t{\\n\", \" \t\t\\\"Action\\\": \\\"config:Put*\\\",\\n\", \" \t\t\\\"Effect\\\": \\\"Allow\\\",\\n\", \" \t\t\\\"Resource\\\": \\\"*\\\"\\n\", \"\\n\", \" \t}\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRole: role.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Custom Rules\n\nCustom rules can be used by setting the source owner to `CUSTOM_LAMBDA` and the source identifier to the Amazon Resource Name (ARN) of the Lambda Function. The AWS Config service must have permissions to invoke the Lambda Function, e.g. via the `aws.lambda.Permission` resource. More information about custom rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html).\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRecorder = new aws.cfg.Recorder(\"example\", {});\nconst exampleFunction = new aws.lambda.Function(\"example\", {});\nconst examplePermission = new aws.lambda.Permission(\"example\", {\n action: \"lambda:InvokeFunction\",\n function: exampleFunction.arn,\n principal: \"config.amazonaws.com\",\n});\nconst exampleRule = new aws.cfg.Rule(\"example\", {\n source: {\n owner: \"CUSTOM_LAMBDA\",\n sourceIdentifier: exampleFunction.arn,\n },\n}, { dependsOn: [exampleRecorder, examplePermission] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_recorder = aws.cfg.Recorder(\"exampleRecorder\")\nexample_function = aws.lambda_.Function(\"exampleFunction\")\nexample_permission = aws.lambda_.Permission(\"examplePermission\",\n action=\"lambda:InvokeFunction\",\n function=example_function.arn,\n principal=\"config.amazonaws.com\")\nexample_rule = aws.cfg.Rule(\"exampleRule\", source={\n \"owner\": \"CUSTOM_LAMBDA\",\n \"sourceIdentifier\": example_function.arn,\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleRecorder = new Aws.Cfg.Recorder(\"exampleRecorder\", new Aws.Cfg.RecorderArgs\n {\n });\n var exampleFunction = new Aws.Lambda.Function(\"exampleFunction\", new Aws.Lambda.FunctionArgs\n {\n });\n var examplePermission = new Aws.Lambda.Permission(\"examplePermission\", new Aws.Lambda.PermissionArgs\n {\n Action = \"lambda:InvokeFunction\",\n Function = exampleFunction.Arn,\n Principal = \"config.amazonaws.com\",\n });\n var exampleRule = new Aws.Cfg.Rule(\"exampleRule\", new Aws.Cfg.RuleArgs\n {\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"CUSTOM_LAMBDA\",\n SourceIdentifier = exampleFunction.Arn,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cfg.NewRecorder(ctx, \"exampleRecorder\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFunction, err := lambda.NewFunction(ctx, \"exampleFunction\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"examplePermission\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: exampleFunction.Arn,\n\t\t\tPrincipal: pulumi.String(\"config.amazonaws.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRule(ctx, \"exampleRule\", \u0026cfg.RuleArgs{\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"CUSTOM_LAMBDA\"),\n\t\t\t\tSourceIdentifier: exampleFunction.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the config rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config rule Lambda function.\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The frequency that you want AWS Config to run evaluations for a rule that\nis triggered periodically. If specified, requires `message_type` to be `ScheduledNotification`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "ruleId": { "type": "string", "description": "The ID of the config rule\n" }, "scope": { "$ref": "#/types/aws:cfg/RuleScope:RuleScope", "description": "Scope defines which resources can trigger an evaluation for the rule as documented below.\n" }, "source": { "$ref": "#/types/aws:cfg/RuleSource:RuleSource", "description": "Source specifies the rule owner, the rule identifier, and the notifications that cause\nthe function to evaluate your AWS resources as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "name", "ruleId", "source" ], "inputProperties": { "description": { "type": "string", "description": "Description of the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config rule Lambda function.\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The frequency that you want AWS Config to run evaluations for a rule that\nis triggered periodically. If specified, requires `message_type` to be `ScheduledNotification`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "scope": { "$ref": "#/types/aws:cfg/RuleScope:RuleScope", "description": "Scope defines which resources can trigger an evaluation for the rule as documented below.\n" }, "source": { "$ref": "#/types/aws:cfg/RuleSource:RuleSource", "description": "Source specifies the rule owner, the rule identifier, and the notifications that cause\nthe function to evaluate your AWS resources as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "source" ], "stateInputs": { "description": "Input properties used for looking up and filtering Rule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the config rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config rule Lambda function.\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The frequency that you want AWS Config to run evaluations for a rule that\nis triggered periodically. If specified, requires `message_type` to be `ScheduledNotification`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "ruleId": { "type": "string", "description": "The ID of the config rule\n" }, "scope": { "$ref": "#/types/aws:cfg/RuleScope:RuleScope", "description": "Scope defines which resources can trigger an evaluation for the rule as documented below.\n" }, "source": { "$ref": "#/types/aws:cfg/RuleSource:RuleSource", "description": "Source specifies the rule owner, the rule identifier, and the notifications that cause\nthe function to evaluate your AWS resources as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:cloud9/environmentEC2:EnvironmentEC2": { "description": "Provides a Cloud9 EC2 Development Environment.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloud9.EnvironmentEC2(\"example\", {\n instanceType: \"t2.micro\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloud9.EnvironmentEC2(\"example\", instance_type=\"t2.micro\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Cloud9.EnvironmentEC2(\"example\", new Aws.Cloud9.EnvironmentEC2Args\n {\n InstanceType = \"t2.micro\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloud9\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloud9.NewEnvironmentEC2(ctx, \"example\", \u0026cloud9.EnvironmentEC2Args{\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the environment.\n" }, "automaticStopTimeMinutes": { "type": "integer", "description": "The number of minutes until the running instance is shut down after the environment has last been used.\n" }, "description": { "type": "string", "description": "The description of the environment.\n" }, "instanceType": { "type": "string", "description": "The type of instance to connect to the environment, e.g. `t2.micro`.\n" }, "name": { "type": "string", "description": "The name of the environment.\n" }, "ownerArn": { "type": "string", "description": "The ARN of the environment owner. This can be ARN of any AWS IAM principal. Defaults to the environment's creator.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet in Amazon VPC that AWS Cloud9 will use to communicate with the Amazon EC2 instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "type": { "type": "string", "description": "The type of the environment (e.g. `ssh` or `ec2`)\n" } }, "required": [ "arn", "instanceType", "name", "ownerArn", "type" ], "inputProperties": { "automaticStopTimeMinutes": { "type": "integer", "description": "The number of minutes until the running instance is shut down after the environment has last been used.\n" }, "description": { "type": "string", "description": "The description of the environment.\n" }, "instanceType": { "type": "string", "description": "The type of instance to connect to the environment, e.g. `t2.micro`.\n" }, "name": { "type": "string", "description": "The name of the environment.\n" }, "ownerArn": { "type": "string", "description": "The ARN of the environment owner. This can be ARN of any AWS IAM principal. Defaults to the environment's creator.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet in Amazon VPC that AWS Cloud9 will use to communicate with the Amazon EC2 instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering EnvironmentEC2 resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the environment.\n" }, "automaticStopTimeMinutes": { "type": "integer", "description": "The number of minutes until the running instance is shut down after the environment has last been used.\n" }, "description": { "type": "string", "description": "The description of the environment.\n" }, "instanceType": { "type": "string", "description": "The type of instance to connect to the environment, e.g. `t2.micro`.\n" }, "name": { "type": "string", "description": "The name of the environment.\n" }, "ownerArn": { "type": "string", "description": "The ARN of the environment owner. This can be ARN of any AWS IAM principal. Defaults to the environment's creator.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet in Amazon VPC that AWS Cloud9 will use to communicate with the Amazon EC2 instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "type": { "type": "string", "description": "The type of the environment (e.g. `ssh` or `ec2`)\n" } }, "type": "object" } }, "aws:cloudformation/stack:Stack": { "description": "Provides a CloudFormation Stack resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst network = new aws.cloudformation.Stack(\"network\", {\n parameters: {\n VPCCidr: \"10.0.0.0/16\",\n },\n templateBody: `{\n \"Parameters\" : {\n \"VPCCidr\" : {\n \"Type\" : \"String\",\n \"Default\" : \"10.0.0.0/16\",\n \"Description\" : \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\"\n }\n },\n \"Resources\" : {\n \"myVpc\": {\n \"Type\" : \"AWS::EC2::VPC\",\n \"Properties\" : {\n \"CidrBlock\" : { \"Ref\" : \"VPCCidr\" },\n \"Tags\" : [\n {\"Key\": \"Name\", \"Value\": \"Primary_CF_VPC\"}\n ]\n }\n }\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnetwork = aws.cloudformation.Stack(\"network\",\n parameters={\n \"VPCCidr\": \"10.0.0.0/16\",\n },\n template_body=\"\"\"{\n \"Parameters\" : {\n \"VPCCidr\" : {\n \"Type\" : \"String\",\n \"Default\" : \"10.0.0.0/16\",\n \"Description\" : \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\"\n }\n },\n \"Resources\" : {\n \"myVpc\": {\n \"Type\" : \"AWS::EC2::VPC\",\n \"Properties\" : {\n \"CidrBlock\" : { \"Ref\" : \"VPCCidr\" },\n \"Tags\" : [\n {\"Key\": \"Name\", \"Value\": \"Primary_CF_VPC\"}\n ]\n }\n }\n }\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var network = new Aws.CloudFormation.Stack(\"network\", new Aws.CloudFormation.StackArgs\n {\n Parameters = \n {\n { \"VPCCidr\", \"10.0.0.0/16\" },\n },\n TemplateBody = @\"{\n \"\"Parameters\"\" : {\n \"\"VPCCidr\"\" : {\n \"\"Type\"\" : \"\"String\"\",\n \"\"Default\"\" : \"\"10.0.0.0/16\"\",\n \"\"Description\"\" : \"\"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\"\"\n }\n },\n \"\"Resources\"\" : {\n \"\"myVpc\"\": {\n \"\"Type\"\" : \"\"AWS::EC2::VPC\"\",\n \"\"Properties\"\" : {\n \"\"CidrBlock\"\" : { \"\"Ref\"\" : \"\"VPCCidr\"\" },\n \"\"Tags\"\" : [\n {\"\"Key\"\": \"\"Name\"\", \"\"Value\"\": \"\"Primary_CF_VPC\"\"}\n ]\n }\n }\n }\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudformation.NewStack(ctx, \"network\", \u0026cloudformation.StackArgs{\n\t\t\tParameters: pulumi.Map{\n\t\t\t\t\"VPCCidr\": pulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Parameters\\\" : {\\n\", \" \\\"VPCCidr\\\" : {\\n\", \" \\\"Type\\\" : \\\"String\\\",\\n\", \" \\\"Default\\\" : \\\"10.0.0.0/16\\\",\\n\", \" \\\"Description\\\" : \\\"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\\\"\\n\", \" }\\n\", \" },\\n\", \" \\\"Resources\\\" : {\\n\", \" \\\"myVpc\\\": {\\n\", \" \\\"Type\\\" : \\\"AWS::EC2::VPC\\\",\\n\", \" \\\"Properties\\\" : {\\n\", \" \\\"CidrBlock\\\" : { \\\"Ref\\\" : \\\"VPCCidr\\\" },\\n\", \" \\\"Tags\\\" : [\\n\", \" {\\\"Key\\\": \\\"Name\\\", \\\"Value\\\": \\\"Primary_CF_VPC\\\"}\\n\", \" ]\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities.\nValid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, or `CAPABILITY_AUTO_EXPAND`\n" }, "disableRollback": { "type": "boolean", "description": "Set to true to disable rollback of the stack if stack creation failed.\nConflicts with `on_failure`.\n" }, "iamRoleArn": { "type": "string", "description": "The ARN of an IAM role that AWS CloudFormation assumes to create the stack. If you don't specify a value, AWS CloudFormation uses the role that was previously associated with the stack. If no role is available, AWS CloudFormation uses a temporary session that is generated from your user credentials.\n" }, "name": { "type": "string", "description": "Stack name.\n" }, "notificationArns": { "type": "array", "items": { "type": "string" }, "description": "A list of SNS topic ARNs to publish stack related events.\n" }, "onFailure": { "type": "string", "description": "Action to be taken if stack creation fails. This must be\none of: `DO_NOTHING`, `ROLLBACK`, or `DELETE`. Conflicts with `disable_rollback`.\n" }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of outputs from the stack.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Parameter structures that specify input parameters for the stack.\n" }, "policyBody": { "type": "string", "description": "Structure containing the stack policy body.\nConflicts w/ `policy_url`.\n" }, "policyUrl": { "type": "string", "description": "Location of a file containing the stack policy.\nConflicts w/ `policy_body`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags to associate with this stack.\n" }, "templateBody": { "type": "string", "description": "Structure containing the template body (max size: 51,200 bytes).\n" }, "templateUrl": { "type": "string", "description": "Location of a file containing the template body (max size: 460,800 bytes).\n" }, "timeoutInMinutes": { "type": "integer", "description": "The amount of time that can pass before the stack status becomes `CREATE_FAILED`.\n" } }, "required": [ "name", "outputs", "parameters", "policyBody", "templateBody" ], "inputProperties": { "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities.\nValid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, or `CAPABILITY_AUTO_EXPAND`\n" }, "disableRollback": { "type": "boolean", "description": "Set to true to disable rollback of the stack if stack creation failed.\nConflicts with `on_failure`.\n" }, "iamRoleArn": { "type": "string", "description": "The ARN of an IAM role that AWS CloudFormation assumes to create the stack. If you don't specify a value, AWS CloudFormation uses the role that was previously associated with the stack. If no role is available, AWS CloudFormation uses a temporary session that is generated from your user credentials.\n" }, "name": { "type": "string", "description": "Stack name.\n" }, "notificationArns": { "type": "array", "items": { "type": "string" }, "description": "A list of SNS topic ARNs to publish stack related events.\n" }, "onFailure": { "type": "string", "description": "Action to be taken if stack creation fails. This must be\none of: `DO_NOTHING`, `ROLLBACK`, or `DELETE`. Conflicts with `disable_rollback`.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Parameter structures that specify input parameters for the stack.\n" }, "policyBody": { "type": "string", "description": "Structure containing the stack policy body.\nConflicts w/ `policy_url`.\n" }, "policyUrl": { "type": "string", "description": "Location of a file containing the stack policy.\nConflicts w/ `policy_body`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags to associate with this stack.\n" }, "templateBody": { "type": "string", "description": "Structure containing the template body (max size: 51,200 bytes).\n" }, "templateUrl": { "type": "string", "description": "Location of a file containing the template body (max size: 460,800 bytes).\n" }, "timeoutInMinutes": { "type": "integer", "description": "The amount of time that can pass before the stack status becomes `CREATE_FAILED`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Stack resources.\n", "properties": { "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities.\nValid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, or `CAPABILITY_AUTO_EXPAND`\n" }, "disableRollback": { "type": "boolean", "description": "Set to true to disable rollback of the stack if stack creation failed.\nConflicts with `on_failure`.\n" }, "iamRoleArn": { "type": "string", "description": "The ARN of an IAM role that AWS CloudFormation assumes to create the stack. If you don't specify a value, AWS CloudFormation uses the role that was previously associated with the stack. If no role is available, AWS CloudFormation uses a temporary session that is generated from your user credentials.\n" }, "name": { "type": "string", "description": "Stack name.\n" }, "notificationArns": { "type": "array", "items": { "type": "string" }, "description": "A list of SNS topic ARNs to publish stack related events.\n" }, "onFailure": { "type": "string", "description": "Action to be taken if stack creation fails. This must be\none of: `DO_NOTHING`, `ROLLBACK`, or `DELETE`. Conflicts with `disable_rollback`.\n" }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of outputs from the stack.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Parameter structures that specify input parameters for the stack.\n" }, "policyBody": { "type": "string", "description": "Structure containing the stack policy body.\nConflicts w/ `policy_url`.\n" }, "policyUrl": { "type": "string", "description": "Location of a file containing the stack policy.\nConflicts w/ `policy_body`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags to associate with this stack.\n" }, "templateBody": { "type": "string", "description": "Structure containing the template body (max size: 51,200 bytes).\n" }, "templateUrl": { "type": "string", "description": "Location of a file containing the template body (max size: 460,800 bytes).\n" }, "timeoutInMinutes": { "type": "integer", "description": "The amount of time that can pass before the stack status becomes `CREATE_FAILED`.\n" } }, "type": "object" } }, "aws:cloudformation/stackSet:StackSet": { "description": "Manages a CloudFormation StackSet. StackSets allow CloudFormation templates to be easily deployed across multiple accounts and regions via StackSet Instances (`aws.cloudformation.StackSetInstance` resource). Additional information about StackSets can be found in the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html).\n\n\u003e **NOTE:** All template parameters, including those with a `Default`, must be configured or ignored with the `lifecycle` configuration block `ignore_changes` argument.\n\n\u003e **NOTE:** All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n principals: [{\n identifiers: [\"cloudformation.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n}, { async: true }));\nconst aWSCloudFormationStackSetAdministrationRole = new aws.iam.Role(\"AWSCloudFormationStackSetAdministrationRole\", {\n assumeRolePolicy: aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json,\n});\nconst example = new aws.cloudformation.StackSet(\"example\", {\n administrationRoleArn: aWSCloudFormationStackSetAdministrationRole.arn,\n parameters: {\n VPCCidr: \"10.0.0.0/16\",\n },\n templateBody: `{\n \"Parameters\" : {\n \"VPCCidr\" : {\n \"Type\" : \"String\",\n \"Default\" : \"10.0.0.0/16\",\n \"Description\" : \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\"\n }\n },\n \"Resources\" : {\n \"myVpc\": {\n \"Type\" : \"AWS::EC2::VPC\",\n \"Properties\" : {\n \"CidrBlock\" : { \"Ref\" : \"VPCCidr\" },\n \"Tags\" : [\n {\"Key\": \"Name\", \"Value\": \"Primary_CF_VPC\"}\n ]\n }\n }\n }\n}\n`,\n});\nconst aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument = example.executionRoleName.apply(executionRoleName =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n resources: [`arn:aws:iam::*:role/${executionRoleName}`],\n }],\n}, { async: true }));\nconst aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new aws.iam.RolePolicy(\"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\", {\n policy: aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.json,\n role: aWSCloudFormationStackSetAdministrationRole.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\na_ws_cloud_formation_stack_set_administration_role_assume_role_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"identifiers\": [\"cloudformation.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\na_ws_cloud_formation_stack_set_administration_role = aws.iam.Role(\"aWSCloudFormationStackSetAdministrationRole\", assume_role_policy=a_ws_cloud_formation_stack_set_administration_role_assume_role_policy.json)\nexample = aws.cloudformation.StackSet(\"example\",\n administration_role_arn=a_ws_cloud_formation_stack_set_administration_role.arn,\n parameters={\n \"VPCCidr\": \"10.0.0.0/16\",\n },\n template_body=\"\"\"{\n \"Parameters\" : {\n \"VPCCidr\" : {\n \"Type\" : \"String\",\n \"Default\" : \"10.0.0.0/16\",\n \"Description\" : \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\"\n }\n },\n \"Resources\" : {\n \"myVpc\": {\n \"Type\" : \"AWS::EC2::VPC\",\n \"Properties\" : {\n \"CidrBlock\" : { \"Ref\" : \"VPCCidr\" },\n \"Tags\" : [\n {\"Key\": \"Name\", \"Value\": \"Primary_CF_VPC\"}\n ]\n }\n }\n }\n}\n\n\"\"\")\na_ws_cloud_formation_stack_set_administration_role_execution_policy_policy_document = example.execution_role_name.apply(lambda execution_role_name: aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"effect\": \"Allow\",\n \"resources\": [f\"arn:aws:iam::*:role/{execution_role_name}\"],\n}]))\na_ws_cloud_formation_stack_set_administration_role_execution_policy_role_policy = aws.iam.RolePolicy(\"aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy\",\n policy=a_ws_cloud_formation_stack_set_administration_role_execution_policy_policy_document.json,\n role=a_ws_cloud_formation_stack_set_administration_role.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"cloudformation.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n }));\n var aWSCloudFormationStackSetAdministrationRole = new Aws.Iam.Role(\"aWSCloudFormationStackSetAdministrationRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Apply(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy =\u003e aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Json),\n });\n var example = new Aws.CloudFormation.StackSet(\"example\", new Aws.CloudFormation.StackSetArgs\n {\n AdministrationRoleArn = aWSCloudFormationStackSetAdministrationRole.Arn,\n Parameters = \n {\n { \"VPCCidr\", \"10.0.0.0/16\" },\n },\n TemplateBody = @\"{\n \"\"Parameters\"\" : {\n \"\"VPCCidr\"\" : {\n \"\"Type\"\" : \"\"String\"\",\n \"\"Default\"\" : \"\"10.0.0.0/16\"\",\n \"\"Description\"\" : \"\"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\"\"\n }\n },\n \"\"Resources\"\" : {\n \"\"myVpc\"\": {\n \"\"Type\"\" : \"\"AWS::EC2::VPC\"\",\n \"\"Properties\"\" : {\n \"\"CidrBlock\"\" : { \"\"Ref\"\" : \"\"VPCCidr\"\" },\n \"\"Tags\"\" : [\n {\"\"Key\"\": \"\"Name\"\", \"\"Value\"\": \"\"Primary_CF_VPC\"\"}\n ]\n }\n }\n }\n}\n\n\",\n });\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument = example.ExecutionRoleName.Apply(executionRoleName =\u003e Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Resources = \n {\n $\"arn:aws:iam::*:role/{executionRoleName}\",\n },\n },\n },\n }));\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new Aws.Iam.RolePolicy(\"aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.Apply(aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument =\u003e aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.Json),\n Role = aWSCloudFormationStackSetAdministrationRole.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tEffect: \"Allow\",\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\tiam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"cloudformation.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taWSCloudFormationStackSetAdministrationRole, err := iam.NewRole(ctx, \"aWSCloudFormationStackSetAdministrationRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := cloudformation.NewStackSet(ctx, \"example\", \u0026cloudformation.StackSetArgs{\n\t\t\tAdministrationRoleArn: aWSCloudFormationStackSetAdministrationRole.Arn,\n\t\t\tParameters: pulumi.Map{\n\t\t\t\t\"VPCCidr\": pulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Parameters\\\" : {\\n\", \" \\\"VPCCidr\\\" : {\\n\", \" \\\"Type\\\" : \\\"String\\\",\\n\", \" \\\"Default\\\" : \\\"10.0.0.0/16\\\",\\n\", \" \\\"Description\\\" : \\\"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\\\"\\n\", \" }\\n\", \" },\\n\", \" \\\"Resources\\\" : {\\n\", \" \\\"myVpc\\\": {\\n\", \" \\\"Type\\\" : \\\"AWS::EC2::VPC\\\",\\n\", \" \\\"Properties\\\" : {\\n\", \" \\\"CidrBlock\\\" : { \\\"Ref\\\" : \\\"VPCCidr\\\" },\\n\", \" \\\"Tags\\\" : [\\n\", \" {\\\"Key\\\": \\\"Name\\\", \\\"Value\\\": \\\"Primary_CF_VPC\\\"}\\n\", \" ]\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.ApplyT(func(aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument iam.GetPolicyDocumentResult) (string, error) {\n\t\t\t\treturn aWSCloudFormationStackSetAdministrationRoleExecutionPolicyPolicyDocument.Json, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRole: aWSCloudFormationStackSetAdministrationRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "administrationRoleArn": { "type": "string", "description": "Amazon Resource Number (ARN) of the IAM Role in the administrator account.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the StackSet.\n" }, "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities. Valid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, `CAPABILITY_AUTO_EXPAND`.\n" }, "description": { "type": "string", "description": "Description of the StackSet.\n" }, "executionRoleName": { "type": "string", "description": "Name of the IAM Role in all target accounts for StackSet operations. Defaults to `AWSCloudFormationStackSetExecutionRole`.\n" }, "name": { "type": "string", "description": "Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters for the StackSet template. All template parameters, including those with a `Default`, must be configured or ignored with `lifecycle` configuration block `ignore_changes` argument. All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.\n" }, "stackSetId": { "type": "string", "description": "Unique identifier of the StackSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified.\n" }, "templateBody": { "type": "string", "description": "String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with `template_url`.\n" }, "templateUrl": { "type": "string", "description": "String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with `template_body`.\n" } }, "required": [ "administrationRoleArn", "arn", "name", "stackSetId", "templateBody" ], "inputProperties": { "administrationRoleArn": { "type": "string", "description": "Amazon Resource Number (ARN) of the IAM Role in the administrator account.\n" }, "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities. Valid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, `CAPABILITY_AUTO_EXPAND`.\n" }, "description": { "type": "string", "description": "Description of the StackSet.\n" }, "executionRoleName": { "type": "string", "description": "Name of the IAM Role in all target accounts for StackSet operations. Defaults to `AWSCloudFormationStackSetExecutionRole`.\n" }, "name": { "type": "string", "description": "Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters for the StackSet template. All template parameters, including those with a `Default`, must be configured or ignored with `lifecycle` configuration block `ignore_changes` argument. All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified.\n" }, "templateBody": { "type": "string", "description": "String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with `template_url`.\n" }, "templateUrl": { "type": "string", "description": "String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with `template_body`.\n" } }, "requiredInputs": [ "administrationRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering StackSet resources.\n", "properties": { "administrationRoleArn": { "type": "string", "description": "Amazon Resource Number (ARN) of the IAM Role in the administrator account.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the StackSet.\n" }, "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities. Valid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, `CAPABILITY_AUTO_EXPAND`.\n" }, "description": { "type": "string", "description": "Description of the StackSet.\n" }, "executionRoleName": { "type": "string", "description": "Name of the IAM Role in all target accounts for StackSet operations. Defaults to `AWSCloudFormationStackSetExecutionRole`.\n" }, "name": { "type": "string", "description": "Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters for the StackSet template. All template parameters, including those with a `Default`, must be configured or ignored with `lifecycle` configuration block `ignore_changes` argument. All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.\n" }, "stackSetId": { "type": "string", "description": "Unique identifier of the StackSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified.\n" }, "templateBody": { "type": "string", "description": "String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with `template_url`.\n" }, "templateUrl": { "type": "string", "description": "String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with `template_body`.\n" } }, "type": "object" } }, "aws:cloudformation/stackSetInstance:StackSetInstance": { "description": "Manages a CloudFormation StackSet Instance. Instances are managed in the account and region of the StackSet after the target account permissions have been configured. Additional information about StackSets can be found in the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html).\n\n\u003e **NOTE:** All target accounts must have an IAM Role created that matches the name of the execution role configured in the StackSet (the `execution_role_name` argument in the `aws.cloudformation.StackSet` resource) in a trust relationship with the administrative account or administration IAM Role. The execution role must have appropriate permissions to manage resources defined in the template along with those required for StackSets to operate. See the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html) for more details.\n\n\u003e **NOTE:** To retain the Stack during resource destroy, ensure `retain_stack` has been set to `true` in the state first. This must be completed _before_ a deployment that would destroy the resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudformation.StackSetInstance(\"example\", {\n accountId: \"123456789012\",\n region: \"us-east-1\",\n stackSetName: aws_cloudformation_stack_set_example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudformation.StackSetInstance(\"example\",\n account_id=\"123456789012\",\n region=\"us-east-1\",\n stack_set_name=aws_cloudformation_stack_set[\"example\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.CloudFormation.StackSetInstance(\"example\", new Aws.CloudFormation.StackSetInstanceArgs\n {\n AccountId = \"123456789012\",\n Region = \"us-east-1\",\n StackSetName = aws_cloudformation_stack_set.Example.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudformation.NewStackSetInstance(ctx, \"example\", \u0026cloudformation.StackSetInstanceArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tRegion: pulumi.String(\"us-east-1\"),\n\t\t\tStackSetName: pulumi.String(aws_cloudformation_stack_set.Example.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Example IAM Setup in Target Account\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy = aws_iam_role_AWSCloudFormationStackSetAdministrationRole.arn.apply(arn =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n principals: [{\n identifiers: [arn],\n type: \"AWS\",\n }],\n }],\n}, { async: true }));\nconst aWSCloudFormationStackSetExecutionRole = new aws.iam.Role(\"AWSCloudFormationStackSetExecutionRole\", {\n assumeRolePolicy: aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.json,\n});\n// Documentation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html\n// Additional IAM permissions necessary depend on the resources defined in the StackSet template\nconst aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"cloudformation:*\",\n \"s3:*\",\n \"sns:*\",\n ],\n effect: \"Allow\",\n resources: [\"*\"],\n }],\n}, { async: true }));\nconst aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy = new aws.iam.RolePolicy(\"AWSCloudFormationStackSetExecutionRole_MinimumExecutionPolicy\", {\n policy: aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument.json,\n role: aWSCloudFormationStackSetExecutionRole.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\na_ws_cloud_formation_stack_set_execution_role_assume_role_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"identifiers\": [aws_iam_role[\"AWSCloudFormationStackSetAdministrationRole\"][\"arn\"]],\n \"type\": \"AWS\",\n }],\n}])\na_ws_cloud_formation_stack_set_execution_role = aws.iam.Role(\"aWSCloudFormationStackSetExecutionRole\", assume_role_policy=a_ws_cloud_formation_stack_set_execution_role_assume_role_policy.json)\na_ws_cloud_formation_stack_set_execution_role_minimum_execution_policy_policy_document = aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"cloudformation:*\",\n \"s3:*\",\n \"sns:*\",\n ],\n \"effect\": \"Allow\",\n \"resources\": [\"*\"],\n}])\na_ws_cloud_formation_stack_set_execution_role_minimum_execution_policy_role_policy = aws.iam.RolePolicy(\"aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy\",\n policy=a_ws_cloud_formation_stack_set_execution_role_minimum_execution_policy_policy_document.json,\n role=a_ws_cloud_formation_stack_set_execution_role.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n aws_iam_role.AWSCloudFormationStackSetAdministrationRole.Arn,\n },\n Type = \"AWS\",\n },\n },\n },\n },\n }));\n var aWSCloudFormationStackSetExecutionRole = new Aws.Iam.Role(\"aWSCloudFormationStackSetExecutionRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.Apply(aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy =\u003e aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.Json),\n });\n var aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"cloudformation:*\",\n \"s3:*\",\n \"sns:*\",\n },\n Effect = \"Allow\",\n Resources = \n {\n \"*\",\n },\n },\n },\n }));\n var aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy = new Aws.Iam.RolePolicy(\"aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument.Apply(aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument =\u003e aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyPolicyDocument.Json),\n Role = aWSCloudFormationStackSetExecutionRole.Name,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.\n" }, "parameterOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters to override from the StackSet for this Instance.\n" }, "region": { "type": "string", "description": "Target AWS Region to create a Stack based on the StackSet. Defaults to current region.\n" }, "retainStack": { "type": "boolean", "description": "During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state _before_ destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to `false`.\n" }, "stackId": { "type": "string", "description": "Stack identifier\n" }, "stackSetName": { "type": "string", "description": "Name of the StackSet.\n" } }, "required": [ "accountId", "region", "stackId", "stackSetName" ], "inputProperties": { "accountId": { "type": "string", "description": "Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.\n" }, "parameterOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters to override from the StackSet for this Instance.\n" }, "region": { "type": "string", "description": "Target AWS Region to create a Stack based on the StackSet. Defaults to current region.\n" }, "retainStack": { "type": "boolean", "description": "During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state _before_ destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to `false`.\n" }, "stackSetName": { "type": "string", "description": "Name of the StackSet.\n" } }, "requiredInputs": [ "stackSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering StackSetInstance resources.\n", "properties": { "accountId": { "type": "string", "description": "Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.\n" }, "parameterOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters to override from the StackSet for this Instance.\n" }, "region": { "type": "string", "description": "Target AWS Region to create a Stack based on the StackSet. Defaults to current region.\n" }, "retainStack": { "type": "boolean", "description": "During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state _before_ destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to `false`.\n" }, "stackId": { "type": "string", "description": "Stack identifier\n" }, "stackSetName": { "type": "string", "description": "Name of the StackSet.\n" } }, "type": "object" } }, "aws:cloudfront/distribution:Distribution": { "description": "Creates an Amazon CloudFront web distribution.\n\nFor information about CloudFront distributions, see the\n[Amazon CloudFront Developer Guide](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html). For specific information about creating\nCloudFront web distributions, see the [POST Distribution](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html) page in the Amazon\nCloudFront API Reference.\n\n\u003e **NOTE:** CloudFront distributions take about 15 minutes to a deployed state\nafter creation or modification. During this time, deletes to resources will be\nblocked. If you need to delete a distribution that is enabled and you do not\nwant to wait, you need to use the `retain_on_delete` flag.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example below creates a CloudFront distribution with an S3 origin.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"b\", {\n acl: \"private\",\n tags: {\n Name: \"My bucket\",\n },\n});\nconst s3OriginId = \"myS3Origin\";\nconst s3Distribution = new aws.cloudfront.Distribution(\"s3_distribution\", {\n aliases: [\n \"mysite.example.com\",\n \"yoursite.example.com\",\n ],\n comment: \"Some comment\",\n defaultCacheBehavior: {\n allowedMethods: [\n \"DELETE\",\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PATCH\",\n \"POST\",\n \"PUT\",\n ],\n cachedMethods: [\n \"GET\",\n \"HEAD\",\n ],\n defaultTtl: 3600,\n forwardedValues: {\n cookies: {\n forward: \"none\",\n },\n queryString: false,\n },\n maxTtl: 86400,\n minTtl: 0,\n targetOriginId: s3OriginId,\n viewerProtocolPolicy: \"allow-all\",\n },\n defaultRootObject: \"index.html\",\n enabled: true,\n isIpv6Enabled: true,\n loggingConfig: {\n bucket: \"mylogs.s3.amazonaws.com\",\n includeCookies: false,\n prefix: \"myprefix\",\n },\n orderedCacheBehaviors: [\n // Cache behavior with precedence 0\n {\n allowedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n cachedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n compress: true,\n defaultTtl: 86400,\n forwardedValues: {\n cookies: {\n forward: \"none\",\n },\n headers: [\"Origin\"],\n queryString: false,\n },\n maxTtl: 31536000,\n minTtl: 0,\n pathPattern: \"/content/immutable/*\",\n targetOriginId: s3OriginId,\n viewerProtocolPolicy: \"redirect-to-https\",\n },\n // Cache behavior with precedence 1\n {\n allowedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n cachedMethods: [\n \"GET\",\n \"HEAD\",\n ],\n compress: true,\n defaultTtl: 3600,\n forwardedValues: {\n cookies: {\n forward: \"none\",\n },\n queryString: false,\n },\n maxTtl: 86400,\n minTtl: 0,\n pathPattern: \"/content/*\",\n targetOriginId: s3OriginId,\n viewerProtocolPolicy: \"redirect-to-https\",\n },\n ],\n origins: [{\n domainName: bucket.bucketRegionalDomainName,\n originId: s3OriginId,\n s3OriginConfig: {\n originAccessIdentity: \"origin-access-identity/cloudfront/ABCDEFG1234567\",\n },\n }],\n priceClass: \"PriceClass_200\",\n restrictions: {\n geoRestriction: {\n locations: [\n \"US\",\n \"CA\",\n \"GB\",\n \"DE\",\n ],\n restrictionType: \"whitelist\",\n },\n },\n tags: {\n Environment: \"production\",\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\",\n acl=\"private\",\n tags={\n \"Name\": \"My bucket\",\n })\ns3_origin_id = \"myS3Origin\"\ns3_distribution = aws.cloudfront.Distribution(\"s3Distribution\",\n aliases=[\n \"mysite.example.com\",\n \"yoursite.example.com\",\n ],\n comment=\"Some comment\",\n default_cache_behavior={\n \"allowedMethods\": [\n \"DELETE\",\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PATCH\",\n \"POST\",\n \"PUT\",\n ],\n \"cachedMethods\": [\n \"GET\",\n \"HEAD\",\n ],\n \"defaultTtl\": 3600,\n \"forwardedValues\": {\n \"cookies\": {\n \"forward\": \"none\",\n },\n \"queryString\": False,\n },\n \"maxTtl\": 86400,\n \"minTtl\": 0,\n \"targetOriginId\": s3_origin_id,\n \"viewerProtocolPolicy\": \"allow-all\",\n },\n default_root_object=\"index.html\",\n enabled=True,\n is_ipv6_enabled=True,\n logging_config={\n \"bucket\": \"mylogs.s3.amazonaws.com\",\n \"includeCookies\": False,\n \"prefix\": \"myprefix\",\n },\n ordered_cache_behaviors=[\n {\n \"allowedMethods\": [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n \"cachedMethods\": [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n \"compress\": True,\n \"defaultTtl\": 86400,\n \"forwardedValues\": {\n \"cookies\": {\n \"forward\": \"none\",\n },\n \"headers\": [\"Origin\"],\n \"queryString\": False,\n },\n \"maxTtl\": 31536000,\n \"minTtl\": 0,\n \"pathPattern\": \"/content/immutable/*\",\n \"targetOriginId\": s3_origin_id,\n \"viewerProtocolPolicy\": \"redirect-to-https\",\n },\n {\n \"allowedMethods\": [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n \"cachedMethods\": [\n \"GET\",\n \"HEAD\",\n ],\n \"compress\": True,\n \"defaultTtl\": 3600,\n \"forwardedValues\": {\n \"cookies\": {\n \"forward\": \"none\",\n },\n \"queryString\": False,\n },\n \"maxTtl\": 86400,\n \"minTtl\": 0,\n \"pathPattern\": \"/content/*\",\n \"targetOriginId\": s3_origin_id,\n \"viewerProtocolPolicy\": \"redirect-to-https\",\n },\n ],\n origins=[{\n \"domain_name\": bucket.bucket_regional_domain_name,\n \"originId\": s3_origin_id,\n \"s3OriginConfig\": {\n \"originAccessIdentity\": \"origin-access-identity/cloudfront/ABCDEFG1234567\",\n },\n }],\n price_class=\"PriceClass_200\",\n restrictions={\n \"geoRestriction\": {\n \"locations\": [\n \"US\",\n \"CA\",\n \"GB\",\n \"DE\",\n ],\n \"restrictionType\": \"whitelist\",\n },\n },\n tags={\n \"Environment\": \"production\",\n },\n viewer_certificate={\n \"cloudfrontDefaultCertificate\": True,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n Tags = \n {\n { \"Name\", \"My bucket\" },\n },\n });\n var s3OriginId = \"myS3Origin\";\n var s3Distribution = new Aws.CloudFront.Distribution(\"s3Distribution\", new Aws.CloudFront.DistributionArgs\n {\n Aliases = \n {\n \"mysite.example.com\",\n \"yoursite.example.com\",\n },\n Comment = \"Some comment\",\n DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n AllowedMethods = \n {\n \"DELETE\",\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PATCH\",\n \"POST\",\n \"PUT\",\n },\n CachedMethods = \n {\n \"GET\",\n \"HEAD\",\n },\n DefaultTtl = 3600,\n ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs\n {\n Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs\n {\n Forward = \"none\",\n },\n QueryString = false,\n },\n MaxTtl = 86400,\n MinTtl = 0,\n TargetOriginId = s3OriginId,\n ViewerProtocolPolicy = \"allow-all\",\n },\n DefaultRootObject = \"index.html\",\n Enabled = true,\n IsIpv6Enabled = true,\n LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs\n {\n Bucket = \"mylogs.s3.amazonaws.com\",\n IncludeCookies = false,\n Prefix = \"myprefix\",\n },\n OrderedCacheBehaviors = \n {\n new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs\n {\n AllowedMethods = \n {\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n },\n CachedMethods = \n {\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n },\n Compress = true,\n DefaultTtl = 86400,\n ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs\n {\n Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs\n {\n Forward = \"none\",\n },\n Headers = \n {\n \"Origin\",\n },\n QueryString = false,\n },\n MaxTtl = 31536000,\n MinTtl = 0,\n PathPattern = \"/content/immutable/*\",\n TargetOriginId = s3OriginId,\n ViewerProtocolPolicy = \"redirect-to-https\",\n },\n new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs\n {\n AllowedMethods = \n {\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n },\n CachedMethods = \n {\n \"GET\",\n \"HEAD\",\n },\n Compress = true,\n DefaultTtl = 3600,\n ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs\n {\n Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs\n {\n Forward = \"none\",\n },\n QueryString = false,\n },\n MaxTtl = 86400,\n MinTtl = 0,\n PathPattern = \"/content/*\",\n TargetOriginId = s3OriginId,\n ViewerProtocolPolicy = \"redirect-to-https\",\n },\n },\n Origins = \n {\n new Aws.CloudFront.Inputs.DistributionOriginArgs\n {\n DomainName = bucket.BucketRegionalDomainName,\n OriginId = s3OriginId,\n S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs\n {\n OriginAccessIdentity = \"origin-access-identity/cloudfront/ABCDEFG1234567\",\n },\n },\n },\n PriceClass = \"PriceClass_200\",\n Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs\n {\n GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs\n {\n Locations = \n {\n \"US\",\n \"CA\",\n \"GB\",\n \"DE\",\n },\n RestrictionType = \"whitelist\",\n },\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs\n {\n CloudfrontDefaultCertificate = true,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"My bucket\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ts3OriginId := \"myS3Origin\"\n\t\t_, err = cloudfront.NewDistribution(ctx, \"s3Distribution\", \u0026cloudfront.DistributionArgs{\n\t\t\tAliases: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"mysite.example.com\"),\n\t\t\t\tpulumi.String(\"yoursite.example.com\"),\n\t\t\t},\n\t\t\tComment: pulumi.String(\"Some comment\"),\n\t\t\tDefaultCacheBehavior: \u0026cloudfront.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tAllowedMethods: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"DELETE\"),\n\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\tpulumi.String(\"OPTIONS\"),\n\t\t\t\t\tpulumi.String(\"PATCH\"),\n\t\t\t\t\tpulumi.String(\"POST\"),\n\t\t\t\t\tpulumi.String(\"PUT\"),\n\t\t\t\t},\n\t\t\t\tCachedMethods: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t},\n\t\t\t\tDefaultTtl: pulumi.Int(3600),\n\t\t\t\tForwardedValues: \u0026cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{\n\t\t\t\t\tCookies: \u0026cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{\n\t\t\t\t\t\tForward: pulumi.String(\"none\"),\n\t\t\t\t\t},\n\t\t\t\t\tQueryString: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t\tMaxTtl: pulumi.Int(86400),\n\t\t\t\tMinTtl: pulumi.Int(0),\n\t\t\t\tTargetOriginId: pulumi.String(s3OriginId),\n\t\t\t\tViewerProtocolPolicy: pulumi.String(\"allow-all\"),\n\t\t\t},\n\t\t\tDefaultRootObject: pulumi.String(\"index.html\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tIsIpv6Enabled: pulumi.Bool(true),\n\t\t\tLoggingConfig: \u0026cloudfront.DistributionLoggingConfigArgs{\n\t\t\t\tBucket: pulumi.String(\"mylogs.s3.amazonaws.com\"),\n\t\t\t\tIncludeCookies: pulumi.Bool(false),\n\t\t\t\tPrefix: pulumi.String(\"myprefix\"),\n\t\t\t},\n\t\t\tOrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{\n\t\t\t\t\u0026cloudfront.DistributionOrderedCacheBehaviorArgs{\n\t\t\t\t\tAllowedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\t\tpulumi.String(\"OPTIONS\"),\n\t\t\t\t\t},\n\t\t\t\t\tCachedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\t\tpulumi.String(\"OPTIONS\"),\n\t\t\t\t\t},\n\t\t\t\t\tCompress: pulumi.Bool(true),\n\t\t\t\t\tDefaultTtl: pulumi.Int(86400),\n\t\t\t\t\tForwardedValues: \u0026cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{\n\t\t\t\t\t\tCookies: \u0026cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{\n\t\t\t\t\t\t\tForward: pulumi.String(\"none\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tHeaders: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"Origin\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tQueryString: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tMaxTtl: pulumi.Int(31536000),\n\t\t\t\t\tMinTtl: pulumi.Int(0),\n\t\t\t\t\tPathPattern: pulumi.String(\"/content/immutable/*\"),\n\t\t\t\t\tTargetOriginId: pulumi.String(s3OriginId),\n\t\t\t\t\tViewerProtocolPolicy: pulumi.String(\"redirect-to-https\"),\n\t\t\t\t},\n\t\t\t\t\u0026cloudfront.DistributionOrderedCacheBehaviorArgs{\n\t\t\t\t\tAllowedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\t\tpulumi.String(\"OPTIONS\"),\n\t\t\t\t\t},\n\t\t\t\t\tCachedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\t},\n\t\t\t\t\tCompress: pulumi.Bool(true),\n\t\t\t\t\tDefaultTtl: pulumi.Int(3600),\n\t\t\t\t\tForwardedValues: \u0026cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{\n\t\t\t\t\t\tCookies: \u0026cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{\n\t\t\t\t\t\t\tForward: pulumi.String(\"none\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tQueryString: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tMaxTtl: pulumi.Int(86400),\n\t\t\t\t\tMinTtl: pulumi.Int(0),\n\t\t\t\t\tPathPattern: pulumi.String(\"/content/*\"),\n\t\t\t\t\tTargetOriginId: pulumi.String(s3OriginId),\n\t\t\t\t\tViewerProtocolPolicy: pulumi.String(\"redirect-to-https\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tOrigins: cloudfront.DistributionOriginArray{\n\t\t\t\t\u0026cloudfront.DistributionOriginArgs{\n\t\t\t\t\tDomainName: bucket.BucketRegionalDomainName,\n\t\t\t\t\tOriginId: pulumi.String(s3OriginId),\n\t\t\t\t\tS3OriginConfig: \u0026cloudfront.DistributionOriginS3OriginConfigArgs{\n\t\t\t\t\t\tOriginAccessIdentity: pulumi.String(\"origin-access-identity/cloudfront/ABCDEFG1234567\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPriceClass: pulumi.String(\"PriceClass_200\"),\n\t\t\tRestrictions: \u0026cloudfront.DistributionRestrictionsArgs{\n\t\t\t\tGeoRestriction: \u0026cloudfront.DistributionRestrictionsGeoRestrictionArgs{\n\t\t\t\t\tLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t\t\t\tpulumi.String(\"GB\"),\n\t\t\t\t\t\tpulumi.String(\"DE\"),\n\t\t\t\t\t},\n\t\t\t\t\tRestrictionType: pulumi.String(\"whitelist\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t\tViewerCertificate: \u0026cloudfront.DistributionViewerCertificateArgs{\n\t\t\t\tCloudfrontDefaultCertificate: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nThe following example below creates a Cloudfront distribution with an origin group for failover routing:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3Distribution = new aws.cloudfront.Distribution(\"s3_distribution\", {\n defaultCacheBehavior: {\n // ... other configuration ...\n targetOriginId: \"groupS3\",\n },\n origins: [\n {\n domainName: aws_s3_bucket_primary.bucketRegionalDomainName,\n originId: \"primaryS3\",\n s3OriginConfig: {\n originAccessIdentity: aws_cloudfront_origin_access_identity_default.cloudfrontAccessIdentityPath,\n },\n },\n {\n domainName: aws_s3_bucket_failover.bucketRegionalDomainName,\n originId: \"failoverS3\",\n s3OriginConfig: {\n originAccessIdentity: aws_cloudfront_origin_access_identity_default.cloudfrontAccessIdentityPath,\n },\n },\n ],\n originGroups: [{\n failoverCriteria: {\n statusCodes: [\n 403,\n 404,\n 500,\n 502,\n ],\n },\n members: [\n {\n originId: \"primaryS3\",\n },\n {\n originId: \"failoverS3\",\n },\n ],\n originId: \"groupS3\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3_distribution = aws.cloudfront.Distribution(\"s3Distribution\",\n default_cache_behavior={\n \"targetOriginId\": \"groupS3\",\n },\n origins=[\n {\n \"domain_name\": aws_s3_bucket[\"primary\"][\"bucket_regional_domain_name\"],\n \"originId\": \"primaryS3\",\n \"s3OriginConfig\": {\n \"originAccessIdentity\": aws_cloudfront_origin_access_identity[\"default\"][\"cloudfront_access_identity_path\"],\n },\n },\n {\n \"domain_name\": aws_s3_bucket[\"failover\"][\"bucket_regional_domain_name\"],\n \"originId\": \"failoverS3\",\n \"s3OriginConfig\": {\n \"originAccessIdentity\": aws_cloudfront_origin_access_identity[\"default\"][\"cloudfront_access_identity_path\"],\n },\n },\n ],\n origin_groups=[{\n \"failoverCriteria\": {\n \"statusCodes\": [\n 403,\n 404,\n 500,\n 502,\n ],\n },\n \"member\": [\n {\n \"originId\": \"primaryS3\",\n },\n {\n \"originId\": \"failoverS3\",\n },\n ],\n \"originId\": \"groupS3\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var s3Distribution = new Aws.CloudFront.Distribution(\"s3Distribution\", new Aws.CloudFront.DistributionArgs\n {\n DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n TargetOriginId = \"groupS3\",\n },\n Origins = \n {\n new Aws.CloudFront.Inputs.DistributionOriginArgs\n {\n DomainName = aws_s3_bucket.Primary.Bucket_regional_domain_name,\n OriginId = \"primaryS3\",\n S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs\n {\n OriginAccessIdentity = aws_cloudfront_origin_access_identity.Default.Cloudfront_access_identity_path,\n },\n },\n new Aws.CloudFront.Inputs.DistributionOriginArgs\n {\n DomainName = aws_s3_bucket.Failover.Bucket_regional_domain_name,\n OriginId = \"failoverS3\",\n S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs\n {\n OriginAccessIdentity = aws_cloudfront_origin_access_identity.Default.Cloudfront_access_identity_path,\n },\n },\n },\n OriginGroups = \n {\n new Aws.CloudFront.Inputs.DistributionOriginGroupArgs\n {\n FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs\n {\n StatusCodes = \n {\n 403,\n 404,\n 500,\n 502,\n },\n },\n Member = \n {\n \n {\n { \"originId\", \"primaryS3\" },\n },\n \n {\n { \"originId\", \"failoverS3\" },\n },\n },\n OriginId = \"groupS3\",\n },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "activeTrustedSigners": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The key pair IDs that CloudFront is aware of for\neach trusted signer, if the distribution is set up to serve private content\nwith signed URLs.\n" }, "aliases": { "type": "array", "items": { "type": "string" }, "description": "Extra CNAMEs (alternate domain names), if any, for\nthis distribution.\n" }, "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) for the distribution. For example: `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`, where `123456789012` is your AWS account ID.\n" }, "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future\nupdates to the distribution configuration.\n" }, "comment": { "type": "string", "description": "Any comments you want to include about the\ndistribution.\n" }, "customErrorResponses": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionCustomErrorResponse:DistributionCustomErrorResponse" }, "description": "One or more custom error response elements (multiples allowed).\n" }, "defaultCacheBehavior": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior", "description": "The default cache behavior for this distribution (maximum\none).\n" }, "defaultRootObject": { "type": "string", "description": "The object that you want CloudFront to\nreturn (for example, index.html) when an end user requests the root URL.\n" }, "domainName": { "type": "string", "description": "The DNS domain name of either the S3 bucket, or\nweb site of your custom origin.\n" }, "enabled": { "type": "boolean", "description": "Whether the distribution is enabled to accept end\nuser requests for content.\n" }, "etag": { "type": "string", "description": "The current version of the distribution's information. For example:\n`E2QWRUHAPOMQZL`.\n" }, "hostedZoneId": { "type": "string", "description": "The CloudFront Route 53 zone ID that can be used to\nroute an [Alias Resource Record Set](http://docs.aws.amazon.com/Route53/latest/APIReference/CreateAliasRRSAPI.html) to. This attribute is simply an\nalias for the zone ID `Z2FDTNDATAQYW2`.\n" }, "httpVersion": { "type": "string", "description": "The maximum HTTP version to support on the\ndistribution. Allowed values are `http1.1` and `http2`. The default is\n`http2`.\n" }, "inProgressValidationBatches": { "type": "integer", "description": "The number of invalidation batches\ncurrently in progress.\n" }, "isIpv6Enabled": { "type": "boolean", "description": "Whether the IPv6 is enabled for the distribution.\n" }, "lastModifiedTime": { "type": "string", "description": "The date and time the distribution was last modified.\n" }, "loggingConfig": { "$ref": "#/types/aws:cloudfront/DistributionLoggingConfig:DistributionLoggingConfig", "description": "The logging\nconfiguration that controls how logs are written\nto your distribution (maximum one).\n" }, "orderedCacheBehaviors": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehavior:DistributionOrderedCacheBehavior" }, "description": "An ordered list of cache behaviors\nresource for this distribution. List from top to bottom\nin order of precedence. The topmost cache behavior will have precedence 0.\n" }, "originGroups": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOriginGroup:DistributionOriginGroup" }, "description": "One or more origin_group for this\ndistribution (multiples allowed).\n" }, "origins": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrigin:DistributionOrigin" }, "description": "One or more origins for this\ndistribution (multiples allowed).\n" }, "priceClass": { "type": "string", "description": "The price class for this distribution. One of\n`PriceClass_All`, `PriceClass_200`, `PriceClass_100`\n" }, "restrictions": { "$ref": "#/types/aws:cloudfront/DistributionRestrictions:DistributionRestrictions", "description": "The restriction\nconfiguration for this distribution (maximum one).\n" }, "retainOnDelete": { "type": "boolean", "description": "Disables the distribution instead of\ndeleting it when destroying the resource. If this is set,\nthe distribution needs to be deleted manually afterwards. Default: `false`.\n" }, "status": { "type": "string", "description": "The current status of the distribution. `Deployed` if the\ndistribution's information is fully propagated throughout the Amazon\nCloudFront system.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "viewerCertificate": { "$ref": "#/types/aws:cloudfront/DistributionViewerCertificate:DistributionViewerCertificate", "description": "The SSL\nconfiguration for this distribution (maximum\none).\n" }, "waitForDeployment": { "type": "boolean", "description": "If enabled, the resource will wait for\nthe distribution status to change from `InProgress` to `Deployed`. Setting\nthis to`false` will skip the process. Default: `true`.\n" }, "webAclId": { "type": "string", "description": "If you're using AWS WAF to filter CloudFront\nrequests, the Id of the AWS WAF web ACL that is associated with the\ndistribution. The WAF Web ACL must exist in the WAF Global (CloudFront)\nregion and the credentials configuring this argument must have\n`waf:GetWebACL` permissions assigned. If using WAFv2, provide the ARN of the web ACL.\n" } }, "required": [ "activeTrustedSigners", "arn", "callerReference", "defaultCacheBehavior", "domainName", "enabled", "etag", "hostedZoneId", "inProgressValidationBatches", "lastModifiedTime", "origins", "restrictions", "status", "viewerCertificate" ], "inputProperties": { "aliases": { "type": "array", "items": { "type": "string" }, "description": "Extra CNAMEs (alternate domain names), if any, for\nthis distribution.\n" }, "comment": { "type": "string", "description": "Any comments you want to include about the\ndistribution.\n" }, "customErrorResponses": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionCustomErrorResponse:DistributionCustomErrorResponse" }, "description": "One or more custom error response elements (multiples allowed).\n" }, "defaultCacheBehavior": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior", "description": "The default cache behavior for this distribution (maximum\none).\n" }, "defaultRootObject": { "type": "string", "description": "The object that you want CloudFront to\nreturn (for example, index.html) when an end user requests the root URL.\n" }, "enabled": { "type": "boolean", "description": "Whether the distribution is enabled to accept end\nuser requests for content.\n" }, "httpVersion": { "type": "string", "description": "The maximum HTTP version to support on the\ndistribution. Allowed values are `http1.1` and `http2`. The default is\n`http2`.\n" }, "isIpv6Enabled": { "type": "boolean", "description": "Whether the IPv6 is enabled for the distribution.\n" }, "loggingConfig": { "$ref": "#/types/aws:cloudfront/DistributionLoggingConfig:DistributionLoggingConfig", "description": "The logging\nconfiguration that controls how logs are written\nto your distribution (maximum one).\n" }, "orderedCacheBehaviors": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehavior:DistributionOrderedCacheBehavior" }, "description": "An ordered list of cache behaviors\nresource for this distribution. List from top to bottom\nin order of precedence. The topmost cache behavior will have precedence 0.\n" }, "originGroups": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOriginGroup:DistributionOriginGroup" }, "description": "One or more origin_group for this\ndistribution (multiples allowed).\n" }, "origins": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrigin:DistributionOrigin" }, "description": "One or more origins for this\ndistribution (multiples allowed).\n" }, "priceClass": { "type": "string", "description": "The price class for this distribution. One of\n`PriceClass_All`, `PriceClass_200`, `PriceClass_100`\n" }, "restrictions": { "$ref": "#/types/aws:cloudfront/DistributionRestrictions:DistributionRestrictions", "description": "The restriction\nconfiguration for this distribution (maximum one).\n" }, "retainOnDelete": { "type": "boolean", "description": "Disables the distribution instead of\ndeleting it when destroying the resource. If this is set,\nthe distribution needs to be deleted manually afterwards. Default: `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "viewerCertificate": { "$ref": "#/types/aws:cloudfront/DistributionViewerCertificate:DistributionViewerCertificate", "description": "The SSL\nconfiguration for this distribution (maximum\none).\n" }, "waitForDeployment": { "type": "boolean", "description": "If enabled, the resource will wait for\nthe distribution status to change from `InProgress` to `Deployed`. Setting\nthis to`false` will skip the process. Default: `true`.\n" }, "webAclId": { "type": "string", "description": "If you're using AWS WAF to filter CloudFront\nrequests, the Id of the AWS WAF web ACL that is associated with the\ndistribution. The WAF Web ACL must exist in the WAF Global (CloudFront)\nregion and the credentials configuring this argument must have\n`waf:GetWebACL` permissions assigned. If using WAFv2, provide the ARN of the web ACL.\n" } }, "requiredInputs": [ "defaultCacheBehavior", "enabled", "origins", "restrictions", "viewerCertificate" ], "stateInputs": { "description": "Input properties used for looking up and filtering Distribution resources.\n", "properties": { "activeTrustedSigners": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The key pair IDs that CloudFront is aware of for\neach trusted signer, if the distribution is set up to serve private content\nwith signed URLs.\n" }, "aliases": { "type": "array", "items": { "type": "string" }, "description": "Extra CNAMEs (alternate domain names), if any, for\nthis distribution.\n" }, "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) for the distribution. For example: `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`, where `123456789012` is your AWS account ID.\n" }, "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future\nupdates to the distribution configuration.\n" }, "comment": { "type": "string", "description": "Any comments you want to include about the\ndistribution.\n" }, "customErrorResponses": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionCustomErrorResponse:DistributionCustomErrorResponse" }, "description": "One or more custom error response elements (multiples allowed).\n" }, "defaultCacheBehavior": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior", "description": "The default cache behavior for this distribution (maximum\none).\n" }, "defaultRootObject": { "type": "string", "description": "The object that you want CloudFront to\nreturn (for example, index.html) when an end user requests the root URL.\n" }, "domainName": { "type": "string", "description": "The DNS domain name of either the S3 bucket, or\nweb site of your custom origin.\n" }, "enabled": { "type": "boolean", "description": "Whether the distribution is enabled to accept end\nuser requests for content.\n" }, "etag": { "type": "string", "description": "The current version of the distribution's information. For example:\n`E2QWRUHAPOMQZL`.\n" }, "hostedZoneId": { "type": "string", "description": "The CloudFront Route 53 zone ID that can be used to\nroute an [Alias Resource Record Set](http://docs.aws.amazon.com/Route53/latest/APIReference/CreateAliasRRSAPI.html) to. This attribute is simply an\nalias for the zone ID `Z2FDTNDATAQYW2`.\n" }, "httpVersion": { "type": "string", "description": "The maximum HTTP version to support on the\ndistribution. Allowed values are `http1.1` and `http2`. The default is\n`http2`.\n" }, "inProgressValidationBatches": { "type": "integer", "description": "The number of invalidation batches\ncurrently in progress.\n" }, "isIpv6Enabled": { "type": "boolean", "description": "Whether the IPv6 is enabled for the distribution.\n" }, "lastModifiedTime": { "type": "string", "description": "The date and time the distribution was last modified.\n" }, "loggingConfig": { "$ref": "#/types/aws:cloudfront/DistributionLoggingConfig:DistributionLoggingConfig", "description": "The logging\nconfiguration that controls how logs are written\nto your distribution (maximum one).\n" }, "orderedCacheBehaviors": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehavior:DistributionOrderedCacheBehavior" }, "description": "An ordered list of cache behaviors\nresource for this distribution. List from top to bottom\nin order of precedence. The topmost cache behavior will have precedence 0.\n" }, "originGroups": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOriginGroup:DistributionOriginGroup" }, "description": "One or more origin_group for this\ndistribution (multiples allowed).\n" }, "origins": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrigin:DistributionOrigin" }, "description": "One or more origins for this\ndistribution (multiples allowed).\n" }, "priceClass": { "type": "string", "description": "The price class for this distribution. One of\n`PriceClass_All`, `PriceClass_200`, `PriceClass_100`\n" }, "restrictions": { "$ref": "#/types/aws:cloudfront/DistributionRestrictions:DistributionRestrictions", "description": "The restriction\nconfiguration for this distribution (maximum one).\n" }, "retainOnDelete": { "type": "boolean", "description": "Disables the distribution instead of\ndeleting it when destroying the resource. If this is set,\nthe distribution needs to be deleted manually afterwards. Default: `false`.\n" }, "status": { "type": "string", "description": "The current status of the distribution. `Deployed` if the\ndistribution's information is fully propagated throughout the Amazon\nCloudFront system.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "viewerCertificate": { "$ref": "#/types/aws:cloudfront/DistributionViewerCertificate:DistributionViewerCertificate", "description": "The SSL\nconfiguration for this distribution (maximum\none).\n" }, "waitForDeployment": { "type": "boolean", "description": "If enabled, the resource will wait for\nthe distribution status to change from `InProgress` to `Deployed`. Setting\nthis to`false` will skip the process. Default: `true`.\n" }, "webAclId": { "type": "string", "description": "If you're using AWS WAF to filter CloudFront\nrequests, the Id of the AWS WAF web ACL that is associated with the\ndistribution. The WAF Web ACL must exist in the WAF Global (CloudFront)\nregion and the credentials configuring this argument must have\n`waf:GetWebACL` permissions assigned. If using WAFv2, provide the ARN of the web ACL.\n" } }, "type": "object" } }, "aws:cloudfront/originAccessIdentity:OriginAccessIdentity": { "description": "Creates an Amazon CloudFront origin access identity.\n\nFor information about CloudFront distributions, see the\n[Amazon CloudFront Developer Guide](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html). For more information on generating\norigin access identities, see\n[Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content][2].\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example below creates a CloudFront origin access identity.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst originAccessIdentity = new aws.cloudfront.OriginAccessIdentity(\"origin_access_identity\", {\n comment: \"Some comment\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norigin_access_identity = aws.cloudfront.OriginAccessIdentity(\"originAccessIdentity\", comment=\"Some comment\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var originAccessIdentity = new Aws.CloudFront.OriginAccessIdentity(\"originAccessIdentity\", new Aws.CloudFront.OriginAccessIdentityArgs\n {\n Comment = \"Some comment\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudfront.NewOriginAccessIdentity(ctx, \"originAccessIdentity\", \u0026cloudfront.OriginAccessIdentityArgs{\n\t\t\tComment: pulumi.String(\"Some comment\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Using With CloudFront\n\nNormally, when referencing an origin access identity in CloudFront, you need to\nprefix the ID with the `origin-access-identity/cloudfront/` special path.\nThe `cloudfront_access_identity_path` allows this to be circumvented.\nThe below snippet demonstrates use with the `s3_origin_config` structure for the\n[`aws.cloudfront.Distribution`][3] resource:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing Pulumi;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n\n### Updating your bucket policy\n\nNote that the AWS API may translate the `s3_canonical_user_id` `CanonicalUser`\nprincipal into an `AWS` IAM ARN principal when supplied in an\n[`aws.s3.Bucket`][4] bucket policy, causing spurious diffs. If\nyou see this behaviour, use the `iam_arn` instead:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3Policy = pulumi.all([aws_cloudfront_origin_access_identity_origin_access_identity.iamArn, aws_s3_bucket_example.arn, aws_cloudfront_origin_access_identity_origin_access_identity.iamArn, aws_s3_bucket_example.arn]).apply(([aws_cloudfront_origin_access_identity_origin_access_identityIamArn, aws_s3_bucket_exampleArn, aws_cloudfront_origin_access_identity_origin_access_identityIamArn1, aws_s3_bucket_exampleArn1]) =\u003e aws.iam.getPolicyDocument({\n statements: [\n {\n actions: [\"s3:GetObject\"],\n principals: [{\n identifiers: [aws_cloudfront_origin_access_identity_origin_access_identityIamArn],\n type: \"AWS\",\n }],\n resources: [`${aws_s3_bucket_exampleArn}/*`],\n },\n {\n actions: [\"s3:ListBucket\"],\n principals: [{\n identifiers: [aws_cloudfront_origin_access_identity_origin_access_identityIamArn1],\n type: \"AWS\",\n }],\n resources: [aws_s3_bucket_exampleArn1],\n },\n ],\n}, { async: true }));\nconst example = new aws.s3.BucketPolicy(\"example\", {\n bucket: aws_s3_bucket_example.id,\n policy: s3Policy.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3_policy = aws.iam.get_policy_document(statements=[\n {\n \"actions\": [\"s3:GetObject\"],\n \"principals\": [{\n \"identifiers\": [aws_cloudfront_origin_access_identity[\"origin_access_identity\"][\"iam_arn\"]],\n \"type\": \"AWS\",\n }],\n \"resources\": [f\"{aws_s3_bucket['example']['arn']}/*\"],\n },\n {\n \"actions\": [\"s3:ListBucket\"],\n \"principals\": [{\n \"identifiers\": [aws_cloudfront_origin_access_identity[\"origin_access_identity\"][\"iam_arn\"]],\n \"type\": \"AWS\",\n }],\n \"resources\": [aws_s3_bucket[\"example\"][\"arn\"]],\n },\n])\nexample = aws.s3.BucketPolicy(\"example\",\n bucket=aws_s3_bucket[\"example\"][\"id\"],\n policy=s3_policy.json)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var s3Policy = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:GetObject\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n aws_cloudfront_origin_access_identity.Origin_access_identity.Iam_arn,\n },\n Type = \"AWS\",\n },\n },\n Resources = \n {\n $\"{aws_s3_bucket.Example.Arn}/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:ListBucket\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n aws_cloudfront_origin_access_identity.Origin_access_identity.Iam_arn,\n },\n Type = \"AWS\",\n },\n },\n Resources = \n {\n aws_s3_bucket.Example.Arn,\n },\n },\n },\n }));\n var example = new Aws.S3.BucketPolicy(\"example\", new Aws.S3.BucketPolicyArgs\n {\n Bucket = aws_s3_bucket.Example.Id,\n Policy = s3Policy.Apply(s3Policy =\u003e s3Policy.Json),\n });\n }\n\n}\n```\n\n[1]: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html\n[2]: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html\n[3]: https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html\n[4]: https://www.terraform.io/docs/providers/aws/r/s3_bucket.html\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future\nupdates to the origin access identity.\n" }, "cloudfrontAccessIdentityPath": { "type": "string", "description": "A shortcut to the full path for the\norigin access identity to use in CloudFront, see below.\n" }, "comment": { "type": "string", "description": "An optional comment for the origin access identity.\n" }, "etag": { "type": "string", "description": "The current version of the origin access identity's information.\nFor example: `E2QWRUHAPOMQZL`.\n" }, "iamArn": { "type": "string", "description": "A pre-generated ARN for use in S3 bucket policies (see below).\nExample: `arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity\nE2QWRUHAPOMQZL`.\n" }, "s3CanonicalUserId": { "type": "string", "description": "The Amazon S3 canonical user ID for the origin\naccess identity, which you use when giving the origin access identity read\npermission to an object in Amazon S3.\n" } }, "required": [ "callerReference", "cloudfrontAccessIdentityPath", "etag", "iamArn", "s3CanonicalUserId" ], "inputProperties": { "comment": { "type": "string", "description": "An optional comment for the origin access identity.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering OriginAccessIdentity resources.\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future\nupdates to the origin access identity.\n" }, "cloudfrontAccessIdentityPath": { "type": "string", "description": "A shortcut to the full path for the\norigin access identity to use in CloudFront, see below.\n" }, "comment": { "type": "string", "description": "An optional comment for the origin access identity.\n" }, "etag": { "type": "string", "description": "The current version of the origin access identity's information.\nFor example: `E2QWRUHAPOMQZL`.\n" }, "iamArn": { "type": "string", "description": "A pre-generated ARN for use in S3 bucket policies (see below).\nExample: `arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity\nE2QWRUHAPOMQZL`.\n" }, "s3CanonicalUserId": { "type": "string", "description": "The Amazon S3 canonical user ID for the origin\naccess identity, which you use when giving the origin access identity read\npermission to an object in Amazon S3.\n" } }, "type": "object" } }, "aws:cloudfront/publicKey:PublicKey": { "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future updates to the public key configuration.\n" }, "comment": { "type": "string", "description": "An optional comment about the public key.\n" }, "encodedKey": { "type": "string", "description": "The encoded public key that you want to add to CloudFront to use with features like field-level encryption.\n" }, "etag": { "type": "string", "description": "The current version of the public key. For example: `E2QWRUHAPOMQZL`.\n" }, "name": { "type": "string", "description": "The name for the public key. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name for the public key. Conflicts with `name`.\n" } }, "required": [ "callerReference", "encodedKey", "etag", "name", "namePrefix" ], "inputProperties": { "comment": { "type": "string", "description": "An optional comment about the public key.\n" }, "encodedKey": { "type": "string", "description": "The encoded public key that you want to add to CloudFront to use with features like field-level encryption.\n" }, "name": { "type": "string", "description": "The name for the public key. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name for the public key. Conflicts with `name`.\n" } }, "requiredInputs": [ "encodedKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering PublicKey resources.\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future updates to the public key configuration.\n" }, "comment": { "type": "string", "description": "An optional comment about the public key.\n" }, "encodedKey": { "type": "string", "description": "The encoded public key that you want to add to CloudFront to use with features like field-level encryption.\n" }, "etag": { "type": "string", "description": "The current version of the public key. For example: `E2QWRUHAPOMQZL`.\n" }, "name": { "type": "string", "description": "The name for the public key. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name for the public key. Conflicts with `name`.\n" } }, "type": "object" } }, "aws:cloudhsmv2/cluster:Cluster": { "description": "Creates an Amazon CloudHSM v2 cluster.\n\nFor information about CloudHSM v2, see the\n[AWS CloudHSM User Guide](https://docs.aws.amazon.com/cloudhsm/latest/userguide/introduction.html) and the [Amazon\nCloudHSM API Reference][2].\n\n\u003e **NOTE:** CloudHSM can take up to several minutes to be set up.\nPractically no single attribute can be updated except TAGS.\nIf you need to delete a cluster, you have to remove its HSM modules first.\nTo initialize cluster, you have to add an hsm instance to the cluster then sign CSR and upload it.\n", "properties": { "clusterCertificates": { "type": "array", "items": { "$ref": "#/types/aws:cloudhsmv2/ClusterClusterCertificate:ClusterClusterCertificate" }, "description": "The list of cluster certificates.\n* `cluster_certificates.0.cluster_certificate` - The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster's owner.\n* `cluster_certificates.0.cluster_csr` - The certificate signing request (CSR). Available only in UNINITIALIZED state after an hsm instance is added to the cluster.\n* `cluster_certificates.0.aws_hardware_certificate` - The HSM hardware certificate issued (signed) by AWS CloudHSM.\n* `cluster_certificates.0.hsm_certificate` - The HSM certificate issued (signed) by the HSM hardware.\n* `cluster_certificates.0.manufacturer_hardware_certificate` - The HSM hardware certificate issued (signed) by the hardware manufacturer.\n" }, "clusterId": { "type": "string", "description": "The id of the CloudHSM cluster.\n" }, "clusterState": { "type": "string", "description": "The state of the cluster.\n", "language": { "csharp": { "name": "State" } } }, "hsmType": { "type": "string", "description": "The type of HSM module in the cluster. Currently, only hsm1.medium is supported.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group associated with the CloudHSM cluster.\n" }, "sourceBackupIdentifier": { "type": "string", "description": "The id of Cloud HSM v2 cluster backup to be restored.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of subnets in which cluster will operate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The id of the VPC that the CloudHSM cluster resides in.\n" } }, "required": [ "clusterCertificates", "clusterId", "clusterState", "hsmType", "securityGroupId", "subnetIds", "vpcId" ], "inputProperties": { "hsmType": { "type": "string", "description": "The type of HSM module in the cluster. Currently, only hsm1.medium is supported.\n" }, "sourceBackupIdentifier": { "type": "string", "description": "The id of Cloud HSM v2 cluster backup to be restored.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of subnets in which cluster will operate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "hsmType", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "clusterCertificates": { "type": "array", "items": { "$ref": "#/types/aws:cloudhsmv2/ClusterClusterCertificate:ClusterClusterCertificate" }, "description": "The list of cluster certificates.\n* `cluster_certificates.0.cluster_certificate` - The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster's owner.\n* `cluster_certificates.0.cluster_csr` - The certificate signing request (CSR). Available only in UNINITIALIZED state after an hsm instance is added to the cluster.\n* `cluster_certificates.0.aws_hardware_certificate` - The HSM hardware certificate issued (signed) by AWS CloudHSM.\n* `cluster_certificates.0.hsm_certificate` - The HSM certificate issued (signed) by the HSM hardware.\n* `cluster_certificates.0.manufacturer_hardware_certificate` - The HSM hardware certificate issued (signed) by the hardware manufacturer.\n" }, "clusterId": { "type": "string", "description": "The id of the CloudHSM cluster.\n" }, "clusterState": { "type": "string", "description": "The state of the cluster.\n", "language": { "csharp": { "name": "State" } } }, "hsmType": { "type": "string", "description": "The type of HSM module in the cluster. Currently, only hsm1.medium is supported.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group associated with the CloudHSM cluster.\n" }, "sourceBackupIdentifier": { "type": "string", "description": "The id of Cloud HSM v2 cluster backup to be restored.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of subnets in which cluster will operate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The id of the VPC that the CloudHSM cluster resides in.\n" } }, "type": "object" } }, "aws:cloudhsmv2/hsm:Hsm": { "description": "Creates an HSM module in Amazon CloudHSM v2 cluster.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example below creates an HSM module in CloudHSM cluster.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cluster = pulumi.output(aws.cloudhsmv2.getCluster({\n clusterId: var_cloudhsm_cluster_id,\n}, { async: true }));\nconst cloudhsmV2Hsm = new aws.cloudhsmv2.Hsm(\"cloudhsm_v2_hsm\", {\n clusterId: cluster.clusterId,\n subnetId: cluster.apply(cluster =\u003e cluster.subnetIds[0]),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster = aws.cloudhsmv2.get_cluster(cluster_id=var[\"cloudhsm_cluster_id\"])\ncloudhsm_v2_hsm = aws.cloudhsmv2.Hsm(\"cloudhsmV2Hsm\",\n cluster_id=cluster.cluster_id,\n subnet_id=cluster.subnet_ids[0])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var cluster = Output.Create(Aws.CloudHsmV2.GetCluster.InvokeAsync(new Aws.CloudHsmV2.GetClusterArgs\n {\n ClusterId = @var.Cloudhsm_cluster_id,\n }));\n var cloudhsmV2Hsm = new Aws.CloudHsmV2.Hsm(\"cloudhsmV2Hsm\", new Aws.CloudHsmV2.HsmArgs\n {\n ClusterId = cluster.Apply(cluster =\u003e cluster.ClusterId),\n SubnetId = cluster.Apply(cluster =\u003e cluster.SubnetIds[0]),\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "availabilityZone": { "type": "string", "description": "The IDs of AZ in which HSM module will be located. Do not use together with subnet_id.\n" }, "clusterId": { "type": "string", "description": "The ID of Cloud HSM v2 cluster to which HSM will be added.\n" }, "hsmEniId": { "type": "string", "description": "The id of the ENI interface allocated for HSM module.\n" }, "hsmId": { "type": "string", "description": "The id of the HSM module.\n" }, "hsmState": { "type": "string", "description": "The state of the HSM module.\n", "language": { "csharp": { "name": "State" } } }, "ipAddress": { "type": "string", "description": "The IP address of HSM module. Must be within the CIDR of selected subnet.\n" }, "subnetId": { "type": "string", "description": "The ID of subnet in which HSM module will be located.\n" } }, "required": [ "availabilityZone", "clusterId", "hsmEniId", "hsmId", "hsmState", "ipAddress", "subnetId" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The IDs of AZ in which HSM module will be located. Do not use together with subnet_id.\n" }, "clusterId": { "type": "string", "description": "The ID of Cloud HSM v2 cluster to which HSM will be added.\n" }, "ipAddress": { "type": "string", "description": "The IP address of HSM module. Must be within the CIDR of selected subnet.\n" }, "subnetId": { "type": "string", "description": "The ID of subnet in which HSM module will be located.\n" } }, "requiredInputs": [ "clusterId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Hsm resources.\n", "properties": { "availabilityZone": { "type": "string", "description": "The IDs of AZ in which HSM module will be located. Do not use together with subnet_id.\n" }, "clusterId": { "type": "string", "description": "The ID of Cloud HSM v2 cluster to which HSM will be added.\n" }, "hsmEniId": { "type": "string", "description": "The id of the ENI interface allocated for HSM module.\n" }, "hsmId": { "type": "string", "description": "The id of the HSM module.\n" }, "hsmState": { "type": "string", "description": "The state of the HSM module.\n", "language": { "csharp": { "name": "State" } } }, "ipAddress": { "type": "string", "description": "The IP address of HSM module. Must be within the CIDR of selected subnet.\n" }, "subnetId": { "type": "string", "description": "The ID of subnet in which HSM module will be located.\n" } }, "type": "object" } }, "aws:cloudtrail/trail:Trail": { "description": "Provides a CloudTrail resource.\n\n\u003e *NOTE:* For a multi-region trail, this resource must be in the home region of the trail.\n\n\u003e *NOTE:* For an organization trail, this resource must be in the master account of the organization.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\nEnable CloudTrail to capture all compatible management events in region.\nFor capturing events from services like IAM, `include_global_service_events` must be enabled.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.getCallerIdentity({ async: true }));\nconst foo = new aws.s3.Bucket(\"foo\", {\n forceDestroy: true,\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"AWSCloudTrailAclCheck\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"cloudtrail.amazonaws.com\"\n },\n \"Action\": \"s3:GetBucketAcl\",\n \"Resource\": \"arn:aws:s3:::tf-test-trail\"\n },\n {\n \"Sid\": \"AWSCloudTrailWrite\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"cloudtrail.amazonaws.com\"\n },\n \"Action\": \"s3:PutObject\",\n \"Resource\": \"arn:aws:s3:::tf-test-trail/prefix/AWSLogs/${current.accountId}/*\",\n \"Condition\": {\n \"StringEquals\": {\n \"s3:x-amz-acl\": \"bucket-owner-full-control\"\n }\n }\n }\n ]\n}\n`,\n});\nconst foobar = new aws.cloudtrail.Trail(\"foobar\", {\n includeGlobalServiceEvents: false,\n s3BucketName: foo.id,\n s3KeyPrefix: \"prefix\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nfoo = aws.s3.Bucket(\"foo\",\n force_destroy=True,\n policy=f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Sid\": \"AWSCloudTrailAclCheck\",\n \"Effect\": \"Allow\",\n \"Principal\": {{\n \"Service\": \"cloudtrail.amazonaws.com\"\n }},\n \"Action\": \"s3:GetBucketAcl\",\n \"Resource\": \"arn:aws:s3:::tf-test-trail\"\n }},\n {{\n \"Sid\": \"AWSCloudTrailWrite\",\n \"Effect\": \"Allow\",\n \"Principal\": {{\n \"Service\": \"cloudtrail.amazonaws.com\"\n }},\n \"Action\": \"s3:PutObject\",\n \"Resource\": \"arn:aws:s3:::tf-test-trail/prefix/AWSLogs/{current.account_id}/*\",\n \"Condition\": {{\n \"StringEquals\": {{\n \"s3:x-amz-acl\": \"bucket-owner-full-control\"\n }}\n }}\n }}\n ]\n}}\n\n\"\"\")\nfoobar = aws.cloudtrail.Trail(\"foobar\",\n include_global_service_events=False,\n s3_bucket_name=foo.id,\n s3_key_prefix=\"prefix\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n var foo = new Aws.S3.Bucket(\"foo\", new Aws.S3.BucketArgs\n {\n ForceDestroy = true,\n Policy = current.Apply(current =\u003e @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Sid\"\": \"\"AWSCloudTrailAclCheck\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {{\n \"\"Service\"\": \"\"cloudtrail.amazonaws.com\"\"\n }},\n \"\"Action\"\": \"\"s3:GetBucketAcl\"\",\n \"\"Resource\"\": \"\"arn:aws:s3:::tf-test-trail\"\"\n }},\n {{\n \"\"Sid\"\": \"\"AWSCloudTrailWrite\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {{\n \"\"Service\"\": \"\"cloudtrail.amazonaws.com\"\"\n }},\n \"\"Action\"\": \"\"s3:PutObject\"\",\n \"\"Resource\"\": \"\"arn:aws:s3:::tf-test-trail/prefix/AWSLogs/{current.AccountId}/*\"\",\n \"\"Condition\"\": {{\n \"\"StringEquals\"\": {{\n \"\"s3:x-amz-acl\"\": \"\"bucket-owner-full-control\"\"\n }}\n }}\n }}\n ]\n}}\n\n\"),\n });\n var foobar = new Aws.CloudTrail.Trail(\"foobar\", new Aws.CloudTrail.TrailArgs\n {\n IncludeGlobalServiceEvents = false,\n S3BucketName = foo.Id,\n S3KeyPrefix = \"prefix\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := s3.NewBucket(ctx, \"foo\", \u0026s3.BucketArgs{\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"AWSCloudTrailAclCheck\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"cloudtrail.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"s3:GetBucketAcl\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:s3:::tf-test-trail\\\"\\n\", \" },\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"AWSCloudTrailWrite\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"cloudtrail.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"s3:PutObject\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:s3:::tf-test-trail/prefix/AWSLogs/\", current.AccountId, \"/*\\\",\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"StringEquals\\\": {\\n\", \" \\\"s3:x-amz-acl\\\": \\\"bucket-owner-full-control\\\"\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"foobar\", \u0026cloudtrail.TrailArgs{\n\t\t\tIncludeGlobalServiceEvents: pulumi.Bool(false),\n\t\t\tS3BucketName: foo.ID(),\n\t\t\tS3KeyPrefix: pulumi.String(\"prefix\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n### Data Event Logging\n\nCloudTrail can log [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) for certain services such as S3 bucket objects and Lambda function invocations. Additional information about data event configuration can be found in the [CloudTrail API DataResource documentation](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DataResource.html).\n{{% example %}}\n### Logging All Lambda Function Invocations\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudtrail.Trail(\"example\", {\n eventSelectors: [{\n dataResources: [{\n type: \"AWS::Lambda::Function\",\n values: [\"arn:aws:lambda\"],\n }],\n includeManagementEvents: true,\n readWriteType: \"All\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[{\n \"dataResource\": [{\n \"type\": \"AWS::Lambda::Function\",\n \"values\": [\"arn:aws:lambda\"],\n }],\n \"includeManagementEvents\": True,\n \"readWriteType\": \"All\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.CloudTrail.Trail(\"example\", new Aws.CloudTrail.TrailArgs\n {\n EventSelectors = \n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n DataResource = \n {\n \n {\n { \"type\", \"AWS::Lambda::Function\" },\n { \"values\", \n {\n \"arn:aws:lambda\",\n } },\n },\n },\n IncludeManagementEvents = true,\n ReadWriteType = \"All\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tDataResource: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"AWS::Lambda::Function\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"arn:aws:lambda\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Logging All S3 Bucket Object Events\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudtrail.Trail(\"example\", {\n eventSelectors: [{\n dataResources: [{\n type: \"AWS::S3::Object\",\n values: [\"arn:aws:s3:::\"],\n }],\n includeManagementEvents: true,\n readWriteType: \"All\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[{\n \"dataResource\": [{\n \"type\": \"AWS::S3::Object\",\n \"values\": [\"arn:aws:s3:::\"],\n }],\n \"includeManagementEvents\": True,\n \"readWriteType\": \"All\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.CloudTrail.Trail(\"example\", new Aws.CloudTrail.TrailArgs\n {\n EventSelectors = \n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n DataResource = \n {\n \n {\n { \"type\", \"AWS::S3::Object\" },\n { \"values\", \n {\n \"arn:aws:s3:::\",\n } },\n },\n },\n IncludeManagementEvents = true,\n ReadWriteType = \"All\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tDataResource: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"arn:aws:s3:::\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Logging Individual S3 Bucket Events\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst important_bucket = pulumi.output(aws.s3.getBucket({\n bucket: \"important-bucket\",\n}, { async: true }));\nconst example = new aws.cloudtrail.Trail(\"example\", {\n eventSelectors: [{\n dataResources: [{\n type: \"AWS::S3::Object\",\n // Make sure to append a trailing '/' to your ARN if you want\n // to monitor all objects in a bucket.\n values: [pulumi.interpolate`${important_bucket.arn}/`],\n }],\n includeManagementEvents: true,\n readWriteType: \"All\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nimportant_bucket = aws.s3.get_bucket(bucket=\"important-bucket\")\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[{\n \"dataResource\": [{\n \"type\": \"AWS::S3::Object\",\n \"values\": [f\"{important_bucket.arn}/\"],\n }],\n \"includeManagementEvents\": True,\n \"readWriteType\": \"All\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var important_bucket = Output.Create(Aws.S3.GetBucket.InvokeAsync(new Aws.S3.GetBucketArgs\n {\n Bucket = \"important-bucket\",\n }));\n var example = new Aws.CloudTrail.Trail(\"example\", new Aws.CloudTrail.TrailArgs\n {\n EventSelectors = \n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n DataResource = \n {\n \n {\n { \"type\", \"AWS::S3::Object\" },\n { \"values\", \n {\n important_bucket.Apply(important_bucket =\u003e $\"{important_bucket.Arn}/\"),\n } },\n },\n },\n IncludeManagementEvents = true,\n ReadWriteType = \"All\",\n },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the trail.\n" }, "cloudWatchLogsGroupArn": { "type": "string", "description": "Specifies a log group name using an Amazon Resource Name (ARN),\nthat represents the log group to which CloudTrail logs will be delivered.\n" }, "cloudWatchLogsRoleArn": { "type": "string", "description": "Specifies the role for the CloudWatch Logs\nendpoint to assume to write to a user’s log group.\n" }, "enableLogFileValidation": { "type": "boolean", "description": "Specifies whether log file integrity validation is enabled.\nDefaults to `false`.\n" }, "enableLogging": { "type": "boolean", "description": "Enables logging for the trail. Defaults to `true`.\nSetting this to `false` will pause logging.\n" }, "eventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailEventSelector:TrailEventSelector" }, "description": "Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these.\n" }, "homeRegion": { "type": "string", "description": "The region in which the trail was created.\n" }, "includeGlobalServiceEvents": { "type": "boolean", "description": "Specifies whether the trail is publishing events\nfrom global services such as IAM to the log files. Defaults to `true`.\n" }, "isMultiRegionTrail": { "type": "boolean", "description": "Specifies whether the trail is created in the current\nregion or in all regions. Defaults to `false`.\n" }, "isOrganizationTrail": { "type": "boolean", "description": "Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the KMS key ARN to use to encrypt the logs delivered by CloudTrail.\n" }, "name": { "type": "string", "description": "Specifies the name of the trail.\n" }, "s3BucketName": { "type": "string", "description": "Specifies the name of the S3 bucket designated for publishing log files.\n" }, "s3KeyPrefix": { "type": "string", "description": "Specifies the S3 key prefix that follows\nthe name of the bucket you have designated for log file delivery.\n" }, "snsTopicName": { "type": "string", "description": "Specifies the name of the Amazon SNS topic\ndefined for notification of log file delivery.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the trail\n" } }, "required": [ "arn", "homeRegion", "name", "s3BucketName" ], "inputProperties": { "cloudWatchLogsGroupArn": { "type": "string", "description": "Specifies a log group name using an Amazon Resource Name (ARN),\nthat represents the log group to which CloudTrail logs will be delivered.\n" }, "cloudWatchLogsRoleArn": { "type": "string", "description": "Specifies the role for the CloudWatch Logs\nendpoint to assume to write to a user’s log group.\n" }, "enableLogFileValidation": { "type": "boolean", "description": "Specifies whether log file integrity validation is enabled.\nDefaults to `false`.\n" }, "enableLogging": { "type": "boolean", "description": "Enables logging for the trail. Defaults to `true`.\nSetting this to `false` will pause logging.\n" }, "eventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailEventSelector:TrailEventSelector" }, "description": "Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these.\n" }, "includeGlobalServiceEvents": { "type": "boolean", "description": "Specifies whether the trail is publishing events\nfrom global services such as IAM to the log files. Defaults to `true`.\n" }, "isMultiRegionTrail": { "type": "boolean", "description": "Specifies whether the trail is created in the current\nregion or in all regions. Defaults to `false`.\n" }, "isOrganizationTrail": { "type": "boolean", "description": "Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the KMS key ARN to use to encrypt the logs delivered by CloudTrail.\n" }, "name": { "type": "string", "description": "Specifies the name of the trail.\n" }, "s3BucketName": { "type": "string", "description": "Specifies the name of the S3 bucket designated for publishing log files.\n" }, "s3KeyPrefix": { "type": "string", "description": "Specifies the S3 key prefix that follows\nthe name of the bucket you have designated for log file delivery.\n" }, "snsTopicName": { "type": "string", "description": "Specifies the name of the Amazon SNS topic\ndefined for notification of log file delivery.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the trail\n" } }, "requiredInputs": [ "s3BucketName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Trail resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the trail.\n" }, "cloudWatchLogsGroupArn": { "type": "string", "description": "Specifies a log group name using an Amazon Resource Name (ARN),\nthat represents the log group to which CloudTrail logs will be delivered.\n" }, "cloudWatchLogsRoleArn": { "type": "string", "description": "Specifies the role for the CloudWatch Logs\nendpoint to assume to write to a user’s log group.\n" }, "enableLogFileValidation": { "type": "boolean", "description": "Specifies whether log file integrity validation is enabled.\nDefaults to `false`.\n" }, "enableLogging": { "type": "boolean", "description": "Enables logging for the trail. Defaults to `true`.\nSetting this to `false` will pause logging.\n" }, "eventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailEventSelector:TrailEventSelector" }, "description": "Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these.\n" }, "homeRegion": { "type": "string", "description": "The region in which the trail was created.\n" }, "includeGlobalServiceEvents": { "type": "boolean", "description": "Specifies whether the trail is publishing events\nfrom global services such as IAM to the log files. Defaults to `true`.\n" }, "isMultiRegionTrail": { "type": "boolean", "description": "Specifies whether the trail is created in the current\nregion or in all regions. Defaults to `false`.\n" }, "isOrganizationTrail": { "type": "boolean", "description": "Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the KMS key ARN to use to encrypt the logs delivered by CloudTrail.\n" }, "name": { "type": "string", "description": "Specifies the name of the trail.\n" }, "s3BucketName": { "type": "string", "description": "Specifies the name of the S3 bucket designated for publishing log files.\n" }, "s3KeyPrefix": { "type": "string", "description": "Specifies the S3 key prefix that follows\nthe name of the bucket you have designated for log file delivery.\n" }, "snsTopicName": { "type": "string", "description": "Specifies the name of the Amazon SNS topic\ndefined for notification of log file delivery.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the trail\n" } }, "type": "object" } }, "aws:cloudwatch/dashboard:Dashboard": { "description": "Provides a CloudWatch Dashboard resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.cloudwatch.Dashboard(\"main\", {\n dashboardBody: ` {\n \"widgets\": [\n {\n \"type\":\"metric\",\n \"x\":0,\n \"y\":0,\n \"width\":12,\n \"height\":6,\n \"properties\":{\n \"metrics\":[\n [\n \"AWS/EC2\",\n \"CPUUtilization\",\n \"InstanceId\",\n \"i-012345\"\n ]\n ],\n \"period\":300,\n \"stat\":\"Average\",\n \"region\":\"us-east-1\",\n \"title\":\"EC2 Instance CPU\"\n }\n },\n {\n \"type\":\"text\",\n \"x\":0,\n \"y\":7,\n \"width\":3,\n \"height\":3,\n \"properties\":{\n \"markdown\":\"Hello world\"\n }\n }\n ]\n }\n `,\n dashboardName: \"my-dashboard\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.cloudwatch.Dashboard(\"main\",\n dashboard_body=\"\"\" {\n \"widgets\": [\n {\n \"type\":\"metric\",\n \"x\":0,\n \"y\":0,\n \"width\":12,\n \"height\":6,\n \"properties\":{\n \"metrics\":[\n [\n \"AWS/EC2\",\n \"CPUUtilization\",\n \"InstanceId\",\n \"i-012345\"\n ]\n ],\n \"period\":300,\n \"stat\":\"Average\",\n \"region\":\"us-east-1\",\n \"title\":\"EC2 Instance CPU\"\n }\n },\n {\n \"type\":\"text\",\n \"x\":0,\n \"y\":7,\n \"width\":3,\n \"height\":3,\n \"properties\":{\n \"markdown\":\"Hello world\"\n }\n }\n ]\n }\n \n\"\"\",\n dashboard_name=\"my-dashboard\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.CloudWatch.Dashboard(\"main\", new Aws.CloudWatch.DashboardArgs\n {\n DashboardBody = @\" {\n \"\"widgets\"\": [\n {\n \"\"type\"\":\"\"metric\"\",\n \"\"x\"\":0,\n \"\"y\"\":0,\n \"\"width\"\":12,\n \"\"height\"\":6,\n \"\"properties\"\":{\n \"\"metrics\"\":[\n [\n \"\"AWS/EC2\"\",\n \"\"CPUUtilization\"\",\n \"\"InstanceId\"\",\n \"\"i-012345\"\"\n ]\n ],\n \"\"period\"\":300,\n \"\"stat\"\":\"\"Average\"\",\n \"\"region\"\":\"\"us-east-1\"\",\n \"\"title\"\":\"\"EC2 Instance CPU\"\"\n }\n },\n {\n \"\"type\"\":\"\"text\"\",\n \"\"x\"\":0,\n \"\"y\"\":7,\n \"\"width\"\":3,\n \"\"height\"\":3,\n \"\"properties\"\":{\n \"\"markdown\"\":\"\"Hello world\"\"\n }\n }\n ]\n }\n \n\",\n DashboardName = \"my-dashboard\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudwatch.NewDashboard(ctx, \"main\", \u0026cloudwatch.DashboardArgs{\n\t\t\tDashboardBody: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \" {\\n\", \" \\\"widgets\\\": [\\n\", \" {\\n\", \" \\\"type\\\":\\\"metric\\\",\\n\", \" \\\"x\\\":0,\\n\", \" \\\"y\\\":0,\\n\", \" \\\"width\\\":12,\\n\", \" \\\"height\\\":6,\\n\", \" \\\"properties\\\":{\\n\", \" \\\"metrics\\\":[\\n\", \" [\\n\", \" \\\"AWS/EC2\\\",\\n\", \" \\\"CPUUtilization\\\",\\n\", \" \\\"InstanceId\\\",\\n\", \" \\\"i-012345\\\"\\n\", \" ]\\n\", \" ],\\n\", \" \\\"period\\\":300,\\n\", \" \\\"stat\\\":\\\"Average\\\",\\n\", \" \\\"region\\\":\\\"us-east-1\\\",\\n\", \" \\\"title\\\":\\\"EC2 Instance CPU\\\"\\n\", \" }\\n\", \" },\\n\", \" {\\n\", \" \\\"type\\\":\\\"text\\\",\\n\", \" \\\"x\\\":0,\\n\", \" \\\"y\\\":7,\\n\", \" \\\"width\\\":3,\\n\", \" \\\"height\\\":3,\\n\", \" \\\"properties\\\":{\\n\", \" \\\"markdown\\\":\\\"Hello world\\\"\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \" }\\n\", \" \\n\")),\n\t\t\tDashboardName: pulumi.String(\"my-dashboard\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "dashboardArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the dashboard.\n" }, "dashboardBody": { "type": "string", "description": "The detailed information about the dashboard, including what widgets are included and their location on the dashboard. You can read more about the body structure in the [documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html).\n" }, "dashboardName": { "type": "string", "description": "The name of the dashboard.\n" } }, "required": [ "dashboardArn", "dashboardBody", "dashboardName" ], "inputProperties": { "dashboardBody": { "type": "string", "description": "The detailed information about the dashboard, including what widgets are included and their location on the dashboard. You can read more about the body structure in the [documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html).\n" }, "dashboardName": { "type": "string", "description": "The name of the dashboard.\n" } }, "requiredInputs": [ "dashboardBody", "dashboardName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Dashboard resources.\n", "properties": { "dashboardArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the dashboard.\n" }, "dashboardBody": { "type": "string", "description": "The detailed information about the dashboard, including what widgets are included and their location on the dashboard. You can read more about the body structure in the [documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html).\n" }, "dashboardName": { "type": "string", "description": "The name of the dashboard.\n" } }, "type": "object" } }, "aws:cloudwatch/eventPermission:EventPermission": { "description": "Provides a resource to create a CloudWatch Events permission to support cross-account events in the current account default event bus.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Account Access\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst devAccountAccess = new aws.cloudwatch.EventPermission(\"DevAccountAccess\", {\n principal: \"123456789012\",\n statementId: \"DevAccountAccess\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndev_account_access = aws.cloudwatch.EventPermission(\"devAccountAccess\",\n principal=\"123456789012\",\n statement_id=\"DevAccountAccess\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var devAccountAccess = new Aws.CloudWatch.EventPermission(\"devAccountAccess\", new Aws.CloudWatch.EventPermissionArgs\n {\n Principal = \"123456789012\",\n StatementId = \"DevAccountAccess\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudwatch.NewEventPermission(ctx, \"devAccountAccess\", \u0026cloudwatch.EventPermissionArgs{\n\t\t\tPrincipal: pulumi.String(\"123456789012\"),\n\t\t\tStatementId: pulumi.String(\"DevAccountAccess\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Organization Access\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst organizationAccess = new aws.cloudwatch.EventPermission(\"OrganizationAccess\", {\n condition: {\n key: \"aws:PrincipalOrgID\",\n type: \"StringEquals\",\n value: aws_organizations_organization_example.id,\n },\n principal: \"*\",\n statementId: \"OrganizationAccess\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norganization_access = aws.cloudwatch.EventPermission(\"organizationAccess\",\n condition={\n \"key\": \"aws:PrincipalOrgID\",\n \"type\": \"StringEquals\",\n \"value\": aws_organizations_organization[\"example\"][\"id\"],\n },\n principal=\"*\",\n statement_id=\"OrganizationAccess\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var organizationAccess = new Aws.CloudWatch.EventPermission(\"organizationAccess\", new Aws.CloudWatch.EventPermissionArgs\n {\n Condition = new Aws.CloudWatch.Inputs.EventPermissionConditionArgs\n {\n Key = \"aws:PrincipalOrgID\",\n Type = \"StringEquals\",\n Value = aws_organizations_organization.Example.Id,\n },\n Principal = \"*\",\n StatementId = \"OrganizationAccess\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudwatch.NewEventPermission(ctx, \"organizationAccess\", \u0026cloudwatch.EventPermissionArgs{\n\t\t\tCondition: \u0026cloudwatch.EventPermissionConditionArgs{\n\t\t\t\tKey: pulumi.String(\"aws:PrincipalOrgID\"),\n\t\t\t\tType: pulumi.String(\"StringEquals\"),\n\t\t\t\tValue: pulumi.String(aws_organizations_organization.Example.Id),\n\t\t\t},\n\t\t\tPrincipal: pulumi.String(\"*\"),\n\t\t\tStatementId: pulumi.String(\"OrganizationAccess\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "action": { "type": "string", "description": "The action that you are enabling the other account to perform. Defaults to `events:PutEvents`.\n" }, "condition": { "$ref": "#/types/aws:cloudwatch/EventPermissionCondition:EventPermissionCondition", "description": "Configuration block to limit the event bus permissions you are granting to only accounts that fulfill the condition. Specified below.\n" }, "principal": { "type": "string", "description": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify `*` to permit any account to put events to your default event bus, optionally limited by `condition`.\n" }, "statementId": { "type": "string", "description": "An identifier string for the external account that you are granting permissions to.\n" } }, "required": [ "principal", "statementId" ], "inputProperties": { "action": { "type": "string", "description": "The action that you are enabling the other account to perform. Defaults to `events:PutEvents`.\n" }, "condition": { "$ref": "#/types/aws:cloudwatch/EventPermissionCondition:EventPermissionCondition", "description": "Configuration block to limit the event bus permissions you are granting to only accounts that fulfill the condition. Specified below.\n" }, "principal": { "type": "string", "description": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify `*` to permit any account to put events to your default event bus, optionally limited by `condition`.\n" }, "statementId": { "type": "string", "description": "An identifier string for the external account that you are granting permissions to.\n" } }, "requiredInputs": [ "principal", "statementId" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventPermission resources.\n", "properties": { "action": { "type": "string", "description": "The action that you are enabling the other account to perform. Defaults to `events:PutEvents`.\n" }, "condition": { "$ref": "#/types/aws:cloudwatch/EventPermissionCondition:EventPermissionCondition", "description": "Configuration block to limit the event bus permissions you are granting to only accounts that fulfill the condition. Specified below.\n" }, "principal": { "type": "string", "description": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify `*` to permit any account to put events to your default event bus, optionally limited by `condition`.\n" }, "statementId": { "type": "string", "description": "An identifier string for the external account that you are granting permissions to.\n" } }, "type": "object" } }, "aws:cloudwatch/eventRule:EventRule": { "description": "Provides a CloudWatch Event Rule resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst console = new aws.cloudwatch.EventRule(\"console\", {\n description: \"Capture each AWS Console Sign In\",\n eventPattern: `{\n \"detail-type\": [\n \"AWS Console Sign In via CloudTrail\"\n ]\n}\n`,\n});\nconst awsLogins = new aws.sns.Topic(\"aws_logins\", {});\nconst sns = new aws.cloudwatch.EventTarget(\"sns\", {\n arn: awsLogins.arn,\n rule: console.name,\n});\nconst snsTopicPolicy = awsLogins.arn.apply(arn =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"SNS:Publish\"],\n effect: \"Allow\",\n principals: [{\n identifiers: [\"events.amazonaws.com\"],\n type: \"Service\",\n }],\n resources: [arn],\n }],\n}, { async: true }));\nconst defaultTopicPolicy = new aws.sns.TopicPolicy(\"default\", {\n arn: awsLogins.arn,\n policy: snsTopicPolicy.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconsole = aws.cloudwatch.EventRule(\"console\",\n description=\"Capture each AWS Console Sign In\",\n event_pattern=\"\"\"{\n \"detail-type\": [\n \"AWS Console Sign In via CloudTrail\"\n ]\n}\n\n\"\"\")\naws_logins = aws.sns.Topic(\"awsLogins\")\nsns = aws.cloudwatch.EventTarget(\"sns\",\n arn=aws_logins.arn,\n rule=console.name)\nsns_topic_policy = aws_logins.arn.apply(lambda arn: aws.iam.get_policy_document(statements=[{\n \"actions\": [\"SNS:Publish\"],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"identifiers\": [\"events.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n \"resources\": [arn],\n}]))\ndefault = aws.sns.TopicPolicy(\"default\",\n arn=aws_logins.arn,\n policy=sns_topic_policy.json)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var console = new Aws.CloudWatch.EventRule(\"console\", new Aws.CloudWatch.EventRuleArgs\n {\n Description = \"Capture each AWS Console Sign In\",\n EventPattern = @\"{\n \"\"detail-type\"\": [\n \"\"AWS Console Sign In via CloudTrail\"\"\n ]\n}\n\n\",\n });\n var awsLogins = new Aws.Sns.Topic(\"awsLogins\", new Aws.Sns.TopicArgs\n {\n });\n var sns = new Aws.CloudWatch.EventTarget(\"sns\", new Aws.CloudWatch.EventTargetArgs\n {\n Arn = awsLogins.Arn,\n Rule = console.Name,\n });\n var snsTopicPolicy = awsLogins.Arn.Apply(arn =\u003e Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"SNS:Publish\",\n },\n Effect = \"Allow\",\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"events.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n Resources = \n {\n arn,\n },\n },\n },\n }));\n var @default = new Aws.Sns.TopicPolicy(\"default\", new Aws.Sns.TopicPolicyArgs\n {\n Arn = awsLogins.Arn,\n Policy = snsTopicPolicy.Apply(snsTopicPolicy =\u003e snsTopicPolicy.Json),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconsole, err := cloudwatch.NewEventRule(ctx, \"console\", \u0026cloudwatch.EventRuleArgs{\n\t\t\tDescription: pulumi.String(\"Capture each AWS Console Sign In\"),\n\t\t\tEventPattern: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v\", \"{\\n\", \" \\\"detail-type\\\": [\\n\", \" \\\"AWS Console Sign In via CloudTrail\\\"\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tawsLogins, err := sns.NewTopic(ctx, \"awsLogins\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"sns\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tArn: awsLogins.Arn,\n\t\t\tRule: console.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sns.NewTopicPolicy(ctx, \"default\", \u0026sns.TopicPolicyArgs{\n\t\t\tArn: awsLogins.Arn,\n\t\t\tPolicy: snsTopicPolicy.ApplyT(func(snsTopicPolicy iam.GetPolicyDocumentResult) (string, error) {\n\t\t\t\treturn snsTopicPolicy.Json, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the rule.\n" }, "description": { "type": "string", "description": "The description of the rule.\n" }, "eventPattern": { "type": "string", "description": "Event pattern\ndescribed a JSON object.\nSee full documentation of [CloudWatch Events and Event Patterns](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CloudWatchEventsandEventPatterns.html) for details.\n" }, "isEnabled": { "type": "boolean", "description": "Whether the rule should be enabled (defaults to `true`).\n" }, "name": { "type": "string", "description": "The rule's name. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The rule's name. Conflicts with `name`.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) associated with the role that is used for target invocation.\n" }, "scheduleExpression": { "type": "string", "description": "The scheduling expression.\nFor example, `cron(0 20 * * ? *)` or `rate(5 minutes)`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "description": { "type": "string", "description": "The description of the rule.\n" }, "eventPattern": { "type": "string", "description": "Event pattern\ndescribed a JSON object.\nSee full documentation of [CloudWatch Events and Event Patterns](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CloudWatchEventsandEventPatterns.html) for details.\n" }, "isEnabled": { "type": "boolean", "description": "Whether the rule should be enabled (defaults to `true`).\n" }, "name": { "type": "string", "description": "The rule's name. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The rule's name. Conflicts with `name`.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) associated with the role that is used for target invocation.\n" }, "scheduleExpression": { "type": "string", "description": "The scheduling expression.\nFor example, `cron(0 20 * * ? *)` or `rate(5 minutes)`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering EventRule resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the rule.\n" }, "description": { "type": "string", "description": "The description of the rule.\n" }, "eventPattern": { "type": "string", "description": "Event pattern\ndescribed a JSON object.\nSee full documentation of [CloudWatch Events and Event Patterns](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CloudWatchEventsandEventPatterns.html) for details.\n" }, "isEnabled": { "type": "boolean", "description": "Whether the rule should be enabled (defaults to `true`).\n" }, "name": { "type": "string", "description": "The rule's name. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The rule's name. Conflicts with `name`.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) associated with the role that is used for target invocation.\n" }, "scheduleExpression": { "type": "string", "description": "The scheduling expression.\nFor example, `cron(0 20 * * ? *)` or `rate(5 minutes)`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:cloudwatch/eventTarget:EventTarget": { "description": "Provides a CloudWatch Event Target resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst console = new aws.cloudwatch.EventRule(\"console\", {\n description: \"Capture all EC2 scaling events\",\n eventPattern: `{\n \"source\": [\n \"aws.autoscaling\"\n ],\n \"detail-type\": [\n \"EC2 Instance Launch Successful\",\n \"EC2 Instance Terminate Successful\",\n \"EC2 Instance Launch Unsuccessful\",\n \"EC2 Instance Terminate Unsuccessful\"\n ]\n}\n`,\n});\nconst testStream = new aws.kinesis.Stream(\"test_stream\", {\n shardCount: 1,\n});\nconst yada = new aws.cloudwatch.EventTarget(\"yada\", {\n arn: testStream.arn,\n rule: console.name,\n runCommandTargets: [\n {\n key: \"tag:Name\",\n values: [\"FooBar\"],\n },\n {\n key: \"InstanceIds\",\n values: [\"i-162058cd308bffec2\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconsole = aws.cloudwatch.EventRule(\"console\",\n description=\"Capture all EC2 scaling events\",\n event_pattern=\"\"\"{\n \"source\": [\n \"aws.autoscaling\"\n ],\n \"detail-type\": [\n \"EC2 Instance Launch Successful\",\n \"EC2 Instance Terminate Successful\",\n \"EC2 Instance Launch Unsuccessful\",\n \"EC2 Instance Terminate Unsuccessful\"\n ]\n}\n\n\"\"\")\ntest_stream = aws.kinesis.Stream(\"testStream\", shard_count=1)\nyada = aws.cloudwatch.EventTarget(\"yada\",\n arn=test_stream.arn,\n rule=console.name,\n run_command_targets=[\n {\n \"key\": \"tag:Name\",\n \"values\": [\"FooBar\"],\n },\n {\n \"key\": \"InstanceIds\",\n \"values\": [\"i-162058cd308bffec2\"],\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var console = new Aws.CloudWatch.EventRule(\"console\", new Aws.CloudWatch.EventRuleArgs\n {\n Description = \"Capture all EC2 scaling events\",\n EventPattern = @\"{\n \"\"source\"\": [\n \"\"aws.autoscaling\"\"\n ],\n \"\"detail-type\"\": [\n \"\"EC2 Instance Launch Successful\"\",\n \"\"EC2 Instance Terminate Successful\"\",\n \"\"EC2 Instance Launch Unsuccessful\"\",\n \"\"EC2 Instance Terminate Unsuccessful\"\"\n ]\n}\n\n\",\n });\n var testStream = new Aws.Kinesis.Stream(\"testStream\", new Aws.Kinesis.StreamArgs\n {\n ShardCount = 1,\n });\n var yada = new Aws.CloudWatch.EventTarget(\"yada\", new Aws.CloudWatch.EventTargetArgs\n {\n Arn = testStream.Arn,\n Rule = console.Name,\n RunCommandTargets = \n {\n new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs\n {\n Key = \"tag:Name\",\n Values = \n {\n \"FooBar\",\n },\n },\n new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs\n {\n Key = \"InstanceIds\",\n Values = \n {\n \"i-162058cd308bffec2\",\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconsole, err := cloudwatch.NewEventRule(ctx, \"console\", \u0026cloudwatch.EventRuleArgs{\n\t\t\tDescription: pulumi.String(\"Capture all EC2 scaling events\"),\n\t\t\tEventPattern: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"source\\\": [\\n\", \" \\\"aws.autoscaling\\\"\\n\", \" ],\\n\", \" \\\"detail-type\\\": [\\n\", \" \\\"EC2 Instance Launch Successful\\\",\\n\", \" \\\"EC2 Instance Terminate Successful\\\",\\n\", \" \\\"EC2 Instance Launch Unsuccessful\\\",\\n\", \" \\\"EC2 Instance Terminate Unsuccessful\\\"\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStream, err := kinesis.NewStream(ctx, \"testStream\", \u0026kinesis.StreamArgs{\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"yada\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tArn: testStream.Arn,\n\t\t\tRule: console.Name,\n\t\t\tRunCommandTargets: cloudwatch.EventTargetRunCommandTargetArray{\n\t\t\t\t\u0026cloudwatch.EventTargetRunCommandTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"tag:Name\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"FooBar\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.EventTargetRunCommandTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"i-162058cd308bffec2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Example SSM Document Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ssmLifecycleTrust = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n identifiers: [\"events.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n}, { async: true }));\nconst stopInstance = new aws.ssm.Document(\"stop_instance\", {\n content: ` {\n \"schemaVersion\": \"1.2\",\n \"description\": \"Stop an instance\",\n \"parameters\": {\n\n },\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [\n {\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"halt\"]\n }\n ]\n }\n }\n }\n`,\n documentType: \"Command\",\n});\nconst ssmLifecyclePolicyDocument = stopInstance.arn.apply(arn =\u003e aws.iam.getPolicyDocument({\n statements: [\n {\n actions: [\"ssm:SendCommand\"],\n conditions: [{\n test: \"StringEquals\",\n values: [\"*\"],\n variable: \"ec2:ResourceTag/Terminate\",\n }],\n effect: \"Allow\",\n resources: [\"arn:aws:ec2:eu-west-1:1234567890:instance/*\"],\n },\n {\n actions: [\"ssm:SendCommand\"],\n effect: \"Allow\",\n resources: [arn],\n },\n ],\n}, { async: true }));\nconst ssmLifecycleRole = new aws.iam.Role(\"ssm_lifecycle\", {\n assumeRolePolicy: ssmLifecycleTrust.json,\n});\nconst ssmLifecyclePolicy = new aws.iam.Policy(\"ssm_lifecycle\", {\n policy: ssmLifecyclePolicyDocument.json,\n});\nconst stopInstancesEventRule = new aws.cloudwatch.EventRule(\"stop_instances\", {\n description: \"Stop instances nightly\",\n scheduleExpression: \"cron(0 0 * * ? *)\",\n});\nconst stopInstancesEventTarget = new aws.cloudwatch.EventTarget(\"stop_instances\", {\n arn: stopInstance.arn,\n roleArn: ssmLifecycleRole.arn,\n rule: stopInstancesEventRule.name,\n runCommandTargets: [{\n key: \"tag:Terminate\",\n values: [\"midnight\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nssm_lifecycle_trust = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"identifiers\": [\"events.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\nstop_instance = aws.ssm.Document(\"stopInstance\",\n content=\"\"\" {\n \"schemaVersion\": \"1.2\",\n \"description\": \"Stop an instance\",\n \"parameters\": {\n\n },\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [\n {\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"halt\"]\n }\n ]\n }\n }\n }\n\n\"\"\",\n document_type=\"Command\")\nssm_lifecycle_policy_document = stop_instance.arn.apply(lambda arn: aws.iam.get_policy_document(statements=[\n {\n \"actions\": [\"ssm:SendCommand\"],\n \"condition\": [{\n \"test\": \"StringEquals\",\n \"values\": [\"*\"],\n \"variable\": \"ec2:ResourceTag/Terminate\",\n }],\n \"effect\": \"Allow\",\n \"resources\": [\"arn:aws:ec2:eu-west-1:1234567890:instance/*\"],\n },\n {\n \"actions\": [\"ssm:SendCommand\"],\n \"effect\": \"Allow\",\n \"resources\": [arn],\n },\n]))\nssm_lifecycle_role = aws.iam.Role(\"ssmLifecycleRole\", assume_role_policy=ssm_lifecycle_trust.json)\nssm_lifecycle_policy = aws.iam.Policy(\"ssmLifecyclePolicy\", policy=ssm_lifecycle_policy_document.json)\nstop_instances_event_rule = aws.cloudwatch.EventRule(\"stopInstancesEventRule\",\n description=\"Stop instances nightly\",\n schedule_expression=\"cron(0 0 * * ? *)\")\nstop_instances_event_target = aws.cloudwatch.EventTarget(\"stopInstancesEventTarget\",\n arn=stop_instance.arn,\n role_arn=ssm_lifecycle_role.arn,\n rule=stop_instances_event_rule.name,\n run_command_targets=[{\n \"key\": \"tag:Terminate\",\n \"values\": [\"midnight\"],\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ssmLifecycleTrust = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"sts:AssumeRole\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"events.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n }));\n var stopInstance = new Aws.Ssm.Document(\"stopInstance\", new Aws.Ssm.DocumentArgs\n {\n Content = @\" {\n \"\"schemaVersion\"\": \"\"1.2\"\",\n \"\"description\"\": \"\"Stop an instance\"\",\n \"\"parameters\"\": {\n\n },\n \"\"runtimeConfig\"\": {\n \"\"aws:runShellScript\"\": {\n \"\"properties\"\": [\n {\n \"\"id\"\": \"\"0.aws:runShellScript\"\",\n \"\"runCommand\"\": [\"\"halt\"\"]\n }\n ]\n }\n }\n }\n\n\",\n DocumentType = \"Command\",\n });\n var ssmLifecyclePolicyDocument = stopInstance.Arn.Apply(arn =\u003e Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"ssm:SendCommand\",\n },\n Condition = \n {\n \n {\n { \"test\", \"StringEquals\" },\n { \"values\", \n {\n \"*\",\n } },\n { \"variable\", \"ec2:ResourceTag/Terminate\" },\n },\n },\n Effect = \"Allow\",\n Resources = \n {\n \"arn:aws:ec2:eu-west-1:1234567890:instance/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"ssm:SendCommand\",\n },\n Effect = \"Allow\",\n Resources = \n {\n arn,\n },\n },\n },\n }));\n var ssmLifecycleRole = new Aws.Iam.Role(\"ssmLifecycleRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = ssmLifecycleTrust.Apply(ssmLifecycleTrust =\u003e ssmLifecycleTrust.Json),\n });\n var ssmLifecyclePolicy = new Aws.Iam.Policy(\"ssmLifecyclePolicy\", new Aws.Iam.PolicyArgs\n {\n Policy = ssmLifecyclePolicyDocument.Apply(ssmLifecyclePolicyDocument =\u003e ssmLifecyclePolicyDocument.Json),\n });\n var stopInstancesEventRule = new Aws.CloudWatch.EventRule(\"stopInstancesEventRule\", new Aws.CloudWatch.EventRuleArgs\n {\n Description = \"Stop instances nightly\",\n ScheduleExpression = \"cron(0 0 * * ? *)\",\n });\n var stopInstancesEventTarget = new Aws.CloudWatch.EventTarget(\"stopInstancesEventTarget\", new Aws.CloudWatch.EventTargetArgs\n {\n Arn = stopInstance.Arn,\n RoleArn = ssmLifecycleRole.Arn,\n Rule = stopInstancesEventRule.Name,\n RunCommandTargets = \n {\n new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs\n {\n Key = \"tag:Terminate\",\n Values = \n {\n \"midnight\",\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tssmLifecycleTrust, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\tiam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"events.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tstopInstance, err := ssm.NewDocument(ctx, \"stopInstance\", \u0026ssm.DocumentArgs{\n\t\t\tContent: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \" {\\n\", \" \\\"schemaVersion\\\": \\\"1.2\\\",\\n\", \" \\\"description\\\": \\\"Stop an instance\\\",\\n\", \" \\\"parameters\\\": {\\n\", \"\\n\", \" },\\n\", \" \\\"runtimeConfig\\\": {\\n\", \" \\\"aws:runShellScript\\\": {\\n\", \" \\\"properties\\\": [\\n\", \" {\\n\", \" \\\"id\\\": \\\"0.aws:runShellScript\\\",\\n\", \" \\\"runCommand\\\": [\\\"halt\\\"]\\n\", \" }\\n\", \" ]\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \"\\n\")),\n\t\t\tDocumentType: pulumi.String(\"Command\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tssmLifecycleRole, err := iam.NewRole(ctx, \"ssmLifecycleRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(ssmLifecycleTrust.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewPolicy(ctx, \"ssmLifecyclePolicy\", \u0026iam.PolicyArgs{\n\t\t\tPolicy: ssmLifecyclePolicyDocument.ApplyT(func(ssmLifecyclePolicyDocument iam.GetPolicyDocumentResult) (string, error) {\n\t\t\t\treturn ssmLifecyclePolicyDocument.Json, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tstopInstancesEventRule, err := cloudwatch.NewEventRule(ctx, \"stopInstancesEventRule\", \u0026cloudwatch.EventRuleArgs{\n\t\t\tDescription: pulumi.String(\"Stop instances nightly\"),\n\t\t\tScheduleExpression: pulumi.String(\"cron(0 0 * * ? *)\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"stopInstancesEventTarget\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tArn: stopInstance.Arn,\n\t\t\tRoleArn: ssmLifecycleRole.Arn,\n\t\t\tRule: stopInstancesEventRule.Name,\n\t\t\tRunCommandTargets: cloudwatch.EventTargetRunCommandTargetArray{\n\t\t\t\t\u0026cloudwatch.EventTargetRunCommandTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"tag:Terminate\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"midnight\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Example RunCommand Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst stopInstancesEventRule = new aws.cloudwatch.EventRule(\"stop_instances\", {\n description: \"Stop instances nightly\",\n scheduleExpression: \"cron(0 0 * * ? *)\",\n});\nconst stopInstancesEventTarget = new aws.cloudwatch.EventTarget(\"stop_instances\", {\n arn: `arn:aws:ssm:${var_aws_region}::document/AWS-RunShellScript`,\n input: \"{\\\"commands\\\":[\\\"halt\\\"]}\",\n roleArn: aws_iam_role_ssm_lifecycle.arn,\n rule: stopInstancesEventRule.name,\n runCommandTargets: [{\n key: \"tag:Terminate\",\n values: [\"midnight\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nstop_instances_event_rule = aws.cloudwatch.EventRule(\"stopInstancesEventRule\",\n description=\"Stop instances nightly\",\n schedule_expression=\"cron(0 0 * * ? *)\")\nstop_instances_event_target = aws.cloudwatch.EventTarget(\"stopInstancesEventTarget\",\n arn=f\"arn:aws:ssm:{var['aws_region']}::document/AWS-RunShellScript\",\n input=\"{\\\"commands\\\":[\\\"halt\\\"]}\",\n role_arn=aws_iam_role[\"ssm_lifecycle\"][\"arn\"],\n rule=stop_instances_event_rule.name,\n run_command_targets=[{\n \"key\": \"tag:Terminate\",\n \"values\": [\"midnight\"],\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var stopInstancesEventRule = new Aws.CloudWatch.EventRule(\"stopInstancesEventRule\", new Aws.CloudWatch.EventRuleArgs\n {\n Description = \"Stop instances nightly\",\n ScheduleExpression = \"cron(0 0 * * ? *)\",\n });\n var stopInstancesEventTarget = new Aws.CloudWatch.EventTarget(\"stopInstancesEventTarget\", new Aws.CloudWatch.EventTargetArgs\n {\n Arn = $\"arn:aws:ssm:{@var.Aws_region}::document/AWS-RunShellScript\",\n Input = \"{\\\"commands\\\":[\\\"halt\\\"]}\",\n RoleArn = aws_iam_role.Ssm_lifecycle.Arn,\n Rule = stopInstancesEventRule.Name,\n RunCommandTargets = \n {\n new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs\n {\n Key = \"tag:Terminate\",\n Values = \n {\n \"midnight\",\n },\n },\n },\n });\n }\n\n}\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) associated of the target.\n" }, "batchTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetBatchTarget:EventTargetBatchTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.\n" }, "ecsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTarget:EventTargetEcsTarget", "description": "Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.\n" }, "input": { "type": "string", "description": "Valid JSON text passed to the target.\n" }, "inputPath": { "type": "string", "description": "The value of the [JSONPath](http://goessner.net/articles/JsonPath/)\nthat is used for extracting part of the matched event when passing it to the target.\n" }, "inputTransformer": { "$ref": "#/types/aws:cloudwatch/EventTargetInputTransformer:EventTargetInputTransformer", "description": "Parameters used when you are providing a custom input to a target based on certain event data.\n" }, "kinesisTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetKinesisTarget:EventTargetKinesisTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if `ecs_target` is used.\n" }, "rule": { "type": "string", "description": "The name of the rule you want to add targets to.\n" }, "runCommandTargets": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventTargetRunCommandTarget:EventTargetRunCommandTarget" }, "description": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.\n" }, "sqsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetSqsTarget:EventTargetSqsTarget", "description": "Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.\n" }, "targetId": { "type": "string", "description": "The unique target assignment ID. If missing, will generate a random, unique id.\n" } }, "required": [ "arn", "rule", "targetId" ], "inputProperties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) associated of the target.\n" }, "batchTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetBatchTarget:EventTargetBatchTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.\n" }, "ecsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTarget:EventTargetEcsTarget", "description": "Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.\n" }, "input": { "type": "string", "description": "Valid JSON text passed to the target.\n" }, "inputPath": { "type": "string", "description": "The value of the [JSONPath](http://goessner.net/articles/JsonPath/)\nthat is used for extracting part of the matched event when passing it to the target.\n" }, "inputTransformer": { "$ref": "#/types/aws:cloudwatch/EventTargetInputTransformer:EventTargetInputTransformer", "description": "Parameters used when you are providing a custom input to a target based on certain event data.\n" }, "kinesisTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetKinesisTarget:EventTargetKinesisTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if `ecs_target` is used.\n" }, "rule": { "type": "string", "description": "The name of the rule you want to add targets to.\n" }, "runCommandTargets": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventTargetRunCommandTarget:EventTargetRunCommandTarget" }, "description": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.\n" }, "sqsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetSqsTarget:EventTargetSqsTarget", "description": "Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.\n" }, "targetId": { "type": "string", "description": "The unique target assignment ID. If missing, will generate a random, unique id.\n" } }, "requiredInputs": [ "arn", "rule" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventTarget resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) associated of the target.\n" }, "batchTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetBatchTarget:EventTargetBatchTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.\n" }, "ecsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTarget:EventTargetEcsTarget", "description": "Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.\n" }, "input": { "type": "string", "description": "Valid JSON text passed to the target.\n" }, "inputPath": { "type": "string", "description": "The value of the [JSONPath](http://goessner.net/articles/JsonPath/)\nthat is used for extracting part of the matched event when passing it to the target.\n" }, "inputTransformer": { "$ref": "#/types/aws:cloudwatch/EventTargetInputTransformer:EventTargetInputTransformer", "description": "Parameters used when you are providing a custom input to a target based on certain event data.\n" }, "kinesisTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetKinesisTarget:EventTargetKinesisTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if `ecs_target` is used.\n" }, "rule": { "type": "string", "description": "The name of the rule you want to add targets to.\n" }, "runCommandTargets": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventTargetRunCommandTarget:EventTargetRunCommandTarget" }, "description": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.\n" }, "sqsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetSqsTarget:EventTargetSqsTarget", "description": "Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.\n" }, "targetId": { "type": "string", "description": "The unique target assignment ID. If missing, will generate a random, unique id.\n" } }, "type": "object" } }, "aws:cloudwatch/logDestination:LogDestination": { "description": "Provides a CloudWatch Logs destination resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testDestination = new aws.cloudwatch.LogDestination(\"test_destination\", {\n roleArn: aws_iam_role_iam_for_cloudwatch.arn,\n targetArn: aws_kinesis_stream_kinesis_for_cloudwatch.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_destination = aws.cloudwatch.LogDestination(\"testDestination\",\n role_arn=aws_iam_role[\"iam_for_cloudwatch\"][\"arn\"],\n target_arn=aws_kinesis_stream[\"kinesis_for_cloudwatch\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testDestination = new Aws.CloudWatch.LogDestination(\"testDestination\", new Aws.CloudWatch.LogDestinationArgs\n {\n RoleArn = aws_iam_role.Iam_for_cloudwatch.Arn,\n TargetArn = aws_kinesis_stream.Kinesis_for_cloudwatch.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudwatch.NewLogDestination(ctx, \"testDestination\", \u0026cloudwatch.LogDestinationArgs{\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Iam_for_cloudwatch.Arn),\n\t\t\tTargetArn: pulumi.String(aws_kinesis_stream.Kinesis_for_cloudwatch.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log destination.\n" }, "name": { "type": "string", "description": "A name for the log destination\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to put data into the target\n" }, "targetArn": { "type": "string", "description": "The ARN of the target Amazon Kinesis stream resource for the destination\n" } }, "required": [ "arn", "name", "roleArn", "targetArn" ], "inputProperties": { "name": { "type": "string", "description": "A name for the log destination\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to put data into the target\n" }, "targetArn": { "type": "string", "description": "The ARN of the target Amazon Kinesis stream resource for the destination\n" } }, "requiredInputs": [ "roleArn", "targetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogDestination resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log destination.\n" }, "name": { "type": "string", "description": "A name for the log destination\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to put data into the target\n" }, "targetArn": { "type": "string", "description": "The ARN of the target Amazon Kinesis stream resource for the destination\n" } }, "type": "object" } }, "aws:cloudwatch/logDestinationPolicy:LogDestinationPolicy": { "description": "Provides a CloudWatch Logs destination policy resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testDestination = new aws.cloudwatch.LogDestination(\"test_destination\", {\n roleArn: aws_iam_role_iam_for_cloudwatch.arn,\n targetArn: aws_kinesis_stream_kinesis_for_cloudwatch.arn,\n});\nconst testDestinationPolicyPolicyDocument = testDestination.arn.apply(arn =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"logs:PutSubscriptionFilter\"],\n effect: \"Allow\",\n principals: [{\n identifiers: [\"123456789012\"],\n type: \"AWS\",\n }],\n resources: [arn],\n }],\n}, { async: true }));\nconst testDestinationPolicyLogDestinationPolicy = new aws.cloudwatch.LogDestinationPolicy(\"test_destination_policy\", {\n accessPolicy: testDestinationPolicyPolicyDocument.json,\n destinationName: testDestination.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_destination = aws.cloudwatch.LogDestination(\"testDestination\",\n role_arn=aws_iam_role[\"iam_for_cloudwatch\"][\"arn\"],\n target_arn=aws_kinesis_stream[\"kinesis_for_cloudwatch\"][\"arn\"])\ntest_destination_policy_policy_document = test_destination.arn.apply(lambda arn: aws.iam.get_policy_document(statements=[{\n \"actions\": [\"logs:PutSubscriptionFilter\"],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"identifiers\": [\"123456789012\"],\n \"type\": \"AWS\",\n }],\n \"resources\": [arn],\n}]))\ntest_destination_policy_log_destination_policy = aws.cloudwatch.LogDestinationPolicy(\"testDestinationPolicyLogDestinationPolicy\",\n access_policy=test_destination_policy_policy_document.json,\n destination_name=test_destination.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testDestination = new Aws.CloudWatch.LogDestination(\"testDestination\", new Aws.CloudWatch.LogDestinationArgs\n {\n RoleArn = aws_iam_role.Iam_for_cloudwatch.Arn,\n TargetArn = aws_kinesis_stream.Kinesis_for_cloudwatch.Arn,\n });\n var testDestinationPolicyPolicyDocument = testDestination.Arn.Apply(arn =\u003e Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"logs:PutSubscriptionFilter\",\n },\n Effect = \"Allow\",\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"123456789012\",\n },\n Type = \"AWS\",\n },\n },\n Resources = \n {\n arn,\n },\n },\n },\n }));\n var testDestinationPolicyLogDestinationPolicy = new Aws.CloudWatch.LogDestinationPolicy(\"testDestinationPolicyLogDestinationPolicy\", new Aws.CloudWatch.LogDestinationPolicyArgs\n {\n AccessPolicy = testDestinationPolicyPolicyDocument.Apply(testDestinationPolicyPolicyDocument =\u003e testDestinationPolicyPolicyDocument.Json),\n DestinationName = testDestination.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestDestination, err := cloudwatch.NewLogDestination(ctx, \"testDestination\", \u0026cloudwatch.LogDestinationArgs{\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Iam_for_cloudwatch.Arn),\n\t\t\tTargetArn: pulumi.String(aws_kinesis_stream.Kinesis_for_cloudwatch.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogDestinationPolicy(ctx, \"testDestinationPolicyLogDestinationPolicy\", \u0026cloudwatch.LogDestinationPolicyArgs{\n\t\t\tAccessPolicy: testDestinationPolicyPolicyDocument.ApplyT(func(testDestinationPolicyPolicyDocument iam.GetPolicyDocumentResult) (string, error) {\n\t\t\t\treturn testDestinationPolicyPolicyDocument.Json, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDestinationName: testDestination.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "destinationName": { "type": "string", "description": "A name for the subscription filter\n" } }, "required": [ "accessPolicy", "destinationName" ], "inputProperties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "destinationName": { "type": "string", "description": "A name for the subscription filter\n" } }, "requiredInputs": [ "accessPolicy", "destinationName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogDestinationPolicy resources.\n", "properties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "destinationName": { "type": "string", "description": "A name for the subscription filter\n" } }, "type": "object" } }, "aws:cloudwatch/logGroup:LogGroup": { "description": "Provides a CloudWatch Log Group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst yada = new aws.cloudwatch.LogGroup(\"yada\", {\n tags: {\n Application: \"serviceA\",\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nyada = aws.cloudwatch.LogGroup(\"yada\", tags={\n \"Application\": \"serviceA\",\n \"Environment\": \"production\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var yada = new Aws.CloudWatch.LogGroup(\"yada\", new Aws.CloudWatch.LogGroupArgs\n {\n Tags = \n {\n { \"Application\", \"serviceA\" },\n { \"Environment\", \"production\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudwatch.NewLogGroup(ctx, \"yada\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Application\": pulumi.String(\"serviceA\"),\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log group.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the KMS Key to use when encrypting log data. Please note, after the AWS KMS CMK is disassociated from the log group,\nAWS CloudWatch Logs stops encrypting newly ingested data for the log group. All previously ingested data remains encrypted, and AWS CloudWatch Logs requires\npermissions for the CMK whenever the encrypted data is requested.\n" }, "name": { "type": "string", "description": "The name of the log group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "retentionInDays": { "type": "integer", "description": "Specifies the number of days\nyou want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "kmsKeyId": { "type": "string", "description": "The ARN of the KMS Key to use when encrypting log data. Please note, after the AWS KMS CMK is disassociated from the log group,\nAWS CloudWatch Logs stops encrypting newly ingested data for the log group. All previously ingested data remains encrypted, and AWS CloudWatch Logs requires\npermissions for the CMK whenever the encrypted data is requested.\n" }, "name": { "type": "string", "description": "The name of the log group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "retentionInDays": { "type": "integer", "description": "Specifies the number of days\nyou want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LogGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log group.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the KMS Key to use when encrypting log data. Please note, after the AWS KMS CMK is disassociated from the log group,\nAWS CloudWatch Logs stops encrypting newly ingested data for the log group. All previously ingested data remains encrypted, and AWS CloudWatch Logs requires\npermissions for the CMK whenever the encrypted data is requested.\n" }, "name": { "type": "string", "description": "The name of the log group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "retentionInDays": { "type": "integer", "description": "Specifies the number of days\nyou want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:cloudwatch/logMetricFilter:LogMetricFilter": { "description": "Provides a CloudWatch Log Metric Filter resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dada = new aws.cloudwatch.LogGroup(\"dada\", {});\nconst yada = new aws.cloudwatch.LogMetricFilter(\"yada\", {\n logGroupName: dada.name,\n metricTransformation: {\n name: \"EventCount\",\n namespace: \"YourNamespace\",\n value: \"1\",\n },\n pattern: \"\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndada = aws.cloudwatch.LogGroup(\"dada\")\nyada = aws.cloudwatch.LogMetricFilter(\"yada\",\n log_group_name=dada.name,\n metric_transformation={\n \"name\": \"EventCount\",\n \"namespace\": \"YourNamespace\",\n \"value\": \"1\",\n },\n pattern=\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dada = new Aws.CloudWatch.LogGroup(\"dada\", new Aws.CloudWatch.LogGroupArgs\n {\n });\n var yada = new Aws.CloudWatch.LogMetricFilter(\"yada\", new Aws.CloudWatch.LogMetricFilterArgs\n {\n LogGroupName = dada.Name,\n MetricTransformation = new Aws.CloudWatch.Inputs.LogMetricFilterMetricTransformationArgs\n {\n Name = \"EventCount\",\n Namespace = \"YourNamespace\",\n Value = \"1\",\n },\n Pattern = \"\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdada, err := cloudwatch.NewLogGroup(ctx, \"dada\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogMetricFilter(ctx, \"yada\", \u0026cloudwatch.LogMetricFilterArgs{\n\t\t\tLogGroupName: dada.Name,\n\t\t\tMetricTransformation: \u0026cloudwatch.LogMetricFilterMetricTransformationArgs{\n\t\t\t\tName: pulumi.String(\"EventCount\"),\n\t\t\t\tNamespace: pulumi.String(\"YourNamespace\"),\n\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t},\n\t\t\tPattern: pulumi.String(\"\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "logGroupName": { "type": "string", "description": "The name of the log group to associate the metric filter with.\n" }, "metricTransformation": { "$ref": "#/types/aws:cloudwatch/LogMetricFilterMetricTransformation:LogMetricFilterMetricTransformation", "description": "A block defining collection of information\nneeded to define how metric data gets emitted. See below.\n" }, "name": { "type": "string", "description": "A name for the metric filter.\n" }, "pattern": { "type": "string", "description": "A valid [CloudWatch Logs filter pattern](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/FilterAndPatternSyntax.html)\nfor extracting metric data out of ingested log events.\n" } }, "required": [ "logGroupName", "metricTransformation", "name", "pattern" ], "inputProperties": { "logGroupName": { "type": "string", "description": "The name of the log group to associate the metric filter with.\n" }, "metricTransformation": { "$ref": "#/types/aws:cloudwatch/LogMetricFilterMetricTransformation:LogMetricFilterMetricTransformation", "description": "A block defining collection of information\nneeded to define how metric data gets emitted. See below.\n" }, "name": { "type": "string", "description": "A name for the metric filter.\n" }, "pattern": { "type": "string", "description": "A valid [CloudWatch Logs filter pattern](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/FilterAndPatternSyntax.html)\nfor extracting metric data out of ingested log events.\n" } }, "requiredInputs": [ "logGroupName", "metricTransformation", "pattern" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogMetricFilter resources.\n", "properties": { "logGroupName": { "type": "string", "description": "The name of the log group to associate the metric filter with.\n" }, "metricTransformation": { "$ref": "#/types/aws:cloudwatch/LogMetricFilterMetricTransformation:LogMetricFilterMetricTransformation", "description": "A block defining collection of information\nneeded to define how metric data gets emitted. See below.\n" }, "name": { "type": "string", "description": "A name for the metric filter.\n" }, "pattern": { "type": "string", "description": "A valid [CloudWatch Logs filter pattern](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/FilterAndPatternSyntax.html)\nfor extracting metric data out of ingested log events.\n" } }, "type": "object" } }, "aws:cloudwatch/logResourcePolicy:LogResourcePolicy": { "description": "Provides a resource to manage a CloudWatch log resource policy.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Elasticsearch Log Publishing\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst elasticsearch_log_publishing_policyPolicyDocument = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n ],\n principals: [{\n identifiers: [\"es.amazonaws.com\"],\n type: \"Service\",\n }],\n resources: [\"arn:aws:logs:*\"],\n }],\n}, { async: true }));\nconst elasticsearch_log_publishing_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"elasticsearch-log-publishing-policy\", {\n policyDocument: elasticsearch_log_publishing_policyPolicyDocument.json,\n policyName: \"elasticsearch-log-publishing-policy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nelasticsearch_log_publishing_policy_policy_document = aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n ],\n \"principals\": [{\n \"identifiers\": [\"es.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n \"resources\": [\"arn:aws:logs:*\"],\n}])\nelasticsearch_log_publishing_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"elasticsearch-log-publishing-policyLogResourcePolicy\",\n policy_document=elasticsearch_log_publishing_policy_policy_document.json,\n policy_name=\"elasticsearch-log-publishing-policy\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var elasticsearch_log_publishing_policyPolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"es.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n Resources = \n {\n \"arn:aws:logs:*\",\n },\n },\n },\n }));\n var elasticsearch_log_publishing_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"elasticsearch-log-publishing-policyLogResourcePolicy\", new Aws.CloudWatch.LogResourcePolicyArgs\n {\n PolicyDocument = elasticsearch_log_publishing_policyPolicyDocument.Apply(elasticsearch_log_publishing_policyPolicyDocument =\u003e elasticsearch_log_publishing_policyPolicyDocument.Json),\n PolicyName = \"elasticsearch-log-publishing-policy\",\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Route53 Query Logging\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst route53_query_logging_policyPolicyDocument = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n principals: [{\n identifiers: [\"route53.amazonaws.com\"],\n type: \"Service\",\n }],\n resources: [\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n }],\n}, { async: true }));\nconst route53_query_logging_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policy\", {\n policyDocument: route53_query_logging_policyPolicyDocument.json,\n policyName: \"route53-query-logging-policy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroute53_query_logging_policy_policy_document = aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n \"principals\": [{\n \"identifiers\": [\"route53.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n \"resources\": [\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n}])\nroute53_query_logging_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policyLogResourcePolicy\",\n policy_document=route53_query_logging_policy_policy_document.json,\n policy_name=\"route53-query-logging-policy\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var route53_query_logging_policyPolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"route53.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n Resources = \n {\n \"arn:aws:logs:*:*:log-group:/aws/route53/*\",\n },\n },\n },\n }));\n var route53_query_logging_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"route53-query-logging-policyLogResourcePolicy\", new Aws.CloudWatch.LogResourcePolicyArgs\n {\n PolicyDocument = route53_query_logging_policyPolicyDocument.Apply(route53_query_logging_policyPolicyDocument =\u003e route53_query_logging_policyPolicyDocument.Json),\n PolicyName = \"route53-query-logging-policy\",\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "policyDocument": { "type": "string", "description": "Details of the resource policy, including the identity of the principal that is enabled to put logs to this account. This is formatted as a JSON string. Maximum length of 5120 characters.\n" }, "policyName": { "type": "string", "description": "Name of the resource policy.\n" } }, "required": [ "policyDocument", "policyName" ], "inputProperties": { "policyDocument": { "type": "string", "description": "Details of the resource policy, including the identity of the principal that is enabled to put logs to this account. This is formatted as a JSON string. Maximum length of 5120 characters.\n" }, "policyName": { "type": "string", "description": "Name of the resource policy.\n" } }, "requiredInputs": [ "policyDocument", "policyName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogResourcePolicy resources.\n", "properties": { "policyDocument": { "type": "string", "description": "Details of the resource policy, including the identity of the principal that is enabled to put logs to this account. This is formatted as a JSON string. Maximum length of 5120 characters.\n" }, "policyName": { "type": "string", "description": "Name of the resource policy.\n" } }, "type": "object" } }, "aws:cloudwatch/logStream:LogStream": { "description": "Provides a CloudWatch Log Stream resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst yada = new aws.cloudwatch.LogGroup(\"yada\", {});\nconst foo = new aws.cloudwatch.LogStream(\"foo\", {\n logGroupName: yada.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nyada = aws.cloudwatch.LogGroup(\"yada\")\nfoo = aws.cloudwatch.LogStream(\"foo\", log_group_name=yada.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var yada = new Aws.CloudWatch.LogGroup(\"yada\", new Aws.CloudWatch.LogGroupArgs\n {\n });\n var foo = new Aws.CloudWatch.LogStream(\"foo\", new Aws.CloudWatch.LogStreamArgs\n {\n LogGroupName = yada.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tyada, err := cloudwatch.NewLogGroup(ctx, \"yada\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogStream(ctx, \"foo\", \u0026cloudwatch.LogStreamArgs{\n\t\t\tLogGroupName: yada.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log stream.\n" }, "logGroupName": { "type": "string", "description": "The name of the log group under which the log stream is to be created.\n" }, "name": { "type": "string", "description": "The name of the log stream. Must not be longer than 512 characters and must not contain `:`\n" } }, "required": [ "arn", "logGroupName", "name" ], "inputProperties": { "logGroupName": { "type": "string", "description": "The name of the log group under which the log stream is to be created.\n" }, "name": { "type": "string", "description": "The name of the log stream. Must not be longer than 512 characters and must not contain `:`\n" } }, "requiredInputs": [ "logGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogStream resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log stream.\n" }, "logGroupName": { "type": "string", "description": "The name of the log group under which the log stream is to be created.\n" }, "name": { "type": "string", "description": "The name of the log stream. Must not be longer than 512 characters and must not contain `:`\n" } }, "type": "object" } }, "aws:cloudwatch/logSubscriptionFilter:LogSubscriptionFilter": { "description": "Provides a CloudWatch Logs subscription filter resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testLambdafunctionLogfilter = new aws.cloudwatch.LogSubscriptionFilter(\"test_lambdafunction_logfilter\", {\n destinationArn: aws_kinesis_stream_test_logstream.arn,\n distribution: \"Random\",\n filterPattern: \"logtype test\",\n logGroup: \"/aws/lambda/example_lambda_name\",\n roleArn: aws_iam_role_iam_for_lambda.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_lambdafunction_logfilter = aws.cloudwatch.LogSubscriptionFilter(\"testLambdafunctionLogfilter\",\n destination_arn=aws_kinesis_stream[\"test_logstream\"][\"arn\"],\n distribution=\"Random\",\n filter_pattern=\"logtype test\",\n log_group=\"/aws/lambda/example_lambda_name\",\n role_arn=aws_iam_role[\"iam_for_lambda\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testLambdafunctionLogfilter = new Aws.CloudWatch.LogSubscriptionFilter(\"testLambdafunctionLogfilter\", new Aws.CloudWatch.LogSubscriptionFilterArgs\n {\n DestinationArn = aws_kinesis_stream.Test_logstream.Arn,\n Distribution = \"Random\",\n FilterPattern = \"logtype test\",\n LogGroup = \"/aws/lambda/example_lambda_name\",\n RoleArn = aws_iam_role.Iam_for_lambda.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudwatch.NewLogSubscriptionFilter(ctx, \"testLambdafunctionLogfilter\", \u0026cloudwatch.LogSubscriptionFilterArgs{\n\t\t\tDestinationArn: pulumi.String(aws_kinesis_stream.Test_logstream.Arn),\n\t\t\tDistribution: pulumi.String(\"Random\"),\n\t\t\tFilterPattern: pulumi.String(\"logtype test\"),\n\t\t\tLogGroup: pulumi.String(\"/aws/lambda/example_lambda_name\"),\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Iam_for_lambda.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "destinationArn": { "type": "string", "description": "The ARN of the destination to deliver matching log events to. Kinesis stream or Lambda function ARN.\n" }, "distribution": { "type": "string", "description": "The method used to distribute log data to the destination. By default log data is grouped by log stream, but the grouping can be set to random for a more even distribution. This property is only applicable when the destination is an Amazon Kinesis stream. Valid values are \"Random\" and \"ByLogStream\".\n" }, "filterPattern": { "type": "string", "description": "A valid CloudWatch Logs filter pattern for subscribing to a filtered stream of log events.\n" }, "logGroup": { "type": "string", "description": "The name of the log group to associate the subscription filter with\n" }, "name": { "type": "string", "description": "A name for the subscription filter\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to deliver ingested log events to the destination. If you use Lambda as a destination, you should skip this argument and use `aws.lambda.Permission` resource for granting access from CloudWatch logs to the destination Lambda function.\n" } }, "required": [ "destinationArn", "filterPattern", "logGroup", "name", "roleArn" ], "inputProperties": { "destinationArn": { "type": "string", "description": "The ARN of the destination to deliver matching log events to. Kinesis stream or Lambda function ARN.\n" }, "distribution": { "type": "string", "description": "The method used to distribute log data to the destination. By default log data is grouped by log stream, but the grouping can be set to random for a more even distribution. This property is only applicable when the destination is an Amazon Kinesis stream. Valid values are \"Random\" and \"ByLogStream\".\n" }, "filterPattern": { "type": "string", "description": "A valid CloudWatch Logs filter pattern for subscribing to a filtered stream of log events.\n" }, "logGroup": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:cloudwatch/logGroup:LogGroup" } ], "description": "The name of the log group to associate the subscription filter with\n" }, "name": { "type": "string", "description": "A name for the subscription filter\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to deliver ingested log events to the destination. If you use Lambda as a destination, you should skip this argument and use `aws.lambda.Permission` resource for granting access from CloudWatch logs to the destination Lambda function.\n" } }, "requiredInputs": [ "destinationArn", "filterPattern", "logGroup" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogSubscriptionFilter resources.\n", "properties": { "destinationArn": { "type": "string", "description": "The ARN of the destination to deliver matching log events to. Kinesis stream or Lambda function ARN.\n" }, "distribution": { "type": "string", "description": "The method used to distribute log data to the destination. By default log data is grouped by log stream, but the grouping can be set to random for a more even distribution. This property is only applicable when the destination is an Amazon Kinesis stream. Valid values are \"Random\" and \"ByLogStream\".\n" }, "filterPattern": { "type": "string", "description": "A valid CloudWatch Logs filter pattern for subscribing to a filtered stream of log events.\n" }, "logGroup": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:cloudwatch/logGroup:LogGroup" } ], "description": "The name of the log group to associate the subscription filter with\n" }, "name": { "type": "string", "description": "A name for the subscription filter\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to deliver ingested log events to the destination. If you use Lambda as a destination, you should skip this argument and use `aws.lambda.Permission` resource for granting access from CloudWatch logs to the destination Lambda function.\n" } }, "type": "object" } }, "aws:cloudwatch/metricAlarm:MetricAlarm": { "description": "Provides a CloudWatch Metric Alarm resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobar = new aws.cloudwatch.MetricAlarm(\"foobar\", {\n alarmDescription: \"This metric monitors ec2 cpu utilization\",\n comparisonOperator: \"GreaterThanOrEqualToThreshold\",\n evaluationPeriods: 2,\n insufficientDataActions: [],\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n period: 120,\n statistic: \"Average\",\n threshold: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar = aws.cloudwatch.MetricAlarm(\"foobar\",\n alarm_description=\"This metric monitors ec2 cpu utilization\",\n comparison_operator=\"GreaterThanOrEqualToThreshold\",\n evaluation_periods=\"2\",\n insufficient_data_actions=[],\n metric_name=\"CPUUtilization\",\n namespace=\"AWS/EC2\",\n period=\"120\",\n statistic=\"Average\",\n threshold=\"80\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foobar = new Aws.CloudWatch.MetricAlarm(\"foobar\", new Aws.CloudWatch.MetricAlarmArgs\n {\n AlarmDescription = \"This metric monitors ec2 cpu utilization\",\n ComparisonOperator = \"GreaterThanOrEqualToThreshold\",\n EvaluationPeriods = 2,\n InsufficientDataActions = {},\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n Period = 120,\n Statistic = \"Average\",\n Threshold = 80,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudwatch.NewMetricAlarm(ctx, \"foobar\", \u0026cloudwatch.MetricAlarmArgs{\n\t\t\tAlarmDescription: pulumi.String(\"This metric monitors ec2 cpu utilization\"),\n\t\t\tComparisonOperator: pulumi.String(\"GreaterThanOrEqualToThreshold\"),\n\t\t\tEvaluationPeriods: pulumi.Int(2),\n\t\t\tInsufficientDataActions: []interface{}{},\n\t\t\tMetricName: pulumi.String(\"CPUUtilization\"),\n\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\tPeriod: pulumi.Int(120),\n\t\t\tStatistic: pulumi.String(\"Average\"),\n\t\t\tThreshold: pulumi.Float64(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Example in Conjunction with Scaling Policies\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst batPolicy = new aws.autoscaling.Policy(\"bat\", {\n adjustmentType: \"ChangeInCapacity\",\n autoscalingGroupName: aws_autoscaling_group_bar.name,\n cooldown: 300,\n scalingAdjustment: 4,\n});\nconst batMetricAlarm = new aws.cloudwatch.MetricAlarm(\"bat\", {\n alarmActions: [batPolicy.arn],\n alarmDescription: \"This metric monitors ec2 cpu utilization\",\n comparisonOperator: \"GreaterThanOrEqualToThreshold\",\n dimensions: {\n AutoScalingGroupName: aws_autoscaling_group_bar.name,\n },\n evaluationPeriods: 2,\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n period: 120,\n statistic: \"Average\",\n threshold: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbat_policy = aws.autoscaling.Policy(\"batPolicy\",\n adjustment_type=\"ChangeInCapacity\",\n autoscaling_group_name=aws_autoscaling_group[\"bar\"][\"name\"],\n cooldown=300,\n scaling_adjustment=4)\nbat_metric_alarm = aws.cloudwatch.MetricAlarm(\"batMetricAlarm\",\n alarm_actions=[bat_policy.arn],\n alarm_description=\"This metric monitors ec2 cpu utilization\",\n comparison_operator=\"GreaterThanOrEqualToThreshold\",\n dimensions={\n \"AutoScalingGroupName\": aws_autoscaling_group[\"bar\"][\"name\"],\n },\n evaluation_periods=\"2\",\n metric_name=\"CPUUtilization\",\n namespace=\"AWS/EC2\",\n period=\"120\",\n statistic=\"Average\",\n threshold=\"80\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var batPolicy = new Aws.AutoScaling.Policy(\"batPolicy\", new Aws.AutoScaling.PolicyArgs\n {\n AdjustmentType = \"ChangeInCapacity\",\n AutoscalingGroupName = aws_autoscaling_group.Bar.Name,\n Cooldown = 300,\n ScalingAdjustment = 4,\n });\n var batMetricAlarm = new Aws.CloudWatch.MetricAlarm(\"batMetricAlarm\", new Aws.CloudWatch.MetricAlarmArgs\n {\n AlarmActions = \n {\n batPolicy.Arn,\n },\n AlarmDescription = \"This metric monitors ec2 cpu utilization\",\n ComparisonOperator = \"GreaterThanOrEqualToThreshold\",\n Dimensions = \n {\n { \"AutoScalingGroupName\", aws_autoscaling_group.Bar.Name },\n },\n EvaluationPeriods = 2,\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n Period = 120,\n Statistic = \"Average\",\n Threshold = 80,\n });\n }\n\n}\n```\n\n## Example with an Expression\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobar = new aws.cloudwatch.MetricAlarm(\"foobar\", {\n alarmDescription: \"Request error rate has exceeded 10%\",\n comparisonOperator: \"GreaterThanOrEqualToThreshold\",\n evaluationPeriods: 2,\n insufficientDataActions: [],\n metricQueries: [\n {\n expression: \"m2/m1*100\",\n id: \"e1\",\n label: \"Error Rate\",\n returnData: true,\n },\n {\n id: \"m1\",\n metric: {\n dimensions: {\n LoadBalancer: \"app/web\",\n },\n metricName: \"RequestCount\",\n namespace: \"AWS/ApplicationELB\",\n period: 120,\n stat: \"Sum\",\n unit: \"Count\",\n },\n },\n {\n id: \"m2\",\n metric: {\n dimensions: {\n LoadBalancer: \"app/web\",\n },\n metricName: \"HTTPCode_ELB_5XX_Count\",\n namespace: \"AWS/ApplicationELB\",\n period: 120,\n stat: \"Sum\",\n unit: \"Count\",\n },\n },\n ],\n threshold: 10,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar = aws.cloudwatch.MetricAlarm(\"foobar\",\n alarm_description=\"Request error rate has exceeded 10%\",\n comparison_operator=\"GreaterThanOrEqualToThreshold\",\n evaluation_periods=\"2\",\n insufficient_data_actions=[],\n metric_queries=[\n {\n \"expression\": \"m2/m1*100\",\n \"id\": \"e1\",\n \"label\": \"Error Rate\",\n \"returnData\": \"true\",\n },\n {\n \"id\": \"m1\",\n \"metric\": {\n \"dimensions\": {\n \"LoadBalancer\": \"app/web\",\n },\n \"metric_name\": \"RequestCount\",\n \"namespace\": \"AWS/ApplicationELB\",\n \"period\": \"120\",\n \"stat\": \"Sum\",\n \"unit\": \"Count\",\n },\n },\n {\n \"id\": \"m2\",\n \"metric\": {\n \"dimensions\": {\n \"LoadBalancer\": \"app/web\",\n },\n \"metric_name\": \"HTTPCode_ELB_5XX_Count\",\n \"namespace\": \"AWS/ApplicationELB\",\n \"period\": \"120\",\n \"stat\": \"Sum\",\n \"unit\": \"Count\",\n },\n },\n ],\n threshold=\"10\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foobar = new Aws.CloudWatch.MetricAlarm(\"foobar\", new Aws.CloudWatch.MetricAlarmArgs\n {\n AlarmDescription = \"Request error rate has exceeded 10%\",\n ComparisonOperator = \"GreaterThanOrEqualToThreshold\",\n EvaluationPeriods = 2,\n InsufficientDataActions = {},\n MetricQueries = \n {\n new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs\n {\n Expression = \"m2/m1*100\",\n Id = \"e1\",\n Label = \"Error Rate\",\n ReturnData = true,\n },\n new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs\n {\n Id = \"m1\",\n Metric = new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryMetricArgs\n {\n Dimensions = \n {\n { \"LoadBalancer\", \"app/web\" },\n },\n MetricName = \"RequestCount\",\n Namespace = \"AWS/ApplicationELB\",\n Period = 120,\n Stat = \"Sum\",\n Unit = \"Count\",\n },\n },\n new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs\n {\n Id = \"m2\",\n Metric = new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryMetricArgs\n {\n Dimensions = \n {\n { \"LoadBalancer\", \"app/web\" },\n },\n MetricName = \"HTTPCode_ELB_5XX_Count\",\n Namespace = \"AWS/ApplicationELB\",\n Period = 120,\n Stat = \"Sum\",\n Unit = \"Count\",\n },\n },\n },\n Threshold = 10,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudwatch.NewMetricAlarm(ctx, \"foobar\", \u0026cloudwatch.MetricAlarmArgs{\n\t\t\tAlarmDescription: pulumi.String(fmt.Sprintf(\"%v%v\", \"Request error rate has exceeded 10\", \"%\")),\n\t\t\tComparisonOperator: pulumi.String(\"GreaterThanOrEqualToThreshold\"),\n\t\t\tEvaluationPeriods: pulumi.Int(2),\n\t\t\tInsufficientDataActions: []interface{}{},\n\t\t\tMetricQueries: cloudwatch.MetricAlarmMetricQueryArray{\n\t\t\t\t\u0026cloudwatch.MetricAlarmMetricQueryArgs{\n\t\t\t\t\tExpression: pulumi.String(\"m2/m1*100\"),\n\t\t\t\t\tId: pulumi.String(\"e1\"),\n\t\t\t\t\tLabel: pulumi.String(\"Error Rate\"),\n\t\t\t\t\tReturnData: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.MetricAlarmMetricQueryArgs{\n\t\t\t\t\tId: pulumi.String(\"m1\"),\n\t\t\t\t\tMetric: \u0026cloudwatch.MetricAlarmMetricQueryMetricArgs{\n\t\t\t\t\t\tDimensions: pulumi.Map{\n\t\t\t\t\t\t\t\"LoadBalancer\": pulumi.String(\"app/web\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tMetricName: pulumi.String(\"RequestCount\"),\n\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/ApplicationELB\"),\n\t\t\t\t\t\tPeriod: pulumi.Int(120),\n\t\t\t\t\t\tStat: pulumi.String(\"Sum\"),\n\t\t\t\t\t\tUnit: pulumi.String(\"Count\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.MetricAlarmMetricQueryArgs{\n\t\t\t\t\tId: pulumi.String(\"m2\"),\n\t\t\t\t\tMetric: \u0026cloudwatch.MetricAlarmMetricQueryMetricArgs{\n\t\t\t\t\t\tDimensions: pulumi.Map{\n\t\t\t\t\t\t\t\"LoadBalancer\": pulumi.String(\"app/web\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tMetricName: pulumi.String(\"HTTPCode_ELB_5XX_Count\"),\n\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/ApplicationELB\"),\n\t\t\t\t\t\tPeriod: pulumi.Int(120),\n\t\t\t\t\t\tStat: pulumi.String(\"Sum\"),\n\t\t\t\t\t\tUnit: pulumi.String(\"Count\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tThreshold: pulumi.Float64(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst xxAnomalyDetection = new aws.cloudwatch.MetricAlarm(\"xx_anomaly_detection\", {\n alarmDescription: \"This metric monitors ec2 cpu utilization\",\n comparisonOperator: \"GreaterThanUpperThreshold\",\n evaluationPeriods: 2,\n insufficientDataActions: [],\n metricQueries: [\n {\n expression: \"ANOMALY_DETECTION_BAND(m1)\",\n id: \"e1\",\n label: \"CPUUtilization (Expected)\",\n returnData: true,\n },\n {\n id: \"m1\",\n metric: {\n dimensions: {\n InstanceId: \"i-abc123\",\n },\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n period: 120,\n stat: \"Average\",\n unit: \"Count\",\n },\n returnData: true,\n },\n ],\n thresholdMetricId: \"e1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nxx_anomaly_detection = aws.cloudwatch.MetricAlarm(\"xxAnomalyDetection\",\n alarm_description=\"This metric monitors ec2 cpu utilization\",\n comparison_operator=\"GreaterThanUpperThreshold\",\n evaluation_periods=\"2\",\n insufficient_data_actions=[],\n metric_queries=[\n {\n \"expression\": \"ANOMALY_DETECTION_BAND(m1)\",\n \"id\": \"e1\",\n \"label\": \"CPUUtilization (Expected)\",\n \"returnData\": \"true\",\n },\n {\n \"id\": \"m1\",\n \"metric\": {\n \"dimensions\": {\n \"InstanceId\": \"i-abc123\",\n },\n \"metric_name\": \"CPUUtilization\",\n \"namespace\": \"AWS/EC2\",\n \"period\": \"120\",\n \"stat\": \"Average\",\n \"unit\": \"Count\",\n },\n \"returnData\": \"true\",\n },\n ],\n threshold_metric_id=\"e1\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var xxAnomalyDetection = new Aws.CloudWatch.MetricAlarm(\"xxAnomalyDetection\", new Aws.CloudWatch.MetricAlarmArgs\n {\n AlarmDescription = \"This metric monitors ec2 cpu utilization\",\n ComparisonOperator = \"GreaterThanUpperThreshold\",\n EvaluationPeriods = 2,\n InsufficientDataActions = {},\n MetricQueries = \n {\n new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs\n {\n Expression = \"ANOMALY_DETECTION_BAND(m1)\",\n Id = \"e1\",\n Label = \"CPUUtilization (Expected)\",\n ReturnData = true,\n },\n new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs\n {\n Id = \"m1\",\n Metric = new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryMetricArgs\n {\n Dimensions = \n {\n { \"InstanceId\", \"i-abc123\" },\n },\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n Period = 120,\n Stat = \"Average\",\n Unit = \"Count\",\n },\n ReturnData = true,\n },\n },\n ThresholdMetricId = \"e1\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cloudwatch.NewMetricAlarm(ctx, \"xxAnomalyDetection\", \u0026cloudwatch.MetricAlarmArgs{\n\t\t\tAlarmDescription: pulumi.String(\"This metric monitors ec2 cpu utilization\"),\n\t\t\tComparisonOperator: pulumi.String(\"GreaterThanUpperThreshold\"),\n\t\t\tEvaluationPeriods: pulumi.Int(2),\n\t\t\tInsufficientDataActions: []interface{}{},\n\t\t\tMetricQueries: cloudwatch.MetricAlarmMetricQueryArray{\n\t\t\t\t\u0026cloudwatch.MetricAlarmMetricQueryArgs{\n\t\t\t\t\tExpression: pulumi.String(\"ANOMALY_DETECTION_BAND(m1)\"),\n\t\t\t\t\tId: pulumi.String(\"e1\"),\n\t\t\t\t\tLabel: pulumi.String(\"CPUUtilization (Expected)\"),\n\t\t\t\t\tReturnData: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.MetricAlarmMetricQueryArgs{\n\t\t\t\t\tId: pulumi.String(\"m1\"),\n\t\t\t\t\tMetric: \u0026cloudwatch.MetricAlarmMetricQueryMetricArgs{\n\t\t\t\t\t\tDimensions: pulumi.Map{\n\t\t\t\t\t\t\t\"InstanceId\": pulumi.String(\"i-abc123\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tMetricName: pulumi.String(\"CPUUtilization\"),\n\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\t\t\t\tPeriod: pulumi.Int(120),\n\t\t\t\t\t\tStat: pulumi.String(\"Average\"),\n\t\t\t\t\t\tUnit: pulumi.String(\"Count\"),\n\t\t\t\t\t},\n\t\t\t\t\tReturnData: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tThresholdMetricId: pulumi.String(\"e1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Example of monitoring Healthy Hosts on NLB using Target Group and NLB\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst xxxNlbHealthyhosts = new aws.cloudwatch.MetricAlarm(\"xxxNlbHealthyhosts\", {\n comparisonOperator: \"LessThanThreshold\",\n evaluationPeriods: \"1\",\n metricName: \"HealthyHostCount\",\n namespace: \"AWS/NetworkELB\",\n period: \"60\",\n statistic: \"Average\",\n threshold: _var.logstash_servers_count,\n alarmDescription: \"Number of XXXX nodes healthy in Target Group\",\n actionsEnabled: \"true\",\n alarmActions: [aws_sns_topic.sns.arn],\n okActions: [aws_sns_topic.sns.arn],\n dimensions: {\n TargetGroup: aws_lb_target_group[\"lb-tg\"].arn_suffix,\n LoadBalancer: aws_lb.lb.arn_suffix,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nxxx_nlb_healthyhosts = aws.cloudwatch.MetricAlarm(\"xxxNlbHealthyhosts\",\n comparison_operator=\"LessThanThreshold\",\n evaluation_periods=\"1\",\n metric_name=\"HealthyHostCount\",\n namespace=\"AWS/NetworkELB\",\n period=\"60\",\n statistic=\"Average\",\n threshold=var[\"logstash_servers_count\"],\n alarm_description=\"Number of XXXX nodes healthy in Target Group\",\n actions_enabled=\"true\",\n alarm_actions=[aws_sns_topic[\"sns\"][\"arn\"]],\n ok_actions=[aws_sns_topic[\"sns\"][\"arn\"]],\n dimensions={\n \"TargetGroup\": aws_lb_target_group[\"lb-tg\"][\"arn_suffix\"],\n \"LoadBalancer\": aws_lb[\"lb\"][\"arn_suffix\"],\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var xxxNlbHealthyhosts = new Aws.CloudWatch.MetricAlarm(\"xxxNlbHealthyhosts\", new Aws.CloudWatch.MetricAlarmArgs\n {\n ComparisonOperator = \"LessThanThreshold\",\n EvaluationPeriods = 1,\n MetricName = \"HealthyHostCount\",\n Namespace = \"AWS/NetworkELB\",\n Period = 60,\n Statistic = \"Average\",\n Threshold = @var.Logstash_servers_count,\n AlarmDescription = \"Number of XXXX nodes healthy in Target Group\",\n ActionsEnabled = true,\n AlarmActions = \n {\n aws_sns_topic.Sns.Arn,\n },\n OkActions = \n {\n aws_sns_topic.Sns.Arn,\n },\n Dimensions = \n {\n { \"TargetGroup\", aws_lb_target_group.Lb_tg.Arn_suffix },\n { \"LoadBalancer\", aws_lb.Lb.Arn_suffix },\n },\n });\n }\n\n}\n```\n\n\u003e **NOTE:** You cannot create a metric alarm consisting of both `statistic` and `extended_statistic` parameters.\nYou must choose one or the other\n", "properties": { "actionsEnabled": { "type": "boolean", "description": "Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to `true`.\n" }, "alarmActions": { "type": "array", "items": { "type": "string" }, "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "alarmDescription": { "type": "string", "description": "The description for the alarm.\n" }, "arn": { "type": "string", "description": "The ARN of the cloudwatch metric alarm.\n" }, "comparisonOperator": { "type": "string", "description": "The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: `GreaterThanOrEqualToThreshold`, `GreaterThanThreshold`, `LessThanThreshold`, `LessThanOrEqualToThreshold`. Additionally, the values `LessThanLowerOrGreaterThanUpperThreshold`, `LessThanLowerThreshold`, and `GreaterThanUpperThreshold` are used only for alarms based on anomaly detection models.\n" }, "datapointsToAlarm": { "type": "integer", "description": "The number of datapoints that must be breaching to trigger the alarm.\n" }, "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The dimensions for this metric. For the list of available dimensions see the AWS documentation [here](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "evaluateLowSampleCountPercentiles": { "type": "string", "description": "Used only for alarms\nbased on percentiles. If you specify `ignore`, the alarm state will not\nchange during periods with too few data points to be statistically significant.\nIf you specify `evaluate` or omit this parameter, the alarm will always be\nevaluated and possibly change state no matter how many data points are available.\nThe following values are supported: `ignore`, and `evaluate`.\n" }, "evaluationPeriods": { "type": "integer", "description": "The number of periods over which data is compared to the specified threshold.\n" }, "extendedStatistic": { "type": "string", "description": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n" }, "insufficientDataActions": { "type": "array", "items": { "type": "string" }, "description": "The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "metricName": { "type": "string", "description": "The name for this metric.\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "metricQueries": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricAlarmMetricQuery:MetricAlarmMetricQuery" }, "description": "Enables you to create an alarm based on a metric math expression. You may specify at most 20.\n" }, "name": { "type": "string", "description": "The descriptive name for the alarm. This name must be unique within the user's AWS account\n" }, "namespace": { "type": "string", "description": "The namespace for this metric. See docs for the [list of namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html).\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "okActions": { "type": "array", "items": { "type": "string" }, "description": "The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "period": { "type": "integer", "description": "The period in seconds over which the specified `stat` is applied.\n" }, "statistic": { "type": "string", "description": "The statistic to apply to the alarm's associated metric.\nEither of the following is supported: `SampleCount`, `Average`, `Sum`, `Minimum`, `Maximum`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "threshold": { "type": "number", "description": "The value against which the specified statistic is compared. This parameter is required for alarms based on static thresholds, but should not be used for alarms based on anomaly detection models.\n" }, "thresholdMetricId": { "type": "string", "description": "If this is an alarm based on an anomaly detection model, make this value match the ID of the ANOMALY_DETECTION_BAND function.\n" }, "treatMissingData": { "type": "string", "description": "Sets how this alarm is to handle missing data points. The following values are supported: `missing`, `ignore`, `breaching` and `notBreaching`. Defaults to `missing`.\n" }, "unit": { "type": "string", "description": "The unit for this metric.\n" } }, "required": [ "name", "arn", "comparisonOperator", "evaluateLowSampleCountPercentiles", "evaluationPeriods" ], "inputProperties": { "actionsEnabled": { "type": "boolean", "description": "Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to `true`.\n" }, "alarmActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "alarmDescription": { "type": "string", "description": "The description for the alarm.\n" }, "comparisonOperator": { "type": "string", "description": "The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: `GreaterThanOrEqualToThreshold`, `GreaterThanThreshold`, `LessThanThreshold`, `LessThanOrEqualToThreshold`. Additionally, the values `LessThanLowerOrGreaterThanUpperThreshold`, `LessThanLowerThreshold`, and `GreaterThanUpperThreshold` are used only for alarms based on anomaly detection models.\n" }, "datapointsToAlarm": { "type": "integer", "description": "The number of datapoints that must be breaching to trigger the alarm.\n" }, "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The dimensions for this metric. For the list of available dimensions see the AWS documentation [here](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "evaluateLowSampleCountPercentiles": { "type": "string", "description": "Used only for alarms\nbased on percentiles. If you specify `ignore`, the alarm state will not\nchange during periods with too few data points to be statistically significant.\nIf you specify `evaluate` or omit this parameter, the alarm will always be\nevaluated and possibly change state no matter how many data points are available.\nThe following values are supported: `ignore`, and `evaluate`.\n" }, "evaluationPeriods": { "type": "integer", "description": "The number of periods over which data is compared to the specified threshold.\n" }, "extendedStatistic": { "type": "string", "description": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n" }, "insufficientDataActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "metricName": { "type": "string", "description": "The name for this metric.\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "metricQueries": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricAlarmMetricQuery:MetricAlarmMetricQuery" }, "description": "Enables you to create an alarm based on a metric math expression. You may specify at most 20.\n" }, "name": { "type": "string", "description": "The descriptive name for the alarm. This name must be unique within the user's AWS account\n" }, "namespace": { "type": "string", "description": "The namespace for this metric. See docs for the [list of namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html).\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "okActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "period": { "type": "integer", "description": "The period in seconds over which the specified `stat` is applied.\n" }, "statistic": { "type": "string", "description": "The statistic to apply to the alarm's associated metric.\nEither of the following is supported: `SampleCount`, `Average`, `Sum`, `Minimum`, `Maximum`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "threshold": { "type": "number", "description": "The value against which the specified statistic is compared. This parameter is required for alarms based on static thresholds, but should not be used for alarms based on anomaly detection models.\n" }, "thresholdMetricId": { "type": "string", "description": "If this is an alarm based on an anomaly detection model, make this value match the ID of the ANOMALY_DETECTION_BAND function.\n" }, "treatMissingData": { "type": "string", "description": "Sets how this alarm is to handle missing data points. The following values are supported: `missing`, `ignore`, `breaching` and `notBreaching`. Defaults to `missing`.\n" }, "unit": { "type": "string", "description": "The unit for this metric.\n" } }, "requiredInputs": [ "comparisonOperator", "evaluationPeriods" ], "stateInputs": { "description": "Input properties used for looking up and filtering MetricAlarm resources.\n", "properties": { "actionsEnabled": { "type": "boolean", "description": "Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to `true`.\n" }, "alarmActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "alarmDescription": { "type": "string", "description": "The description for the alarm.\n" }, "arn": { "type": "string", "description": "The ARN of the cloudwatch metric alarm.\n" }, "comparisonOperator": { "type": "string", "description": "The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: `GreaterThanOrEqualToThreshold`, `GreaterThanThreshold`, `LessThanThreshold`, `LessThanOrEqualToThreshold`. Additionally, the values `LessThanLowerOrGreaterThanUpperThreshold`, `LessThanLowerThreshold`, and `GreaterThanUpperThreshold` are used only for alarms based on anomaly detection models.\n" }, "datapointsToAlarm": { "type": "integer", "description": "The number of datapoints that must be breaching to trigger the alarm.\n" }, "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The dimensions for this metric. For the list of available dimensions see the AWS documentation [here](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "evaluateLowSampleCountPercentiles": { "type": "string", "description": "Used only for alarms\nbased on percentiles. If you specify `ignore`, the alarm state will not\nchange during periods with too few data points to be statistically significant.\nIf you specify `evaluate` or omit this parameter, the alarm will always be\nevaluated and possibly change state no matter how many data points are available.\nThe following values are supported: `ignore`, and `evaluate`.\n" }, "evaluationPeriods": { "type": "integer", "description": "The number of periods over which data is compared to the specified threshold.\n" }, "extendedStatistic": { "type": "string", "description": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n" }, "insufficientDataActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "metricName": { "type": "string", "description": "The name for this metric.\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "metricQueries": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricAlarmMetricQuery:MetricAlarmMetricQuery" }, "description": "Enables you to create an alarm based on a metric math expression. You may specify at most 20.\n" }, "name": { "type": "string", "description": "The descriptive name for the alarm. This name must be unique within the user's AWS account\n" }, "namespace": { "type": "string", "description": "The namespace for this metric. See docs for the [list of namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html).\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "okActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "period": { "type": "integer", "description": "The period in seconds over which the specified `stat` is applied.\n" }, "statistic": { "type": "string", "description": "The statistic to apply to the alarm's associated metric.\nEither of the following is supported: `SampleCount`, `Average`, `Sum`, `Minimum`, `Maximum`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "threshold": { "type": "number", "description": "The value against which the specified statistic is compared. This parameter is required for alarms based on static thresholds, but should not be used for alarms based on anomaly detection models.\n" }, "thresholdMetricId": { "type": "string", "description": "If this is an alarm based on an anomaly detection model, make this value match the ID of the ANOMALY_DETECTION_BAND function.\n" }, "treatMissingData": { "type": "string", "description": "Sets how this alarm is to handle missing data points. The following values are supported: `missing`, `ignore`, `breaching` and `notBreaching`. Defaults to `missing`.\n" }, "unit": { "type": "string", "description": "The unit for this metric.\n" } }, "type": "object" } }, "aws:codebuild/project:Project": { "description": "Provides a CodeBuild Project resource. See also the `aws.codebuild.Webhook` resource, which manages the webhook to the source (e.g. the \"rebuild every time a code change is pushed\" option in the CodeBuild web console).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucket = new aws.s3.Bucket(\"example\", {\n acl: \"private\",\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"codebuild.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n`,\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"*\"\n ],\n \"Action\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateNetworkInterface\",\n \"ec2:DescribeDhcpOptions\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeVpcs\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateNetworkInterfacePermission\"\n ],\n \"Resource\": [\n \"arn:aws:ec2:us-east-1:123456789012:network-interface/*\"\n ],\n \"Condition\": {\n \"StringEquals\": {\n \"ec2:Subnet\": [\n \"${aws_subnet_example1.arn}\",\n \"${aws_subnet_example2.arn}\"\n ],\n \"ec2:AuthorizedService\": \"codebuild.amazonaws.com\"\n }\n }\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"${exampleBucket.arn}\",\n \"${exampleBucket.arn}/*\"\n ]\n }\n ]\n}\n`,\n role: exampleRole.name,\n});\nconst exampleProject = new aws.codebuild.Project(\"example\", {\n artifacts: {\n type: \"NO_ARTIFACTS\",\n },\n buildTimeout: 5,\n cache: {\n location: exampleBucket.bucket,\n type: \"S3\",\n },\n description: \"test_codebuild_project\",\n environment: {\n computeType: \"BUILD_GENERAL1_SMALL\",\n environmentVariables: [\n {\n name: \"SOME_KEY1\",\n value: \"SOME_VALUE1\",\n },\n {\n name: \"SOME_KEY2\",\n type: \"PARAMETER_STORE\",\n value: \"SOME_VALUE2\",\n },\n ],\n image: \"aws/codebuild/standard:1.0\",\n imagePullCredentialsType: \"CODEBUILD\",\n type: \"LINUX_CONTAINER\",\n },\n logsConfig: {\n cloudwatchLogs: {\n groupName: \"log-group\",\n streamName: \"log-stream\",\n },\n s3Logs: {\n location: pulumi.interpolate`${exampleBucket.id}/build-log`,\n status: \"ENABLED\",\n },\n },\n serviceRole: exampleRole.arn,\n source: {\n gitCloneDepth: 1,\n gitSubmodulesConfig: {\n fetchSubmodules: true,\n },\n location: \"https://github.com/mitchellh/packer.git\",\n type: \"GITHUB\",\n },\n sourceVersion: \"master\",\n tags: {\n Environment: \"Test\",\n },\n vpcConfig: {\n securityGroupIds: [\n aws_security_group_example1.id,\n aws_security_group_example2.id,\n ],\n subnets: [\n aws_subnet_example1.id,\n aws_subnet_example2.id,\n ],\n vpcId: aws_vpc_example.id,\n },\n});\nconst project_with_cache = new aws.codebuild.Project(\"project-with-cache\", {\n artifacts: {\n type: \"NO_ARTIFACTS\",\n },\n buildTimeout: 5,\n cache: {\n modes: [\n \"LOCAL_DOCKER_LAYER_CACHE\",\n \"LOCAL_SOURCE_CACHE\",\n ],\n type: \"LOCAL\",\n },\n description: \"test_codebuild_project_cache\",\n environment: {\n computeType: \"BUILD_GENERAL1_SMALL\",\n environmentVariables: [{\n name: \"SOME_KEY1\",\n value: \"SOME_VALUE1\",\n }],\n image: \"aws/codebuild/standard:1.0\",\n imagePullCredentialsType: \"CODEBUILD\",\n type: \"LINUX_CONTAINER\",\n },\n queuedTimeout: 5,\n serviceRole: exampleRole.arn,\n source: {\n gitCloneDepth: 1,\n location: \"https://github.com/mitchellh/packer.git\",\n type: \"GITHUB\",\n },\n tags: {\n Environment: \"Test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket = aws.s3.Bucket(\"exampleBucket\", acl=\"private\")\nexample_role = aws.iam.Role(\"exampleRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"codebuild.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n\n\"\"\")\nexample_role_policy = aws.iam.RolePolicy(\"exampleRolePolicy\",\n policy=pulumi.Output.all(example_bucket.arn, example_bucket.arn).apply(lambda exampleBucketArn, exampleBucketArn1: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"*\"\n ],\n \"Action\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\"\n ]\n }},\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateNetworkInterface\",\n \"ec2:DescribeDhcpOptions\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeVpcs\"\n ],\n \"Resource\": \"*\"\n }},\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateNetworkInterfacePermission\"\n ],\n \"Resource\": [\n \"arn:aws:ec2:us-east-1:123456789012:network-interface/*\"\n ],\n \"Condition\": {{\n \"StringEquals\": {{\n \"ec2:Subnet\": [\n \"{aws_subnet[\"example1\"][\"arn\"]}\",\n \"{aws_subnet[\"example2\"][\"arn\"]}\"\n ],\n \"ec2:AuthorizedService\": \"codebuild.amazonaws.com\"\n }}\n }}\n }},\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"{example_bucket_arn}\",\n \"{example_bucket_arn1}/*\"\n ]\n }}\n ]\n}}\n\n\"\"\"),\n role=example_role.name)\nexample_project = aws.codebuild.Project(\"exampleProject\",\n artifacts={\n \"type\": \"NO_ARTIFACTS\",\n },\n build_timeout=\"5\",\n cache={\n \"location\": example_bucket.bucket,\n \"type\": \"S3\",\n },\n description=\"test_codebuild_project\",\n environment={\n \"computeType\": \"BUILD_GENERAL1_SMALL\",\n \"environmentVariable\": [\n {\n \"name\": \"SOME_KEY1\",\n \"value\": \"SOME_VALUE1\",\n },\n {\n \"name\": \"SOME_KEY2\",\n \"type\": \"PARAMETER_STORE\",\n \"value\": \"SOME_VALUE2\",\n },\n ],\n \"image\": \"aws/codebuild/standard:1.0\",\n \"imagePullCredentialsType\": \"CODEBUILD\",\n \"type\": \"LINUX_CONTAINER\",\n },\n logs_config={\n \"cloudwatchLogs\": {\n \"group_name\": \"log-group\",\n \"streamName\": \"log-stream\",\n },\n \"s3Logs\": {\n \"location\": example_bucket.id.apply(lambda id: f\"{id}/build-log\"),\n \"status\": \"ENABLED\",\n },\n },\n service_role=example_role.arn,\n source={\n \"gitCloneDepth\": 1,\n \"gitSubmodulesConfig\": {\n \"fetchSubmodules\": True,\n },\n \"location\": \"https://github.com/mitchellh/packer.git\",\n \"type\": \"GITHUB\",\n },\n source_version=\"master\",\n tags={\n \"Environment\": \"Test\",\n },\n vpc_config={\n \"security_group_ids\": [\n aws_security_group[\"example1\"][\"id\"],\n aws_security_group[\"example2\"][\"id\"],\n ],\n \"subnets\": [\n aws_subnet[\"example1\"][\"id\"],\n aws_subnet[\"example2\"][\"id\"],\n ],\n \"vpc_id\": aws_vpc[\"example\"][\"id\"],\n })\nproject_with_cache = aws.codebuild.Project(\"project-with-cache\",\n artifacts={\n \"type\": \"NO_ARTIFACTS\",\n },\n build_timeout=\"5\",\n cache={\n \"modes\": [\n \"LOCAL_DOCKER_LAYER_CACHE\",\n \"LOCAL_SOURCE_CACHE\",\n ],\n \"type\": \"LOCAL\",\n },\n description=\"test_codebuild_project_cache\",\n environment={\n \"computeType\": \"BUILD_GENERAL1_SMALL\",\n \"environmentVariable\": [{\n \"name\": \"SOME_KEY1\",\n \"value\": \"SOME_VALUE1\",\n }],\n \"image\": \"aws/codebuild/standard:1.0\",\n \"imagePullCredentialsType\": \"CODEBUILD\",\n \"type\": \"LINUX_CONTAINER\",\n },\n queued_timeout=\"5\",\n service_role=example_role.arn,\n source={\n \"gitCloneDepth\": 1,\n \"location\": \"https://github.com/mitchellh/packer.git\",\n \"type\": \"GITHUB\",\n },\n tags={\n \"Environment\": \"Test\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleBucket = new Aws.S3.Bucket(\"exampleBucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n });\n var exampleRole = new Aws.Iam.Role(\"exampleRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"codebuild.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"sts:AssumeRole\"\"\n }\n ]\n}\n\n\",\n });\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"exampleRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = Output.Tuple(exampleBucket.Arn, exampleBucket.Arn).Apply(values =\u003e\n {\n var exampleBucketArn = values.Item1;\n var exampleBucketArn1 = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": [\n \"\"*\"\"\n ],\n \"\"Action\"\": [\n \"\"logs:CreateLogGroup\"\",\n \"\"logs:CreateLogStream\"\",\n \"\"logs:PutLogEvents\"\"\n ]\n }},\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"ec2:CreateNetworkInterface\"\",\n \"\"ec2:DescribeDhcpOptions\"\",\n \"\"ec2:DescribeNetworkInterfaces\"\",\n \"\"ec2:DeleteNetworkInterface\"\",\n \"\"ec2:DescribeSubnets\"\",\n \"\"ec2:DescribeSecurityGroups\"\",\n \"\"ec2:DescribeVpcs\"\"\n ],\n \"\"Resource\"\": \"\"*\"\"\n }},\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"ec2:CreateNetworkInterfacePermission\"\"\n ],\n \"\"Resource\"\": [\n \"\"arn:aws:ec2:us-east-1:123456789012:network-interface/*\"\"\n ],\n \"\"Condition\"\": {{\n \"\"StringEquals\"\": {{\n \"\"ec2:Subnet\"\": [\n \"\"{aws_subnet.Example1.Arn}\"\",\n \"\"{aws_subnet.Example2.Arn}\"\"\n ],\n \"\"ec2:AuthorizedService\"\": \"\"codebuild.amazonaws.com\"\"\n }}\n }}\n }},\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"s3:*\"\"\n ],\n \"\"Resource\"\": [\n \"\"{exampleBucketArn}\"\",\n \"\"{exampleBucketArn1}/*\"\"\n ]\n }}\n ]\n}}\n\n\";\n }),\n Role = exampleRole.Name,\n });\n var exampleProject = new Aws.CodeBuild.Project(\"exampleProject\", new Aws.CodeBuild.ProjectArgs\n {\n Artifacts = new Aws.CodeBuild.Inputs.ProjectArtifactsArgs\n {\n Type = \"NO_ARTIFACTS\",\n },\n BuildTimeout = 5,\n Cache = new Aws.CodeBuild.Inputs.ProjectCacheArgs\n {\n Location = exampleBucket.BucketName,\n Type = \"S3\",\n },\n Description = \"test_codebuild_project\",\n Environment = new Aws.CodeBuild.Inputs.ProjectEnvironmentArgs\n {\n ComputeType = \"BUILD_GENERAL1_SMALL\",\n EnvironmentVariable = \n {\n \n {\n { \"name\", \"SOME_KEY1\" },\n { \"value\", \"SOME_VALUE1\" },\n },\n \n {\n { \"name\", \"SOME_KEY2\" },\n { \"type\", \"PARAMETER_STORE\" },\n { \"value\", \"SOME_VALUE2\" },\n },\n },\n Image = \"aws/codebuild/standard:1.0\",\n ImagePullCredentialsType = \"CODEBUILD\",\n Type = \"LINUX_CONTAINER\",\n },\n LogsConfig = new Aws.CodeBuild.Inputs.ProjectLogsConfigArgs\n {\n CloudwatchLogs = new Aws.CodeBuild.Inputs.ProjectLogsConfigCloudwatchLogsArgs\n {\n GroupName = \"log-group\",\n StreamName = \"log-stream\",\n },\n S3Logs = new Aws.CodeBuild.Inputs.ProjectLogsConfigS3LogsArgs\n {\n Location = exampleBucket.Id.Apply(id =\u003e $\"{id}/build-log\"),\n Status = \"ENABLED\",\n },\n },\n ServiceRole = exampleRole.Arn,\n Source = new Aws.CodeBuild.Inputs.ProjectSourceArgs\n {\n GitCloneDepth = 1,\n GitSubmodulesConfig = new Aws.CodeBuild.Inputs.ProjectSourceGitSubmodulesConfigArgs\n {\n FetchSubmodules = true,\n },\n Location = \"https://github.com/mitchellh/packer.git\",\n Type = \"GITHUB\",\n },\n SourceVersion = \"master\",\n Tags = \n {\n { \"Environment\", \"Test\" },\n },\n VpcConfig = new Aws.CodeBuild.Inputs.ProjectVpcConfigArgs\n {\n SecurityGroupIds = \n {\n aws_security_group.Example1.Id,\n aws_security_group.Example2.Id,\n },\n Subnets = \n {\n aws_subnet.Example1.Id,\n aws_subnet.Example2.Id,\n },\n VpcId = aws_vpc.Example.Id,\n },\n });\n var project_with_cache = new Aws.CodeBuild.Project(\"project-with-cache\", new Aws.CodeBuild.ProjectArgs\n {\n Artifacts = new Aws.CodeBuild.Inputs.ProjectArtifactsArgs\n {\n Type = \"NO_ARTIFACTS\",\n },\n BuildTimeout = 5,\n Cache = new Aws.CodeBuild.Inputs.ProjectCacheArgs\n {\n Modes = \n {\n \"LOCAL_DOCKER_LAYER_CACHE\",\n \"LOCAL_SOURCE_CACHE\",\n },\n Type = \"LOCAL\",\n },\n Description = \"test_codebuild_project_cache\",\n Environment = new Aws.CodeBuild.Inputs.ProjectEnvironmentArgs\n {\n ComputeType = \"BUILD_GENERAL1_SMALL\",\n EnvironmentVariable = \n {\n \n {\n { \"name\", \"SOME_KEY1\" },\n { \"value\", \"SOME_VALUE1\" },\n },\n },\n Image = \"aws/codebuild/standard:1.0\",\n ImagePullCredentialsType = \"CODEBUILD\",\n Type = \"LINUX_CONTAINER\",\n },\n QueuedTimeout = 5,\n ServiceRole = exampleRole.Arn,\n Source = new Aws.CodeBuild.Inputs.ProjectSourceArgs\n {\n GitCloneDepth = 1,\n Location = \"https://github.com/mitchellh/packer.git\",\n Type = \"GITHUB\",\n },\n Tags = \n {\n { \"Environment\", \"Test\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the CodeBuild project.\n" }, "artifacts": { "$ref": "#/types/aws:codebuild/ProjectArtifacts:ProjectArtifacts", "description": "Information about the project's build output artifacts. Artifact blocks are documented below.\n" }, "badgeEnabled": { "type": "boolean", "description": "Generates a publicly-accessible URL for the projects build badge. Available as `badge_url` attribute when enabled.\n" }, "badgeUrl": { "type": "string", "description": "The URL of the build badge when `badge_enabled` is enabled.\n" }, "buildTimeout": { "type": "integer", "description": "How long in minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed. The default is 60 minutes.\n" }, "cache": { "$ref": "#/types/aws:codebuild/ProjectCache:ProjectCache", "description": "Information about the cache storage for the project. Cache blocks are documented below.\n" }, "description": { "type": "string", "description": "A short description of the project.\n" }, "encryptionKey": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build project's build output artifacts.\n" }, "environment": { "$ref": "#/types/aws:codebuild/ProjectEnvironment:ProjectEnvironment", "description": "Information about the project's build environment. Environment blocks are documented below.\n" }, "logsConfig": { "$ref": "#/types/aws:codebuild/ProjectLogsConfig:ProjectLogsConfig", "description": "Configuration for the builds to store log data to CloudWatch or S3.\n" }, "name": { "type": "string", "description": "The projects name.\n" }, "queuedTimeout": { "type": "integer", "description": "How long in minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it times out. The default is 8 hours.\n" }, "secondaryArtifacts": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondaryArtifact:ProjectSecondaryArtifact" }, "description": "A set of secondary artifacts to be used inside the build. Secondary artifacts blocks are documented below.\n" }, "secondarySources": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondarySource:ProjectSecondarySource" }, "description": "A set of secondary sources to be used inside the build. Secondary sources blocks are documented below.\n" }, "serviceRole": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.\n" }, "source": { "$ref": "#/types/aws:codebuild/ProjectSource:ProjectSource", "description": "Information about the project's input source code. Source blocks are documented below.\n" }, "sourceVersion": { "type": "string", "description": "A version of the build input to be built for this project. If not specified, the latest version is used.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcConfig": { "$ref": "#/types/aws:codebuild/ProjectVpcConfig:ProjectVpcConfig", "description": "Configuration for the builds to run inside a VPC. VPC config blocks are documented below.\n" } }, "required": [ "arn", "artifacts", "badgeUrl", "description", "encryptionKey", "environment", "name", "serviceRole", "source" ], "inputProperties": { "artifacts": { "$ref": "#/types/aws:codebuild/ProjectArtifacts:ProjectArtifacts", "description": "Information about the project's build output artifacts. Artifact blocks are documented below.\n" }, "badgeEnabled": { "type": "boolean", "description": "Generates a publicly-accessible URL for the projects build badge. Available as `badge_url` attribute when enabled.\n" }, "buildTimeout": { "type": "integer", "description": "How long in minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed. The default is 60 minutes.\n" }, "cache": { "$ref": "#/types/aws:codebuild/ProjectCache:ProjectCache", "description": "Information about the cache storage for the project. Cache blocks are documented below.\n" }, "description": { "type": "string", "description": "A short description of the project.\n" }, "encryptionKey": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build project's build output artifacts.\n" }, "environment": { "$ref": "#/types/aws:codebuild/ProjectEnvironment:ProjectEnvironment", "description": "Information about the project's build environment. Environment blocks are documented below.\n" }, "logsConfig": { "$ref": "#/types/aws:codebuild/ProjectLogsConfig:ProjectLogsConfig", "description": "Configuration for the builds to store log data to CloudWatch or S3.\n" }, "name": { "type": "string", "description": "The projects name.\n" }, "queuedTimeout": { "type": "integer", "description": "How long in minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it times out. The default is 8 hours.\n" }, "secondaryArtifacts": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondaryArtifact:ProjectSecondaryArtifact" }, "description": "A set of secondary artifacts to be used inside the build. Secondary artifacts blocks are documented below.\n" }, "secondarySources": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondarySource:ProjectSecondarySource" }, "description": "A set of secondary sources to be used inside the build. Secondary sources blocks are documented below.\n" }, "serviceRole": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.\n" }, "source": { "$ref": "#/types/aws:codebuild/ProjectSource:ProjectSource", "description": "Information about the project's input source code. Source blocks are documented below.\n" }, "sourceVersion": { "type": "string", "description": "A version of the build input to be built for this project. If not specified, the latest version is used.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcConfig": { "$ref": "#/types/aws:codebuild/ProjectVpcConfig:ProjectVpcConfig", "description": "Configuration for the builds to run inside a VPC. VPC config blocks are documented below.\n" } }, "requiredInputs": [ "artifacts", "environment", "serviceRole", "source" ], "stateInputs": { "description": "Input properties used for looking up and filtering Project resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the CodeBuild project.\n" }, "artifacts": { "$ref": "#/types/aws:codebuild/ProjectArtifacts:ProjectArtifacts", "description": "Information about the project's build output artifacts. Artifact blocks are documented below.\n" }, "badgeEnabled": { "type": "boolean", "description": "Generates a publicly-accessible URL for the projects build badge. Available as `badge_url` attribute when enabled.\n" }, "badgeUrl": { "type": "string", "description": "The URL of the build badge when `badge_enabled` is enabled.\n" }, "buildTimeout": { "type": "integer", "description": "How long in minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed. The default is 60 minutes.\n" }, "cache": { "$ref": "#/types/aws:codebuild/ProjectCache:ProjectCache", "description": "Information about the cache storage for the project. Cache blocks are documented below.\n" }, "description": { "type": "string", "description": "A short description of the project.\n" }, "encryptionKey": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build project's build output artifacts.\n" }, "environment": { "$ref": "#/types/aws:codebuild/ProjectEnvironment:ProjectEnvironment", "description": "Information about the project's build environment. Environment blocks are documented below.\n" }, "logsConfig": { "$ref": "#/types/aws:codebuild/ProjectLogsConfig:ProjectLogsConfig", "description": "Configuration for the builds to store log data to CloudWatch or S3.\n" }, "name": { "type": "string", "description": "The projects name.\n" }, "queuedTimeout": { "type": "integer", "description": "How long in minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it times out. The default is 8 hours.\n" }, "secondaryArtifacts": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondaryArtifact:ProjectSecondaryArtifact" }, "description": "A set of secondary artifacts to be used inside the build. Secondary artifacts blocks are documented below.\n" }, "secondarySources": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondarySource:ProjectSecondarySource" }, "description": "A set of secondary sources to be used inside the build. Secondary sources blocks are documented below.\n" }, "serviceRole": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.\n" }, "source": { "$ref": "#/types/aws:codebuild/ProjectSource:ProjectSource", "description": "Information about the project's input source code. Source blocks are documented below.\n" }, "sourceVersion": { "type": "string", "description": "A version of the build input to be built for this project. If not specified, the latest version is used.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcConfig": { "$ref": "#/types/aws:codebuild/ProjectVpcConfig:ProjectVpcConfig", "description": "Configuration for the builds to run inside a VPC. VPC config blocks are documented below.\n" } }, "type": "object" } }, "aws:codebuild/sourceCredential:SourceCredential": { "description": "Provides a CodeBuild Source Credentials Resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codebuild.SourceCredential(\"example\", {\n authType: \"PERSONAL_ACCESS_TOKEN\",\n serverType: \"GITHUB\",\n token: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codebuild.SourceCredential(\"example\",\n auth_type=\"PERSONAL_ACCESS_TOKEN\",\n server_type=\"GITHUB\",\n token=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.CodeBuild.SourceCredential(\"example\", new Aws.CodeBuild.SourceCredentialArgs\n {\n AuthType = \"PERSONAL_ACCESS_TOKEN\",\n ServerType = \"GITHUB\",\n Token = \"example\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = codebuild.NewSourceCredential(ctx, \"example\", \u0026codebuild.SourceCredentialArgs{\n\t\t\tAuthType: pulumi.String(\"PERSONAL_ACCESS_TOKEN\"),\n\t\t\tServerType: pulumi.String(\"GITHUB\"),\n\t\t\tToken: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Bitbucket Server Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codebuild.SourceCredential(\"example\", {\n authType: \"BASIC_AUTH\",\n serverType: \"BITBUCKET\",\n token: \"example\",\n userName: \"test-user\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codebuild.SourceCredential(\"example\",\n auth_type=\"BASIC_AUTH\",\n server_type=\"BITBUCKET\",\n token=\"example\",\n user_name=\"test-user\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.CodeBuild.SourceCredential(\"example\", new Aws.CodeBuild.SourceCredentialArgs\n {\n AuthType = \"BASIC_AUTH\",\n ServerType = \"BITBUCKET\",\n Token = \"example\",\n UserName = \"test-user\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = codebuild.NewSourceCredential(ctx, \"example\", \u0026codebuild.SourceCredentialArgs{\n\t\t\tAuthType: pulumi.String(\"BASIC_AUTH\"),\n\t\t\tServerType: pulumi.String(\"BITBUCKET\"),\n\t\t\tToken: pulumi.String(\"example\"),\n\t\t\tUserName: pulumi.String(\"test-user\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of Source Credential.\n" }, "authType": { "type": "string", "description": "The type of authentication used to connect to a GitHub, GitHub Enterprise, or Bitbucket repository. An OAUTH connection is not supported by the API.\n" }, "serverType": { "type": "string", "description": "The source provider used for this project.\n" }, "token": { "type": "string", "description": "For `GitHub` or `GitHub Enterprise`, this is the personal access token. For `Bitbucket`, this is the app password.\n" }, "userName": { "type": "string", "description": "The Bitbucket username when the authType is `BASIC_AUTH`. This parameter is not valid for other types of source providers or connections.\n" } }, "required": [ "arn", "authType", "serverType", "token" ], "inputProperties": { "authType": { "type": "string", "description": "The type of authentication used to connect to a GitHub, GitHub Enterprise, or Bitbucket repository. An OAUTH connection is not supported by the API.\n" }, "serverType": { "type": "string", "description": "The source provider used for this project.\n" }, "token": { "type": "string", "description": "For `GitHub` or `GitHub Enterprise`, this is the personal access token. For `Bitbucket`, this is the app password.\n" }, "userName": { "type": "string", "description": "The Bitbucket username when the authType is `BASIC_AUTH`. This parameter is not valid for other types of source providers or connections.\n" } }, "requiredInputs": [ "authType", "serverType", "token" ], "stateInputs": { "description": "Input properties used for looking up and filtering SourceCredential resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of Source Credential.\n" }, "authType": { "type": "string", "description": "The type of authentication used to connect to a GitHub, GitHub Enterprise, or Bitbucket repository. An OAUTH connection is not supported by the API.\n" }, "serverType": { "type": "string", "description": "The source provider used for this project.\n" }, "token": { "type": "string", "description": "For `GitHub` or `GitHub Enterprise`, this is the personal access token. For `Bitbucket`, this is the app password.\n" }, "userName": { "type": "string", "description": "The Bitbucket username when the authType is `BASIC_AUTH`. This parameter is not valid for other types of source providers or connections.\n" } }, "type": "object" } }, "aws:codebuild/webhook:Webhook": { "description": "Manages a CodeBuild webhook, which is an endpoint accepted by the CodeBuild service to trigger builds from source code repositories. Depending on the source type of the CodeBuild project, the CodeBuild service may also automatically create and delete the actual repository webhook as well.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Bitbucket and GitHub\n\nWhen working with [Bitbucket](https://bitbucket.org) and [GitHub](https://github.com) source CodeBuild webhooks, the CodeBuild service will automatically create (on `aws.codebuild.Webhook` resource creation) and delete (on `aws.codebuild.Webhook` resource deletion) the Bitbucket/GitHub repository webhook using its granted OAuth permissions. This behavior cannot be controlled by this provider.\n\n\u003e **Note:** The AWS account that this provider uses to create this resource *must* have authorized CodeBuild to access Bitbucket/GitHub's OAuth API in each applicable region. This is a manual step that must be done *before* creating webhooks with this resource. If OAuth is not configured, AWS will return an error similar to `ResourceNotFoundException: Could not find access token for server type github`. More information can be found in the CodeBuild User Guide for [Bitbucket](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-bitbucket-pull-request.html) and [GitHub](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-github-pull-request.html).\n\n\u003e **Note:** Further managing the automatically created Bitbucket/GitHub webhook with the `bitbucket_hook`/`github_repository_webhook` resource is only possible with importing that resource after creation of the `aws.codebuild.Webhook` resource. The CodeBuild API does not ever provide the `secret` attribute for the `aws.codebuild.Webhook` resource in this scenario.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codebuild.Webhook(\"example\", {\n filterGroups: [{\n filters: [\n {\n pattern: \"PUSH\",\n type: \"EVENT\",\n },\n {\n pattern: \"master\",\n type: \"HEAD_REF\",\n },\n ],\n }],\n projectName: aws_codebuild_project_example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codebuild.Webhook(\"example\",\n filter_groups=[{\n \"filter\": [\n {\n \"pattern\": \"PUSH\",\n \"type\": \"EVENT\",\n },\n {\n \"pattern\": \"master\",\n \"type\": \"HEAD_REF\",\n },\n ],\n }],\n project_name=aws_codebuild_project[\"example\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.CodeBuild.Webhook(\"example\", new Aws.CodeBuild.WebhookArgs\n {\n FilterGroups = \n {\n new Aws.CodeBuild.Inputs.WebhookFilterGroupArgs\n {\n Filter = \n {\n \n {\n { \"pattern\", \"PUSH\" },\n { \"type\", \"EVENT\" },\n },\n \n {\n { \"pattern\", \"master\" },\n { \"type\", \"HEAD_REF\" },\n },\n },\n },\n },\n ProjectName = aws_codebuild_project.Example.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = codebuild.NewWebhook(ctx, \"example\", \u0026codebuild.WebhookArgs{\n\t\t\tFilterGroups: codebuild.WebhookFilterGroupArray{\n\t\t\t\t\u0026codebuild.WebhookFilterGroupArgs{\n\t\t\t\t\tFilter: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"pattern\": pulumi.String(\"PUSH\"),\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"EVENT\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"pattern\": pulumi.String(\"master\"),\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"HEAD_REF\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tProjectName: pulumi.String(aws_codebuild_project.Example.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### GitHub Enterprise\n\nWhen working with [GitHub Enterprise](https://enterprise.github.com/) source CodeBuild webhooks, the GHE repository webhook must be separately managed (e.g. manually or with the `github_repository_webhook` resource).\n\nMore information creating webhooks with GitHub Enterprise can be found in the [CodeBuild User Guide](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-github-enterprise.html).\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as github from \"@pulumi/github\";\n\nconst exampleWebhook = new aws.codebuild.Webhook(\"example\", {\n projectName: aws_codebuild_project_example.name,\n});\nconst exampleRepositoryWebhook = new github.RepositoryWebhook(\"example\", {\n active: true,\n configuration: {\n contentType: \"json\",\n insecureSsl: false,\n secret: exampleWebhook.secret,\n url: exampleWebhook.payloadUrl,\n },\n events: [\"push\"],\n repository: github_repository_example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_github as github\n\nexample_webhook = aws.codebuild.Webhook(\"exampleWebhook\", project_name=aws_codebuild_project[\"example\"][\"name\"])\nexample_repository_webhook = github.RepositoryWebhook(\"exampleRepositoryWebhook\",\n active=True,\n configuration={\n \"contentType\": \"json\",\n \"insecureSsl\": False,\n \"secret\": example_webhook.secret,\n \"url\": example_webhook.payload_url,\n },\n events=[\"push\"],\n repository=github_repository[\"example\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Github = Pulumi.Github;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleWebhook = new Aws.CodeBuild.Webhook(\"exampleWebhook\", new Aws.CodeBuild.WebhookArgs\n {\n ProjectName = aws_codebuild_project.Example.Name,\n });\n var exampleRepositoryWebhook = new Github.RepositoryWebhook(\"exampleRepositoryWebhook\", new Github.RepositoryWebhookArgs\n {\n Active = true,\n Configuration = new Github.Inputs.RepositoryWebhookConfigurationArgs\n {\n ContentType = \"json\",\n InsecureSsl = false,\n Secret = exampleWebhook.Secret,\n Url = exampleWebhook.PayloadUrl,\n },\n Events = \n {\n \"push\",\n },\n Repository = github_repository.Example.Name,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "branchFilter": { "type": "string", "description": "A regular expression used to determine which branches get built. Default is all branches are built. It is recommended to use `filter_group` over `branch_filter`.\n" }, "filterGroups": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/WebhookFilterGroup:WebhookFilterGroup" }, "description": "Information about the webhook's trigger. Filter group blocks are documented below.\n" }, "payloadUrl": { "type": "string", "description": "The CodeBuild endpoint where webhook events are sent.\n" }, "projectName": { "type": "string", "description": "The name of the build project.\n" }, "secret": { "type": "string", "description": "The secret token of the associated repository. Not returned by the CodeBuild API for all source types.\n" }, "url": { "type": "string", "description": "The URL to the webhook.\n" } }, "required": [ "payloadUrl", "projectName", "secret", "url" ], "inputProperties": { "branchFilter": { "type": "string", "description": "A regular expression used to determine which branches get built. Default is all branches are built. It is recommended to use `filter_group` over `branch_filter`.\n" }, "filterGroups": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/WebhookFilterGroup:WebhookFilterGroup" }, "description": "Information about the webhook's trigger. Filter group blocks are documented below.\n" }, "projectName": { "type": "string", "description": "The name of the build project.\n" } }, "requiredInputs": [ "projectName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Webhook resources.\n", "properties": { "branchFilter": { "type": "string", "description": "A regular expression used to determine which branches get built. Default is all branches are built. It is recommended to use `filter_group` over `branch_filter`.\n" }, "filterGroups": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/WebhookFilterGroup:WebhookFilterGroup" }, "description": "Information about the webhook's trigger. Filter group blocks are documented below.\n" }, "payloadUrl": { "type": "string", "description": "The CodeBuild endpoint where webhook events are sent.\n" }, "projectName": { "type": "string", "description": "The name of the build project.\n" }, "secret": { "type": "string", "description": "The secret token of the associated repository. Not returned by the CodeBuild API for all source types.\n" }, "url": { "type": "string", "description": "The URL to the webhook.\n" } }, "type": "object" } }, "aws:codecommit/repository:Repository": { "description": "Provides a CodeCommit Repository Resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.codecommit.Repository(\"test\", {\n description: \"This is the Sample App Repository\",\n repositoryName: \"MyTestRepository\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.codecommit.Repository(\"test\",\n description=\"This is the Sample App Repository\",\n repository_name=\"MyTestRepository\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.CodeCommit.Repository(\"test\", new Aws.CodeCommit.RepositoryArgs\n {\n Description = \"This is the Sample App Repository\",\n RepositoryName = \"MyTestRepository\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = codecommit.NewRepository(ctx, \"test\", \u0026codecommit.RepositoryArgs{\n\t\t\tDescription: pulumi.String(\"This is the Sample App Repository\"),\n\t\t\tRepositoryName: pulumi.String(\"MyTestRepository\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the repository\n" }, "cloneUrlHttp": { "type": "string", "description": "The URL to use for cloning the repository over HTTPS.\n" }, "cloneUrlSsh": { "type": "string", "description": "The URL to use for cloning the repository over SSH.\n" }, "defaultBranch": { "type": "string", "description": "The default branch of the repository. The branch specified here needs to exist.\n" }, "description": { "type": "string", "description": "The description of the repository. This needs to be less than 1000 characters\n" }, "repositoryId": { "type": "string", "description": "The ID of the repository\n" }, "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "cloneUrlHttp", "cloneUrlSsh", "repositoryId", "repositoryName" ], "inputProperties": { "defaultBranch": { "type": "string", "description": "The default branch of the repository. The branch specified here needs to exist.\n" }, "description": { "type": "string", "description": "The description of the repository. This needs to be less than 1000 characters\n" }, "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "repositoryName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Repository resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the repository\n" }, "cloneUrlHttp": { "type": "string", "description": "The URL to use for cloning the repository over HTTPS.\n" }, "cloneUrlSsh": { "type": "string", "description": "The URL to use for cloning the repository over SSH.\n" }, "defaultBranch": { "type": "string", "description": "The default branch of the repository. The branch specified here needs to exist.\n" }, "description": { "type": "string", "description": "The description of the repository. This needs to be less than 1000 characters\n" }, "repositoryId": { "type": "string", "description": "The ID of the repository\n" }, "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:codecommit/trigger:Trigger": { "description": "Provides a CodeCommit Trigger Resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRepository = new aws.codecommit.Repository(\"test\", {\n repositoryName: \"test\",\n});\nconst testTrigger = new aws.codecommit.Trigger(\"test\", {\n repositoryName: testRepository.repositoryName,\n triggers: [{\n destinationArn: aws_sns_topic_test.arn,\n events: [\"all\"],\n name: \"all\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_repository = aws.codecommit.Repository(\"testRepository\", repository_name=\"test\")\ntest_trigger = aws.codecommit.Trigger(\"testTrigger\",\n repository_name=test_repository.repository_name,\n triggers=[{\n \"destination_arn\": aws_sns_topic[\"test\"][\"arn\"],\n \"events\": [\"all\"],\n \"name\": \"all\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testRepository = new Aws.CodeCommit.Repository(\"testRepository\", new Aws.CodeCommit.RepositoryArgs\n {\n RepositoryName = \"test\",\n });\n var testTrigger = new Aws.CodeCommit.Trigger(\"testTrigger\", new Aws.CodeCommit.TriggerArgs\n {\n RepositoryName = testRepository.RepositoryName,\n Triggers = \n {\n new Aws.CodeCommit.Inputs.TriggerTriggerArgs\n {\n DestinationArn = aws_sns_topic.Test.Arn,\n Events = \n {\n \"all\",\n },\n Name = \"all\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestRepository, err := codecommit.NewRepository(ctx, \"testRepository\", \u0026codecommit.RepositoryArgs{\n\t\t\tRepositoryName: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codecommit.NewTrigger(ctx, \"testTrigger\", \u0026codecommit.TriggerArgs{\n\t\t\tRepositoryName: testRepository.RepositoryName,\n\t\t\tTriggers: codecommit.TriggerTriggerArray{\n\t\t\t\t\u0026codecommit.TriggerTriggerArgs{\n\t\t\t\t\tDestinationArn: pulumi.String(aws_sns_topic.Test.Arn),\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t\t},\n\t\t\t\t\tName: pulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "configurationId": { "type": "string" }, "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" }, "triggers": { "type": "array", "items": { "$ref": "#/types/aws:codecommit/TriggerTrigger:TriggerTrigger" } } }, "required": [ "configurationId", "repositoryName", "triggers" ], "inputProperties": { "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" }, "triggers": { "type": "array", "items": { "$ref": "#/types/aws:codecommit/TriggerTrigger:TriggerTrigger" } } }, "requiredInputs": [ "repositoryName", "triggers" ], "stateInputs": { "description": "Input properties used for looking up and filtering Trigger resources.\n", "properties": { "configurationId": { "type": "string" }, "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" }, "triggers": { "type": "array", "items": { "$ref": "#/types/aws:codecommit/TriggerTrigger:TriggerTrigger" } } }, "type": "object" } }, "aws:codedeploy/application:Application": { "description": "Provides a CodeDeploy application to be used as a basis for deployments\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### ECS Application\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codedeploy.Application(\"example\", {\n computePlatform: \"ECS\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codedeploy.Application(\"example\", compute_platform=\"ECS\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.CodeDeploy.Application(\"example\", new Aws.CodeDeploy.ApplicationArgs\n {\n ComputePlatform = \"ECS\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = codedeploy.NewApplication(ctx, \"example\", \u0026codedeploy.ApplicationArgs{\n\t\t\tComputePlatform: pulumi.String(\"ECS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Lambda Application\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codedeploy.Application(\"example\", {\n computePlatform: \"Lambda\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codedeploy.Application(\"example\", compute_platform=\"Lambda\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.CodeDeploy.Application(\"example\", new Aws.CodeDeploy.ApplicationArgs\n {\n ComputePlatform = \"Lambda\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = codedeploy.NewApplication(ctx, \"example\", \u0026codedeploy.ApplicationArgs{\n\t\t\tComputePlatform: pulumi.String(\"Lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Server Application\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codedeploy.Application(\"example\", {\n computePlatform: \"Server\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codedeploy.Application(\"example\", compute_platform=\"Server\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.CodeDeploy.Application(\"example\", new Aws.CodeDeploy.ApplicationArgs\n {\n ComputePlatform = \"Server\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = codedeploy.NewApplication(ctx, \"example\", \u0026codedeploy.ApplicationArgs{\n\t\t\tComputePlatform: pulumi.String(\"Server\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "computePlatform": { "type": "string", "description": "The compute platform can either be `ECS`, `Lambda`, or `Server`. Default is `Server`.\n" }, "name": { "type": "string", "description": "The name of the application.\n" }, "uniqueId": { "type": "string" } }, "required": [ "name", "uniqueId" ], "inputProperties": { "computePlatform": { "type": "string", "description": "The compute platform can either be `ECS`, `Lambda`, or `Server`. Default is `Server`.\n" }, "name": { "type": "string", "description": "The name of the application.\n" }, "uniqueId": { "type": "string" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "computePlatform": { "type": "string", "description": "The compute platform can either be `ECS`, `Lambda`, or `Server`. Default is `Server`.\n" }, "name": { "type": "string", "description": "The name of the application.\n" }, "uniqueId": { "type": "string" } }, "type": "object" } }, "aws:codedeploy/deploymentConfig:DeploymentConfig": { "description": "Provides a CodeDeploy deployment config for an application\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Server Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooDeploymentConfig = new aws.codedeploy.DeploymentConfig(\"foo\", {\n deploymentConfigName: \"test-deployment-config\",\n minimumHealthyHosts: {\n type: \"HOST_COUNT\",\n value: 2,\n },\n});\nconst fooDeploymentGroup = new aws.codedeploy.DeploymentGroup(\"foo\", {\n alarmConfiguration: {\n alarms: [\"my-alarm-name\"],\n enabled: true,\n },\n appName: aws_codedeploy_app_foo_app.name,\n autoRollbackConfiguration: {\n enabled: true,\n events: [\"DEPLOYMENT_FAILURE\"],\n },\n deploymentConfigName: fooDeploymentConfig.id,\n deploymentGroupName: \"bar\",\n ec2TagFilters: [{\n key: \"filterkey\",\n type: \"KEY_AND_VALUE\",\n value: \"filtervalue\",\n }],\n serviceRoleArn: aws_iam_role_foo_role.arn,\n triggerConfigurations: [{\n triggerEvents: [\"DeploymentFailure\"],\n triggerName: \"foo-trigger\",\n triggerTargetArn: \"foo-topic-arn\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_deployment_config = aws.codedeploy.DeploymentConfig(\"fooDeploymentConfig\",\n deployment_config_name=\"test-deployment-config\",\n minimum_healthy_hosts={\n \"type\": \"HOST_COUNT\",\n \"value\": 2,\n })\nfoo_deployment_group = aws.codedeploy.DeploymentGroup(\"fooDeploymentGroup\",\n alarm_configuration={\n \"alarms\": [\"my-alarm-name\"],\n \"enabled\": True,\n },\n app_name=aws_codedeploy_app[\"foo_app\"][\"name\"],\n auto_rollback_configuration={\n \"enabled\": True,\n \"events\": [\"DEPLOYMENT_FAILURE\"],\n },\n deployment_config_name=foo_deployment_config.id,\n deployment_group_name=\"bar\",\n ec2_tag_filters=[{\n \"key\": \"filterkey\",\n \"type\": \"KEY_AND_VALUE\",\n \"value\": \"filtervalue\",\n }],\n service_role_arn=aws_iam_role[\"foo_role\"][\"arn\"],\n trigger_configurations=[{\n \"triggerEvents\": [\"DeploymentFailure\"],\n \"triggerName\": \"foo-trigger\",\n \"triggerTargetArn\": \"foo-topic-arn\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooDeploymentConfig = new Aws.CodeDeploy.DeploymentConfig(\"fooDeploymentConfig\", new Aws.CodeDeploy.DeploymentConfigArgs\n {\n DeploymentConfigName = \"test-deployment-config\",\n MinimumHealthyHosts = new Aws.CodeDeploy.Inputs.DeploymentConfigMinimumHealthyHostsArgs\n {\n Type = \"HOST_COUNT\",\n Value = 2,\n },\n });\n var fooDeploymentGroup = new Aws.CodeDeploy.DeploymentGroup(\"fooDeploymentGroup\", new Aws.CodeDeploy.DeploymentGroupArgs\n {\n AlarmConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAlarmConfigurationArgs\n {\n Alarms = \n {\n \"my-alarm-name\",\n },\n Enabled = true,\n },\n AppName = aws_codedeploy_app.Foo_app.Name,\n AutoRollbackConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAutoRollbackConfigurationArgs\n {\n Enabled = true,\n Events = \n {\n \"DEPLOYMENT_FAILURE\",\n },\n },\n DeploymentConfigName = fooDeploymentConfig.Id,\n DeploymentGroupName = \"bar\",\n Ec2TagFilters = \n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupEc2TagFilterArgs\n {\n Key = \"filterkey\",\n Type = \"KEY_AND_VALUE\",\n Value = \"filtervalue\",\n },\n },\n ServiceRoleArn = aws_iam_role.Foo_role.Arn,\n TriggerConfigurations = \n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupTriggerConfigurationArgs\n {\n TriggerEvents = \n {\n \"DeploymentFailure\",\n },\n TriggerName = \"foo-trigger\",\n TriggerTargetArn = \"foo-topic-arn\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooDeploymentConfig, err := codedeploy.NewDeploymentConfig(ctx, \"fooDeploymentConfig\", \u0026codedeploy.DeploymentConfigArgs{\n\t\t\tDeploymentConfigName: pulumi.String(\"test-deployment-config\"),\n\t\t\tMinimumHealthyHosts: \u0026codedeploy.DeploymentConfigMinimumHealthyHostsArgs{\n\t\t\t\tType: pulumi.String(\"HOST_COUNT\"),\n\t\t\t\tValue: pulumi.Int(2),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codedeploy.NewDeploymentGroup(ctx, \"fooDeploymentGroup\", \u0026codedeploy.DeploymentGroupArgs{\n\t\t\tAlarmConfiguration: \u0026codedeploy.DeploymentGroupAlarmConfigurationArgs{\n\t\t\t\tAlarms: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"my-alarm-name\"),\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tAppName: pulumi.String(aws_codedeploy_app.Foo_app.Name),\n\t\t\tAutoRollbackConfiguration: \u0026codedeploy.DeploymentGroupAutoRollbackConfigurationArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"DEPLOYMENT_FAILURE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tDeploymentConfigName: fooDeploymentConfig.ID(),\n\t\t\tDeploymentGroupName: pulumi.String(\"bar\"),\n\t\t\tEc2TagFilters: codedeploy.DeploymentGroupEc2TagFilterArray{\n\t\t\t\t\u0026codedeploy.DeploymentGroupEc2TagFilterArgs{\n\t\t\t\t\tKey: pulumi.String(\"filterkey\"),\n\t\t\t\t\tType: pulumi.String(\"KEY_AND_VALUE\"),\n\t\t\t\t\tValue: pulumi.String(\"filtervalue\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceRoleArn: pulumi.String(aws_iam_role.Foo_role.Arn),\n\t\t\tTriggerConfigurations: codedeploy.DeploymentGroupTriggerConfigurationArray{\n\t\t\t\t\u0026codedeploy.DeploymentGroupTriggerConfigurationArgs{\n\t\t\t\t\tTriggerEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"DeploymentFailure\"),\n\t\t\t\t\t},\n\t\t\t\t\tTriggerName: pulumi.String(\"foo-trigger\"),\n\t\t\t\t\tTriggerTargetArn: pulumi.String(\"foo-topic-arn\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Lambda Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooDeploymentConfig = new aws.codedeploy.DeploymentConfig(\"foo\", {\n computePlatform: \"Lambda\",\n deploymentConfigName: \"test-deployment-config\",\n trafficRoutingConfig: {\n timeBasedLinear: {\n interval: 10,\n percentage: 10,\n },\n type: \"TimeBasedLinear\",\n },\n});\nconst fooDeploymentGroup = new aws.codedeploy.DeploymentGroup(\"foo\", {\n alarmConfiguration: {\n alarms: [\"my-alarm-name\"],\n enabled: true,\n },\n appName: aws_codedeploy_app_foo_app.name,\n autoRollbackConfiguration: {\n enabled: true,\n events: [\"DEPLOYMENT_STOP_ON_ALARM\"],\n },\n deploymentConfigName: fooDeploymentConfig.id,\n deploymentGroupName: \"bar\",\n serviceRoleArn: aws_iam_role_foo_role.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_deployment_config = aws.codedeploy.DeploymentConfig(\"fooDeploymentConfig\",\n compute_platform=\"Lambda\",\n deployment_config_name=\"test-deployment-config\",\n traffic_routing_config={\n \"timeBasedLinear\": {\n \"interval\": 10,\n \"percentage\": 10,\n },\n \"type\": \"TimeBasedLinear\",\n })\nfoo_deployment_group = aws.codedeploy.DeploymentGroup(\"fooDeploymentGroup\",\n alarm_configuration={\n \"alarms\": [\"my-alarm-name\"],\n \"enabled\": True,\n },\n app_name=aws_codedeploy_app[\"foo_app\"][\"name\"],\n auto_rollback_configuration={\n \"enabled\": True,\n \"events\": [\"DEPLOYMENT_STOP_ON_ALARM\"],\n },\n deployment_config_name=foo_deployment_config.id,\n deployment_group_name=\"bar\",\n service_role_arn=aws_iam_role[\"foo_role\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooDeploymentConfig = new Aws.CodeDeploy.DeploymentConfig(\"fooDeploymentConfig\", new Aws.CodeDeploy.DeploymentConfigArgs\n {\n ComputePlatform = \"Lambda\",\n DeploymentConfigName = \"test-deployment-config\",\n TrafficRoutingConfig = new Aws.CodeDeploy.Inputs.DeploymentConfigTrafficRoutingConfigArgs\n {\n TimeBasedLinear = new Aws.CodeDeploy.Inputs.DeploymentConfigTrafficRoutingConfigTimeBasedLinearArgs\n {\n Interval = 10,\n Percentage = 10,\n },\n Type = \"TimeBasedLinear\",\n },\n });\n var fooDeploymentGroup = new Aws.CodeDeploy.DeploymentGroup(\"fooDeploymentGroup\", new Aws.CodeDeploy.DeploymentGroupArgs\n {\n AlarmConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAlarmConfigurationArgs\n {\n Alarms = \n {\n \"my-alarm-name\",\n },\n Enabled = true,\n },\n AppName = aws_codedeploy_app.Foo_app.Name,\n AutoRollbackConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAutoRollbackConfigurationArgs\n {\n Enabled = true,\n Events = \n {\n \"DEPLOYMENT_STOP_ON_ALARM\",\n },\n },\n DeploymentConfigName = fooDeploymentConfig.Id,\n DeploymentGroupName = \"bar\",\n ServiceRoleArn = aws_iam_role.Foo_role.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooDeploymentConfig, err := codedeploy.NewDeploymentConfig(ctx, \"fooDeploymentConfig\", \u0026codedeploy.DeploymentConfigArgs{\n\t\t\tComputePlatform: pulumi.String(\"Lambda\"),\n\t\t\tDeploymentConfigName: pulumi.String(\"test-deployment-config\"),\n\t\t\tTrafficRoutingConfig: \u0026codedeploy.DeploymentConfigTrafficRoutingConfigArgs{\n\t\t\t\tTimeBasedLinear: \u0026codedeploy.DeploymentConfigTrafficRoutingConfigTimeBasedLinearArgs{\n\t\t\t\t\tInterval: pulumi.Int(10),\n\t\t\t\t\tPercentage: pulumi.Int(10),\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"TimeBasedLinear\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codedeploy.NewDeploymentGroup(ctx, \"fooDeploymentGroup\", \u0026codedeploy.DeploymentGroupArgs{\n\t\t\tAlarmConfiguration: \u0026codedeploy.DeploymentGroupAlarmConfigurationArgs{\n\t\t\t\tAlarms: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"my-alarm-name\"),\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tAppName: pulumi.String(aws_codedeploy_app.Foo_app.Name),\n\t\t\tAutoRollbackConfiguration: \u0026codedeploy.DeploymentGroupAutoRollbackConfigurationArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"DEPLOYMENT_STOP_ON_ALARM\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tDeploymentConfigName: fooDeploymentConfig.ID(),\n\t\t\tDeploymentGroupName: pulumi.String(\"bar\"),\n\t\t\tServiceRoleArn: pulumi.String(aws_iam_role.Foo_role.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "computePlatform": { "type": "string", "description": "The compute platform can be `Server`, `Lambda`, or `ECS`. Default is `Server`.\n" }, "deploymentConfigId": { "type": "string", "description": "The AWS Assigned deployment config id\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the deployment config.\n" }, "minimumHealthyHosts": { "$ref": "#/types/aws:codedeploy/DeploymentConfigMinimumHealthyHosts:DeploymentConfigMinimumHealthyHosts", "description": "A minimum_healthy_hosts block. Required for `Server` compute platform. Minimum Healthy Hosts are documented below.\n" }, "trafficRoutingConfig": { "$ref": "#/types/aws:codedeploy/DeploymentConfigTrafficRoutingConfig:DeploymentConfigTrafficRoutingConfig", "description": "A traffic_routing_config block. Traffic Routing Config is documented below.\n" } }, "required": [ "deploymentConfigId", "deploymentConfigName" ], "inputProperties": { "computePlatform": { "type": "string", "description": "The compute platform can be `Server`, `Lambda`, or `ECS`. Default is `Server`.\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the deployment config.\n" }, "minimumHealthyHosts": { "$ref": "#/types/aws:codedeploy/DeploymentConfigMinimumHealthyHosts:DeploymentConfigMinimumHealthyHosts", "description": "A minimum_healthy_hosts block. Required for `Server` compute platform. Minimum Healthy Hosts are documented below.\n" }, "trafficRoutingConfig": { "$ref": "#/types/aws:codedeploy/DeploymentConfigTrafficRoutingConfig:DeploymentConfigTrafficRoutingConfig", "description": "A traffic_routing_config block. Traffic Routing Config is documented below.\n" } }, "requiredInputs": [ "deploymentConfigName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DeploymentConfig resources.\n", "properties": { "computePlatform": { "type": "string", "description": "The compute platform can be `Server`, `Lambda`, or `ECS`. Default is `Server`.\n" }, "deploymentConfigId": { "type": "string", "description": "The AWS Assigned deployment config id\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the deployment config.\n" }, "minimumHealthyHosts": { "$ref": "#/types/aws:codedeploy/DeploymentConfigMinimumHealthyHosts:DeploymentConfigMinimumHealthyHosts", "description": "A minimum_healthy_hosts block. Required for `Server` compute platform. Minimum Healthy Hosts are documented below.\n" }, "trafficRoutingConfig": { "$ref": "#/types/aws:codedeploy/DeploymentConfigTrafficRoutingConfig:DeploymentConfigTrafficRoutingConfig", "description": "A traffic_routing_config block. Traffic Routing Config is documented below.\n" } }, "type": "object" } }, "aws:codedeploy/deploymentGroup:DeploymentGroup": { "description": "Provides a CodeDeploy Deployment Group for a CodeDeploy Application\n\n\u003e **NOTE on blue/green deployments:** When using `green_fleet_provisioning_option` with the `COPY_AUTO_SCALING_GROUP` action, CodeDeploy will create a new ASG with a different name. This ASG is _not_ managed by this provider and will conflict with existing configuration and state. You may want to use a different approach to managing deployments that involve multiple ASG, such as `DISCOVER_EXISTING` with separate blue and green ASG.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRole = new aws.iam.Role(\"example\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"codedeploy.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n`,\n});\nconst aWSCodeDeployRole = new aws.iam.RolePolicyAttachment(\"AWSCodeDeployRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole\",\n role: exampleRole.name,\n});\nconst exampleApplication = new aws.codedeploy.Application(\"example\", {});\nconst exampleTopic = new aws.sns.Topic(\"example\", {});\nconst exampleDeploymentGroup = new aws.codedeploy.DeploymentGroup(\"example\", {\n alarmConfiguration: {\n alarms: [\"my-alarm-name\"],\n enabled: true,\n },\n appName: exampleApplication.name,\n autoRollbackConfiguration: {\n enabled: true,\n events: [\"DEPLOYMENT_FAILURE\"],\n },\n deploymentGroupName: \"example-group\",\n ec2TagSets: [{\n ec2TagFilters: [\n {\n key: \"filterkey1\",\n type: \"KEY_AND_VALUE\",\n value: \"filtervalue\",\n },\n {\n key: \"filterkey2\",\n type: \"KEY_AND_VALUE\",\n value: \"filtervalue\",\n },\n ],\n }],\n serviceRoleArn: exampleRole.arn,\n triggerConfigurations: [{\n triggerEvents: [\"DeploymentFailure\"],\n triggerName: \"example-trigger\",\n triggerTargetArn: exampleTopic.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_role = aws.iam.Role(\"exampleRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"codedeploy.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n\n\"\"\")\na_ws_code_deploy_role = aws.iam.RolePolicyAttachment(\"aWSCodeDeployRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole\",\n role=example_role.name)\nexample_application = aws.codedeploy.Application(\"exampleApplication\")\nexample_topic = aws.sns.Topic(\"exampleTopic\")\nexample_deployment_group = aws.codedeploy.DeploymentGroup(\"exampleDeploymentGroup\",\n alarm_configuration={\n \"alarms\": [\"my-alarm-name\"],\n \"enabled\": True,\n },\n app_name=example_application.name,\n auto_rollback_configuration={\n \"enabled\": True,\n \"events\": [\"DEPLOYMENT_FAILURE\"],\n },\n deployment_group_name=\"example-group\",\n ec2_tag_sets=[{\n \"ec2TagFilter\": [\n {\n \"key\": \"filterkey1\",\n \"type\": \"KEY_AND_VALUE\",\n \"value\": \"filtervalue\",\n },\n {\n \"key\": \"filterkey2\",\n \"type\": \"KEY_AND_VALUE\",\n \"value\": \"filtervalue\",\n },\n ],\n }],\n service_role_arn=example_role.arn,\n trigger_configurations=[{\n \"triggerEvents\": [\"DeploymentFailure\"],\n \"triggerName\": \"example-trigger\",\n \"triggerTargetArn\": example_topic.arn,\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleRole = new Aws.Iam.Role(\"exampleRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Sid\"\": \"\"\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"codedeploy.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"sts:AssumeRole\"\"\n }\n ]\n}\n\n\",\n });\n var aWSCodeDeployRole = new Aws.Iam.RolePolicyAttachment(\"aWSCodeDeployRole\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole\",\n Role = exampleRole.Name,\n });\n var exampleApplication = new Aws.CodeDeploy.Application(\"exampleApplication\", new Aws.CodeDeploy.ApplicationArgs\n {\n });\n var exampleTopic = new Aws.Sns.Topic(\"exampleTopic\", new Aws.Sns.TopicArgs\n {\n });\n var exampleDeploymentGroup = new Aws.CodeDeploy.DeploymentGroup(\"exampleDeploymentGroup\", new Aws.CodeDeploy.DeploymentGroupArgs\n {\n AlarmConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAlarmConfigurationArgs\n {\n Alarms = \n {\n \"my-alarm-name\",\n },\n Enabled = true,\n },\n AppName = exampleApplication.Name,\n AutoRollbackConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAutoRollbackConfigurationArgs\n {\n Enabled = true,\n Events = \n {\n \"DEPLOYMENT_FAILURE\",\n },\n },\n DeploymentGroupName = \"example-group\",\n Ec2TagSets = \n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupEc2TagSetArgs\n {\n Ec2TagFilter = \n {\n \n {\n { \"key\", \"filterkey1\" },\n { \"type\", \"KEY_AND_VALUE\" },\n { \"value\", \"filtervalue\" },\n },\n \n {\n { \"key\", \"filterkey2\" },\n { \"type\", \"KEY_AND_VALUE\" },\n { \"value\", \"filtervalue\" },\n },\n },\n },\n },\n ServiceRoleArn = exampleRole.Arn,\n TriggerConfigurations = \n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupTriggerConfigurationArgs\n {\n TriggerEvents = \n {\n \"DeploymentFailure\",\n },\n TriggerName = \"example-trigger\",\n TriggerTargetArn = exampleTopic.Arn,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRole, err := iam.NewRole(ctx, \"exampleRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"codedeploy.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"aWSCodeDeployRole\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole\"),\n\t\t\tRole: exampleRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := codedeploy.NewApplication(ctx, \"exampleApplication\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTopic, err := sns.NewTopic(ctx, \"exampleTopic\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codedeploy.NewDeploymentGroup(ctx, \"exampleDeploymentGroup\", \u0026codedeploy.DeploymentGroupArgs{\n\t\t\tAlarmConfiguration: \u0026codedeploy.DeploymentGroupAlarmConfigurationArgs{\n\t\t\t\tAlarms: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"my-alarm-name\"),\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tAppName: exampleApplication.Name,\n\t\t\tAutoRollbackConfiguration: \u0026codedeploy.DeploymentGroupAutoRollbackConfigurationArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"DEPLOYMENT_FAILURE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tDeploymentGroupName: pulumi.String(\"example-group\"),\n\t\t\tEc2TagSets: codedeploy.DeploymentGroupEc2TagSetArray{\n\t\t\t\t\u0026codedeploy.DeploymentGroupEc2TagSetArgs{\n\t\t\t\t\tEc2TagFilter: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"filterkey1\"),\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"KEY_AND_VALUE\"),\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"filtervalue\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"filterkey2\"),\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"KEY_AND_VALUE\"),\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"filtervalue\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceRoleArn: exampleRole.Arn,\n\t\t\tTriggerConfigurations: codedeploy.DeploymentGroupTriggerConfigurationArray{\n\t\t\t\t\u0026codedeploy.DeploymentGroupTriggerConfigurationArgs{\n\t\t\t\t\tTriggerEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"DeploymentFailure\"),\n\t\t\t\t\t},\n\t\t\t\t\tTriggerName: pulumi.String(\"example-trigger\"),\n\t\t\t\t\tTriggerTargetArn: exampleTopic.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Blue Green Deployments with ECS\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleApplication = new aws.codedeploy.Application(\"example\", {\n computePlatform: \"ECS\",\n});\nconst exampleDeploymentGroup = new aws.codedeploy.DeploymentGroup(\"example\", {\n appName: exampleApplication.name,\n autoRollbackConfiguration: {\n enabled: true,\n events: [\"DEPLOYMENT_FAILURE\"],\n },\n blueGreenDeploymentConfig: {\n deploymentReadyOption: {\n actionOnTimeout: \"CONTINUE_DEPLOYMENT\",\n },\n terminateBlueInstancesOnDeploymentSuccess: {\n action: \"TERMINATE\",\n terminationWaitTimeInMinutes: 5,\n },\n },\n deploymentConfigName: \"CodeDeployDefault.ECSAllAtOnce\",\n deploymentGroupName: \"example\",\n deploymentStyle: {\n deploymentOption: \"WITH_TRAFFIC_CONTROL\",\n deploymentType: \"BLUE_GREEN\",\n },\n ecsService: {\n clusterName: aws_ecs_cluster_example.name,\n serviceName: aws_ecs_service_example.name,\n },\n loadBalancerInfo: {\n targetGroupPairInfo: {\n prodTrafficRoute: {\n listenerArns: [aws_lb_listener_example.arn],\n },\n targetGroups: [\n {\n name: aws_lb_target_group_blue.name,\n },\n {\n name: aws_lb_target_group_green.name,\n },\n ],\n },\n },\n serviceRoleArn: aws_iam_role_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_application = aws.codedeploy.Application(\"exampleApplication\", compute_platform=\"ECS\")\nexample_deployment_group = aws.codedeploy.DeploymentGroup(\"exampleDeploymentGroup\",\n app_name=example_application.name,\n auto_rollback_configuration={\n \"enabled\": True,\n \"events\": [\"DEPLOYMENT_FAILURE\"],\n },\n blue_green_deployment_config={\n \"deploymentReadyOption\": {\n \"actionOnTimeout\": \"CONTINUE_DEPLOYMENT\",\n },\n \"terminateBlueInstancesOnDeploymentSuccess\": {\n \"action\": \"TERMINATE\",\n \"terminationWaitTimeInMinutes\": 5,\n },\n },\n deployment_config_name=\"CodeDeployDefault.ECSAllAtOnce\",\n deployment_group_name=\"example\",\n deployment_style={\n \"deploymentOption\": \"WITH_TRAFFIC_CONTROL\",\n \"deploymentType\": \"BLUE_GREEN\",\n },\n ecs_service={\n \"cluster_name\": aws_ecs_cluster[\"example\"][\"name\"],\n \"service_name\": aws_ecs_service[\"example\"][\"name\"],\n },\n load_balancer_info={\n \"targetGroupPairInfo\": {\n \"prodTrafficRoute\": {\n \"listenerArns\": [aws_lb_listener[\"example\"][\"arn\"]],\n },\n \"targetGroup\": [\n {\n \"name\": aws_lb_target_group[\"blue\"][\"name\"],\n },\n {\n \"name\": aws_lb_target_group[\"green\"][\"name\"],\n },\n ],\n },\n },\n service_role_arn=aws_iam_role[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleApplication = new Aws.CodeDeploy.Application(\"exampleApplication\", new Aws.CodeDeploy.ApplicationArgs\n {\n ComputePlatform = \"ECS\",\n });\n var exampleDeploymentGroup = new Aws.CodeDeploy.DeploymentGroup(\"exampleDeploymentGroup\", new Aws.CodeDeploy.DeploymentGroupArgs\n {\n AppName = exampleApplication.Name,\n AutoRollbackConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAutoRollbackConfigurationArgs\n {\n Enabled = true,\n Events = \n {\n \"DEPLOYMENT_FAILURE\",\n },\n },\n BlueGreenDeploymentConfig = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigArgs\n {\n DeploymentReadyOption = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs\n {\n ActionOnTimeout = \"CONTINUE_DEPLOYMENT\",\n },\n TerminateBlueInstancesOnDeploymentSuccess = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs\n {\n Action = \"TERMINATE\",\n TerminationWaitTimeInMinutes = 5,\n },\n },\n DeploymentConfigName = \"CodeDeployDefault.ECSAllAtOnce\",\n DeploymentGroupName = \"example\",\n DeploymentStyle = new Aws.CodeDeploy.Inputs.DeploymentGroupDeploymentStyleArgs\n {\n DeploymentOption = \"WITH_TRAFFIC_CONTROL\",\n DeploymentType = \"BLUE_GREEN\",\n },\n EcsService = new Aws.CodeDeploy.Inputs.DeploymentGroupEcsServiceArgs\n {\n ClusterName = aws_ecs_cluster.Example.Name,\n ServiceName = aws_ecs_service.Example.Name,\n },\n LoadBalancerInfo = new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoArgs\n {\n TargetGroupPairInfo = new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoArgs\n {\n ProdTrafficRoute = new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRouteArgs\n {\n ListenerArns = \n {\n aws_lb_listener.Example.Arn,\n },\n },\n TargetGroup = \n {\n \n {\n { \"name\", aws_lb_target_group.Blue.Name },\n },\n \n {\n { \"name\", aws_lb_target_group.Green.Name },\n },\n },\n },\n },\n ServiceRoleArn = aws_iam_role.Example.Arn,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Blue Green Deployments with Servers and Classic ELB\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleApplication = new aws.codedeploy.Application(\"example\", {});\nconst exampleDeploymentGroup = new aws.codedeploy.DeploymentGroup(\"example\", {\n appName: exampleApplication.name,\n blueGreenDeploymentConfig: {\n deploymentReadyOption: {\n actionOnTimeout: \"STOP_DEPLOYMENT\",\n waitTimeInMinutes: 60,\n },\n greenFleetProvisioningOption: {\n action: \"DISCOVER_EXISTING\",\n },\n terminateBlueInstancesOnDeploymentSuccess: {\n action: \"KEEP_ALIVE\",\n },\n },\n deploymentGroupName: \"example-group\",\n deploymentStyle: {\n deploymentOption: \"WITH_TRAFFIC_CONTROL\",\n deploymentType: \"BLUE_GREEN\",\n },\n loadBalancerInfo: {\n elbInfos: [{\n name: aws_elb_example.name,\n }],\n },\n serviceRoleArn: aws_iam_role_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_application = aws.codedeploy.Application(\"exampleApplication\")\nexample_deployment_group = aws.codedeploy.DeploymentGroup(\"exampleDeploymentGroup\",\n app_name=example_application.name,\n blue_green_deployment_config={\n \"deploymentReadyOption\": {\n \"actionOnTimeout\": \"STOP_DEPLOYMENT\",\n \"waitTimeInMinutes\": 60,\n },\n \"greenFleetProvisioningOption\": {\n \"action\": \"DISCOVER_EXISTING\",\n },\n \"terminateBlueInstancesOnDeploymentSuccess\": {\n \"action\": \"KEEP_ALIVE\",\n },\n },\n deployment_group_name=\"example-group\",\n deployment_style={\n \"deploymentOption\": \"WITH_TRAFFIC_CONTROL\",\n \"deploymentType\": \"BLUE_GREEN\",\n },\n load_balancer_info={\n \"elbInfo\": [{\n \"name\": aws_elb[\"example\"][\"name\"],\n }],\n },\n service_role_arn=aws_iam_role[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleApplication = new Aws.CodeDeploy.Application(\"exampleApplication\", new Aws.CodeDeploy.ApplicationArgs\n {\n });\n var exampleDeploymentGroup = new Aws.CodeDeploy.DeploymentGroup(\"exampleDeploymentGroup\", new Aws.CodeDeploy.DeploymentGroupArgs\n {\n AppName = exampleApplication.Name,\n BlueGreenDeploymentConfig = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigArgs\n {\n DeploymentReadyOption = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs\n {\n ActionOnTimeout = \"STOP_DEPLOYMENT\",\n WaitTimeInMinutes = 60,\n },\n GreenFleetProvisioningOption = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOptionArgs\n {\n Action = \"DISCOVER_EXISTING\",\n },\n TerminateBlueInstancesOnDeploymentSuccess = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs\n {\n Action = \"KEEP_ALIVE\",\n },\n },\n DeploymentGroupName = \"example-group\",\n DeploymentStyle = new Aws.CodeDeploy.Inputs.DeploymentGroupDeploymentStyleArgs\n {\n DeploymentOption = \"WITH_TRAFFIC_CONTROL\",\n DeploymentType = \"BLUE_GREEN\",\n },\n LoadBalancerInfo = new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoArgs\n {\n ElbInfo = \n {\n \n {\n { \"name\", aws_elb.Example.Name },\n },\n },\n },\n ServiceRoleArn = aws_iam_role.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := codedeploy.NewApplication(ctx, \"exampleApplication\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codedeploy.NewDeploymentGroup(ctx, \"exampleDeploymentGroup\", \u0026codedeploy.DeploymentGroupArgs{\n\t\t\tAppName: exampleApplication.Name,\n\t\t\tBlueGreenDeploymentConfig: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigArgs{\n\t\t\t\tDeploymentReadyOption: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs{\n\t\t\t\t\tActionOnTimeout: pulumi.String(\"STOP_DEPLOYMENT\"),\n\t\t\t\t\tWaitTimeInMinutes: pulumi.Int(60),\n\t\t\t\t},\n\t\t\t\tGreenFleetProvisioningOption: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOptionArgs{\n\t\t\t\t\tAction: pulumi.String(\"DISCOVER_EXISTING\"),\n\t\t\t\t},\n\t\t\t\tTerminateBlueInstancesOnDeploymentSuccess: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs{\n\t\t\t\t\tAction: pulumi.String(\"KEEP_ALIVE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tDeploymentGroupName: pulumi.String(\"example-group\"),\n\t\t\tDeploymentStyle: \u0026codedeploy.DeploymentGroupDeploymentStyleArgs{\n\t\t\t\tDeploymentOption: pulumi.String(\"WITH_TRAFFIC_CONTROL\"),\n\t\t\t\tDeploymentType: pulumi.String(\"BLUE_GREEN\"),\n\t\t\t},\n\t\t\tLoadBalancerInfo: \u0026codedeploy.DeploymentGroupLoadBalancerInfoArgs{\n\t\t\t\tElbInfo: pulumi.MapArray{\n\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\"name\": pulumi.String(aws_elb.Example.Name),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "alarmConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAlarmConfiguration:DeploymentGroupAlarmConfiguration", "description": "Configuration block of alarms associated with the deployment group (documented below).\n" }, "appName": { "type": "string", "description": "The name of the application.\n" }, "autoRollbackConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAutoRollbackConfiguration:DeploymentGroupAutoRollbackConfiguration", "description": "Configuration block of the automatic rollback configuration associated with the deployment group (documented below).\n" }, "autoscalingGroups": { "type": "array", "items": { "type": "string" }, "description": "Autoscaling groups associated with the deployment group.\n" }, "blueGreenDeploymentConfig": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfig:DeploymentGroupBlueGreenDeploymentConfig", "description": "Configuration block of the blue/green deployment options for a deployment group (documented below).\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the group's deployment config. The default is \"CodeDeployDefault.OneAtATime\".\n" }, "deploymentGroupName": { "type": "string", "description": "The name of the deployment group.\n" }, "deploymentStyle": { "$ref": "#/types/aws:codedeploy/DeploymentGroupDeploymentStyle:DeploymentGroupDeploymentStyle", "description": "Configuration block of the type of deployment, either in-place or blue/green, you want to run and whether to route deployment traffic behind a load balancer (documented below).\n" }, "ec2TagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagFilter:DeploymentGroupEc2TagFilter" }, "description": "Tag filters associated with the deployment group. See the AWS docs for details.\n" }, "ec2TagSets": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagSet:DeploymentGroupEc2TagSet" }, "description": "Configuration block(s) of Tag filters associated with the deployment group, which are also referred to as tag groups (documented below). See the AWS docs for details.\n" }, "ecsService": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEcsService:DeploymentGroupEcsService", "description": "Configuration block(s) of the ECS services for a deployment group (documented below).\n" }, "loadBalancerInfo": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfo:DeploymentGroupLoadBalancerInfo", "description": "Single configuration block of the load balancer to use in a blue/green deployment (documented below).\n" }, "onPremisesInstanceTagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupOnPremisesInstanceTagFilter:DeploymentGroupOnPremisesInstanceTagFilter" }, "description": "On premise tag filters associated with the group. See the AWS docs for details.\n" }, "serviceRoleArn": { "type": "string", "description": "The service role ARN that allows deployments.\n" }, "triggerConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupTriggerConfiguration:DeploymentGroupTriggerConfiguration" }, "description": "Configuration block(s) of the triggers for the deployment group (documented below).\n" } }, "required": [ "appName", "blueGreenDeploymentConfig", "deploymentGroupName", "serviceRoleArn" ], "inputProperties": { "alarmConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAlarmConfiguration:DeploymentGroupAlarmConfiguration", "description": "Configuration block of alarms associated with the deployment group (documented below).\n" }, "appName": { "type": "string", "description": "The name of the application.\n" }, "autoRollbackConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAutoRollbackConfiguration:DeploymentGroupAutoRollbackConfiguration", "description": "Configuration block of the automatic rollback configuration associated with the deployment group (documented below).\n" }, "autoscalingGroups": { "type": "array", "items": { "type": "string" }, "description": "Autoscaling groups associated with the deployment group.\n" }, "blueGreenDeploymentConfig": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfig:DeploymentGroupBlueGreenDeploymentConfig", "description": "Configuration block of the blue/green deployment options for a deployment group (documented below).\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the group's deployment config. The default is \"CodeDeployDefault.OneAtATime\".\n" }, "deploymentGroupName": { "type": "string", "description": "The name of the deployment group.\n" }, "deploymentStyle": { "$ref": "#/types/aws:codedeploy/DeploymentGroupDeploymentStyle:DeploymentGroupDeploymentStyle", "description": "Configuration block of the type of deployment, either in-place or blue/green, you want to run and whether to route deployment traffic behind a load balancer (documented below).\n" }, "ec2TagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagFilter:DeploymentGroupEc2TagFilter" }, "description": "Tag filters associated with the deployment group. See the AWS docs for details.\n" }, "ec2TagSets": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagSet:DeploymentGroupEc2TagSet" }, "description": "Configuration block(s) of Tag filters associated with the deployment group, which are also referred to as tag groups (documented below). See the AWS docs for details.\n" }, "ecsService": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEcsService:DeploymentGroupEcsService", "description": "Configuration block(s) of the ECS services for a deployment group (documented below).\n" }, "loadBalancerInfo": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfo:DeploymentGroupLoadBalancerInfo", "description": "Single configuration block of the load balancer to use in a blue/green deployment (documented below).\n" }, "onPremisesInstanceTagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupOnPremisesInstanceTagFilter:DeploymentGroupOnPremisesInstanceTagFilter" }, "description": "On premise tag filters associated with the group. See the AWS docs for details.\n" }, "serviceRoleArn": { "type": "string", "description": "The service role ARN that allows deployments.\n" }, "triggerConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupTriggerConfiguration:DeploymentGroupTriggerConfiguration" }, "description": "Configuration block(s) of the triggers for the deployment group (documented below).\n" } }, "requiredInputs": [ "appName", "deploymentGroupName", "serviceRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DeploymentGroup resources.\n", "properties": { "alarmConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAlarmConfiguration:DeploymentGroupAlarmConfiguration", "description": "Configuration block of alarms associated with the deployment group (documented below).\n" }, "appName": { "type": "string", "description": "The name of the application.\n" }, "autoRollbackConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAutoRollbackConfiguration:DeploymentGroupAutoRollbackConfiguration", "description": "Configuration block of the automatic rollback configuration associated with the deployment group (documented below).\n" }, "autoscalingGroups": { "type": "array", "items": { "type": "string" }, "description": "Autoscaling groups associated with the deployment group.\n" }, "blueGreenDeploymentConfig": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfig:DeploymentGroupBlueGreenDeploymentConfig", "description": "Configuration block of the blue/green deployment options for a deployment group (documented below).\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the group's deployment config. The default is \"CodeDeployDefault.OneAtATime\".\n" }, "deploymentGroupName": { "type": "string", "description": "The name of the deployment group.\n" }, "deploymentStyle": { "$ref": "#/types/aws:codedeploy/DeploymentGroupDeploymentStyle:DeploymentGroupDeploymentStyle", "description": "Configuration block of the type of deployment, either in-place or blue/green, you want to run and whether to route deployment traffic behind a load balancer (documented below).\n" }, "ec2TagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagFilter:DeploymentGroupEc2TagFilter" }, "description": "Tag filters associated with the deployment group. See the AWS docs for details.\n" }, "ec2TagSets": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagSet:DeploymentGroupEc2TagSet" }, "description": "Configuration block(s) of Tag filters associated with the deployment group, which are also referred to as tag groups (documented below). See the AWS docs for details.\n" }, "ecsService": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEcsService:DeploymentGroupEcsService", "description": "Configuration block(s) of the ECS services for a deployment group (documented below).\n" }, "loadBalancerInfo": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfo:DeploymentGroupLoadBalancerInfo", "description": "Single configuration block of the load balancer to use in a blue/green deployment (documented below).\n" }, "onPremisesInstanceTagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupOnPremisesInstanceTagFilter:DeploymentGroupOnPremisesInstanceTagFilter" }, "description": "On premise tag filters associated with the group. See the AWS docs for details.\n" }, "serviceRoleArn": { "type": "string", "description": "The service role ARN that allows deployments.\n" }, "triggerConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupTriggerConfiguration:DeploymentGroupTriggerConfiguration" }, "description": "Configuration block(s) of the triggers for the deployment group (documented below).\n" } }, "type": "object" } }, "aws:codepipeline/pipeline:Pipeline": { "description": "Provides a CodePipeline.\n\n\u003e **NOTE on `aws.codepipeline.Pipeline`:** - the `GITHUB_TOKEN` environment variable must be set if the GitHub provider is specified.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst codepipelineBucket = new aws.s3.Bucket(\"codepipeline_bucket\", {\n acl: \"private\",\n});\nconst codepipelineRole = new aws.iam.Role(\"codepipeline_role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"codepipeline.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n`,\n});\nconst codepipelinePolicy = new aws.iam.RolePolicy(\"codepipeline_policy\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\":\"Allow\",\n \"Action\": [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetBucketVersioning\",\n \"s3:PutObject\"\n ],\n \"Resource\": [\n \"${codepipelineBucket.arn}\",\n \"${codepipelineBucket.arn}/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"codebuild:BatchGetBuilds\",\n \"codebuild:StartBuild\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n role: codepipelineRole.id,\n});\nconst s3kmskey = pulumi.output(aws.kms.getAlias({\n name: \"alias/myKmsKey\",\n}, { async: true }));\nconst codepipeline = new aws.codepipeline.Pipeline(\"codepipeline\", {\n artifactStores: {\n encryptionKey: {\n id: s3kmskey.arn,\n type: \"KMS\",\n },\n location: codepipelineBucket.bucket,\n type: \"S3\",\n },\n roleArn: codepipelineRole.arn,\n stages: [\n {\n actions: [{\n category: \"Source\",\n configuration: {\n Branch: \"master\",\n Owner: \"my-organization\",\n Repo: \"test\",\n },\n name: \"Source\",\n outputArtifacts: [\"source_output\"],\n owner: \"ThirdParty\",\n provider: \"GitHub\",\n version: \"1\",\n }],\n name: \"Source\",\n },\n {\n actions: [{\n category: \"Build\",\n configuration: {\n ProjectName: \"test\",\n },\n inputArtifacts: [\"source_output\"],\n name: \"Build\",\n outputArtifacts: [\"build_output\"],\n owner: \"AWS\",\n provider: \"CodeBuild\",\n version: \"1\",\n }],\n name: \"Build\",\n },\n {\n actions: [{\n category: \"Deploy\",\n configuration: {\n ActionMode: \"REPLACE_ON_FAILURE\",\n Capabilities: \"CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM\",\n OutputFileName: \"CreateStackOutput.json\",\n StackName: \"MyStack\",\n TemplatePath: \"build_output::sam-templated.yaml\",\n },\n inputArtifacts: [\"build_output\"],\n name: \"Deploy\",\n owner: \"AWS\",\n provider: \"CloudFormation\",\n version: \"1\",\n }],\n name: \"Deploy\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncodepipeline_bucket = aws.s3.Bucket(\"codepipelineBucket\", acl=\"private\")\ncodepipeline_role = aws.iam.Role(\"codepipelineRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"codepipeline.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n\n\"\"\")\ncodepipeline_policy = aws.iam.RolePolicy(\"codepipelinePolicy\",\n policy=pulumi.Output.all(codepipeline_bucket.arn, codepipeline_bucket.arn).apply(lambda codepipelineBucketArn, codepipelineBucketArn1: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Effect\":\"Allow\",\n \"Action\": [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetBucketVersioning\",\n \"s3:PutObject\"\n ],\n \"Resource\": [\n \"{codepipeline_bucket_arn}\",\n \"{codepipeline_bucket_arn1}/*\"\n ]\n }},\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"codebuild:BatchGetBuilds\",\n \"codebuild:StartBuild\"\n ],\n \"Resource\": \"*\"\n }}\n ]\n}}\n\n\"\"\"),\n role=codepipeline_role.id)\ns3kmskey = aws.kms.get_alias(name=\"alias/myKmsKey\")\ncodepipeline = aws.codepipeline.Pipeline(\"codepipeline\",\n artifact_store={\n \"encryption_key\": {\n \"id\": s3kmskey.arn,\n \"type\": \"KMS\",\n },\n \"location\": codepipeline_bucket.bucket,\n \"type\": \"S3\",\n },\n role_arn=codepipeline_role.arn,\n stages=[\n {\n \"action\": [{\n \"category\": \"Source\",\n \"configuration\": {\n \"Branch\": \"master\",\n \"Owner\": \"my-organization\",\n \"Repo\": \"test\",\n },\n \"name\": \"Source\",\n \"outputArtifacts\": [\"source_output\"],\n \"owner\": \"ThirdParty\",\n \"provider\": \"GitHub\",\n \"version\": \"1\",\n }],\n \"name\": \"Source\",\n },\n {\n \"action\": [{\n \"category\": \"Build\",\n \"configuration\": {\n \"ProjectName\": \"test\",\n },\n \"inputArtifacts\": [\"source_output\"],\n \"name\": \"Build\",\n \"outputArtifacts\": [\"build_output\"],\n \"owner\": \"AWS\",\n \"provider\": \"CodeBuild\",\n \"version\": \"1\",\n }],\n \"name\": \"Build\",\n },\n {\n \"action\": [{\n \"category\": \"Deploy\",\n \"configuration\": {\n \"ActionMode\": \"REPLACE_ON_FAILURE\",\n \"Capabilities\": \"CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM\",\n \"OutputFileName\": \"CreateStackOutput.json\",\n \"StackName\": \"MyStack\",\n \"TemplatePath\": \"build_output::sam-templated.yaml\",\n },\n \"inputArtifacts\": [\"build_output\"],\n \"name\": \"Deploy\",\n \"owner\": \"AWS\",\n \"provider\": \"CloudFormation\",\n \"version\": \"1\",\n }],\n \"name\": \"Deploy\",\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var codepipelineBucket = new Aws.S3.Bucket(\"codepipelineBucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n });\n var codepipelineRole = new Aws.Iam.Role(\"codepipelineRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"codepipeline.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"sts:AssumeRole\"\"\n }\n ]\n}\n\n\",\n });\n var codepipelinePolicy = new Aws.Iam.RolePolicy(\"codepipelinePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = Output.Tuple(codepipelineBucket.Arn, codepipelineBucket.Arn).Apply(values =\u003e\n {\n var codepipelineBucketArn = values.Item1;\n var codepipelineBucketArn1 = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Effect\"\":\"\"Allow\"\",\n \"\"Action\"\": [\n \"\"s3:GetObject\"\",\n \"\"s3:GetObjectVersion\"\",\n \"\"s3:GetBucketVersioning\"\",\n \"\"s3:PutObject\"\"\n ],\n \"\"Resource\"\": [\n \"\"{codepipelineBucketArn}\"\",\n \"\"{codepipelineBucketArn1}/*\"\"\n ]\n }},\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"codebuild:BatchGetBuilds\"\",\n \"\"codebuild:StartBuild\"\"\n ],\n \"\"Resource\"\": \"\"*\"\"\n }}\n ]\n}}\n\n\";\n }),\n Role = codepipelineRole.Id,\n });\n var s3kmskey = Output.Create(Aws.Kms.GetAlias.InvokeAsync(new Aws.Kms.GetAliasArgs\n {\n Name = \"alias/myKmsKey\",\n }));\n var codepipeline = new Aws.CodePipeline.Pipeline(\"codepipeline\", new Aws.CodePipeline.PipelineArgs\n {\n ArtifactStore = new Aws.CodePipeline.Inputs.PipelineArtifactStoreArgs\n {\n EncryptionKey = new Aws.CodePipeline.Inputs.PipelineArtifactStoreEncryptionKeyArgs\n {\n Id = s3kmskey.Apply(s3kmskey =\u003e s3kmskey.Arn),\n Type = \"KMS\",\n },\n Location = codepipelineBucket.BucketName,\n Type = \"S3\",\n },\n RoleArn = codepipelineRole.Arn,\n Stages = \n {\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Action = \n {\n \n {\n { \"category\", \"Source\" },\n { \"configuration\", \n {\n { \"Branch\", \"master\" },\n { \"Owner\", \"my-organization\" },\n { \"Repo\", \"test\" },\n } },\n { \"name\", \"Source\" },\n { \"outputArtifacts\", \n {\n \"source_output\",\n } },\n { \"owner\", \"ThirdParty\" },\n { \"provider\", \"GitHub\" },\n { \"version\", \"1\" },\n },\n },\n Name = \"Source\",\n },\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Action = \n {\n \n {\n { \"category\", \"Build\" },\n { \"configuration\", \n {\n { \"ProjectName\", \"test\" },\n } },\n { \"inputArtifacts\", \n {\n \"source_output\",\n } },\n { \"name\", \"Build\" },\n { \"outputArtifacts\", \n {\n \"build_output\",\n } },\n { \"owner\", \"AWS\" },\n { \"provider\", \"CodeBuild\" },\n { \"version\", \"1\" },\n },\n },\n Name = \"Build\",\n },\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Action = \n {\n \n {\n { \"category\", \"Deploy\" },\n { \"configuration\", \n {\n { \"ActionMode\", \"REPLACE_ON_FAILURE\" },\n { \"Capabilities\", \"CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM\" },\n { \"OutputFileName\", \"CreateStackOutput.json\" },\n { \"StackName\", \"MyStack\" },\n { \"TemplatePath\", \"build_output::sam-templated.yaml\" },\n } },\n { \"inputArtifacts\", \n {\n \"build_output\",\n } },\n { \"name\", \"Deploy\" },\n { \"owner\", \"AWS\" },\n { \"provider\", \"CloudFormation\" },\n { \"version\", \"1\" },\n },\n },\n Name = \"Deploy\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codepipeline\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcodepipelineBucket, err := s3.NewBucket(ctx, \"codepipelineBucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcodepipelineRole, err := iam.NewRole(ctx, \"codepipelineRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"codepipeline.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"codepipelinePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.All(codepipelineBucket.Arn, codepipelineBucket.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tcodepipelineBucketArn := _args[0].(string)\n\t\t\t\tcodepipelineBucketArn1 := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\":\\\"Allow\\\",\\n\", \" \\\"Action\\\": [\\n\", \" \\\"s3:GetObject\\\",\\n\", \" \\\"s3:GetObjectVersion\\\",\\n\", \" \\\"s3:GetBucketVersioning\\\",\\n\", \" \\\"s3:PutObject\\\"\\n\", \" ],\\n\", \" \\\"Resource\\\": [\\n\", \" \\\"\", codepipelineBucketArn, \"\\\",\\n\", \" \\\"\", codepipelineBucketArn1, \"/*\\\"\\n\", \" ]\\n\", \" },\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Action\\\": [\\n\", \" \\\"codebuild:BatchGetBuilds\\\",\\n\", \" \\\"codebuild:StartBuild\\\"\\n\", \" ],\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRole: codepipelineRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ts3kmskey, err := kms.LookupAlias(ctx, \u0026kms.LookupAliasArgs{\n\t\t\tName: \"alias/myKmsKey\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codepipeline.NewPipeline(ctx, \"codepipeline\", \u0026codepipeline.PipelineArgs{\n\t\t\tArtifactStore: \u0026codepipeline.PipelineArtifactStoreArgs{\n\t\t\t\tEncryptionKey: \u0026codepipeline.PipelineArtifactStoreEncryptionKeyArgs{\n\t\t\t\t\tId: pulumi.String(s3kmskey.Arn),\n\t\t\t\t\tType: pulumi.String(\"KMS\"),\n\t\t\t\t},\n\t\t\t\tLocation: codepipelineBucket.Bucket,\n\t\t\t\tType: pulumi.String(\"S3\"),\n\t\t\t},\n\t\t\tRoleArn: codepipelineRole.Arn,\n\t\t\tStages: codepipeline.PipelineStageArray{\n\t\t\t\t\u0026codepipeline.PipelineStageArgs{\n\t\t\t\t\tAction: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"category\": pulumi.String(\"Source\"),\n\t\t\t\t\t\t\t\"configuration\": pulumi.Map{\n\t\t\t\t\t\t\t\t\"Branch\": pulumi.String(\"master\"),\n\t\t\t\t\t\t\t\t\"Owner\": pulumi.String(\"my-organization\"),\n\t\t\t\t\t\t\t\t\"Repo\": pulumi.String(\"test\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"name\": pulumi.String(\"Source\"),\n\t\t\t\t\t\t\t\"outputArtifacts\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"source_output\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"owner\": pulumi.String(\"ThirdParty\"),\n\t\t\t\t\t\t\t\"provider\": pulumi.String(\"GitHub\"),\n\t\t\t\t\t\t\t\"version\": pulumi.String(\"1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tName: pulumi.String(\"Source\"),\n\t\t\t\t},\n\t\t\t\t\u0026codepipeline.PipelineStageArgs{\n\t\t\t\t\tAction: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"category\": pulumi.String(\"Build\"),\n\t\t\t\t\t\t\t\"configuration\": pulumi.Map{\n\t\t\t\t\t\t\t\t\"ProjectName\": pulumi.String(\"test\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"inputArtifacts\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"source_output\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"name\": pulumi.String(\"Build\"),\n\t\t\t\t\t\t\t\"outputArtifacts\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"build_output\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"owner\": pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\t\"provider\": pulumi.String(\"CodeBuild\"),\n\t\t\t\t\t\t\t\"version\": pulumi.String(\"1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tName: pulumi.String(\"Build\"),\n\t\t\t\t},\n\t\t\t\t\u0026codepipeline.PipelineStageArgs{\n\t\t\t\t\tAction: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"category\": pulumi.String(\"Deploy\"),\n\t\t\t\t\t\t\t\"configuration\": pulumi.Map{\n\t\t\t\t\t\t\t\t\"ActionMode\": pulumi.String(\"REPLACE_ON_FAILURE\"),\n\t\t\t\t\t\t\t\t\"Capabilities\": pulumi.String(\"CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM\"),\n\t\t\t\t\t\t\t\t\"OutputFileName\": pulumi.String(\"CreateStackOutput.json\"),\n\t\t\t\t\t\t\t\t\"StackName\": pulumi.String(\"MyStack\"),\n\t\t\t\t\t\t\t\t\"TemplatePath\": pulumi.String(\"build_output::sam-templated.yaml\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"inputArtifacts\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"build_output\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"name\": pulumi.String(\"Deploy\"),\n\t\t\t\t\t\t\t\"owner\": pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\t\"provider\": pulumi.String(\"CloudFormation\"),\n\t\t\t\t\t\t\t\"version\": pulumi.String(\"1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tName: pulumi.String(\"Deploy\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The codepipeline ARN.\n" }, "artifactStore": { "$ref": "#/types/aws:codepipeline/PipelineArtifactStore:PipelineArtifactStore", "description": "One or more artifact_store blocks. Artifact stores are documented below.\n" }, "name": { "type": "string", "description": "The name of the pipeline.\n" }, "roleArn": { "type": "string", "description": "A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.\n" }, "stages": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineStage:PipelineStage" }, "description": "A stage block. Stages are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "artifactStore", "name", "roleArn", "stages" ], "inputProperties": { "artifactStore": { "$ref": "#/types/aws:codepipeline/PipelineArtifactStore:PipelineArtifactStore", "description": "One or more artifact_store blocks. Artifact stores are documented below.\n" }, "name": { "type": "string", "description": "The name of the pipeline.\n" }, "roleArn": { "type": "string", "description": "A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.\n" }, "stages": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineStage:PipelineStage" }, "description": "A stage block. Stages are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "artifactStore", "roleArn", "stages" ], "stateInputs": { "description": "Input properties used for looking up and filtering Pipeline resources.\n", "properties": { "arn": { "type": "string", "description": "The codepipeline ARN.\n" }, "artifactStore": { "$ref": "#/types/aws:codepipeline/PipelineArtifactStore:PipelineArtifactStore", "description": "One or more artifact_store blocks. Artifact stores are documented below.\n" }, "name": { "type": "string", "description": "The name of the pipeline.\n" }, "roleArn": { "type": "string", "description": "A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.\n" }, "stages": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineStage:PipelineStage" }, "description": "A stage block. Stages are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:codepipeline/webhook:Webhook": { "description": "Provides a CodePipeline Webhook.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as github from \"@pulumi/github\";\n\nconst barPipeline = new aws.codepipeline.Pipeline(\"bar\", {\n artifactStores: {\n encryptionKey: {\n id: aws_kms_alias_s3kmskey.arn,\n type: \"KMS\",\n },\n location: aws_s3_bucket_bar.bucket,\n type: \"S3\",\n },\n roleArn: aws_iam_role_bar.arn,\n stages: [\n {\n actions: [{\n category: \"Source\",\n configuration: {\n Branch: \"master\",\n Owner: \"my-organization\",\n Repo: \"test\",\n },\n name: \"Source\",\n outputArtifacts: [\"test\"],\n owner: \"ThirdParty\",\n provider: \"GitHub\",\n version: \"1\",\n }],\n name: \"Source\",\n },\n {\n actions: [{\n category: \"Build\",\n configuration: {\n ProjectName: \"test\",\n },\n inputArtifacts: [\"test\"],\n name: \"Build\",\n owner: \"AWS\",\n provider: \"CodeBuild\",\n version: \"1\",\n }],\n name: \"Build\",\n },\n ],\n});\nconst webhookSecret = \"super-secret\";\nconst barWebhook = new aws.codepipeline.Webhook(\"bar\", {\n authentication: \"GITHUB_HMAC\",\n authenticationConfiguration: {\n secretToken: webhookSecret,\n },\n filters: [{\n jsonPath: \"$.ref\",\n matchEquals: \"refs/heads/{Branch}\",\n }],\n targetAction: \"Source\",\n targetPipeline: barPipeline.name,\n});\n// Wire the CodePipeline webhook into a GitHub repository.\nconst barRepositoryWebhook = new github.RepositoryWebhook(\"bar\", {\n configuration: {\n contentType: \"json\",\n insecureSsl: true,\n secret: webhookSecret,\n url: barWebhook.url,\n },\n events: [\"push\"],\n repository: github_repository_repo.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_github as github\n\nbar_pipeline = aws.codepipeline.Pipeline(\"barPipeline\",\n artifact_store={\n \"encryption_key\": {\n \"id\": data[\"aws_kms_alias\"][\"s3kmskey\"][\"arn\"],\n \"type\": \"KMS\",\n },\n \"location\": aws_s3_bucket[\"bar\"][\"bucket\"],\n \"type\": \"S3\",\n },\n role_arn=aws_iam_role[\"bar\"][\"arn\"],\n stages=[\n {\n \"action\": [{\n \"category\": \"Source\",\n \"configuration\": {\n \"Branch\": \"master\",\n \"Owner\": \"my-organization\",\n \"Repo\": \"test\",\n },\n \"name\": \"Source\",\n \"outputArtifacts\": [\"test\"],\n \"owner\": \"ThirdParty\",\n \"provider\": \"GitHub\",\n \"version\": \"1\",\n }],\n \"name\": \"Source\",\n },\n {\n \"action\": [{\n \"category\": \"Build\",\n \"configuration\": {\n \"ProjectName\": \"test\",\n },\n \"inputArtifacts\": [\"test\"],\n \"name\": \"Build\",\n \"owner\": \"AWS\",\n \"provider\": \"CodeBuild\",\n \"version\": \"1\",\n }],\n \"name\": \"Build\",\n },\n ])\nwebhook_secret = \"super-secret\"\nbar_webhook = aws.codepipeline.Webhook(\"barWebhook\",\n authentication=\"GITHUB_HMAC\",\n authentication_configuration={\n \"secretToken\": webhook_secret,\n },\n filters=[{\n \"jsonPath\": \"$.ref\",\n \"matchEquals\": \"refs/heads/{Branch}\",\n }],\n target_action=\"Source\",\n target_pipeline=bar_pipeline.name)\n# Wire the CodePipeline webhook into a GitHub repository.\nbar_repository_webhook = github.RepositoryWebhook(\"barRepositoryWebhook\",\n configuration={\n \"contentType\": \"json\",\n \"insecureSsl\": True,\n \"secret\": webhook_secret,\n \"url\": bar_webhook.url,\n },\n events=[\"push\"],\n repository=github_repository[\"repo\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Github = Pulumi.Github;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var barPipeline = new Aws.CodePipeline.Pipeline(\"barPipeline\", new Aws.CodePipeline.PipelineArgs\n {\n ArtifactStore = new Aws.CodePipeline.Inputs.PipelineArtifactStoreArgs\n {\n EncryptionKey = new Aws.CodePipeline.Inputs.PipelineArtifactStoreEncryptionKeyArgs\n {\n Id = data.Aws_kms_alias.S3kmskey.Arn,\n Type = \"KMS\",\n },\n Location = aws_s3_bucket.Bar.Bucket,\n Type = \"S3\",\n },\n RoleArn = aws_iam_role.Bar.Arn,\n Stages = \n {\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Action = \n {\n \n {\n { \"category\", \"Source\" },\n { \"configuration\", \n {\n { \"Branch\", \"master\" },\n { \"Owner\", \"my-organization\" },\n { \"Repo\", \"test\" },\n } },\n { \"name\", \"Source\" },\n { \"outputArtifacts\", \n {\n \"test\",\n } },\n { \"owner\", \"ThirdParty\" },\n { \"provider\", \"GitHub\" },\n { \"version\", \"1\" },\n },\n },\n Name = \"Source\",\n },\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Action = \n {\n \n {\n { \"category\", \"Build\" },\n { \"configuration\", \n {\n { \"ProjectName\", \"test\" },\n } },\n { \"inputArtifacts\", \n {\n \"test\",\n } },\n { \"name\", \"Build\" },\n { \"owner\", \"AWS\" },\n { \"provider\", \"CodeBuild\" },\n { \"version\", \"1\" },\n },\n },\n Name = \"Build\",\n },\n },\n });\n var webhookSecret = \"super-secret\";\n var barWebhook = new Aws.CodePipeline.Webhook(\"barWebhook\", new Aws.CodePipeline.WebhookArgs\n {\n Authentication = \"GITHUB_HMAC\",\n AuthenticationConfiguration = new Aws.CodePipeline.Inputs.WebhookAuthenticationConfigurationArgs\n {\n SecretToken = webhookSecret,\n },\n Filters = \n {\n new Aws.CodePipeline.Inputs.WebhookFilterArgs\n {\n JsonPath = \"$.ref\",\n MatchEquals = \"refs/heads/{Branch}\",\n },\n },\n TargetAction = \"Source\",\n TargetPipeline = barPipeline.Name,\n });\n // Wire the CodePipeline webhook into a GitHub repository.\n var barRepositoryWebhook = new Github.RepositoryWebhook(\"barRepositoryWebhook\", new Github.RepositoryWebhookArgs\n {\n Configuration = new Github.Inputs.RepositoryWebhookConfigurationArgs\n {\n ContentType = \"json\",\n InsecureSsl = true,\n Secret = webhookSecret,\n Url = barWebhook.Url,\n },\n Events = \n {\n \"push\",\n },\n Repository = github_repository.Repo.Name,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "authentication": { "type": "string", "description": "The type of authentication to use. One of `IP`, `GITHUB_HMAC`, or `UNAUTHENTICATED`.\n" }, "authenticationConfiguration": { "$ref": "#/types/aws:codepipeline/WebhookAuthenticationConfiguration:WebhookAuthenticationConfiguration", "description": "An `auth` block. Required for `IP` and `GITHUB_HMAC`. Auth blocks are documented below.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/WebhookFilter:WebhookFilter" }, "description": "One or more `filter` blocks. Filter blocks are documented below.\n" }, "name": { "type": "string", "description": "The name of the webhook.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetAction": { "type": "string", "description": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.\n" }, "targetPipeline": { "type": "string", "description": "The name of the pipeline.\n" }, "url": { "type": "string", "description": "The CodePipeline webhook's URL. POST events to this endpoint to trigger the target.\n" } }, "required": [ "authentication", "filters", "name", "targetAction", "targetPipeline", "url" ], "inputProperties": { "authentication": { "type": "string", "description": "The type of authentication to use. One of `IP`, `GITHUB_HMAC`, or `UNAUTHENTICATED`.\n" }, "authenticationConfiguration": { "$ref": "#/types/aws:codepipeline/WebhookAuthenticationConfiguration:WebhookAuthenticationConfiguration", "description": "An `auth` block. Required for `IP` and `GITHUB_HMAC`. Auth blocks are documented below.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/WebhookFilter:WebhookFilter" }, "description": "One or more `filter` blocks. Filter blocks are documented below.\n" }, "name": { "type": "string", "description": "The name of the webhook.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetAction": { "type": "string", "description": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.\n" }, "targetPipeline": { "type": "string", "description": "The name of the pipeline.\n" } }, "requiredInputs": [ "authentication", "filters", "targetAction", "targetPipeline" ], "stateInputs": { "description": "Input properties used for looking up and filtering Webhook resources.\n", "properties": { "authentication": { "type": "string", "description": "The type of authentication to use. One of `IP`, `GITHUB_HMAC`, or `UNAUTHENTICATED`.\n" }, "authenticationConfiguration": { "$ref": "#/types/aws:codepipeline/WebhookAuthenticationConfiguration:WebhookAuthenticationConfiguration", "description": "An `auth` block. Required for `IP` and `GITHUB_HMAC`. Auth blocks are documented below.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/WebhookFilter:WebhookFilter" }, "description": "One or more `filter` blocks. Filter blocks are documented below.\n" }, "name": { "type": "string", "description": "The name of the webhook.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetAction": { "type": "string", "description": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.\n" }, "targetPipeline": { "type": "string", "description": "The name of the pipeline.\n" }, "url": { "type": "string", "description": "The CodePipeline webhook's URL. POST events to this endpoint to trigger the target.\n" } }, "type": "object" } }, "aws:codestarnotifications/notificationRule:NotificationRule": { "description": "Provides a CodeStar Notifications Rule.\n", "properties": { "arn": { "type": "string", "description": "The codestar notification rule ARN.\n" }, "detailType": { "type": "string", "description": "The level of detail to include in the notifications for this resource. Possible values are `BASIC` and `FULL`.\n" }, "eventTypeIds": { "type": "array", "items": { "type": "string" }, "description": "A list of event types associated with this notification rule.\nFor list of allowed events see [here](https://docs.aws.amazon.com/codestar-notifications/latest/userguide/concepts.html#concepts-api).\n" }, "name": { "type": "string", "description": "The name of notification rule.\n" }, "resource": { "type": "string", "description": "The ARN of the resource to associate with the notification rule.\n" }, "status": { "type": "string", "description": "The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:codestarnotifications/NotificationRuleTarget:NotificationRuleTarget" }, "description": "Configuration blocks containing notification target information. Can be specified multiple times. At least one target must be specified on creation.\n" } }, "required": [ "arn", "detailType", "eventTypeIds", "name", "resource" ], "inputProperties": { "detailType": { "type": "string", "description": "The level of detail to include in the notifications for this resource. Possible values are `BASIC` and `FULL`.\n" }, "eventTypeIds": { "type": "array", "items": { "type": "string" }, "description": "A list of event types associated with this notification rule.\nFor list of allowed events see [here](https://docs.aws.amazon.com/codestar-notifications/latest/userguide/concepts.html#concepts-api).\n" }, "name": { "type": "string", "description": "The name of notification rule.\n" }, "resource": { "type": "string", "description": "The ARN of the resource to associate with the notification rule.\n" }, "status": { "type": "string", "description": "The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:codestarnotifications/NotificationRuleTarget:NotificationRuleTarget" }, "description": "Configuration blocks containing notification target information. Can be specified multiple times. At least one target must be specified on creation.\n" } }, "requiredInputs": [ "detailType", "eventTypeIds", "resource" ], "stateInputs": { "description": "Input properties used for looking up and filtering NotificationRule resources.\n", "properties": { "arn": { "type": "string", "description": "The codestar notification rule ARN.\n" }, "detailType": { "type": "string", "description": "The level of detail to include in the notifications for this resource. Possible values are `BASIC` and `FULL`.\n" }, "eventTypeIds": { "type": "array", "items": { "type": "string" }, "description": "A list of event types associated with this notification rule.\nFor list of allowed events see [here](https://docs.aws.amazon.com/codestar-notifications/latest/userguide/concepts.html#concepts-api).\n" }, "name": { "type": "string", "description": "The name of notification rule.\n" }, "resource": { "type": "string", "description": "The ARN of the resource to associate with the notification rule.\n" }, "status": { "type": "string", "description": "The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:codestarnotifications/NotificationRuleTarget:NotificationRuleTarget" }, "description": "Configuration blocks containing notification target information. Can be specified multiple times. At least one target must be specified on creation.\n" } }, "type": "object" } }, "aws:cognito/identityPool:IdentityPool": { "description": "Provides an AWS Cognito Identity Pool.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as fs from \"fs\";\n\nconst defaultSamlProvider = new aws.iam.SamlProvider(\"default\", {\n samlMetadataDocument: fs.readFileSync(\"saml-metadata.xml\", \"utf-8\"),\n});\nconst main = new aws.cognito.IdentityPool(\"main\", {\n allowUnauthenticatedIdentities: false,\n cognitoIdentityProviders: [\n {\n clientId: \"6lhlkkfbfb4q5kpp90urffae\",\n providerName: \"cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ\",\n serverSideTokenCheck: false,\n },\n {\n clientId: \"7kodkvfqfb4qfkp39eurffae\",\n providerName: \"cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu\",\n serverSideTokenCheck: false,\n },\n ],\n identityPoolName: \"identity pool\",\n openidConnectProviderArns: [\"arn:aws:iam::123456789012:oidc-provider/foo.example.com\"],\n samlProviderArns: [defaultSamlProvider.arn],\n supportedLoginProviders: {\n \"accounts.google.com\": \"123456789012.apps.googleusercontent.com\",\n \"graph.facebook.com\": \"7346241598935552\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.iam.SamlProvider(\"default\", saml_metadata_document=(lambda path: open(path).read())(\"saml-metadata.xml\"))\nmain = aws.cognito.IdentityPool(\"main\",\n allow_unauthenticated_identities=False,\n cognito_identity_providers=[\n {\n \"client_id\": \"6lhlkkfbfb4q5kpp90urffae\",\n \"provider_name\": \"cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ\",\n \"serverSideTokenCheck\": False,\n },\n {\n \"client_id\": \"7kodkvfqfb4qfkp39eurffae\",\n \"provider_name\": \"cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu\",\n \"serverSideTokenCheck\": False,\n },\n ],\n identity_pool_name=\"identity pool\",\n openid_connect_provider_arns=[\"arn:aws:iam::123456789012:oidc-provider/foo.example.com\"],\n saml_provider_arns=[default.arn],\n supported_login_providers={\n \"accounts.google.com\": \"123456789012.apps.googleusercontent.com\",\n \"graph.facebook.com\": \"7346241598935552\",\n })\n```\n```csharp\nusing System.IO;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Iam.SamlProvider(\"default\", new Aws.Iam.SamlProviderArgs\n {\n SamlMetadataDocument = File.ReadAllText(\"saml-metadata.xml\"),\n });\n var main = new Aws.Cognito.IdentityPool(\"main\", new Aws.Cognito.IdentityPoolArgs\n {\n AllowUnauthenticatedIdentities = false,\n CognitoIdentityProviders = \n {\n new Aws.Cognito.Inputs.IdentityPoolCognitoIdentityProviderArgs\n {\n ClientId = \"6lhlkkfbfb4q5kpp90urffae\",\n ProviderName = \"cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ\",\n ServerSideTokenCheck = false,\n },\n new Aws.Cognito.Inputs.IdentityPoolCognitoIdentityProviderArgs\n {\n ClientId = \"7kodkvfqfb4qfkp39eurffae\",\n ProviderName = \"cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu\",\n ServerSideTokenCheck = false,\n },\n },\n IdentityPoolName = \"identity pool\",\n OpenidConnectProviderArns = \n {\n \"arn:aws:iam::123456789012:oidc-provider/foo.example.com\",\n },\n SamlProviderArns = \n {\n @default.Arn,\n },\n SupportedLoginProviders = \n {\n { \"accounts.google.com\", \"123456789012.apps.googleusercontent.com\" },\n { \"graph.facebook.com\", \"7346241598935552\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowUnauthenticatedIdentities": { "type": "boolean", "description": "Whether the identity pool supports unauthenticated logins or not.\n" }, "arn": { "type": "string", "description": "The ARN of the identity pool.\n" }, "cognitoIdentityProviders": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolCognitoIdentityProvider:IdentityPoolCognitoIdentityProvider" }, "description": "An array of Amazon Cognito Identity user pools and their client IDs.\n" }, "developerProviderName": { "type": "string", "description": "The \"domain\" by which Cognito will refer to your users. This name acts as a placeholder that allows your\nbackend and the Cognito service to communicate about the developer provider.\n" }, "identityPoolName": { "type": "string", "description": "The Cognito Identity Pool name.\n" }, "openidConnectProviderArns": { "type": "array", "items": { "type": "string" }, "description": "A list of OpendID Connect provider ARNs.\n" }, "samlProviderArns": { "type": "array", "items": { "type": "string" }, "description": "An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.\n" }, "supportedLoginProviders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-Value pairs mapping provider names to provider app IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Identity Pool.\n" } }, "required": [ "arn", "identityPoolName" ], "inputProperties": { "allowUnauthenticatedIdentities": { "type": "boolean", "description": "Whether the identity pool supports unauthenticated logins or not.\n" }, "cognitoIdentityProviders": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolCognitoIdentityProvider:IdentityPoolCognitoIdentityProvider" }, "description": "An array of Amazon Cognito Identity user pools and their client IDs.\n" }, "developerProviderName": { "type": "string", "description": "The \"domain\" by which Cognito will refer to your users. This name acts as a placeholder that allows your\nbackend and the Cognito service to communicate about the developer provider.\n" }, "identityPoolName": { "type": "string", "description": "The Cognito Identity Pool name.\n" }, "openidConnectProviderArns": { "type": "array", "items": { "type": "string" }, "description": "A list of OpendID Connect provider ARNs.\n" }, "samlProviderArns": { "type": "array", "items": { "type": "string" }, "description": "An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.\n" }, "supportedLoginProviders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-Value pairs mapping provider names to provider app IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Identity Pool.\n" } }, "requiredInputs": [ "identityPoolName" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityPool resources.\n", "properties": { "allowUnauthenticatedIdentities": { "type": "boolean", "description": "Whether the identity pool supports unauthenticated logins or not.\n" }, "arn": { "type": "string", "description": "The ARN of the identity pool.\n" }, "cognitoIdentityProviders": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolCognitoIdentityProvider:IdentityPoolCognitoIdentityProvider" }, "description": "An array of Amazon Cognito Identity user pools and their client IDs.\n" }, "developerProviderName": { "type": "string", "description": "The \"domain\" by which Cognito will refer to your users. This name acts as a placeholder that allows your\nbackend and the Cognito service to communicate about the developer provider.\n" }, "identityPoolName": { "type": "string", "description": "The Cognito Identity Pool name.\n" }, "openidConnectProviderArns": { "type": "array", "items": { "type": "string" }, "description": "A list of OpendID Connect provider ARNs.\n" }, "samlProviderArns": { "type": "array", "items": { "type": "string" }, "description": "An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.\n" }, "supportedLoginProviders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-Value pairs mapping provider names to provider app IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Identity Pool.\n" } }, "type": "object" } }, "aws:cognito/identityPoolRoleAttachment:IdentityPoolRoleAttachment": { "description": "Provides an AWS Cognito Identity Pool Roles Attachment.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainIdentityPool = new aws.cognito.IdentityPool(\"main\", {\n allowUnauthenticatedIdentities: false,\n identityPoolName: \"identity pool\",\n supportedLoginProviders: {\n \"graph.facebook.com\": \"7346241598935555\",\n },\n});\nconst authenticatedRole = new aws.iam.Role(\"authenticated\", {\n assumeRolePolicy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Federated\": \"cognito-identity.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRoleWithWebIdentity\",\n \"Condition\": {\n \"StringEquals\": {\n \"cognito-identity.amazonaws.com:aud\": \"${mainIdentityPool.id}\"\n },\n \"ForAnyValue:StringLike\": {\n \"cognito-identity.amazonaws.com:amr\": \"authenticated\"\n }\n }\n }\n ]\n}\n`,\n});\nconst authenticatedRolePolicy = new aws.iam.RolePolicy(\"authenticated\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"mobileanalytics:PutEvents\",\n \"cognito-sync:*\",\n \"cognito-identity:*\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n`,\n role: authenticatedRole.id,\n});\nconst mainIdentityPoolRoleAttachment = new aws.cognito.IdentityPoolRoleAttachment(\"main\", {\n identityPoolId: mainIdentityPool.id,\n roleMappings: [{\n ambiguousRoleResolution: \"AuthenticatedRole\",\n identityProvider: \"graph.facebook.com\",\n mappingRules: [{\n claim: \"isAdmin\",\n matchType: \"Equals\",\n roleArn: authenticatedRole.arn,\n value: \"paid\",\n }],\n type: \"Rules\",\n }],\n roles: {\n authenticated: authenticatedRole.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain_identity_pool = aws.cognito.IdentityPool(\"mainIdentityPool\",\n allow_unauthenticated_identities=False,\n identity_pool_name=\"identity pool\",\n supported_login_providers={\n \"graph.facebook.com\": \"7346241598935555\",\n })\nauthenticated_role = aws.iam.Role(\"authenticatedRole\", assume_role_policy=main_identity_pool.id.apply(lambda id: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Effect\": \"Allow\",\n \"Principal\": {{\n \"Federated\": \"cognito-identity.amazonaws.com\"\n }},\n \"Action\": \"sts:AssumeRoleWithWebIdentity\",\n \"Condition\": {{\n \"StringEquals\": {{\n \"cognito-identity.amazonaws.com:aud\": \"{id}\"\n }},\n \"ForAnyValue:StringLike\": {{\n \"cognito-identity.amazonaws.com:amr\": \"authenticated\"\n }}\n }}\n }}\n ]\n}}\n\n\"\"\"))\nauthenticated_role_policy = aws.iam.RolePolicy(\"authenticatedRolePolicy\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"mobileanalytics:PutEvents\",\n \"cognito-sync:*\",\n \"cognito-identity:*\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n\n\"\"\",\n role=authenticated_role.id)\nmain_identity_pool_role_attachment = aws.cognito.IdentityPoolRoleAttachment(\"mainIdentityPoolRoleAttachment\",\n identity_pool_id=main_identity_pool.id,\n role_mappings=[{\n \"ambiguousRoleResolution\": \"AuthenticatedRole\",\n \"identity_provider\": \"graph.facebook.com\",\n \"mappingRule\": [{\n \"claim\": \"isAdmin\",\n \"matchType\": \"Equals\",\n \"role_arn\": authenticated_role.arn,\n \"value\": \"paid\",\n }],\n \"type\": \"Rules\",\n }],\n roles={\n \"authenticated\": authenticated_role.arn,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mainIdentityPool = new Aws.Cognito.IdentityPool(\"mainIdentityPool\", new Aws.Cognito.IdentityPoolArgs\n {\n AllowUnauthenticatedIdentities = false,\n IdentityPoolName = \"identity pool\",\n SupportedLoginProviders = \n {\n { \"graph.facebook.com\", \"7346241598935555\" },\n },\n });\n var authenticatedRole = new Aws.Iam.Role(\"authenticatedRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = mainIdentityPool.Id.Apply(id =\u003e @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {{\n \"\"Federated\"\": \"\"cognito-identity.amazonaws.com\"\"\n }},\n \"\"Action\"\": \"\"sts:AssumeRoleWithWebIdentity\"\",\n \"\"Condition\"\": {{\n \"\"StringEquals\"\": {{\n \"\"cognito-identity.amazonaws.com:aud\"\": \"\"{id}\"\"\n }},\n \"\"ForAnyValue:StringLike\"\": {{\n \"\"cognito-identity.amazonaws.com:amr\"\": \"\"authenticated\"\"\n }}\n }}\n }}\n ]\n}}\n\n\"),\n });\n var authenticatedRolePolicy = new Aws.Iam.RolePolicy(\"authenticatedRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"mobileanalytics:PutEvents\"\",\n \"\"cognito-sync:*\"\",\n \"\"cognito-identity:*\"\"\n ],\n \"\"Resource\"\": [\n \"\"*\"\"\n ]\n }\n ]\n}\n\n\",\n Role = authenticatedRole.Id,\n });\n var mainIdentityPoolRoleAttachment = new Aws.Cognito.IdentityPoolRoleAttachment(\"mainIdentityPoolRoleAttachment\", new Aws.Cognito.IdentityPoolRoleAttachmentArgs\n {\n IdentityPoolId = mainIdentityPool.Id,\n RoleMappings = \n {\n new Aws.Cognito.Inputs.IdentityPoolRoleAttachmentRoleMappingArgs\n {\n AmbiguousRoleResolution = \"AuthenticatedRole\",\n IdentityProvider = \"graph.facebook.com\",\n MappingRule = \n {\n \n {\n { \"claim\", \"isAdmin\" },\n { \"matchType\", \"Equals\" },\n { \"roleArn\", authenticatedRole.Arn },\n { \"value\", \"paid\" },\n },\n },\n Type = \"Rules\",\n },\n },\n Roles = \n {\n { \"authenticated\", authenticatedRole.Arn },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainIdentityPool, err := cognito.NewIdentityPool(ctx, \"mainIdentityPool\", \u0026cognito.IdentityPoolArgs{\n\t\t\tAllowUnauthenticatedIdentities: pulumi.Bool(false),\n\t\t\tIdentityPoolName: pulumi.String(\"identity pool\"),\n\t\t\tSupportedLoginProviders: pulumi.Map{\n\t\t\t\t\"graph.facebook.com\": pulumi.String(\"7346241598935555\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tauthenticatedRole, err := iam.NewRole(ctx, \"authenticatedRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: mainIdentityPool.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Federated\\\": \\\"cognito-identity.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"sts:AssumeRoleWithWebIdentity\\\",\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"StringEquals\\\": {\\n\", \" \\\"cognito-identity.amazonaws.com:aud\\\": \\\"\", id, \"\\\"\\n\", \" },\\n\", \" \\\"ForAnyValue:StringLike\\\": {\\n\", \" \\\"cognito-identity.amazonaws.com:amr\\\": \\\"authenticated\\\"\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"authenticatedRolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Action\\\": [\\n\", \" \\\"mobileanalytics:PutEvents\\\",\\n\", \" \\\"cognito-sync:*\\\",\\n\", \" \\\"cognito-identity:*\\\"\\n\", \" ],\\n\", \" \\\"Resource\\\": [\\n\", \" \\\"*\\\"\\n\", \" ]\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRole: authenticatedRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewIdentityPoolRoleAttachment(ctx, \"mainIdentityPoolRoleAttachment\", \u0026cognito.IdentityPoolRoleAttachmentArgs{\n\t\t\tIdentityPoolId: mainIdentityPool.ID(),\n\t\t\tRoleMappings: cognito.IdentityPoolRoleAttachmentRoleMappingArray{\n\t\t\t\t\u0026cognito.IdentityPoolRoleAttachmentRoleMappingArgs{\n\t\t\t\t\tAmbiguousRoleResolution: pulumi.String(\"AuthenticatedRole\"),\n\t\t\t\t\tIdentityProvider: pulumi.String(\"graph.facebook.com\"),\n\t\t\t\t\tMappingRule: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"claim\": pulumi.String(\"isAdmin\"),\n\t\t\t\t\t\t\t\"matchType\": pulumi.String(\"Equals\"),\n\t\t\t\t\t\t\t\"roleArn\": authenticatedRole.Arn,\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"paid\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"Rules\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRoles: pulumi.Map{\n\t\t\t\t\"authenticated\": authenticatedRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "identityPoolId": { "type": "string", "description": "An identity pool ID in the format REGION:GUID.\n" }, "roleMappings": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolRoleAttachmentRoleMapping:IdentityPoolRoleAttachmentRoleMapping" }, "description": "A List of Role Mapping.\n" }, "roles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of roles associated with this pool. For a given role, the key will be either \"authenticated\" or \"unauthenticated\" and the value will be the Role ARN.\n" } }, "required": [ "identityPoolId", "roles" ], "inputProperties": { "identityPoolId": { "type": "string", "description": "An identity pool ID in the format REGION:GUID.\n" }, "roleMappings": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolRoleAttachmentRoleMapping:IdentityPoolRoleAttachmentRoleMapping" }, "description": "A List of Role Mapping.\n" }, "roles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of roles associated with this pool. For a given role, the key will be either \"authenticated\" or \"unauthenticated\" and the value will be the Role ARN.\n" } }, "requiredInputs": [ "identityPoolId", "roles" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityPoolRoleAttachment resources.\n", "properties": { "identityPoolId": { "type": "string", "description": "An identity pool ID in the format REGION:GUID.\n" }, "roleMappings": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolRoleAttachmentRoleMapping:IdentityPoolRoleAttachmentRoleMapping" }, "description": "A List of Role Mapping.\n" }, "roles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of roles associated with this pool. For a given role, the key will be either \"authenticated\" or \"unauthenticated\" and the value will be the Role ARN.\n" } }, "type": "object" } }, "aws:cognito/identityProvider:IdentityProvider": { "description": "Provides a Cognito User Identity Provider resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cognito.UserPool(\"example\", {\n autoVerifiedAttributes: [\"email\"],\n});\nconst exampleProvider = new aws.cognito.IdentityProvider(\"example_provider\", {\n attributeMapping: {\n email: \"email\",\n username: \"sub\",\n },\n providerDetails: {\n authorize_scopes: \"email\",\n client_id: \"your client_id\",\n client_secret: \"your client_secret\",\n },\n providerName: \"Google\",\n providerType: \"Google\",\n userPoolId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.UserPool(\"example\", auto_verified_attributes=[\"email\"])\nexample_provider = aws.cognito.IdentityProvider(\"exampleProvider\",\n attribute_mapping={\n \"email\": \"email\",\n \"username\": \"sub\",\n },\n provider_details={\n \"authorize_scopes\": \"email\",\n \"client_id\": \"your client_id\",\n \"client_secret\": \"your client_secret\",\n },\n provider_name=\"Google\",\n provider_type=\"Google\",\n user_pool_id=example.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Cognito.UserPool(\"example\", new Aws.Cognito.UserPoolArgs\n {\n AutoVerifiedAttributes = \n {\n \"email\",\n },\n });\n var exampleProvider = new Aws.Cognito.IdentityProvider(\"exampleProvider\", new Aws.Cognito.IdentityProviderArgs\n {\n AttributeMapping = \n {\n { \"email\", \"email\" },\n { \"username\", \"sub\" },\n },\n ProviderDetails = \n {\n { \"authorize_scopes\", \"email\" },\n { \"client_id\", \"your client_id\" },\n { \"client_secret\", \"your client_secret\" },\n },\n ProviderName = \"Google\",\n ProviderType = \"Google\",\n UserPoolId = example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tAutoVerifiedAttributes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"email\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewIdentityProvider(ctx, \"exampleProvider\", \u0026cognito.IdentityProviderArgs{\n\t\t\tAttributeMapping: pulumi.Map{\n\t\t\t\t\"email\": pulumi.String(\"email\"),\n\t\t\t\t\"username\": pulumi.String(\"sub\"),\n\t\t\t},\n\t\t\tProviderDetails: pulumi.Map{\n\t\t\t\t\"authorize_scopes\": pulumi.String(\"email\"),\n\t\t\t\t\"client_id\": pulumi.String(\"your client_id\"),\n\t\t\t\t\"client_secret\": pulumi.String(\"your client_secret\"),\n\t\t\t},\n\t\t\tProviderName: pulumi.String(\"Google\"),\n\t\t\tProviderType: pulumi.String(\"Google\"),\n\t\t\tUserPoolId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "attributeMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of attribute mapping of user pool attributes. [AttributeMapping in AWS API documentation](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-AttributeMapping)\n" }, "idpIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "The list of identity providers.\n" }, "providerDetails": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of identity details, such as access token\n" }, "providerName": { "type": "string", "description": "The provider name\n" }, "providerType": { "type": "string", "description": "The provider type. [See AWS API for valid values](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-ProviderType)\n" }, "userPoolId": { "type": "string", "description": "The user pool id\n" } }, "required": [ "attributeMapping", "providerDetails", "providerName", "providerType", "userPoolId" ], "inputProperties": { "attributeMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of attribute mapping of user pool attributes. [AttributeMapping in AWS API documentation](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-AttributeMapping)\n" }, "idpIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "The list of identity providers.\n" }, "providerDetails": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of identity details, such as access token\n" }, "providerName": { "type": "string", "description": "The provider name\n" }, "providerType": { "type": "string", "description": "The provider type. [See AWS API for valid values](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-ProviderType)\n" }, "userPoolId": { "type": "string", "description": "The user pool id\n" } }, "requiredInputs": [ "providerDetails", "providerName", "providerType", "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityProvider resources.\n", "properties": { "attributeMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of attribute mapping of user pool attributes. [AttributeMapping in AWS API documentation](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-AttributeMapping)\n" }, "idpIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "The list of identity providers.\n" }, "providerDetails": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of identity details, such as access token\n" }, "providerName": { "type": "string", "description": "The provider name\n" }, "providerType": { "type": "string", "description": "The provider type. [See AWS API for valid values](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-ProviderType)\n" }, "userPoolId": { "type": "string", "description": "The user pool id\n" } }, "type": "object" } }, "aws:cognito/resourceServer:ResourceServer": { "description": "Provides a Cognito Resource Server.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Create a basic resource server\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst resource = new aws.cognito.ResourceServer(\"resource\", {\n identifier: \"https://example.com\",\n userPoolId: pool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\")\nresource = aws.cognito.ResourceServer(\"resource\",\n identifier=\"https://example.com\",\n user_pool_id=pool.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var resource = new Aws.Cognito.ResourceServer(\"resource\", new Aws.Cognito.ResourceServerArgs\n {\n Identifier = \"https://example.com\",\n UserPoolId = pool.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewResourceServer(ctx, \"resource\", \u0026cognito.ResourceServerArgs{\n\t\t\tIdentifier: pulumi.String(\"https://example.com\"),\n\t\t\tUserPoolId: pool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Create a resource server with sample-scope\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst resource = new aws.cognito.ResourceServer(\"resource\", {\n identifier: \"https://example.com\",\n scopes: [{\n scopeDescription: \"a Sample Scope Description\",\n scopeName: \"sample-scope\",\n }],\n userPoolId: pool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\")\nresource = aws.cognito.ResourceServer(\"resource\",\n identifier=\"https://example.com\",\n scopes=[{\n \"scopeDescription\": \"a Sample Scope Description\",\n \"scopeName\": \"sample-scope\",\n }],\n user_pool_id=pool.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var resource = new Aws.Cognito.ResourceServer(\"resource\", new Aws.Cognito.ResourceServerArgs\n {\n Identifier = \"https://example.com\",\n Scopes = \n {\n new Aws.Cognito.Inputs.ResourceServerScopeArgs\n {\n ScopeDescription = \"a Sample Scope Description\",\n ScopeName = \"sample-scope\",\n },\n },\n UserPoolId = pool.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewResourceServer(ctx, \"resource\", \u0026cognito.ResourceServerArgs{\n\t\t\tIdentifier: pulumi.String(\"https://example.com\"),\n\t\t\tScopes: cognito.ResourceServerScopeArray{\n\t\t\t\t\u0026cognito.ResourceServerScopeArgs{\n\t\t\t\t\tScopeDescription: pulumi.String(\"a Sample Scope Description\"),\n\t\t\t\t\tScopeName: pulumi.String(\"sample-scope\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tUserPoolId: pool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "identifier": { "type": "string", "description": "An identifier for the resource server.\n" }, "name": { "type": "string", "description": "A name for the resource server.\n" }, "scopeIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "A list of all scopes configured for this resource server in the format identifier/scope_name.\n" }, "scopes": { "type": "array", "items": { "$ref": "#/types/aws:cognito/ResourceServerScope:ResourceServerScope" }, "description": "A list of Authorization Scope.\n" }, "userPoolId": { "type": "string" } }, "required": [ "identifier", "name", "scopeIdentifiers", "userPoolId" ], "inputProperties": { "identifier": { "type": "string", "description": "An identifier for the resource server.\n" }, "name": { "type": "string", "description": "A name for the resource server.\n" }, "scopes": { "type": "array", "items": { "$ref": "#/types/aws:cognito/ResourceServerScope:ResourceServerScope" }, "description": "A list of Authorization Scope.\n" }, "userPoolId": { "type": "string" } }, "requiredInputs": [ "identifier", "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceServer resources.\n", "properties": { "identifier": { "type": "string", "description": "An identifier for the resource server.\n" }, "name": { "type": "string", "description": "A name for the resource server.\n" }, "scopeIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "A list of all scopes configured for this resource server in the format identifier/scope_name.\n" }, "scopes": { "type": "array", "items": { "$ref": "#/types/aws:cognito/ResourceServerScope:ResourceServerScope" }, "description": "A list of Authorization Scope.\n" }, "userPoolId": { "type": "string" } }, "type": "object" } }, "aws:cognito/userGroup:UserGroup": { "description": "Provides a Cognito User Group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainUserPool = new aws.cognito.UserPool(\"main\", {});\nconst groupRole = new aws.iam.Role(\"group_role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Federated\": \"cognito-identity.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRoleWithWebIdentity\",\n \"Condition\": {\n \"StringEquals\": {\n \"cognito-identity.amazonaws.com:aud\": \"us-east-1:12345678-dead-beef-cafe-123456790ab\"\n },\n \"ForAnyValue:StringLike\": {\n \"cognito-identity.amazonaws.com:amr\": \"authenticated\"\n }\n }\n }\n ]\n}\n`,\n});\nconst mainUserGroup = new aws.cognito.UserGroup(\"main\", {\n description: \"Managed by Pulumi\",\n precedence: 42,\n roleArn: groupRole.arn,\n userPoolId: mainUserPool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain_user_pool = aws.cognito.UserPool(\"mainUserPool\")\ngroup_role = aws.iam.Role(\"groupRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Federated\": \"cognito-identity.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRoleWithWebIdentity\",\n \"Condition\": {\n \"StringEquals\": {\n \"cognito-identity.amazonaws.com:aud\": \"us-east-1:12345678-dead-beef-cafe-123456790ab\"\n },\n \"ForAnyValue:StringLike\": {\n \"cognito-identity.amazonaws.com:amr\": \"authenticated\"\n }\n }\n }\n ]\n}\n\n\"\"\")\nmain_user_group = aws.cognito.UserGroup(\"mainUserGroup\",\n description=\"Managed by Pulumi\",\n precedence=42,\n role_arn=group_role.arn,\n user_pool_id=main_user_pool.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mainUserPool = new Aws.Cognito.UserPool(\"mainUserPool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var groupRole = new Aws.Iam.Role(\"groupRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Sid\"\": \"\"\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Federated\"\": \"\"cognito-identity.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"sts:AssumeRoleWithWebIdentity\"\",\n \"\"Condition\"\": {\n \"\"StringEquals\"\": {\n \"\"cognito-identity.amazonaws.com:aud\"\": \"\"us-east-1:12345678-dead-beef-cafe-123456790ab\"\"\n },\n \"\"ForAnyValue:StringLike\"\": {\n \"\"cognito-identity.amazonaws.com:amr\"\": \"\"authenticated\"\"\n }\n }\n }\n ]\n}\n\n\",\n });\n var mainUserGroup = new Aws.Cognito.UserGroup(\"mainUserGroup\", new Aws.Cognito.UserGroupArgs\n {\n Description = \"Managed by Pulumi\",\n Precedence = 42,\n RoleArn = groupRole.Arn,\n UserPoolId = mainUserPool.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainUserPool, err := cognito.NewUserPool(ctx, \"mainUserPool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupRole, err := iam.NewRole(ctx, \"groupRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Federated\\\": \\\"cognito-identity.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"sts:AssumeRoleWithWebIdentity\\\",\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"StringEquals\\\": {\\n\", \" \\\"cognito-identity.amazonaws.com:aud\\\": \\\"us-east-1:12345678-dead-beef-cafe-123456790ab\\\"\\n\", \" },\\n\", \" \\\"ForAnyValue:StringLike\\\": {\\n\", \" \\\"cognito-identity.amazonaws.com:amr\\\": \\\"authenticated\\\"\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserGroup(ctx, \"mainUserGroup\", \u0026cognito.UserGroupArgs{\n\t\t\tDescription: pulumi.String(\"Managed by Pulumi\"),\n\t\t\tPrecedence: pulumi.Int(42),\n\t\t\tRoleArn: groupRole.Arn,\n\t\t\tUserPoolId: mainUserPool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "The description of the user group.\n" }, "name": { "type": "string", "description": "The name of the user group.\n" }, "precedence": { "type": "integer", "description": "The precedence of the user group.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be associated with the user group.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n" } }, "required": [ "name", "userPoolId" ], "inputProperties": { "description": { "type": "string", "description": "The description of the user group.\n" }, "name": { "type": "string", "description": "The name of the user group.\n" }, "precedence": { "type": "integer", "description": "The precedence of the user group.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be associated with the user group.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n" } }, "requiredInputs": [ "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserGroup resources.\n", "properties": { "description": { "type": "string", "description": "The description of the user group.\n" }, "name": { "type": "string", "description": "The name of the user group.\n" }, "precedence": { "type": "integer", "description": "The precedence of the user group.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be associated with the user group.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n" } }, "type": "object" } }, "aws:cognito/userPool:UserPool": { "description": "Provides a Cognito User Pool resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic configuration\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "adminCreateUserConfig": { "$ref": "#/types/aws:cognito/UserPoolAdminCreateUserConfig:UserPoolAdminCreateUserConfig", "description": "The configuration for AdminCreateUser requests.\n" }, "aliasAttributes": { "type": "array", "items": { "type": "string" }, "description": "Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with `username_attributes`.\n" }, "arn": { "type": "string", "description": "The ARN of the user pool.\n" }, "autoVerifiedAttributes": { "type": "array", "items": { "type": "string" }, "description": "The attributes to be auto-verified. Possible values: email, phone_number.\n" }, "creationDate": { "type": "string", "description": "The date the user pool was created.\n" }, "deviceConfiguration": { "$ref": "#/types/aws:cognito/UserPoolDeviceConfiguration:UserPoolDeviceConfiguration", "description": "The configuration for the user pool's device tracking.\n" }, "emailConfiguration": { "$ref": "#/types/aws:cognito/UserPoolEmailConfiguration:UserPoolEmailConfiguration", "description": "The Email Configuration.\n" }, "emailVerificationMessage": { "type": "string", "description": "A string representing the email verification message. Conflicts with `verification_message_template` configuration block `email_message` argument.\n" }, "emailVerificationSubject": { "type": "string", "description": "A string representing the email verification subject. Conflicts with `verification_message_template` configuration block `email_subject` argument.\n" }, "endpoint": { "type": "string", "description": "The endpoint name of the user pool. Example format: cognito-idp.REGION.amazonaws.com/xxxx_yyyyy\n" }, "lambdaConfig": { "$ref": "#/types/aws:cognito/UserPoolLambdaConfig:UserPoolLambdaConfig", "description": "A container for the AWS Lambda triggers associated with the user pool.\n" }, "lastModifiedDate": { "type": "string", "description": "The date the user pool was last modified.\n" }, "mfaConfiguration": { "type": "string", "description": "Multi-Factor Authentication (MFA) configuration for the User Pool. Defaults of `OFF`. Valid values:\n" }, "name": { "type": "string", "description": "The name of the attribute.\n" }, "passwordPolicy": { "$ref": "#/types/aws:cognito/UserPoolPasswordPolicy:UserPoolPasswordPolicy", "description": "A container for information about the user pool password policy.\n" }, "schemas": { "type": "array", "items": { "$ref": "#/types/aws:cognito/UserPoolSchema:UserPoolSchema" }, "description": "A container with the schema attributes of a user pool. Schema attributes from the [standard attribute set](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#cognito-user-pools-standard-attributes) only need to be specified if they are different from the default configuration. Maximum of 50 attributes.\n" }, "smsAuthenticationMessage": { "type": "string", "description": "A string representing the SMS authentication message. The message must contain the `{####}` placeholder, which will be replaced with the code.\n" }, "smsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSmsConfiguration:UserPoolSmsConfiguration", "description": "Configuration block for Short Message Service (SMS) settings. Detailed below. These settings apply to SMS user verification and SMS Multi-Factor Authentication (MFA). Due to Cognito API restrictions, the SMS configuration cannot be removed without recreating the Cognito User Pool. For user data safety, this resource will ignore the removal of this configuration by disabling drift detection. To force resource recreation after this configuration has been applied, see the [`up` command and use --replace](https://www.pulumi.com/docs/reference/cli/pulumi_up/).\n" }, "smsVerificationMessage": { "type": "string", "description": "A string representing the SMS verification message. Conflicts with `verification_message_template` configuration block `sms_message` argument.\n" }, "softwareTokenMfaConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSoftwareTokenMfaConfiguration:UserPoolSoftwareTokenMfaConfiguration", "description": "Configuration block for software token Mult-Factor Authentication (MFA) settings. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the User Pool.\n" }, "userPoolAddOns": { "$ref": "#/types/aws:cognito/UserPoolUserPoolAddOns:UserPoolUserPoolAddOns", "description": "Configuration block for user pool add-ons to enable user pool advanced security mode features.\n" }, "usernameAttributes": { "type": "array", "items": { "type": "string" }, "description": "Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with `alias_attributes`.\n" }, "usernameConfiguration": { "$ref": "#/types/aws:cognito/UserPoolUsernameConfiguration:UserPoolUsernameConfiguration", "description": "The Username Configuration.\n" }, "verificationMessageTemplate": { "$ref": "#/types/aws:cognito/UserPoolVerificationMessageTemplate:UserPoolVerificationMessageTemplate", "description": "The verification message templates configuration.\n" } }, "required": [ "adminCreateUserConfig", "arn", "creationDate", "emailVerificationMessage", "emailVerificationSubject", "endpoint", "lambdaConfig", "lastModifiedDate", "name", "passwordPolicy", "smsConfiguration", "smsVerificationMessage", "verificationMessageTemplate" ], "inputProperties": { "adminCreateUserConfig": { "$ref": "#/types/aws:cognito/UserPoolAdminCreateUserConfig:UserPoolAdminCreateUserConfig", "description": "The configuration for AdminCreateUser requests.\n" }, "aliasAttributes": { "type": "array", "items": { "type": "string" }, "description": "Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with `username_attributes`.\n" }, "autoVerifiedAttributes": { "type": "array", "items": { "type": "string" }, "description": "The attributes to be auto-verified. Possible values: email, phone_number.\n" }, "deviceConfiguration": { "$ref": "#/types/aws:cognito/UserPoolDeviceConfiguration:UserPoolDeviceConfiguration", "description": "The configuration for the user pool's device tracking.\n" }, "emailConfiguration": { "$ref": "#/types/aws:cognito/UserPoolEmailConfiguration:UserPoolEmailConfiguration", "description": "The Email Configuration.\n" }, "emailVerificationMessage": { "type": "string", "description": "A string representing the email verification message. Conflicts with `verification_message_template` configuration block `email_message` argument.\n" }, "emailVerificationSubject": { "type": "string", "description": "A string representing the email verification subject. Conflicts with `verification_message_template` configuration block `email_subject` argument.\n" }, "lambdaConfig": { "$ref": "#/types/aws:cognito/UserPoolLambdaConfig:UserPoolLambdaConfig", "description": "A container for the AWS Lambda triggers associated with the user pool.\n" }, "mfaConfiguration": { "type": "string", "description": "Multi-Factor Authentication (MFA) configuration for the User Pool. Defaults of `OFF`. Valid values:\n" }, "name": { "type": "string", "description": "The name of the attribute.\n" }, "passwordPolicy": { "$ref": "#/types/aws:cognito/UserPoolPasswordPolicy:UserPoolPasswordPolicy", "description": "A container for information about the user pool password policy.\n" }, "schemas": { "type": "array", "items": { "$ref": "#/types/aws:cognito/UserPoolSchema:UserPoolSchema" }, "description": "A container with the schema attributes of a user pool. Schema attributes from the [standard attribute set](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#cognito-user-pools-standard-attributes) only need to be specified if they are different from the default configuration. Maximum of 50 attributes.\n" }, "smsAuthenticationMessage": { "type": "string", "description": "A string representing the SMS authentication message. The message must contain the `{####}` placeholder, which will be replaced with the code.\n" }, "smsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSmsConfiguration:UserPoolSmsConfiguration", "description": "Configuration block for Short Message Service (SMS) settings. Detailed below. These settings apply to SMS user verification and SMS Multi-Factor Authentication (MFA). Due to Cognito API restrictions, the SMS configuration cannot be removed without recreating the Cognito User Pool. For user data safety, this resource will ignore the removal of this configuration by disabling drift detection. To force resource recreation after this configuration has been applied, see the [`up` command and use --replace](https://www.pulumi.com/docs/reference/cli/pulumi_up/).\n" }, "smsVerificationMessage": { "type": "string", "description": "A string representing the SMS verification message. Conflicts with `verification_message_template` configuration block `sms_message` argument.\n" }, "softwareTokenMfaConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSoftwareTokenMfaConfiguration:UserPoolSoftwareTokenMfaConfiguration", "description": "Configuration block for software token Mult-Factor Authentication (MFA) settings. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the User Pool.\n" }, "userPoolAddOns": { "$ref": "#/types/aws:cognito/UserPoolUserPoolAddOns:UserPoolUserPoolAddOns", "description": "Configuration block for user pool add-ons to enable user pool advanced security mode features.\n" }, "usernameAttributes": { "type": "array", "items": { "type": "string" }, "description": "Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with `alias_attributes`.\n" }, "usernameConfiguration": { "$ref": "#/types/aws:cognito/UserPoolUsernameConfiguration:UserPoolUsernameConfiguration", "description": "The Username Configuration.\n" }, "verificationMessageTemplate": { "$ref": "#/types/aws:cognito/UserPoolVerificationMessageTemplate:UserPoolVerificationMessageTemplate", "description": "The verification message templates configuration.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering UserPool resources.\n", "properties": { "adminCreateUserConfig": { "$ref": "#/types/aws:cognito/UserPoolAdminCreateUserConfig:UserPoolAdminCreateUserConfig", "description": "The configuration for AdminCreateUser requests.\n" }, "aliasAttributes": { "type": "array", "items": { "type": "string" }, "description": "Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with `username_attributes`.\n" }, "arn": { "type": "string", "description": "The ARN of the user pool.\n" }, "autoVerifiedAttributes": { "type": "array", "items": { "type": "string" }, "description": "The attributes to be auto-verified. Possible values: email, phone_number.\n" }, "creationDate": { "type": "string", "description": "The date the user pool was created.\n" }, "deviceConfiguration": { "$ref": "#/types/aws:cognito/UserPoolDeviceConfiguration:UserPoolDeviceConfiguration", "description": "The configuration for the user pool's device tracking.\n" }, "emailConfiguration": { "$ref": "#/types/aws:cognito/UserPoolEmailConfiguration:UserPoolEmailConfiguration", "description": "The Email Configuration.\n" }, "emailVerificationMessage": { "type": "string", "description": "A string representing the email verification message. Conflicts with `verification_message_template` configuration block `email_message` argument.\n" }, "emailVerificationSubject": { "type": "string", "description": "A string representing the email verification subject. Conflicts with `verification_message_template` configuration block `email_subject` argument.\n" }, "endpoint": { "type": "string", "description": "The endpoint name of the user pool. Example format: cognito-idp.REGION.amazonaws.com/xxxx_yyyyy\n" }, "lambdaConfig": { "$ref": "#/types/aws:cognito/UserPoolLambdaConfig:UserPoolLambdaConfig", "description": "A container for the AWS Lambda triggers associated with the user pool.\n" }, "lastModifiedDate": { "type": "string", "description": "The date the user pool was last modified.\n" }, "mfaConfiguration": { "type": "string", "description": "Multi-Factor Authentication (MFA) configuration for the User Pool. Defaults of `OFF`. Valid values:\n" }, "name": { "type": "string", "description": "The name of the attribute.\n" }, "passwordPolicy": { "$ref": "#/types/aws:cognito/UserPoolPasswordPolicy:UserPoolPasswordPolicy", "description": "A container for information about the user pool password policy.\n" }, "schemas": { "type": "array", "items": { "$ref": "#/types/aws:cognito/UserPoolSchema:UserPoolSchema" }, "description": "A container with the schema attributes of a user pool. Schema attributes from the [standard attribute set](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#cognito-user-pools-standard-attributes) only need to be specified if they are different from the default configuration. Maximum of 50 attributes.\n" }, "smsAuthenticationMessage": { "type": "string", "description": "A string representing the SMS authentication message. The message must contain the `{####}` placeholder, which will be replaced with the code.\n" }, "smsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSmsConfiguration:UserPoolSmsConfiguration", "description": "Configuration block for Short Message Service (SMS) settings. Detailed below. These settings apply to SMS user verification and SMS Multi-Factor Authentication (MFA). Due to Cognito API restrictions, the SMS configuration cannot be removed without recreating the Cognito User Pool. For user data safety, this resource will ignore the removal of this configuration by disabling drift detection. To force resource recreation after this configuration has been applied, see the [`up` command and use --replace](https://www.pulumi.com/docs/reference/cli/pulumi_up/).\n" }, "smsVerificationMessage": { "type": "string", "description": "A string representing the SMS verification message. Conflicts with `verification_message_template` configuration block `sms_message` argument.\n" }, "softwareTokenMfaConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSoftwareTokenMfaConfiguration:UserPoolSoftwareTokenMfaConfiguration", "description": "Configuration block for software token Mult-Factor Authentication (MFA) settings. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the User Pool.\n" }, "userPoolAddOns": { "$ref": "#/types/aws:cognito/UserPoolUserPoolAddOns:UserPoolUserPoolAddOns", "description": "Configuration block for user pool add-ons to enable user pool advanced security mode features.\n" }, "usernameAttributes": { "type": "array", "items": { "type": "string" }, "description": "Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with `alias_attributes`.\n" }, "usernameConfiguration": { "$ref": "#/types/aws:cognito/UserPoolUsernameConfiguration:UserPoolUsernameConfiguration", "description": "The Username Configuration.\n" }, "verificationMessageTemplate": { "$ref": "#/types/aws:cognito/UserPoolVerificationMessageTemplate:UserPoolVerificationMessageTemplate", "description": "The verification message templates configuration.\n" } }, "type": "object" } }, "aws:cognito/userPoolClient:UserPoolClient": { "description": "Provides a Cognito User Pool Client resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Create a basic user pool client\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {\n userPoolId: pool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\", user_pool_id=pool.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n UserPoolId = pool.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"client\", \u0026cognito.UserPoolClientArgs{\n\t\t\tUserPoolId: pool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Create a user pool client with no SRP authentication\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {\n explicitAuthFlows: [\"ADMIN_NO_SRP_AUTH\"],\n generateSecret: true,\n userPoolId: pool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\",\n explicit_auth_flows=[\"ADMIN_NO_SRP_AUTH\"],\n generate_secret=True,\n user_pool_id=pool.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n ExplicitAuthFlows = \n {\n \"ADMIN_NO_SRP_AUTH\",\n },\n GenerateSecret = true,\n UserPoolId = pool.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"client\", \u0026cognito.UserPoolClientArgs{\n\t\t\tExplicitAuthFlows: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ADMIN_NO_SRP_AUTH\"),\n\t\t\t},\n\t\t\tGenerateSecret: pulumi.Bool(true),\n\t\t\tUserPoolId: pool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Create a user pool client with pinpoint analytics\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.getCallerIdentity({ async: true }));\nconst testUserPool = new aws.cognito.UserPool(\"test\", {});\nconst testApp = new aws.pinpoint.App(\"test\", {});\nconst testRole = new aws.iam.Role(\"test\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"cognito-idp.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst testRolePolicy = new aws.iam.RolePolicy(\"test\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"mobiletargeting:UpdateEndpoint\",\n \"mobiletargeting:PutItems\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:mobiletargeting:*:${current.accountId}:apps/${testApp.applicationId}*\"\n }\n ]\n}\n`,\n role: testRole.id,\n});\nconst testUserPoolClient = new aws.cognito.UserPoolClient(\"test\", {\n analyticsConfiguration: {\n applicationId: testApp.applicationId,\n externalId: \"some_id\",\n roleArn: testRole.arn,\n userDataShared: true,\n },\n userPoolId: testUserPool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ntest_user_pool = aws.cognito.UserPool(\"testUserPool\")\ntest_app = aws.pinpoint.App(\"testApp\")\ntest_role = aws.iam.Role(\"testRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"cognito-idp.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\ntest_role_policy = aws.iam.RolePolicy(\"testRolePolicy\",\n policy=test_app.application_id.apply(lambda application_id: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": [\n \"mobiletargeting:UpdateEndpoint\",\n \"mobiletargeting:PutItems\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:mobiletargeting:*:{current.account_id}:apps/{application_id}*\"\n }}\n ]\n}}\n\n\"\"\"),\n role=test_role.id)\ntest_user_pool_client = aws.cognito.UserPoolClient(\"testUserPoolClient\",\n analytics_configuration={\n \"application_id\": test_app.application_id,\n \"external_id\": \"some_id\",\n \"role_arn\": test_role.arn,\n \"userDataShared\": True,\n },\n user_pool_id=test_user_pool.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n var testUserPool = new Aws.Cognito.UserPool(\"testUserPool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var testApp = new Aws.Pinpoint.App(\"testApp\", new Aws.Pinpoint.AppArgs\n {\n });\n var testRole = new Aws.Iam.Role(\"testRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"cognito-idp.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var testRolePolicy = new Aws.Iam.RolePolicy(\"testRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = Output.Tuple(current, testApp.ApplicationId).Apply(values =\u003e\n {\n var current = values.Item1;\n var applicationId = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": [\n \"\"mobiletargeting:UpdateEndpoint\"\",\n \"\"mobiletargeting:PutItems\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"arn:aws:mobiletargeting:*:{current.AccountId}:apps/{applicationId}*\"\"\n }}\n ]\n}}\n\n\";\n }),\n Role = testRole.Id,\n });\n var testUserPoolClient = new Aws.Cognito.UserPoolClient(\"testUserPoolClient\", new Aws.Cognito.UserPoolClientArgs\n {\n AnalyticsConfiguration = new Aws.Cognito.Inputs.UserPoolClientAnalyticsConfigurationArgs\n {\n ApplicationId = testApp.ApplicationId,\n ExternalId = \"some_id\",\n RoleArn = testRole.Arn,\n UserDataShared = true,\n },\n UserPoolId = testUserPool.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestUserPool, err := cognito.NewUserPool(ctx, \"testUserPool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestApp, err := pinpoint.NewApp(ctx, \"testApp\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRole, err := iam.NewRole(ctx, \"testRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"cognito-idp.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"testRolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: testApp.ApplicationId.ApplyT(func(applicationId string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"mobiletargeting:UpdateEndpoint\\\",\\n\", \" \\\"mobiletargeting:PutItems\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:mobiletargeting:*:\", current.AccountId, \":apps/\", applicationId, \"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRole: testRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"testUserPoolClient\", \u0026cognito.UserPoolClientArgs{\n\t\t\tAnalyticsConfiguration: \u0026cognito.UserPoolClientAnalyticsConfigurationArgs{\n\t\t\t\tApplicationId: testApp.ApplicationId,\n\t\t\t\tExternalId: pulumi.String(\"some_id\"),\n\t\t\t\tRoleArn: testRole.Arn,\n\t\t\t\tUserDataShared: pulumi.Bool(true),\n\t\t\t},\n\t\t\tUserPoolId: testUserPool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowedOauthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth flows (code, implicit, client_credentials).\n" }, "allowedOauthFlowsUserPoolClient": { "type": "boolean", "description": "Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.\n" }, "allowedOauthScopes": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).\n" }, "analyticsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolClientAnalyticsConfiguration:UserPoolClientAnalyticsConfiguration", "description": "The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.\n" }, "callbackUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed callback URLs for the identity providers.\n" }, "clientSecret": { "type": "string", "description": "The client secret of the user pool client.\n" }, "defaultRedirectUri": { "type": "string", "description": "The default redirect URI. Must be in the list of callback URLs.\n" }, "explicitAuthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).\n" }, "generateSecret": { "type": "boolean", "description": "Should an application secret be generated.\n" }, "logoutUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed logout URLs for the identity providers.\n" }, "name": { "type": "string", "description": "The name of the application client.\n" }, "preventUserExistenceErrors": { "type": "string", "description": "Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.\n" }, "readAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can read from.\n" }, "refreshTokenValidity": { "type": "integer", "description": "The time limit in days refresh tokens are valid for.\n" }, "supportedIdentityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of provider names for the identity providers that are supported on this client.\n" }, "userPoolId": { "type": "string", "description": "The user pool the client belongs to.\n" }, "writeAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can write to.\n" } }, "required": [ "clientSecret", "name", "preventUserExistenceErrors", "userPoolId" ], "inputProperties": { "allowedOauthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth flows (code, implicit, client_credentials).\n" }, "allowedOauthFlowsUserPoolClient": { "type": "boolean", "description": "Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.\n" }, "allowedOauthScopes": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).\n" }, "analyticsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolClientAnalyticsConfiguration:UserPoolClientAnalyticsConfiguration", "description": "The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.\n" }, "callbackUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed callback URLs for the identity providers.\n" }, "defaultRedirectUri": { "type": "string", "description": "The default redirect URI. Must be in the list of callback URLs.\n" }, "explicitAuthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).\n" }, "generateSecret": { "type": "boolean", "description": "Should an application secret be generated.\n" }, "logoutUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed logout URLs for the identity providers.\n" }, "name": { "type": "string", "description": "The name of the application client.\n" }, "preventUserExistenceErrors": { "type": "string", "description": "Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.\n" }, "readAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can read from.\n" }, "refreshTokenValidity": { "type": "integer", "description": "The time limit in days refresh tokens are valid for.\n" }, "supportedIdentityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of provider names for the identity providers that are supported on this client.\n" }, "userPoolId": { "type": "string", "description": "The user pool the client belongs to.\n" }, "writeAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can write to.\n" } }, "requiredInputs": [ "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserPoolClient resources.\n", "properties": { "allowedOauthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth flows (code, implicit, client_credentials).\n" }, "allowedOauthFlowsUserPoolClient": { "type": "boolean", "description": "Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.\n" }, "allowedOauthScopes": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).\n" }, "analyticsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolClientAnalyticsConfiguration:UserPoolClientAnalyticsConfiguration", "description": "The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.\n" }, "callbackUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed callback URLs for the identity providers.\n" }, "clientSecret": { "type": "string", "description": "The client secret of the user pool client.\n" }, "defaultRedirectUri": { "type": "string", "description": "The default redirect URI. Must be in the list of callback URLs.\n" }, "explicitAuthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).\n" }, "generateSecret": { "type": "boolean", "description": "Should an application secret be generated.\n" }, "logoutUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed logout URLs for the identity providers.\n" }, "name": { "type": "string", "description": "The name of the application client.\n" }, "preventUserExistenceErrors": { "type": "string", "description": "Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.\n" }, "readAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can read from.\n" }, "refreshTokenValidity": { "type": "integer", "description": "The time limit in days refresh tokens are valid for.\n" }, "supportedIdentityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of provider names for the identity providers that are supported on this client.\n" }, "userPoolId": { "type": "string", "description": "The user pool the client belongs to.\n" }, "writeAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can write to.\n" } }, "type": "object" } }, "aws:cognito/userPoolDomain:UserPoolDomain": { "description": "Provides a Cognito User Pool Domain resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Amazon Cognito domain\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cognito.UserPool(\"example\", {});\nconst main = new aws.cognito.UserPoolDomain(\"main\", {\n domain: \"example-domain\",\n userPoolId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.UserPool(\"example\")\nmain = aws.cognito.UserPoolDomain(\"main\",\n domain=\"example-domain\",\n user_pool_id=example.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Cognito.UserPool(\"example\", new Aws.Cognito.UserPoolArgs\n {\n });\n var main = new Aws.Cognito.UserPoolDomain(\"main\", new Aws.Cognito.UserPoolDomainArgs\n {\n Domain = \"example-domain\",\n UserPoolId = example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cognito.NewUserPool(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolDomain(ctx, \"main\", \u0026cognito.UserPoolDomainArgs{\n\t\t\tDomain: pulumi.String(\"example-domain\"),\n\t\t\tUserPoolId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Custom Cognito domain\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cognito.UserPool(\"example\", {});\nconst main = new aws.cognito.UserPoolDomain(\"main\", {\n certificateArn: aws_acm_certificate_cert.arn,\n domain: \"example-domain.example.com\",\n userPoolId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.UserPool(\"example\")\nmain = aws.cognito.UserPoolDomain(\"main\",\n certificate_arn=aws_acm_certificate[\"cert\"][\"arn\"],\n domain=\"example-domain.example.com\",\n user_pool_id=example.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Cognito.UserPool(\"example\", new Aws.Cognito.UserPoolArgs\n {\n });\n var main = new Aws.Cognito.UserPoolDomain(\"main\", new Aws.Cognito.UserPoolDomainArgs\n {\n CertificateArn = aws_acm_certificate.Cert.Arn,\n Domain = \"example-domain.example.com\",\n UserPoolId = example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cognito.NewUserPool(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolDomain(ctx, \"main\", \u0026cognito.UserPoolDomainArgs{\n\t\t\tCertificateArn: pulumi.String(aws_acm_certificate.Cert.Arn),\n\t\t\tDomain: pulumi.String(\"example-domain.example.com\"),\n\t\t\tUserPoolId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "awsAccountId": { "type": "string", "description": "The AWS account ID for the user pool owner.\n" }, "certificateArn": { "type": "string", "description": "The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.\n" }, "cloudfrontDistributionArn": { "type": "string", "description": "The ARN of the CloudFront distribution.\n" }, "domain": { "type": "string", "description": "The domain string.\n" }, "s3Bucket": { "type": "string", "description": "The S3 bucket where the static files for this domain are stored.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n" }, "version": { "type": "string", "description": "The app version.\n" } }, "required": [ "awsAccountId", "cloudfrontDistributionArn", "domain", "s3Bucket", "userPoolId", "version" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.\n" }, "domain": { "type": "string", "description": "The domain string.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n" } }, "requiredInputs": [ "domain", "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserPoolDomain resources.\n", "properties": { "awsAccountId": { "type": "string", "description": "The AWS account ID for the user pool owner.\n" }, "certificateArn": { "type": "string", "description": "The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.\n" }, "cloudfrontDistributionArn": { "type": "string", "description": "The ARN of the CloudFront distribution.\n" }, "domain": { "type": "string", "description": "The domain string.\n" }, "s3Bucket": { "type": "string", "description": "The S3 bucket where the static files for this domain are stored.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n" }, "version": { "type": "string", "description": "The app version.\n" } }, "type": "object" } }, "aws:cur/reportDefinition:ReportDefinition": { "description": "Manages Cost and Usage Report Definitions.\n\n\u003e *NOTE:* The AWS Cost and Usage Report service is only available in `us-east-1` currently.\n\n\u003e *NOTE:* If AWS Organizations is enabled, only the master account can use this resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCurReportDefinition = new aws.cur.ReportDefinition(\"example_cur_report_definition\", {\n additionalArtifacts: [\n \"REDSHIFT\",\n \"QUICKSIGHT\",\n ],\n additionalSchemaElements: [\"RESOURCES\"],\n compression: \"GZIP\",\n format: \"textORcsv\",\n reportName: \"example-cur-report-definition\",\n s3Bucket: \"example-bucket-name\",\n s3Region: \"us-east-1\",\n timeUnit: \"HOURLY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_cur_report_definition = aws.cur.ReportDefinition(\"exampleCurReportDefinition\",\n additional_artifacts=[\n \"REDSHIFT\",\n \"QUICKSIGHT\",\n ],\n additional_schema_elements=[\"RESOURCES\"],\n compression=\"GZIP\",\n format=\"textORcsv\",\n report_name=\"example-cur-report-definition\",\n s3_bucket=\"example-bucket-name\",\n s3_region=\"us-east-1\",\n time_unit=\"HOURLY\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleCurReportDefinition = new Aws.Cur.ReportDefinition(\"exampleCurReportDefinition\", new Aws.Cur.ReportDefinitionArgs\n {\n AdditionalArtifacts = \n {\n \"REDSHIFT\",\n \"QUICKSIGHT\",\n },\n AdditionalSchemaElements = \n {\n \"RESOURCES\",\n },\n Compression = \"GZIP\",\n Format = \"textORcsv\",\n ReportName = \"example-cur-report-definition\",\n S3Bucket = \"example-bucket-name\",\n S3Region = \"us-east-1\",\n TimeUnit = \"HOURLY\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cur\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = cur.NewReportDefinition(ctx, \"exampleCurReportDefinition\", \u0026cur.ReportDefinitionArgs{\n\t\t\tAdditionalArtifacts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"REDSHIFT\"),\n\t\t\t\tpulumi.String(\"QUICKSIGHT\"),\n\t\t\t},\n\t\t\tAdditionalSchemaElements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"RESOURCES\"),\n\t\t\t},\n\t\t\tCompression: pulumi.String(\"GZIP\"),\n\t\t\tFormat: pulumi.String(\"textORcsv\"),\n\t\t\tReportName: pulumi.String(\"example-cur-report-definition\"),\n\t\t\tS3Bucket: pulumi.String(\"example-bucket-name\"),\n\t\t\tS3Region: pulumi.String(\"us-east-1\"),\n\t\t\tTimeUnit: pulumi.String(\"HOURLY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "additionalArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of additional artifacts. Valid values are: REDSHIFT, QUICKSIGHT.\n" }, "additionalSchemaElements": { "type": "array", "items": { "type": "string" }, "description": "A list of schema elements. Valid values are: RESOURCES.\n" }, "compression": { "type": "string", "description": "Compression format for report. Valid values are: GZIP, ZIP.\n" }, "format": { "type": "string", "description": "Format for report. Valid values are: textORcsv.\n" }, "reportName": { "type": "string", "description": "Unique name for the report. Must start with a number/letter and is case sensitive. Limited to 256 characters.\n" }, "s3Bucket": { "type": "string", "description": "Name of the existing S3 bucket to hold generated reports.\n" }, "s3Prefix": { "type": "string", "description": "Report path prefix. Limited to 256 characters.\n" }, "s3Region": { "type": "string", "description": "Region of the existing S3 bucket to hold generated reports.\n" }, "timeUnit": { "type": "string", "description": "The frequency on which report data are measured and displayed. Valid values are: HOURLY, DAILY.\n" } }, "required": [ "additionalSchemaElements", "compression", "format", "reportName", "s3Bucket", "s3Region", "timeUnit" ], "inputProperties": { "additionalArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of additional artifacts. Valid values are: REDSHIFT, QUICKSIGHT.\n" }, "additionalSchemaElements": { "type": "array", "items": { "type": "string" }, "description": "A list of schema elements. Valid values are: RESOURCES.\n" }, "compression": { "type": "string", "description": "Compression format for report. Valid values are: GZIP, ZIP.\n" }, "format": { "type": "string", "description": "Format for report. Valid values are: textORcsv.\n" }, "reportName": { "type": "string", "description": "Unique name for the report. Must start with a number/letter and is case sensitive. Limited to 256 characters.\n" }, "s3Bucket": { "type": "string", "description": "Name of the existing S3 bucket to hold generated reports.\n" }, "s3Prefix": { "type": "string", "description": "Report path prefix. Limited to 256 characters.\n" }, "s3Region": { "type": "string", "description": "Region of the existing S3 bucket to hold generated reports.\n" }, "timeUnit": { "type": "string", "description": "The frequency on which report data are measured and displayed. Valid values are: HOURLY, DAILY.\n" } }, "requiredInputs": [ "additionalSchemaElements", "compression", "format", "reportName", "s3Bucket", "s3Region", "timeUnit" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReportDefinition resources.\n", "properties": { "additionalArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of additional artifacts. Valid values are: REDSHIFT, QUICKSIGHT.\n" }, "additionalSchemaElements": { "type": "array", "items": { "type": "string" }, "description": "A list of schema elements. Valid values are: RESOURCES.\n" }, "compression": { "type": "string", "description": "Compression format for report. Valid values are: GZIP, ZIP.\n" }, "format": { "type": "string", "description": "Format for report. Valid values are: textORcsv.\n" }, "reportName": { "type": "string", "description": "Unique name for the report. Must start with a number/letter and is case sensitive. Limited to 256 characters.\n" }, "s3Bucket": { "type": "string", "description": "Name of the existing S3 bucket to hold generated reports.\n" }, "s3Prefix": { "type": "string", "description": "Report path prefix. Limited to 256 characters.\n" }, "s3Region": { "type": "string", "description": "Region of the existing S3 bucket to hold generated reports.\n" }, "timeUnit": { "type": "string", "description": "The frequency on which report data are measured and displayed. Valid values are: HOURLY, DAILY.\n" } }, "type": "object" } }, "aws:datapipeline/pipeline:Pipeline": { "description": "Provides a Data Pipeline resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultPipeline = new aws.datapipeline.Pipeline(\"default\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.datapipeline.Pipeline(\"default\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.DataPipeline.Pipeline(\"default\", new Aws.DataPipeline.PipelineArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/datapipeline\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = datapipeline.NewPipeline(ctx, \"default\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "The description of Pipeline.\n" }, "name": { "type": "string", "description": "The name of Pipeline.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "name" ], "inputProperties": { "description": { "type": "string", "description": "The description of Pipeline.\n" }, "name": { "type": "string", "description": "The name of Pipeline.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Pipeline resources.\n", "properties": { "description": { "type": "string", "description": "The description of Pipeline.\n" }, "name": { "type": "string", "description": "The name of Pipeline.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:datasync/agent:Agent": { "description": "Manages an AWS DataSync Agent deployed on premises.\n\n\u003e **NOTE:** One of `activation_key` or `ip_address` must be provided for resource creation (agent activation). Neither is required for resource import. If using `ip_address`, this provider must be able to make an HTTP (port 80) GET request to the specified IP address from where it is running. The agent will turn off that HTTP server after activation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.Agent(\"example\", {\n ipAddress: \"1.2.3.4\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.Agent(\"example\", ip_address=\"1.2.3.4\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DataSync.Agent(\"example\", new Aws.DataSync.AgentArgs\n {\n IpAddress = \"1.2.3.4\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = datasync.NewAgent(ctx, \"example\", \u0026datasync.AgentArgs{\n\t\t\tIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "activationKey": { "type": "string", "description": "DataSync Agent activation key during resource creation. Conflicts with `ip_address`. If an `ip_address` is provided instead, the provider will retrieve the `activation_key` as part of the resource creation.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Agent.\n" }, "ipAddress": { "type": "string", "description": "DataSync Agent IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. DataSync Agent must be accessible on port 80 from where the provider is running.\n" }, "name": { "type": "string", "description": "Name of the DataSync Agent.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Agent.\n" } }, "required": [ "activationKey", "arn", "ipAddress", "name" ], "inputProperties": { "activationKey": { "type": "string", "description": "DataSync Agent activation key during resource creation. Conflicts with `ip_address`. If an `ip_address` is provided instead, the provider will retrieve the `activation_key` as part of the resource creation.\n" }, "ipAddress": { "type": "string", "description": "DataSync Agent IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. DataSync Agent must be accessible on port 80 from where the provider is running.\n" }, "name": { "type": "string", "description": "Name of the DataSync Agent.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Agent.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Agent resources.\n", "properties": { "activationKey": { "type": "string", "description": "DataSync Agent activation key during resource creation. Conflicts with `ip_address`. If an `ip_address` is provided instead, the provider will retrieve the `activation_key` as part of the resource creation.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Agent.\n" }, "ipAddress": { "type": "string", "description": "DataSync Agent IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. DataSync Agent must be accessible on port 80 from where the provider is running.\n" }, "name": { "type": "string", "description": "Name of the DataSync Agent.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Agent.\n" } }, "type": "object" } }, "aws:datasync/efsLocation:EfsLocation": { "description": "Manages an AWS DataSync EFS Location.\n\n\u003e **NOTE:** The EFS File System must have a mounted EFS Mount Target before creating this resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.EfsLocation(\"example\", {\n ec2Config: {\n securityGroupArns: [aws_security_group_example.arn],\n subnetArn: aws_subnet_example.arn,\n },\n // The below example uses aws_efs_mount_target as a reference to ensure a mount target already exists when resource creation occurs.\n // You can accomplish the same behavior with depends_on or an aws_efs_mount_target data source reference.\n efsFileSystemArn: aws_efs_mount_target_example.fileSystemArn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.EfsLocation(\"example\",\n ec2_config={\n \"securityGroupArns\": [aws_security_group[\"example\"][\"arn\"]],\n \"subnetArn\": aws_subnet[\"example\"][\"arn\"],\n },\n efs_file_system_arn=aws_efs_mount_target[\"example\"][\"file_system_arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DataSync.EfsLocation(\"example\", new Aws.DataSync.EfsLocationArgs\n {\n Ec2Config = new Aws.DataSync.Inputs.EfsLocationEc2ConfigArgs\n {\n SecurityGroupArns = \n {\n aws_security_group.Example.Arn,\n },\n SubnetArn = aws_subnet.Example.Arn,\n },\n EfsFileSystemArn = aws_efs_mount_target.Example.File_system_arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = datasync.NewEfsLocation(ctx, \"example\", \u0026datasync.EfsLocationArgs{\n\t\t\tEc2Config: \u0026datasync.EfsLocationEc2ConfigArgs{\n\t\t\t\tSecurityGroupArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(aws_security_group.Example.Arn),\n\t\t\t\t},\n\t\t\t\tSubnetArn: pulumi.String(aws_subnet.Example.Arn),\n\t\t\t},\n\t\t\tEfsFileSystemArn: pulumi.String(aws_efs_mount_target.Example.File_system_arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "ec2Config": { "$ref": "#/types/aws:datasync/EfsLocationEc2Config:EfsLocationEc2Config", "description": "Configuration block containing EC2 configurations for connecting to the EFS File System.\n" }, "efsFileSystemArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of EFS File System.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Default `/`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" }, "uri": { "type": "string" } }, "required": [ "arn", "ec2Config", "efsFileSystemArn", "uri" ], "inputProperties": { "ec2Config": { "$ref": "#/types/aws:datasync/EfsLocationEc2Config:EfsLocationEc2Config", "description": "Configuration block containing EC2 configurations for connecting to the EFS File System.\n" }, "efsFileSystemArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of EFS File System.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Default `/`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" } }, "requiredInputs": [ "ec2Config", "efsFileSystemArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EfsLocation resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "ec2Config": { "$ref": "#/types/aws:datasync/EfsLocationEc2Config:EfsLocationEc2Config", "description": "Configuration block containing EC2 configurations for connecting to the EFS File System.\n" }, "efsFileSystemArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of EFS File System.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Default `/`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" }, "uri": { "type": "string" } }, "type": "object" } }, "aws:datasync/locationSmb:LocationSmb": { "description": "Manages a SMB Location within AWS DataSync.\n\n\u003e **NOTE:** The DataSync Agents must be available before creating this resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.LocationSmb(\"example\", {\n agentArns: [aws_datasync_agent_example.arn],\n password: \"ANotGreatPassword\",\n serverHostname: \"smb.example.com\",\n subdirectory: \"/exported/path\",\n user: \"Guest\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.LocationSmb(\"example\",\n agent_arns=[aws_datasync_agent[\"example\"][\"arn\"]],\n password=\"ANotGreatPassword\",\n server_hostname=\"smb.example.com\",\n subdirectory=\"/exported/path\",\n user=\"Guest\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DataSync.LocationSmb(\"example\", new Aws.DataSync.LocationSmbArgs\n {\n AgentArns = \n {\n aws_datasync_agent.Example.Arn,\n },\n Password = \"ANotGreatPassword\",\n ServerHostname = \"smb.example.com\",\n Subdirectory = \"/exported/path\",\n User = \"Guest\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = datasync.NewLocationSmb(ctx, \"example\", \u0026datasync.LocationSmbArgs{\n\t\t\tAgentArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_datasync_agent.Example.Arn),\n\t\t\t},\n\t\t\tPassword: pulumi.String(\"ANotGreatPassword\"),\n\t\t\tServerHostname: pulumi.String(\"smb.example.com\"),\n\t\t\tSubdirectory: pulumi.String(\"/exported/path\"),\n\t\t\tUser: pulumi.String(\"Guest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "domain": { "type": "string", "description": "The name of the Windows domain the SMB server belongs to.\n" }, "mountOptions": { "$ref": "#/types/aws:datasync/LocationSmbMountOptions:LocationSmbMountOptions", "description": "Configuration block containing mount options used by DataSync to access the SMB Server. Can be `AUTOMATIC`, `SMB2`, or `SMB3`.\n" }, "password": { "type": "string", "description": "The password of the user who can mount the share and has file permissions in the SMB.\n" }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the SMB server. The DataSync Agent(s) use this to mount the SMB share.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" }, "uri": { "type": "string" }, "user": { "type": "string", "description": "The user who can mount the share and has file and folder permissions in the SMB share.\n" } }, "required": [ "agentArns", "arn", "domain", "password", "serverHostname", "subdirectory", "uri", "user" ], "inputProperties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "domain": { "type": "string", "description": "The name of the Windows domain the SMB server belongs to.\n" }, "mountOptions": { "$ref": "#/types/aws:datasync/LocationSmbMountOptions:LocationSmbMountOptions", "description": "Configuration block containing mount options used by DataSync to access the SMB Server. Can be `AUTOMATIC`, `SMB2`, or `SMB3`.\n" }, "password": { "type": "string", "description": "The password of the user who can mount the share and has file permissions in the SMB.\n" }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the SMB server. The DataSync Agent(s) use this to mount the SMB share.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" }, "user": { "type": "string", "description": "The user who can mount the share and has file and folder permissions in the SMB share.\n" } }, "requiredInputs": [ "agentArns", "password", "serverHostname", "subdirectory", "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocationSmb resources.\n", "properties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "domain": { "type": "string", "description": "The name of the Windows domain the SMB server belongs to.\n" }, "mountOptions": { "$ref": "#/types/aws:datasync/LocationSmbMountOptions:LocationSmbMountOptions", "description": "Configuration block containing mount options used by DataSync to access the SMB Server. Can be `AUTOMATIC`, `SMB2`, or `SMB3`.\n" }, "password": { "type": "string", "description": "The password of the user who can mount the share and has file permissions in the SMB.\n" }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the SMB server. The DataSync Agent(s) use this to mount the SMB share.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" }, "uri": { "type": "string" }, "user": { "type": "string", "description": "The user who can mount the share and has file and folder permissions in the SMB share.\n" } }, "type": "object" } }, "aws:datasync/nfsLocation:NfsLocation": { "description": "Manages an NFS Location within AWS DataSync.\n\n\u003e **NOTE:** The DataSync Agents must be available before creating this resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.NfsLocation(\"example\", {\n onPremConfig: {\n agentArns: [aws_datasync_agent_example.arn],\n },\n serverHostname: \"nfs.example.com\",\n subdirectory: \"/exported/path\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.NfsLocation(\"example\",\n on_prem_config={\n \"agent_arns\": [aws_datasync_agent[\"example\"][\"arn\"]],\n },\n server_hostname=\"nfs.example.com\",\n subdirectory=\"/exported/path\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DataSync.NfsLocation(\"example\", new Aws.DataSync.NfsLocationArgs\n {\n OnPremConfig = new Aws.DataSync.Inputs.NfsLocationOnPremConfigArgs\n {\n AgentArns = \n {\n aws_datasync_agent.Example.Arn,\n },\n },\n ServerHostname = \"nfs.example.com\",\n Subdirectory = \"/exported/path\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = datasync.NewNfsLocation(ctx, \"example\", \u0026datasync.NfsLocationArgs{\n\t\t\tOnPremConfig: \u0026datasync.NfsLocationOnPremConfigArgs{\n\t\t\t\tAgentArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(aws_datasync_agent.Example.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tServerHostname: pulumi.String(\"nfs.example.com\"),\n\t\t\tSubdirectory: pulumi.String(\"/exported/path\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "onPremConfig": { "$ref": "#/types/aws:datasync/NfsLocationOnPremConfig:NfsLocationOnPremConfig", "description": "Configuration block containing information for connecting to the NFS File System.\n" }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the NFS server. The DataSync Agent(s) use this to mount the NFS server.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" }, "uri": { "type": "string" } }, "required": [ "arn", "onPremConfig", "serverHostname", "subdirectory", "uri" ], "inputProperties": { "onPremConfig": { "$ref": "#/types/aws:datasync/NfsLocationOnPremConfig:NfsLocationOnPremConfig", "description": "Configuration block containing information for connecting to the NFS File System.\n" }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the NFS server. The DataSync Agent(s) use this to mount the NFS server.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" } }, "requiredInputs": [ "onPremConfig", "serverHostname", "subdirectory" ], "stateInputs": { "description": "Input properties used for looking up and filtering NfsLocation resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "onPremConfig": { "$ref": "#/types/aws:datasync/NfsLocationOnPremConfig:NfsLocationOnPremConfig", "description": "Configuration block containing information for connecting to the NFS File System.\n" }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the NFS server. The DataSync Agent(s) use this to mount the NFS server.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" }, "uri": { "type": "string" } }, "type": "object" } }, "aws:datasync/s3Location:S3Location": { "description": "Manages an S3 Location within AWS DataSync.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.S3Location(\"example\", {\n s3BucketArn: aws_s3_bucket_example.arn,\n s3Config: {\n bucketAccessRoleArn: aws_iam_role_example.arn,\n },\n subdirectory: \"/example/prefix\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.S3Location(\"example\",\n s3_bucket_arn=aws_s3_bucket[\"example\"][\"arn\"],\n s3_config={\n \"bucketAccessRoleArn\": aws_iam_role[\"example\"][\"arn\"],\n },\n subdirectory=\"/example/prefix\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DataSync.S3Location(\"example\", new Aws.DataSync.S3LocationArgs\n {\n S3BucketArn = aws_s3_bucket.Example.Arn,\n S3Config = new Aws.DataSync.Inputs.S3LocationS3ConfigArgs\n {\n BucketAccessRoleArn = aws_iam_role.Example.Arn,\n },\n Subdirectory = \"/example/prefix\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = datasync.NewS3Location(ctx, \"example\", \u0026datasync.S3LocationArgs{\n\t\t\tS3BucketArn: pulumi.String(aws_s3_bucket.Example.Arn),\n\t\t\tS3Config: \u0026datasync.S3LocationS3ConfigArgs{\n\t\t\t\tBucketAccessRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t\t},\n\t\t\tSubdirectory: pulumi.String(\"/example/prefix\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "s3BucketArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the S3 Bucket.\n" }, "s3Config": { "$ref": "#/types/aws:datasync/S3LocationS3Config:S3LocationS3Config", "description": "Configuration block containing information for connecting to S3.\n" }, "subdirectory": { "type": "string", "description": "Prefix to perform actions as source or destination.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" }, "uri": { "type": "string" } }, "required": [ "arn", "s3BucketArn", "s3Config", "subdirectory", "uri" ], "inputProperties": { "s3BucketArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the S3 Bucket.\n" }, "s3Config": { "$ref": "#/types/aws:datasync/S3LocationS3Config:S3LocationS3Config", "description": "Configuration block containing information for connecting to S3.\n" }, "subdirectory": { "type": "string", "description": "Prefix to perform actions as source or destination.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" } }, "requiredInputs": [ "s3BucketArn", "s3Config", "subdirectory" ], "stateInputs": { "description": "Input properties used for looking up and filtering S3Location resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "s3BucketArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the S3 Bucket.\n" }, "s3Config": { "$ref": "#/types/aws:datasync/S3LocationS3Config:S3LocationS3Config", "description": "Configuration block containing information for connecting to S3.\n" }, "subdirectory": { "type": "string", "description": "Prefix to perform actions as source or destination.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location.\n" }, "uri": { "type": "string" } }, "type": "object" } }, "aws:datasync/task:Task": { "description": "Manages an AWS DataSync Task, which represents a configuration for synchronization. Starting an execution of these DataSync Tasks (actually synchronizing files) is performed outside of this resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.Task(\"example\", {\n destinationLocationArn: aws_datasync_location_s3_destination.arn,\n options: {\n bytesPerSecond: -1,\n },\n sourceLocationArn: aws_datasync_location_nfs_source.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.Task(\"example\",\n destination_location_arn=aws_datasync_location_s3[\"destination\"][\"arn\"],\n options={\n \"bytesPerSecond\": -1,\n },\n source_location_arn=aws_datasync_location_nfs[\"source\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DataSync.Task(\"example\", new Aws.DataSync.TaskArgs\n {\n DestinationLocationArn = aws_datasync_location_s3.Destination.Arn,\n Options = new Aws.DataSync.Inputs.TaskOptionsArgs\n {\n BytesPerSecond = -1,\n },\n SourceLocationArn = aws_datasync_location_nfs.Source.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = datasync.NewTask(ctx, \"example\", \u0026datasync.TaskArgs{\n\t\t\tDestinationLocationArn: pulumi.String(aws_datasync_location_s3.Destination.Arn),\n\t\t\tOptions: \u0026datasync.TaskOptionsArgs{\n\t\t\t\tBytesPerSecond: pulumi.Int(-1),\n\t\t\t},\n\t\t\tSourceLocationArn: pulumi.String(aws_datasync_location_nfs.Source.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Task.\n" }, "cloudwatchLogGroupArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the CloudWatch Log Group that is used to monitor and log events in the sync task.\n" }, "destinationLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of destination DataSync Location.\n" }, "name": { "type": "string", "description": "Name of the DataSync Task.\n" }, "options": { "$ref": "#/types/aws:datasync/TaskOptions:TaskOptions", "description": "Configuration block containing option that controls the default behavior when you start an execution of this DataSync Task. For each individual task execution, you can override these options by specifying an overriding configuration in those executions.\n" }, "sourceLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of source DataSync Location.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Task.\n" } }, "required": [ "arn", "destinationLocationArn", "name", "sourceLocationArn" ], "inputProperties": { "cloudwatchLogGroupArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the CloudWatch Log Group that is used to monitor and log events in the sync task.\n" }, "destinationLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of destination DataSync Location.\n" }, "name": { "type": "string", "description": "Name of the DataSync Task.\n" }, "options": { "$ref": "#/types/aws:datasync/TaskOptions:TaskOptions", "description": "Configuration block containing option that controls the default behavior when you start an execution of this DataSync Task. For each individual task execution, you can override these options by specifying an overriding configuration in those executions.\n" }, "sourceLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of source DataSync Location.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Task.\n" } }, "requiredInputs": [ "destinationLocationArn", "sourceLocationArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Task resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Task.\n" }, "cloudwatchLogGroupArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the CloudWatch Log Group that is used to monitor and log events in the sync task.\n" }, "destinationLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of destination DataSync Location.\n" }, "name": { "type": "string", "description": "Name of the DataSync Task.\n" }, "options": { "$ref": "#/types/aws:datasync/TaskOptions:TaskOptions", "description": "Configuration block containing option that controls the default behavior when you start an execution of this DataSync Task. For each individual task execution, you can override these options by specifying an overriding configuration in those executions.\n" }, "sourceLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of source DataSync Location.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Task.\n" } }, "type": "object" } }, "aws:dax/cluster:Cluster": { "description": "Provides a DAX Cluster resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.dax.Cluster(\"bar\", {\n clusterName: \"cluster-example\",\n iamRoleArn: aws_iam_role_example.arn,\n nodeType: \"dax.r4.large\",\n replicationFactor: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.dax.Cluster(\"bar\",\n cluster_name=\"cluster-example\",\n iam_role_arn=data[\"aws_iam_role\"][\"example\"][\"arn\"],\n node_type=\"dax.r4.large\",\n replication_factor=1)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bar = new Aws.Dax.Cluster(\"bar\", new Aws.Dax.ClusterArgs\n {\n ClusterName = \"cluster-example\",\n IamRoleArn = data.Aws_iam_role.Example.Arn,\n NodeType = \"dax.r4.large\",\n ReplicationFactor = 1,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dax\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = dax.NewCluster(ctx, \"bar\", \u0026dax.ClusterArgs{\n\t\t\tClusterName: pulumi.String(\"cluster-example\"),\n\t\t\tIamRoleArn: pulumi.String(data.Aws_iam_role.Example.Arn),\n\t\t\tNodeType: pulumi.String(\"dax.r4.large\"),\n\t\t\tReplicationFactor: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the DAX cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of Availability Zones in which the\nnodes will be created\n" }, "clusterAddress": { "type": "string", "description": "The DNS name of the DAX cluster without the port appended\n" }, "clusterName": { "type": "string", "description": "Group identifier. DAX converts this name to\nlowercase\n" }, "configurationEndpoint": { "type": "string", "description": "The configuration endpoint for this DAX cluster,\nconsisting of a DNS name and a port number\n" }, "description": { "type": "string", "description": "Description for the cluster\n" }, "iamRoleArn": { "type": "string", "description": "A valid Amazon Resource Name (ARN) that identifies\nan IAM role. At runtime, DAX will assume this role and use the role's\npermissions to access DynamoDB on your behalf\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when\nmaintenance on the cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi`\n(24H Clock UTC). The minimum maintenance window is a 60 minute period. Example:\n`sun:05:00-sun:09:00`\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes. See\n[Nodes](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.concepts.cluster.html#DAX.concepts.nodes) for supported node types\n" }, "nodes": { "type": "array", "items": { "$ref": "#/types/aws:dax/ClusterNode:ClusterNode" }, "description": "List of node objects including `id`, `address`, `port` and\n`availability_zone`. Referenceable e.g. as\n`${aws_dax_cluster.test.nodes.0.address}`\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send DAX notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate\nwith this DAX cluster\n" }, "port": { "type": "integer", "description": "The port used by the configuration endpoint\n" }, "replicationFactor": { "type": "integer", "description": "The number of nodes in the DAX cluster. A\nreplication factor of 1 will create a single-node cluster, without any read\nreplicas\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated\nwith the cluster\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dax/ClusterServerSideEncryption:ClusterServerSideEncryption", "description": "Encrypt at rest options\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used for the\ncluster\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" } }, "required": [ "arn", "clusterAddress", "clusterName", "configurationEndpoint", "iamRoleArn", "maintenanceWindow", "nodeType", "nodes", "parameterGroupName", "port", "replicationFactor", "securityGroupIds", "subnetGroupName" ], "inputProperties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of Availability Zones in which the\nnodes will be created\n" }, "clusterName": { "type": "string", "description": "Group identifier. DAX converts this name to\nlowercase\n" }, "description": { "type": "string", "description": "Description for the cluster\n" }, "iamRoleArn": { "type": "string", "description": "A valid Amazon Resource Name (ARN) that identifies\nan IAM role. At runtime, DAX will assume this role and use the role's\npermissions to access DynamoDB on your behalf\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when\nmaintenance on the cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi`\n(24H Clock UTC). The minimum maintenance window is a 60 minute period. Example:\n`sun:05:00-sun:09:00`\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes. See\n[Nodes](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.concepts.cluster.html#DAX.concepts.nodes) for supported node types\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send DAX notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate\nwith this DAX cluster\n" }, "replicationFactor": { "type": "integer", "description": "The number of nodes in the DAX cluster. A\nreplication factor of 1 will create a single-node cluster, without any read\nreplicas\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated\nwith the cluster\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dax/ClusterServerSideEncryption:ClusterServerSideEncryption", "description": "Encrypt at rest options\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used for the\ncluster\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" } }, "requiredInputs": [ "clusterName", "iamRoleArn", "nodeType", "replicationFactor" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DAX cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of Availability Zones in which the\nnodes will be created\n" }, "clusterAddress": { "type": "string", "description": "The DNS name of the DAX cluster without the port appended\n" }, "clusterName": { "type": "string", "description": "Group identifier. DAX converts this name to\nlowercase\n" }, "configurationEndpoint": { "type": "string", "description": "The configuration endpoint for this DAX cluster,\nconsisting of a DNS name and a port number\n" }, "description": { "type": "string", "description": "Description for the cluster\n" }, "iamRoleArn": { "type": "string", "description": "A valid Amazon Resource Name (ARN) that identifies\nan IAM role. At runtime, DAX will assume this role and use the role's\npermissions to access DynamoDB on your behalf\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when\nmaintenance on the cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi`\n(24H Clock UTC). The minimum maintenance window is a 60 minute period. Example:\n`sun:05:00-sun:09:00`\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes. See\n[Nodes](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.concepts.cluster.html#DAX.concepts.nodes) for supported node types\n" }, "nodes": { "type": "array", "items": { "$ref": "#/types/aws:dax/ClusterNode:ClusterNode" }, "description": "List of node objects including `id`, `address`, `port` and\n`availability_zone`. Referenceable e.g. as\n`${aws_dax_cluster.test.nodes.0.address}`\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send DAX notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate\nwith this DAX cluster\n" }, "port": { "type": "integer", "description": "The port used by the configuration endpoint\n" }, "replicationFactor": { "type": "integer", "description": "The number of nodes in the DAX cluster. A\nreplication factor of 1 will create a single-node cluster, without any read\nreplicas\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated\nwith the cluster\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dax/ClusterServerSideEncryption:ClusterServerSideEncryption", "description": "Encrypt at rest options\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used for the\ncluster\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" } }, "type": "object" } }, "aws:dax/parameterGroup:ParameterGroup": { "description": "Provides a DAX Parameter Group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dax.ParameterGroup(\"example\", {\n parameters: [\n {\n name: \"query-ttl-millis\",\n value: \"100000\",\n },\n {\n name: \"record-ttl-millis\",\n value: \"100000\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dax.ParameterGroup(\"example\", parameters=[\n {\n \"name\": \"query-ttl-millis\",\n \"value\": \"100000\",\n },\n {\n \"name\": \"record-ttl-millis\",\n \"value\": \"100000\",\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Dax.ParameterGroup(\"example\", new Aws.Dax.ParameterGroupArgs\n {\n Parameters = \n {\n new Aws.Dax.Inputs.ParameterGroupParameterArgs\n {\n Name = \"query-ttl-millis\",\n Value = \"100000\",\n },\n new Aws.Dax.Inputs.ParameterGroupParameterArgs\n {\n Name = \"record-ttl-millis\",\n Value = \"100000\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dax\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = dax.NewParameterGroup(ctx, \"example\", \u0026dax.ParameterGroupArgs{\n\t\t\tParameters: dax.ParameterGroupParameterArray{\n\t\t\t\t\u0026dax.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"query-ttl-millis\"),\n\t\t\t\t\tValue: pulumi.String(\"100000\"),\n\t\t\t\t},\n\t\t\t\t\u0026dax.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"record-ttl-millis\"),\n\t\t\t\t\tValue: pulumi.String(\"100000\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "A description of the parameter group.\n" }, "name": { "type": "string", "description": "The name of the parameter group.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:dax/ParameterGroupParameter:ParameterGroupParameter" }, "description": "The parameters of the parameter group.\n" } }, "required": [ "name", "parameters" ], "inputProperties": { "description": { "type": "string", "description": "A description of the parameter group.\n" }, "name": { "type": "string", "description": "The name of the parameter group.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:dax/ParameterGroupParameter:ParameterGroupParameter" }, "description": "The parameters of the parameter group.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "description": { "type": "string", "description": "A description of the parameter group.\n" }, "name": { "type": "string", "description": "The name of the parameter group.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:dax/ParameterGroupParameter:ParameterGroupParameter" }, "description": "The parameters of the parameter group.\n" } }, "type": "object" } }, "aws:dax/subnetGroup:SubnetGroup": { "description": "Provides a DAX Subnet Group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dax.SubnetGroup(\"example\", {\n subnetIds: [\n aws_subnet_example1.id,\n aws_subnet_example2.id,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dax.SubnetGroup(\"example\", subnet_ids=[\n aws_subnet[\"example1\"][\"id\"],\n aws_subnet[\"example2\"][\"id\"],\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Dax.SubnetGroup(\"example\", new Aws.Dax.SubnetGroupArgs\n {\n SubnetIds = \n {\n aws_subnet.Example1.Id,\n aws_subnet.Example2.Id,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dax\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = dax.NewSubnetGroup(ctx, \"example\", \u0026dax.SubnetGroupArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_subnet.Example1.Id),\n\t\t\t\tpulumi.String(aws_subnet.Example2.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "A description of the subnet group.\n" }, "name": { "type": "string", "description": "The name of the subnet group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs for the subnet group.\n" }, "vpcId": { "type": "string", "description": "VPC ID of the subnet group.\n" } }, "required": [ "name", "subnetIds", "vpcId" ], "inputProperties": { "description": { "type": "string", "description": "A description of the subnet group.\n" }, "name": { "type": "string", "description": "The name of the subnet group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs for the subnet group.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "description": { "type": "string", "description": "A description of the subnet group.\n" }, "name": { "type": "string", "description": "The name of the subnet group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs for the subnet group.\n" }, "vpcId": { "type": "string", "description": "VPC ID of the subnet group.\n" } }, "type": "object" } }, "aws:devicefarm/project:Project": { "description": "Provides a resource to manage AWS Device Farm Projects. \nPlease keep in mind that this feature is only supported on the \"us-west-2\" region.\nThis resource will error if you try to create a project in another region.\n\nFor more information about Device Farm Projects, see the AWS Documentation on\n[Device Farm Projects][aws-get-project].\n\n## Basic Example Usage\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awesomeDevices = new aws.devicefarm.Project(\"awesome_devices\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nawesome_devices = aws.devicefarm.Project(\"awesomeDevices\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var awesomeDevices = new Aws.DeviceFarm.Project(\"awesomeDevices\", new Aws.DeviceFarm.ProjectArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/devicefarm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = devicefarm.NewProject(ctx, \"awesomeDevices\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this project\n" }, "name": { "type": "string", "description": "The name of the project\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the project\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Project resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this project\n" }, "name": { "type": "string", "description": "The name of the project\n" } }, "type": "object" } }, "aws:directconnect/bgpPeer:BgpPeer": { "description": "Provides a Direct Connect BGP peer resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst peer = new aws.directconnect.BgpPeer(\"peer\", {\n addressFamily: \"ipv6\",\n bgpAsn: 65351,\n virtualInterfaceId: aws_dx_private_virtual_interface_foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npeer = aws.directconnect.BgpPeer(\"peer\",\n address_family=\"ipv6\",\n bgp_asn=65351,\n virtual_interface_id=aws_dx_private_virtual_interface[\"foo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var peer = new Aws.DirectConnect.BgpPeer(\"peer\", new Aws.DirectConnect.BgpPeerArgs\n {\n AddressFamily = \"ipv6\",\n BgpAsn = 65351,\n VirtualInterfaceId = aws_dx_private_virtual_interface.Foo.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directconnect.NewBgpPeer(ctx, \"peer\", \u0026directconnect.BgpPeerArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv6\"),\n\t\t\tBgpAsn: pulumi.Int(65351),\n\t\t\tVirtualInterfaceId: pulumi.String(aws_dx_private_virtual_interface.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon.\nRequired for IPv4 BGP peers on public virtual interfaces.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the BGP peer terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "bgpPeerId": { "type": "string", "description": "The ID of the BGP peer.\n" }, "bgpStatus": { "type": "string", "description": "The Up/Down state of the BGP peer.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic.\nRequired for IPv4 BGP peers on public virtual interfaces.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface on which to create the BGP peer.\n" } }, "required": [ "addressFamily", "amazonAddress", "awsDevice", "bgpAsn", "bgpAuthKey", "bgpPeerId", "bgpStatus", "customerAddress", "virtualInterfaceId" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon.\nRequired for IPv4 BGP peers on public virtual interfaces.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic.\nRequired for IPv4 BGP peers on public virtual interfaces.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface on which to create the BGP peer.\n" } }, "requiredInputs": [ "addressFamily", "bgpAsn", "virtualInterfaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering BgpPeer resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon.\nRequired for IPv4 BGP peers on public virtual interfaces.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the BGP peer terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "bgpPeerId": { "type": "string", "description": "The ID of the BGP peer.\n" }, "bgpStatus": { "type": "string", "description": "The Up/Down state of the BGP peer.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic.\nRequired for IPv4 BGP peers on public virtual interfaces.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface on which to create the BGP peer.\n" } }, "type": "object" } }, "aws:directconnect/connection:Connection": { "description": "Provides a Connection of Direct Connect.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst hoge = new aws.directconnect.Connection(\"hoge\", {\n bandwidth: \"1Gbps\",\n location: \"EqDC2\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nhoge = aws.directconnect.Connection(\"hoge\",\n bandwidth=\"1Gbps\",\n location=\"EqDC2\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var hoge = new Aws.DirectConnect.Connection(\"hoge\", new Aws.DirectConnect.ConnectionArgs\n {\n Bandwidth = \"1Gbps\",\n Location = \"EqDC2\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directconnect.NewConnection(ctx, \"hoge\", \u0026directconnect.ConnectionArgs{\n\t\t\tBandwidth: pulumi.String(\"1Gbps\"),\n\t\t\tLocation: pulumi.String(\"EqDC2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the connection.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the physical connection terminates.\n" }, "bandwidth": { "type": "string", "description": "The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps and 10Gbps. Case sensitive.\n" }, "hasLogicalRedundancy": { "type": "string", "description": "Indicates whether the connection supports a secondary BGP peer in the same address family (IPv4/IPv6).\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Boolean value representing if jumbo frames have been enabled for this connection.\n" }, "location": { "type": "string", "description": "The AWS Direct Connect location where the connection is located. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "awsDevice", "bandwidth", "hasLogicalRedundancy", "jumboFrameCapable", "location", "name" ], "inputProperties": { "bandwidth": { "type": "string", "description": "The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps and 10Gbps. Case sensitive.\n" }, "location": { "type": "string", "description": "The AWS Direct Connect location where the connection is located. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "bandwidth", "location" ], "stateInputs": { "description": "Input properties used for looking up and filtering Connection resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the connection.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the physical connection terminates.\n" }, "bandwidth": { "type": "string", "description": "The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps and 10Gbps. Case sensitive.\n" }, "hasLogicalRedundancy": { "type": "string", "description": "Indicates whether the connection supports a secondary BGP peer in the same address family (IPv4/IPv6).\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Boolean value representing if jumbo frames have been enabled for this connection.\n" }, "location": { "type": "string", "description": "The AWS Direct Connect location where the connection is located. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:directconnect/connectionAssociation:ConnectionAssociation": { "description": "Associates a Direct Connect Connection with a LAG.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleConnection = new aws.directconnect.Connection(\"example\", {\n bandwidth: \"1Gbps\",\n location: \"EqSe2\",\n});\nconst exampleLinkAggregationGroup = new aws.directconnect.LinkAggregationGroup(\"example\", {\n connectionsBandwidth: \"1Gbps\",\n location: \"EqSe2\",\n});\nconst exampleConnectionAssociation = new aws.directconnect.ConnectionAssociation(\"example\", {\n connectionId: exampleConnection.id,\n lagId: exampleLinkAggregationGroup.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_connection = aws.directconnect.Connection(\"exampleConnection\",\n bandwidth=\"1Gbps\",\n location=\"EqSe2\")\nexample_link_aggregation_group = aws.directconnect.LinkAggregationGroup(\"exampleLinkAggregationGroup\",\n connections_bandwidth=\"1Gbps\",\n location=\"EqSe2\")\nexample_connection_association = aws.directconnect.ConnectionAssociation(\"exampleConnectionAssociation\",\n connection_id=example_connection.id,\n lag_id=example_link_aggregation_group.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleConnection = new Aws.DirectConnect.Connection(\"exampleConnection\", new Aws.DirectConnect.ConnectionArgs\n {\n Bandwidth = \"1Gbps\",\n Location = \"EqSe2\",\n });\n var exampleLinkAggregationGroup = new Aws.DirectConnect.LinkAggregationGroup(\"exampleLinkAggregationGroup\", new Aws.DirectConnect.LinkAggregationGroupArgs\n {\n ConnectionsBandwidth = \"1Gbps\",\n Location = \"EqSe2\",\n });\n var exampleConnectionAssociation = new Aws.DirectConnect.ConnectionAssociation(\"exampleConnectionAssociation\", new Aws.DirectConnect.ConnectionAssociationArgs\n {\n ConnectionId = exampleConnection.Id,\n LagId = exampleLinkAggregationGroup.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleConnection, err := directconnect.NewConnection(ctx, \"exampleConnection\", \u0026directconnect.ConnectionArgs{\n\t\t\tBandwidth: pulumi.String(\"1Gbps\"),\n\t\t\tLocation: pulumi.String(\"EqSe2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLinkAggregationGroup, err := directconnect.NewLinkAggregationGroup(ctx, \"exampleLinkAggregationGroup\", \u0026directconnect.LinkAggregationGroupArgs{\n\t\t\tConnectionsBandwidth: pulumi.String(\"1Gbps\"),\n\t\t\tLocation: pulumi.String(\"EqSe2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewConnectionAssociation(ctx, \"exampleConnectionAssociation\", \u0026directconnect.ConnectionAssociationArgs{\n\t\t\tConnectionId: exampleConnection.ID(),\n\t\t\tLagId: exampleLinkAggregationGroup.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "connectionId": { "type": "string", "description": "The ID of the connection.\n" }, "lagId": { "type": "string", "description": "The ID of the LAG with which to associate the connection.\n" } }, "required": [ "connectionId", "lagId" ], "inputProperties": { "connectionId": { "type": "string", "description": "The ID of the connection.\n" }, "lagId": { "type": "string", "description": "The ID of the LAG with which to associate the connection.\n" } }, "requiredInputs": [ "connectionId", "lagId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConnectionAssociation resources.\n", "properties": { "connectionId": { "type": "string", "description": "The ID of the connection.\n" }, "lagId": { "type": "string", "description": "The ID of the LAG with which to associate the connection.\n" } }, "type": "object" } }, "aws:directconnect/gateway:Gateway": { "description": "Provides a Direct Connect Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.Gateway(\"example\", {\n amazonSideAsn: \"64512\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.Gateway(\"example\", amazon_side_asn=\"64512\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DirectConnect.Gateway(\"example\", new Aws.DirectConnect.GatewayArgs\n {\n AmazonSideAsn = \"64512\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directconnect.NewGateway(ctx, \"example\", \u0026directconnect.GatewayArgs{\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "amazonSideAsn": { "type": "string", "description": "The ASN to be configured on the Amazon side of the connection. The ASN must be in the private range of 64,512 to 65,534 or 4,200,000,000 to 4,294,967,294.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "ownerAccountId": { "type": "string", "description": "AWS Account ID of the gateway.\n" } }, "required": [ "amazonSideAsn", "name", "ownerAccountId" ], "inputProperties": { "amazonSideAsn": { "type": "string", "description": "The ASN to be configured on the Amazon side of the connection. The ASN must be in the private range of 64,512 to 65,534 or 4,200,000,000 to 4,294,967,294.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" } }, "requiredInputs": [ "amazonSideAsn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Gateway resources.\n", "properties": { "amazonSideAsn": { "type": "string", "description": "The ASN to be configured on the Amazon side of the connection. The ASN must be in the private range of 64,512 to 65,534 or 4,200,000,000 to 4,294,967,294.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "ownerAccountId": { "type": "string", "description": "AWS Account ID of the gateway.\n" } }, "type": "object" } }, "aws:directconnect/gatewayAssociation:GatewayAssociation": { "description": "Associates a Direct Connect Gateway with a VGW or transit gateway.\n\nTo create a cross-account association, create an `aws.directconnect.GatewayAssociationProposal` resource\nin the AWS account that owns the VGW or transit gateway and then accept the proposal in the AWS account that owns the Direct Connect Gateway\nby creating an `aws.directconnect.GatewayAssociation` resource with the `proposal_id` and `associated_gateway_owner_account_id` attributes set.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### VPN Gateway Association\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGateway = new aws.directconnect.Gateway(\"example\", {\n amazonSideAsn: \"64512\",\n});\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.255.255.0/28\",\n});\nconst exampleVpnGateway = new aws.ec2.VpnGateway(\"example\", {\n vpcId: exampleVpc.id,\n});\nconst exampleGatewayAssociation = new aws.directconnect.GatewayAssociation(\"example\", {\n associatedGatewayId: exampleVpnGateway.id,\n dxGatewayId: exampleGateway.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_gateway = aws.directconnect.Gateway(\"exampleGateway\", amazon_side_asn=\"64512\")\nexample_vpc = aws.ec2.Vpc(\"exampleVpc\", cidr_block=\"10.255.255.0/28\")\nexample_vpn_gateway = aws.ec2.VpnGateway(\"exampleVpnGateway\", vpc_id=example_vpc.id)\nexample_gateway_association = aws.directconnect.GatewayAssociation(\"exampleGatewayAssociation\",\n associated_gateway_id=example_vpn_gateway.id,\n dx_gateway_id=example_gateway.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleGateway = new Aws.DirectConnect.Gateway(\"exampleGateway\", new Aws.DirectConnect.GatewayArgs\n {\n AmazonSideAsn = \"64512\",\n });\n var exampleVpc = new Aws.Ec2.Vpc(\"exampleVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.255.255.0/28\",\n });\n var exampleVpnGateway = new Aws.Ec2.VpnGateway(\"exampleVpnGateway\", new Aws.Ec2.VpnGatewayArgs\n {\n VpcId = exampleVpc.Id,\n });\n var exampleGatewayAssociation = new Aws.DirectConnect.GatewayAssociation(\"exampleGatewayAssociation\", new Aws.DirectConnect.GatewayAssociationArgs\n {\n AssociatedGatewayId = exampleVpnGateway.Id,\n DxGatewayId = exampleGateway.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleGateway, err := directconnect.NewGateway(ctx, \"exampleGateway\", \u0026directconnect.GatewayArgs{\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"exampleVpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.255.255.0/28\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpnGateway, err := ec2.NewVpnGateway(ctx, \"exampleVpnGateway\", \u0026ec2.VpnGatewayArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewGatewayAssociation(ctx, \"exampleGatewayAssociation\", \u0026directconnect.GatewayAssociationArgs{\n\t\t\tAssociatedGatewayId: exampleVpnGateway.ID(),\n\t\t\tDxGatewayId: exampleGateway.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Transit Gateway Association\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGateway = new aws.directconnect.Gateway(\"example\", {\n amazonSideAsn: \"64512\",\n});\nconst exampleTransitGateway = new aws.ec2transitgateway.TransitGateway(\"example\", {});\nconst exampleGatewayAssociation = new aws.directconnect.GatewayAssociation(\"example\", {\n allowedPrefixes: [\n \"10.255.255.0/30\",\n \"10.255.255.8/30\",\n ],\n associatedGatewayId: exampleTransitGateway.id,\n dxGatewayId: exampleGateway.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_gateway = aws.directconnect.Gateway(\"exampleGateway\", amazon_side_asn=\"64512\")\nexample_transit_gateway = aws.ec2transitgateway.TransitGateway(\"exampleTransitGateway\")\nexample_gateway_association = aws.directconnect.GatewayAssociation(\"exampleGatewayAssociation\",\n allowed_prefixes=[\n \"10.255.255.0/30\",\n \"10.255.255.8/30\",\n ],\n associated_gateway_id=example_transit_gateway.id,\n dx_gateway_id=example_gateway.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleGateway = new Aws.DirectConnect.Gateway(\"exampleGateway\", new Aws.DirectConnect.GatewayArgs\n {\n AmazonSideAsn = \"64512\",\n });\n var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"exampleTransitGateway\", new Aws.Ec2TransitGateway.TransitGatewayArgs\n {\n });\n var exampleGatewayAssociation = new Aws.DirectConnect.GatewayAssociation(\"exampleGatewayAssociation\", new Aws.DirectConnect.GatewayAssociationArgs\n {\n AllowedPrefixes = \n {\n \"10.255.255.0/30\",\n \"10.255.255.8/30\",\n },\n AssociatedGatewayId = exampleTransitGateway.Id,\n DxGatewayId = exampleGateway.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleGateway, err := directconnect.NewGateway(ctx, \"exampleGateway\", \u0026directconnect.GatewayArgs{\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"exampleTransitGateway\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewGatewayAssociation(ctx, \"exampleGatewayAssociation\", \u0026directconnect.GatewayAssociationArgs{\n\t\t\tAllowedPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.255.255.0/30\"),\n\t\t\t\tpulumi.String(\"10.255.255.8/30\"),\n\t\t\t},\n\t\t\tAssociatedGatewayId: exampleTransitGateway.ID(),\n\t\t\tDxGatewayId: exampleGateway.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Allowed Prefixes\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGateway = new aws.directconnect.Gateway(\"example\", {\n amazonSideAsn: \"64512\",\n});\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.255.255.0/28\",\n});\nconst exampleVpnGateway = new aws.ec2.VpnGateway(\"example\", {\n vpcId: exampleVpc.id,\n});\nconst exampleGatewayAssociation = new aws.directconnect.GatewayAssociation(\"example\", {\n allowedPrefixes: [\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n associatedGatewayId: exampleVpnGateway.id,\n dxGatewayId: exampleGateway.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_gateway = aws.directconnect.Gateway(\"exampleGateway\", amazon_side_asn=\"64512\")\nexample_vpc = aws.ec2.Vpc(\"exampleVpc\", cidr_block=\"10.255.255.0/28\")\nexample_vpn_gateway = aws.ec2.VpnGateway(\"exampleVpnGateway\", vpc_id=example_vpc.id)\nexample_gateway_association = aws.directconnect.GatewayAssociation(\"exampleGatewayAssociation\",\n allowed_prefixes=[\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n associated_gateway_id=example_vpn_gateway.id,\n dx_gateway_id=example_gateway.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleGateway = new Aws.DirectConnect.Gateway(\"exampleGateway\", new Aws.DirectConnect.GatewayArgs\n {\n AmazonSideAsn = \"64512\",\n });\n var exampleVpc = new Aws.Ec2.Vpc(\"exampleVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.255.255.0/28\",\n });\n var exampleVpnGateway = new Aws.Ec2.VpnGateway(\"exampleVpnGateway\", new Aws.Ec2.VpnGatewayArgs\n {\n VpcId = exampleVpc.Id,\n });\n var exampleGatewayAssociation = new Aws.DirectConnect.GatewayAssociation(\"exampleGatewayAssociation\", new Aws.DirectConnect.GatewayAssociationArgs\n {\n AllowedPrefixes = \n {\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n },\n AssociatedGatewayId = exampleVpnGateway.Id,\n DxGatewayId = exampleGateway.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleGateway, err := directconnect.NewGateway(ctx, \"exampleGateway\", \u0026directconnect.GatewayArgs{\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"exampleVpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.255.255.0/28\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpnGateway, err := ec2.NewVpnGateway(ctx, \"exampleVpnGateway\", \u0026ec2.VpnGatewayArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewGatewayAssociation(ctx, \"exampleGatewayAssociation\", \u0026directconnect.GatewayAssociationArgs{\n\t\t\tAllowedPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"210.52.109.0/24\"),\n\t\t\t\tpulumi.String(\"175.45.176.0/22\"),\n\t\t\t},\n\t\t\tAssociatedGatewayId: exampleVpnGateway.ID(),\n\t\t\tDxGatewayId: exampleGateway.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nA full example of how to create a VPN Gateway in one AWS account, create a Direct Connect Gateway in a second AWS account, and associate the VPN Gateway with the Direct Connect Gateway via the `aws.directconnect.GatewayAssociationProposal` and `aws.directconnect.GatewayAssociation` resources can be found in [the `./examples/dx-gateway-cross-account-vgw-association` directory within the Github Repository](https://github.com/providers/provider-aws/tree/master/examples/dx-gateway-cross-account-vgw-association).\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for single account Direct Connect gateway associations.\n" }, "associatedGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for cross-account Direct Connect gateway associations.\n" }, "associatedGatewayType": { "type": "string", "description": "The type of the associated gateway, `transitGateway` or `virtualPrivateGateway`.\n" }, "dxGatewayAssociationId": { "type": "string", "description": "The ID of the Direct Connect gateway association.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway.\n" }, "dxGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the Direct Connect gateway.\n" }, "proposalId": { "type": "string", "description": "The ID of the Direct Connect gateway association proposal.\nUsed for cross-account Direct Connect gateway associations.\n" }, "vpnGatewayId": { "type": "string", "description": "*Deprecated:* Use `associated_gateway_id` instead. The ID of the VGW with which to associate the gateway.\nUsed for single account Direct Connect gateway associations.\n", "deprecationMessage": "use 'associated_gateway_id' argument instead" } }, "required": [ "allowedPrefixes", "associatedGatewayId", "associatedGatewayOwnerAccountId", "associatedGatewayType", "dxGatewayAssociationId", "dxGatewayId", "dxGatewayOwnerAccountId" ], "inputProperties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for single account Direct Connect gateway associations.\n" }, "associatedGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for cross-account Direct Connect gateway associations.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway.\n" }, "proposalId": { "type": "string", "description": "The ID of the Direct Connect gateway association proposal.\nUsed for cross-account Direct Connect gateway associations.\n" }, "vpnGatewayId": { "type": "string", "description": "*Deprecated:* Use `associated_gateway_id` instead. The ID of the VGW with which to associate the gateway.\nUsed for single account Direct Connect gateway associations.\n", "deprecationMessage": "use 'associated_gateway_id' argument instead" } }, "requiredInputs": [ "dxGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering GatewayAssociation resources.\n", "properties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for single account Direct Connect gateway associations.\n" }, "associatedGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for cross-account Direct Connect gateway associations.\n" }, "associatedGatewayType": { "type": "string", "description": "The type of the associated gateway, `transitGateway` or `virtualPrivateGateway`.\n" }, "dxGatewayAssociationId": { "type": "string", "description": "The ID of the Direct Connect gateway association.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway.\n" }, "dxGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the Direct Connect gateway.\n" }, "proposalId": { "type": "string", "description": "The ID of the Direct Connect gateway association proposal.\nUsed for cross-account Direct Connect gateway associations.\n" }, "vpnGatewayId": { "type": "string", "description": "*Deprecated:* Use `associated_gateway_id` instead. The ID of the VGW with which to associate the gateway.\nUsed for single account Direct Connect gateway associations.\n", "deprecationMessage": "use 'associated_gateway_id' argument instead" } }, "type": "object" } }, "aws:directconnect/gatewayAssociationProposal:GatewayAssociationProposal": { "description": "Manages a Direct Connect Gateway Association Proposal, typically for enabling cross-account associations. For single account associations, see the `aws.directconnect.GatewayAssociation` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.GatewayAssociationProposal(\"example\", {\n associatedGatewayId: aws_vpn_gateway_example.id,\n dxGatewayId: aws_dx_gateway_example.id,\n dxGatewayOwnerAccountId: aws_dx_gateway_example.ownerAccountId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.GatewayAssociationProposal(\"example\",\n associated_gateway_id=aws_vpn_gateway[\"example\"][\"id\"],\n dx_gateway_id=aws_dx_gateway[\"example\"][\"id\"],\n dx_gateway_owner_account_id=aws_dx_gateway[\"example\"][\"owner_account_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DirectConnect.GatewayAssociationProposal(\"example\", new Aws.DirectConnect.GatewayAssociationProposalArgs\n {\n AssociatedGatewayId = aws_vpn_gateway.Example.Id,\n DxGatewayId = aws_dx_gateway.Example.Id,\n DxGatewayOwnerAccountId = aws_dx_gateway.Example.Owner_account_id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directconnect.NewGatewayAssociationProposal(ctx, \"example\", \u0026directconnect.GatewayAssociationProposalArgs{\n\t\t\tAssociatedGatewayId: pulumi.String(aws_vpn_gateway.Example.Id),\n\t\t\tDxGatewayId: pulumi.String(aws_dx_gateway.Example.Id),\n\t\t\tDxGatewayOwnerAccountId: pulumi.String(aws_dx_gateway.Example.Owner_account_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nA full example of how to create a VPN Gateway in one AWS account, create a Direct Connect Gateway in a second AWS account, and associate the VPN Gateway with the Direct Connect Gateway via the `aws.directconnect.GatewayAssociationProposal` and `aws.directconnect.GatewayAssociation` resources can be found in [the `./examples/dx-gateway-cross-account-vgw-association` directory within the Github Repository](https://github.com/providers/provider-aws/tree/master/examples/dx-gateway-cross-account-vgw-association).\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\n" }, "associatedGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the VGW or transit gateway with which to associate the Direct Connect gateway.\n" }, "associatedGatewayType": { "type": "string", "description": "The type of the associated gateway, `transitGateway` or `virtualPrivateGateway`.\n" }, "dxGatewayId": { "type": "string", "description": "Direct Connect Gateway identifier.\n" }, "dxGatewayOwnerAccountId": { "type": "string", "description": "AWS Account identifier of the Direct Connect Gateway's owner.\n" }, "vpnGatewayId": { "type": "string", "description": "*Deprecated:* Use `associated_gateway_id` instead. Virtual Gateway identifier to associate with the Direct Connect Gateway.\n", "deprecationMessage": "use 'associated_gateway_id' argument instead" } }, "required": [ "allowedPrefixes", "associatedGatewayOwnerAccountId", "associatedGatewayType", "dxGatewayId", "dxGatewayOwnerAccountId" ], "inputProperties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\n" }, "dxGatewayId": { "type": "string", "description": "Direct Connect Gateway identifier.\n" }, "dxGatewayOwnerAccountId": { "type": "string", "description": "AWS Account identifier of the Direct Connect Gateway's owner.\n" }, "vpnGatewayId": { "type": "string", "description": "*Deprecated:* Use `associated_gateway_id` instead. Virtual Gateway identifier to associate with the Direct Connect Gateway.\n", "deprecationMessage": "use 'associated_gateway_id' argument instead" } }, "requiredInputs": [ "dxGatewayId", "dxGatewayOwnerAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering GatewayAssociationProposal resources.\n", "properties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\n" }, "associatedGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the VGW or transit gateway with which to associate the Direct Connect gateway.\n" }, "associatedGatewayType": { "type": "string", "description": "The type of the associated gateway, `transitGateway` or `virtualPrivateGateway`.\n" }, "dxGatewayId": { "type": "string", "description": "Direct Connect Gateway identifier.\n" }, "dxGatewayOwnerAccountId": { "type": "string", "description": "AWS Account identifier of the Direct Connect Gateway's owner.\n" }, "vpnGatewayId": { "type": "string", "description": "*Deprecated:* Use `associated_gateway_id` instead. Virtual Gateway identifier to associate with the Direct Connect Gateway.\n", "deprecationMessage": "use 'associated_gateway_id' argument instead" } }, "type": "object" } }, "aws:directconnect/hostedPrivateVirtualInterface:HostedPrivateVirtualInterface": { "description": "Provides a Direct Connect hosted private virtual interface resource. This resource represents the allocator's side of the hosted virtual interface.\nA hosted virtual interface is a virtual interface that is owned by another AWS account.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.directconnect.HostedPrivateVirtualInterface(\"foo\", {\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n connectionId: \"dxcon-zzzzzzzz\",\n vlan: 4094,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.directconnect.HostedPrivateVirtualInterface(\"foo\",\n address_family=\"ipv4\",\n bgp_asn=65352,\n connection_id=\"dxcon-zzzzzzzz\",\n vlan=4094)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.DirectConnect.HostedPrivateVirtualInterface(\"foo\", new Aws.DirectConnect.HostedPrivateVirtualInterfaceArgs\n {\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n ConnectionId = \"dxcon-zzzzzzzz\",\n Vlan = 4094,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directconnect.NewHostedPrivateVirtualInterface(ctx, \"foo\", \u0026directconnect.HostedPrivateVirtualInterfaceArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "jumboFrameCapable", "name", "ownerAccountId", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "ownerAccountId", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedPrivateVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "type": "object" } }, "aws:directconnect/hostedPrivateVirtualInterfaceAccepter:HostedPrivateVirtualInterfaceAccepter": { "description": "Provides a resource to manage the accepter's side of a Direct Connect hosted private virtual interface.\nThis resource accepts ownership of a private virtual interface created by another AWS account.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst accepter = new aws.Provider(\"accepter\", {});\nconst accepterCallerIdentity = pulumi.output(aws.getCallerIdentity({ provider: accepter, async: true }));\n// Accepter's side of the VIF.\nconst vpnGw = new aws.ec2.VpnGateway(\"vpn_gw\", {}, { provider: accepter });\n// Creator's side of the VIF\nconst creator = new aws.directconnect.HostedPrivateVirtualInterface(\"creator\", {\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n connectionId: \"dxcon-zzzzzzzz\",\n ownerAccountId: accepterCallerIdentity.accountId,\n vlan: 4094,\n}, { dependsOn: [vpnGw] });\nconst accepterHostedPrivateVirtualInterfaceAccepter = new aws.directconnect.HostedPrivateVirtualInterfaceAccepter(\"accepter\", {\n tags: {\n Side: \"Accepter\",\n },\n virtualInterfaceId: creator.id,\n vpnGatewayId: vpnGw.id,\n}, { provider: accepter });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\naccepter = pulumi.providers.Aws(\"accepter\")\naccepter_caller_identity = aws.get_caller_identity()\n# Creator's side of the VIF\ncreator = aws.directconnect.HostedPrivateVirtualInterface(\"creator\",\n address_family=\"ipv4\",\n bgp_asn=65352,\n connection_id=\"dxcon-zzzzzzzz\",\n owner_account_id=accepter_caller_identity.account_id,\n vlan=4094)\n# Accepter's side of the VIF.\nvpn_gw = aws.ec2.VpnGateway(\"vpnGw\")\naccepter_hosted_private_virtual_interface_accepter = aws.directconnect.HostedPrivateVirtualInterfaceAccepter(\"accepterHostedPrivateVirtualInterfaceAccepter\",\n tags={\n \"Side\": \"Accepter\",\n },\n virtual_interface_id=creator.id,\n vpn_gateway_id=vpn_gw.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var accepter = new Aws.Provider(\"accepter\", new Aws.ProviderArgs\n {\n });\n var accepterCallerIdentity = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n // Creator's side of the VIF\n var creator = new Aws.DirectConnect.HostedPrivateVirtualInterface(\"creator\", new Aws.DirectConnect.HostedPrivateVirtualInterfaceArgs\n {\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n ConnectionId = \"dxcon-zzzzzzzz\",\n OwnerAccountId = accepterCallerIdentity.Apply(accepterCallerIdentity =\u003e accepterCallerIdentity.AccountId),\n Vlan = 4094,\n });\n // Accepter's side of the VIF.\n var vpnGw = new Aws.Ec2.VpnGateway(\"vpnGw\", new Aws.Ec2.VpnGatewayArgs\n {\n });\n var accepterHostedPrivateVirtualInterfaceAccepter = new Aws.DirectConnect.HostedPrivateVirtualInterfaceAccepter(\"accepterHostedPrivateVirtualInterfaceAccepter\", new Aws.DirectConnect.HostedPrivateVirtualInterfaceAccepterArgs\n {\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n VirtualInterfaceId = creator.Id,\n VpnGatewayId = vpnGw.Id,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n" } }, "required": [ "arn", "virtualInterfaceId" ], "inputProperties": { "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n" } }, "requiredInputs": [ "virtualInterfaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedPrivateVirtualInterfaceAccepter resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n" } }, "type": "object" } }, "aws:directconnect/hostedPublicVirtualInterface:HostedPublicVirtualInterface": { "description": "Provides a Direct Connect hosted public virtual interface resource. This resource represents the allocator's side of the hosted virtual interface.\nA hosted virtual interface is a virtual interface that is owned by another AWS account.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.directconnect.HostedPublicVirtualInterface(\"foo\", {\n addressFamily: \"ipv4\",\n amazonAddress: \"175.45.176.2/30\",\n bgpAsn: 65352,\n connectionId: \"dxcon-zzzzzzzz\",\n customerAddress: \"175.45.176.1/30\",\n routeFilterPrefixes: [\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n vlan: 4094,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.directconnect.HostedPublicVirtualInterface(\"foo\",\n address_family=\"ipv4\",\n amazon_address=\"175.45.176.2/30\",\n bgp_asn=65352,\n connection_id=\"dxcon-zzzzzzzz\",\n customer_address=\"175.45.176.1/30\",\n route_filter_prefixes=[\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n vlan=4094)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.DirectConnect.HostedPublicVirtualInterface(\"foo\", new Aws.DirectConnect.HostedPublicVirtualInterfaceArgs\n {\n AddressFamily = \"ipv4\",\n AmazonAddress = \"175.45.176.2/30\",\n BgpAsn = 65352,\n ConnectionId = \"dxcon-zzzzzzzz\",\n CustomerAddress = \"175.45.176.1/30\",\n RouteFilterPrefixes = \n {\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n },\n Vlan = 4094,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directconnect.NewHostedPublicVirtualInterface(ctx, \"foo\", \u0026directconnect.HostedPublicVirtualInterfaceArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tAmazonAddress: pulumi.String(\"175.45.176.2/30\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tCustomerAddress: pulumi.String(\"175.45.176.1/30\"),\n\t\t\tRouteFilterPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"210.52.109.0/24\"),\n\t\t\t\tpulumi.String(\"175.45.176.0/22\"),\n\t\t\t},\n\t\t\tVlan: pulumi.Int(4094),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "name", "ownerAccountId", "routeFilterPrefixes", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "ownerAccountId", "routeFilterPrefixes", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedPublicVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "type": "object" } }, "aws:directconnect/hostedPublicVirtualInterfaceAccepter:HostedPublicVirtualInterfaceAccepter": { "description": "Provides a resource to manage the accepter's side of a Direct Connect hosted public virtual interface.\nThis resource accepts ownership of a public virtual interface created by another AWS account.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst accepter = new aws.Provider(\"accepter\", {});\nconst accepterCallerIdentity = pulumi.output(aws.getCallerIdentity({ provider: accepter, async: true }));\n// Creator's side of the VIF\nconst creator = new aws.directconnect.HostedPublicVirtualInterface(\"creator\", {\n addressFamily: \"ipv4\",\n amazonAddress: \"175.45.176.2/30\",\n bgpAsn: 65352,\n connectionId: \"dxcon-zzzzzzzz\",\n customerAddress: \"175.45.176.1/30\",\n ownerAccountId: accepterCallerIdentity.accountId,\n routeFilterPrefixes: [\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n vlan: 4094,\n});\n// Accepter's side of the VIF.\nconst accepterHostedPublicVirtualInterfaceAccepter = new aws.directconnect.HostedPublicVirtualInterfaceAccepter(\"accepter\", {\n tags: {\n Side: \"Accepter\",\n },\n virtualInterfaceId: creator.id,\n}, { provider: accepter });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\naccepter = pulumi.providers.Aws(\"accepter\")\naccepter_caller_identity = aws.get_caller_identity()\n# Creator's side of the VIF\ncreator = aws.directconnect.HostedPublicVirtualInterface(\"creator\",\n address_family=\"ipv4\",\n amazon_address=\"175.45.176.2/30\",\n bgp_asn=65352,\n connection_id=\"dxcon-zzzzzzzz\",\n customer_address=\"175.45.176.1/30\",\n owner_account_id=accepter_caller_identity.account_id,\n route_filter_prefixes=[\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n vlan=4094)\n# Accepter's side of the VIF.\naccepter_hosted_public_virtual_interface_accepter = aws.directconnect.HostedPublicVirtualInterfaceAccepter(\"accepterHostedPublicVirtualInterfaceAccepter\",\n tags={\n \"Side\": \"Accepter\",\n },\n virtual_interface_id=creator.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var accepter = new Aws.Provider(\"accepter\", new Aws.ProviderArgs\n {\n });\n var accepterCallerIdentity = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n // Creator's side of the VIF\n var creator = new Aws.DirectConnect.HostedPublicVirtualInterface(\"creator\", new Aws.DirectConnect.HostedPublicVirtualInterfaceArgs\n {\n AddressFamily = \"ipv4\",\n AmazonAddress = \"175.45.176.2/30\",\n BgpAsn = 65352,\n ConnectionId = \"dxcon-zzzzzzzz\",\n CustomerAddress = \"175.45.176.1/30\",\n OwnerAccountId = accepterCallerIdentity.Apply(accepterCallerIdentity =\u003e accepterCallerIdentity.AccountId),\n RouteFilterPrefixes = \n {\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n },\n Vlan = 4094,\n });\n // Accepter's side of the VIF.\n var accepterHostedPublicVirtualInterfaceAccepter = new Aws.DirectConnect.HostedPublicVirtualInterfaceAccepter(\"accepterHostedPublicVirtualInterfaceAccepter\", new Aws.DirectConnect.HostedPublicVirtualInterfaceAccepterArgs\n {\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n VirtualInterfaceId = creator.Id,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" } }, "required": [ "arn", "virtualInterfaceId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" } }, "requiredInputs": [ "virtualInterfaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedPublicVirtualInterfaceAccepter resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" } }, "type": "object" } }, "aws:directconnect/hostedTransitVirtualInterface:HostedTransitVirtualInterface": { "description": "Provides a Direct Connect hosted transit virtual interface resource.\nThis resource represents the allocator's side of the hosted virtual interface.\nA hosted virtual interface is a virtual interface that is owned by another AWS account.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.HostedTransitVirtualInterface(\"example\", {\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n connectionId: aws_dx_connection_example.id,\n vlan: 4094,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.HostedTransitVirtualInterface(\"example\",\n address_family=\"ipv4\",\n bgp_asn=65352,\n connection_id=aws_dx_connection[\"example\"][\"id\"],\n vlan=4094)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DirectConnect.HostedTransitVirtualInterface(\"example\", new Aws.DirectConnect.HostedTransitVirtualInterfaceArgs\n {\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n ConnectionId = aws_dx_connection.Example.Id,\n Vlan = 4094,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directconnect.NewHostedTransitVirtualInterface(ctx, \"example\", \u0026directconnect.HostedTransitVirtualInterfaceArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t\tConnectionId: pulumi.String(aws_dx_connection.Example.Id),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (8500 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "jumboFrameCapable", "name", "ownerAccountId", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "ownerAccountId", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedTransitVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (8500 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "type": "object" } }, "aws:directconnect/hostedTransitVirtualInterfaceAcceptor:HostedTransitVirtualInterfaceAcceptor": { "description": "Provides a resource to manage the accepter's side of a Direct Connect hosted transit virtual interface.\nThis resource accepts ownership of a transit virtual interface created by another AWS account.\n\n\u003e **NOTE:** AWS allows a Direct Connect hosted transit virtual interface to be deleted from either the allocator's or accepter's side. However, this provider only allows the Direct Connect hosted transit virtual interface to be deleted from the allocator's side by removing the corresponding `aws.directconnect.HostedTransitVirtualInterface` resource from your configuration. Removing a `aws.directconnect.HostedTransitVirtualInterfaceAcceptor` resource from your configuration will remove it from your statefile and management, **but will not delete the Direct Connect virtual interface.**\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst accepter = new aws.Provider(\"accepter\", {});\nconst accepterCallerIdentity = pulumi.output(aws.getCallerIdentity({ provider: accepter, async: true }));\n// Accepter's side of the VIF.\nconst example = new aws.directconnect.Gateway(\"example\", {\n amazonSideAsn: \"64512\",\n}, { provider: accepter });\n// Creator's side of the VIF\nconst creator = new aws.directconnect.HostedTransitVirtualInterface(\"creator\", {\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n connectionId: \"dxcon-zzzzzzzz\",\n ownerAccountId: accepterCallerIdentity.accountId,\n vlan: 4094,\n}, { dependsOn: [example] });\nconst accepterHostedTransitVirtualInterfaceAcceptor = new aws.directconnect.HostedTransitVirtualInterfaceAcceptor(\"accepter\", {\n dxGatewayId: example.id,\n tags: {\n Side: \"Accepter\",\n },\n virtualInterfaceId: creator.id,\n}, { provider: accepter });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\naccepter = pulumi.providers.Aws(\"accepter\")\naccepter_caller_identity = aws.get_caller_identity()\n# Creator's side of the VIF\ncreator = aws.directconnect.HostedTransitVirtualInterface(\"creator\",\n address_family=\"ipv4\",\n bgp_asn=65352,\n connection_id=\"dxcon-zzzzzzzz\",\n owner_account_id=accepter_caller_identity.account_id,\n vlan=4094)\n# Accepter's side of the VIF.\nexample = aws.directconnect.Gateway(\"example\", amazon_side_asn=64512)\naccepter_hosted_transit_virtual_interface_acceptor = aws.directconnect.HostedTransitVirtualInterfaceAcceptor(\"accepterHostedTransitVirtualInterfaceAcceptor\",\n dx_gateway_id=example.id,\n tags={\n \"Side\": \"Accepter\",\n },\n virtual_interface_id=creator.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var accepter = new Aws.Provider(\"accepter\", new Aws.ProviderArgs\n {\n });\n var accepterCallerIdentity = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n // Creator's side of the VIF\n var creator = new Aws.DirectConnect.HostedTransitVirtualInterface(\"creator\", new Aws.DirectConnect.HostedTransitVirtualInterfaceArgs\n {\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n ConnectionId = \"dxcon-zzzzzzzz\",\n OwnerAccountId = accepterCallerIdentity.Apply(accepterCallerIdentity =\u003e accepterCallerIdentity.AccountId),\n Vlan = 4094,\n });\n // Accepter's side of the VIF.\n var example = new Aws.DirectConnect.Gateway(\"example\", new Aws.DirectConnect.GatewayArgs\n {\n AmazonSideAsn = \"64512\",\n });\n var accepterHostedTransitVirtualInterfaceAcceptor = new Aws.DirectConnect.HostedTransitVirtualInterfaceAcceptor(\"accepterHostedTransitVirtualInterfaceAcceptor\", new Aws.DirectConnect.HostedTransitVirtualInterfaceAcceptorArgs\n {\n DxGatewayId = example.Id,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n VirtualInterfaceId = creator.Id,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" } }, "required": [ "arn", "dxGatewayId", "virtualInterfaceId" ], "inputProperties": { "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" } }, "requiredInputs": [ "dxGatewayId", "virtualInterfaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedTransitVirtualInterfaceAcceptor resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" } }, "type": "object" } }, "aws:directconnect/linkAggregationGroup:LinkAggregationGroup": { "description": "Provides a Direct Connect LAG. Connections can be added to the LAG via the `aws.directconnect.Connection` and `aws.directconnect.ConnectionAssociation` resources.\n\n\u003e *NOTE:* When creating a LAG, Direct Connect requires creating a Connection. This provider will remove this unmanaged connection during resource creation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst hoge = new aws.directconnect.LinkAggregationGroup(\"hoge\", {\n connectionsBandwidth: \"1Gbps\",\n forceDestroy: true,\n location: \"EqDC2\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nhoge = aws.directconnect.LinkAggregationGroup(\"hoge\",\n connections_bandwidth=\"1Gbps\",\n force_destroy=True,\n location=\"EqDC2\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var hoge = new Aws.DirectConnect.LinkAggregationGroup(\"hoge\", new Aws.DirectConnect.LinkAggregationGroupArgs\n {\n ConnectionsBandwidth = \"1Gbps\",\n ForceDestroy = true,\n Location = \"EqDC2\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directconnect.NewLinkAggregationGroup(ctx, \"hoge\", \u0026directconnect.LinkAggregationGroupArgs{\n\t\t\tConnectionsBandwidth: pulumi.String(\"1Gbps\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t\tLocation: pulumi.String(\"EqDC2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the LAG.\n* `jumbo_frame_capable` -Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "connectionsBandwidth": { "type": "string", "description": "The bandwidth of the individual physical connections bundled by the LAG. Valid values: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps and 10Gbps. Case sensitive.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all connections associated with the LAG should be deleted so that the LAG can be destroyed without error. These objects are *not* recoverable.\n" }, "hasLogicalRedundancy": { "type": "string", "description": "Indicates whether the LAG supports a secondary BGP peer in the same address family (IPv4/IPv6).\n" }, "jumboFrameCapable": { "type": "boolean" }, "location": { "type": "string", "description": "The AWS Direct Connect location in which the LAG should be allocated. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n" }, "name": { "type": "string", "description": "The name of the LAG.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "connectionsBandwidth", "hasLogicalRedundancy", "jumboFrameCapable", "location", "name" ], "inputProperties": { "connectionsBandwidth": { "type": "string", "description": "The bandwidth of the individual physical connections bundled by the LAG. Valid values: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps and 10Gbps. Case sensitive.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all connections associated with the LAG should be deleted so that the LAG can be destroyed without error. These objects are *not* recoverable.\n" }, "location": { "type": "string", "description": "The AWS Direct Connect location in which the LAG should be allocated. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n" }, "name": { "type": "string", "description": "The name of the LAG.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "connectionsBandwidth", "location" ], "stateInputs": { "description": "Input properties used for looking up and filtering LinkAggregationGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the LAG.\n* `jumbo_frame_capable` -Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "connectionsBandwidth": { "type": "string", "description": "The bandwidth of the individual physical connections bundled by the LAG. Valid values: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps and 10Gbps. Case sensitive.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all connections associated with the LAG should be deleted so that the LAG can be destroyed without error. These objects are *not* recoverable.\n" }, "hasLogicalRedundancy": { "type": "string", "description": "Indicates whether the LAG supports a secondary BGP peer in the same address family (IPv4/IPv6).\n" }, "jumboFrameCapable": { "type": "boolean" }, "location": { "type": "string", "description": "The AWS Direct Connect location in which the LAG should be allocated. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n" }, "name": { "type": "string", "description": "The name of the LAG.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:directconnect/privateVirtualInterface:PrivateVirtualInterface": { "description": "Provides a Direct Connect private virtual interface resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.directconnect.PrivateVirtualInterface(\"foo\", {\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n connectionId: \"dxcon-zzzzzzzz\",\n vlan: 4094,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.directconnect.PrivateVirtualInterface(\"foo\",\n address_family=\"ipv4\",\n bgp_asn=65352,\n connection_id=\"dxcon-zzzzzzzz\",\n vlan=4094)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.DirectConnect.PrivateVirtualInterface(\"foo\", new Aws.DirectConnect.PrivateVirtualInterfaceArgs\n {\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n ConnectionId = \"dxcon-zzzzzzzz\",\n Vlan = 4094,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directconnect.NewPrivateVirtualInterface(ctx, \"foo\", \u0026directconnect.PrivateVirtualInterfaceArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "jumboFrameCapable", "name", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n" } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering PrivateVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n" } }, "type": "object" } }, "aws:directconnect/publicVirtualInterface:PublicVirtualInterface": { "description": "Provides a Direct Connect public virtual interface resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.directconnect.PublicVirtualInterface(\"foo\", {\n addressFamily: \"ipv4\",\n amazonAddress: \"175.45.176.2/30\",\n bgpAsn: 65352,\n connectionId: \"dxcon-zzzzzzzz\",\n customerAddress: \"175.45.176.1/30\",\n routeFilterPrefixes: [\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n vlan: 4094,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.directconnect.PublicVirtualInterface(\"foo\",\n address_family=\"ipv4\",\n amazon_address=\"175.45.176.2/30\",\n bgp_asn=65352,\n connection_id=\"dxcon-zzzzzzzz\",\n customer_address=\"175.45.176.1/30\",\n route_filter_prefixes=[\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n vlan=4094)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.DirectConnect.PublicVirtualInterface(\"foo\", new Aws.DirectConnect.PublicVirtualInterfaceArgs\n {\n AddressFamily = \"ipv4\",\n AmazonAddress = \"175.45.176.2/30\",\n BgpAsn = 65352,\n ConnectionId = \"dxcon-zzzzzzzz\",\n CustomerAddress = \"175.45.176.1/30\",\n RouteFilterPrefixes = \n {\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n },\n Vlan = 4094,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directconnect.NewPublicVirtualInterface(ctx, \"foo\", \u0026directconnect.PublicVirtualInterfaceArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tAmazonAddress: pulumi.String(\"175.45.176.2/30\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tCustomerAddress: pulumi.String(\"175.45.176.1/30\"),\n\t\t\tRouteFilterPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"210.52.109.0/24\"),\n\t\t\t\tpulumi.String(\"175.45.176.0/22\"),\n\t\t\t},\n\t\t\tVlan: pulumi.Int(4094),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "name", "routeFilterPrefixes", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "routeFilterPrefixes", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering PublicVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "type": "object" } }, "aws:directconnect/transitVirtualInterface:TransitVirtualInterface": { "description": "Provides a Direct Connect transit virtual interface resource.\nA transit virtual interface is a VLAN that transports traffic from a Direct Connect gateway to one or more transit gateways.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGateway = new aws.directconnect.Gateway(\"example\", {\n amazonSideAsn: \"64512\",\n});\nconst exampleTransitVirtualInterface = new aws.directconnect.TransitVirtualInterface(\"example\", {\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n connectionId: aws_dx_connection_example.id,\n dxGatewayId: exampleGateway.id,\n vlan: 4094,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_gateway = aws.directconnect.Gateway(\"exampleGateway\", amazon_side_asn=64512)\nexample_transit_virtual_interface = aws.directconnect.TransitVirtualInterface(\"exampleTransitVirtualInterface\",\n address_family=\"ipv4\",\n bgp_asn=65352,\n connection_id=aws_dx_connection[\"example\"][\"id\"],\n dx_gateway_id=example_gateway.id,\n vlan=4094)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleGateway = new Aws.DirectConnect.Gateway(\"exampleGateway\", new Aws.DirectConnect.GatewayArgs\n {\n AmazonSideAsn = \"64512\",\n });\n var exampleTransitVirtualInterface = new Aws.DirectConnect.TransitVirtualInterface(\"exampleTransitVirtualInterface\", new Aws.DirectConnect.TransitVirtualInterfaceArgs\n {\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n ConnectionId = aws_dx_connection.Example.Id,\n DxGatewayId = exampleGateway.Id,\n Vlan = 4094,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleGateway, err := directconnect.NewGateway(ctx, \"exampleGateway\", \u0026directconnect.GatewayArgs{\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewTransitVirtualInterface(ctx, \"exampleTransitVirtualInterface\", \u0026directconnect.TransitVirtualInterfaceArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t\tConnectionId: pulumi.String(aws_dx_connection.Example.Id),\n\t\t\tDxGatewayId: exampleGateway.ID(),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (8500 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "dxGatewayId", "jumboFrameCapable", "name", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "dxGatewayId", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering TransitVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (8500 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "type": "object" } }, "aws:directoryservice/conditionalForwader:ConditionalForwader": { "description": "Provides a conditional forwarder for managed Microsoft AD in AWS Directory Service.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directoryservice.ConditionalForwader(\"example\", {\n directoryId: aws_directory_service_directory_ad.id,\n dnsIps: [\n \"8.8.8.8\",\n \"8.8.4.4\",\n ],\n remoteDomainName: \"example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directoryservice.ConditionalForwader(\"example\",\n directory_id=aws_directory_service_directory[\"ad\"][\"id\"],\n dns_ips=[\n \"8.8.8.8\",\n \"8.8.4.4\",\n ],\n remote_domain_name=\"example.com\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DirectoryService.ConditionalForwader(\"example\", new Aws.DirectoryService.ConditionalForwaderArgs\n {\n DirectoryId = aws_directory_service_directory.Ad.Id,\n DnsIps = \n {\n \"8.8.8.8\",\n \"8.8.4.4\",\n },\n RemoteDomainName = \"example.com\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = directoryservice.NewConditionalForwader(ctx, \"example\", \u0026directoryservice.ConditionalForwaderArgs{\n\t\t\tDirectoryId: pulumi.String(aws_directory_service_directory.Ad.Id),\n\t\t\tDnsIps: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"8.8.8.8\"),\n\t\t\t\tpulumi.String(\"8.8.4.4\"),\n\t\t\t},\n\t\t\tRemoteDomainName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "directoryId": { "type": "string", "description": "The id of directory.\n" }, "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of forwarder IP addresses.\n" }, "remoteDomainName": { "type": "string", "description": "The fully qualified domain name of the remote domain for which forwarders will be used.\n" } }, "required": [ "directoryId", "dnsIps", "remoteDomainName" ], "inputProperties": { "directoryId": { "type": "string", "description": "The id of directory.\n" }, "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of forwarder IP addresses.\n" }, "remoteDomainName": { "type": "string", "description": "The fully qualified domain name of the remote domain for which forwarders will be used.\n" } }, "requiredInputs": [ "directoryId", "dnsIps", "remoteDomainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConditionalForwader resources.\n", "properties": { "directoryId": { "type": "string", "description": "The id of directory.\n" }, "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of forwarder IP addresses.\n" }, "remoteDomainName": { "type": "string", "description": "The fully qualified domain name of the remote domain for which forwarders will be used.\n" } }, "type": "object" } }, "aws:directoryservice/directory:Directory": { "description": "Provides a Simple or Managed Microsoft directory in AWS Directory Service.\n\n\u003e **Note:** All arguments including the password and customer username will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### SimpleAD\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst foo = new aws.ec2.Subnet(\"foo\", {\n availabilityZone: \"us-west-2a\",\n cidrBlock: \"10.0.1.0/24\",\n vpcId: main.id,\n});\nconst barSubnet = new aws.ec2.Subnet(\"bar\", {\n availabilityZone: \"us-west-2b\",\n cidrBlock: \"10.0.2.0/24\",\n vpcId: main.id,\n});\nconst barDirectory = new aws.directoryservice.Directory(\"bar\", {\n password: \"SuperSecretPassw0rd\",\n size: \"Small\",\n tags: {\n Project: \"foo\",\n },\n vpcSettings: {\n subnetIds: [\n foo.id,\n barSubnet.id,\n ],\n vpcId: main.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nfoo = aws.ec2.Subnet(\"foo\",\n availability_zone=\"us-west-2a\",\n cidr_block=\"10.0.1.0/24\",\n vpc_id=main.id)\nbar_subnet = aws.ec2.Subnet(\"barSubnet\",\n availability_zone=\"us-west-2b\",\n cidr_block=\"10.0.2.0/24\",\n vpc_id=main.id)\nbar_directory = aws.directoryservice.Directory(\"barDirectory\",\n password=\"SuperSecretPassw0rd\",\n size=\"Small\",\n tags={\n \"Project\": \"foo\",\n },\n vpc_settings={\n \"subnet_ids\": [\n foo.id,\n bar_subnet.id,\n ],\n \"vpc_id\": main.id,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var foo = new Aws.Ec2.Subnet(\"foo\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = \"10.0.1.0/24\",\n VpcId = main.Id,\n });\n var barSubnet = new Aws.Ec2.Subnet(\"barSubnet\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-west-2b\",\n CidrBlock = \"10.0.2.0/24\",\n VpcId = main.Id,\n });\n var barDirectory = new Aws.DirectoryService.Directory(\"barDirectory\", new Aws.DirectoryService.DirectoryArgs\n {\n Password = \"SuperSecretPassw0rd\",\n Size = \"Small\",\n Tags = \n {\n { \"Project\", \"foo\" },\n },\n VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs\n {\n SubnetIds = \n {\n foo.Id,\n barSubnet.Id,\n },\n VpcId = main.Id,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewSubnet(ctx, \"foo\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbarSubnet, err := ec2.NewSubnet(ctx, \"barSubnet\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2b\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewDirectory(ctx, \"barDirectory\", \u0026directoryservice.DirectoryArgs{\n\t\t\tPassword: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tSize: pulumi.String(\"Small\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Project\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t\tVpcSettings: \u0026directoryservice.DirectoryVpcSettingsArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfoo.ID(),\n\t\t\t\t\tbarSubnet.ID(),\n\t\t\t\t},\n\t\t\t\tVpcId: main.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Microsoft Active Directory (MicrosoftAD)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst foo = new aws.ec2.Subnet(\"foo\", {\n availabilityZone: \"us-west-2a\",\n cidrBlock: \"10.0.1.0/24\",\n vpcId: main.id,\n});\nconst barSubnet = new aws.ec2.Subnet(\"bar\", {\n availabilityZone: \"us-west-2b\",\n cidrBlock: \"10.0.2.0/24\",\n vpcId: main.id,\n});\nconst barDirectory = new aws.directoryservice.Directory(\"bar\", {\n edition: \"Standard\",\n password: \"SuperSecretPassw0rd\",\n tags: {\n Project: \"foo\",\n },\n type: \"MicrosoftAD\",\n vpcSettings: {\n subnetIds: [\n foo.id,\n barSubnet.id,\n ],\n vpcId: main.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nfoo = aws.ec2.Subnet(\"foo\",\n availability_zone=\"us-west-2a\",\n cidr_block=\"10.0.1.0/24\",\n vpc_id=main.id)\nbar_subnet = aws.ec2.Subnet(\"barSubnet\",\n availability_zone=\"us-west-2b\",\n cidr_block=\"10.0.2.0/24\",\n vpc_id=main.id)\nbar_directory = aws.directoryservice.Directory(\"barDirectory\",\n edition=\"Standard\",\n password=\"SuperSecretPassw0rd\",\n tags={\n \"Project\": \"foo\",\n },\n type=\"MicrosoftAD\",\n vpc_settings={\n \"subnet_ids\": [\n foo.id,\n bar_subnet.id,\n ],\n \"vpc_id\": main.id,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var foo = new Aws.Ec2.Subnet(\"foo\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = \"10.0.1.0/24\",\n VpcId = main.Id,\n });\n var barSubnet = new Aws.Ec2.Subnet(\"barSubnet\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-west-2b\",\n CidrBlock = \"10.0.2.0/24\",\n VpcId = main.Id,\n });\n var barDirectory = new Aws.DirectoryService.Directory(\"barDirectory\", new Aws.DirectoryService.DirectoryArgs\n {\n Edition = \"Standard\",\n Password = \"SuperSecretPassw0rd\",\n Tags = \n {\n { \"Project\", \"foo\" },\n },\n Type = \"MicrosoftAD\",\n VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs\n {\n SubnetIds = \n {\n foo.Id,\n barSubnet.Id,\n },\n VpcId = main.Id,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewSubnet(ctx, \"foo\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbarSubnet, err := ec2.NewSubnet(ctx, \"barSubnet\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2b\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewDirectory(ctx, \"barDirectory\", \u0026directoryservice.DirectoryArgs{\n\t\t\tEdition: pulumi.String(\"Standard\"),\n\t\t\tPassword: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Project\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"MicrosoftAD\"),\n\t\t\tVpcSettings: \u0026directoryservice.DirectoryVpcSettingsArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfoo.ID(),\n\t\t\t\t\tbarSubnet.ID(),\n\t\t\t\t},\n\t\t\t\tVpcId: main.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Microsoft Active Directory Connector (ADConnector)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst foo = new aws.ec2.Subnet(\"foo\", {\n availabilityZone: \"us-west-2a\",\n cidrBlock: \"10.0.1.0/24\",\n vpcId: main.id,\n});\nconst bar = new aws.ec2.Subnet(\"bar\", {\n availabilityZone: \"us-west-2b\",\n cidrBlock: \"10.0.2.0/24\",\n vpcId: main.id,\n});\nconst connector = new aws.directoryservice.Directory(\"connector\", {\n connectSettings: {\n customerDnsIps: [\"A.B.C.D\"],\n customerUsername: \"Admin\",\n subnetIds: [\n foo.id,\n bar.id,\n ],\n vpcId: main.id,\n },\n password: \"SuperSecretPassw0rd\",\n size: \"Small\",\n type: \"ADConnector\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nfoo = aws.ec2.Subnet(\"foo\",\n availability_zone=\"us-west-2a\",\n cidr_block=\"10.0.1.0/24\",\n vpc_id=main.id)\nbar = aws.ec2.Subnet(\"bar\",\n availability_zone=\"us-west-2b\",\n cidr_block=\"10.0.2.0/24\",\n vpc_id=main.id)\nconnector = aws.directoryservice.Directory(\"connector\",\n connect_settings={\n \"customerDnsIps\": [\"A.B.C.D\"],\n \"customerUsername\": \"Admin\",\n \"subnet_ids\": [\n foo.id,\n bar.id,\n ],\n \"vpc_id\": main.id,\n },\n password=\"SuperSecretPassw0rd\",\n size=\"Small\",\n type=\"ADConnector\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var foo = new Aws.Ec2.Subnet(\"foo\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = \"10.0.1.0/24\",\n VpcId = main.Id,\n });\n var bar = new Aws.Ec2.Subnet(\"bar\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-west-2b\",\n CidrBlock = \"10.0.2.0/24\",\n VpcId = main.Id,\n });\n var connector = new Aws.DirectoryService.Directory(\"connector\", new Aws.DirectoryService.DirectoryArgs\n {\n ConnectSettings = new Aws.DirectoryService.Inputs.DirectoryConnectSettingsArgs\n {\n CustomerDnsIps = \n {\n \"A.B.C.D\",\n },\n CustomerUsername = \"Admin\",\n SubnetIds = \n {\n foo.Id,\n bar.Id,\n },\n VpcId = main.Id,\n },\n Password = \"SuperSecretPassw0rd\",\n Size = \"Small\",\n Type = \"ADConnector\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewSubnet(ctx, \"foo\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewSubnet(ctx, \"bar\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2b\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewDirectory(ctx, \"connector\", \u0026directoryservice.DirectoryArgs{\n\t\t\tConnectSettings: \u0026directoryservice.DirectoryConnectSettingsArgs{\n\t\t\t\tCustomerDnsIps: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"A.B.C.D\"),\n\t\t\t\t},\n\t\t\t\tCustomerUsername: pulumi.String(\"Admin\"),\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfoo.ID(),\n\t\t\t\t\tbar.ID(),\n\t\t\t\t},\n\t\t\t\tVpcId: main.ID(),\n\t\t\t},\n\t\t\tPassword: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tSize: pulumi.String(\"Small\"),\n\t\t\tType: pulumi.String(\"ADConnector\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessUrl": { "type": "string", "description": "The access URL for the directory, such as `http://alias.awsapps.com`.\n" }, "alias": { "type": "string", "description": "The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`.\n" }, "connectSettings": { "$ref": "#/types/aws:directoryservice/DirectoryConnectSettings:DirectoryConnectSettings", "description": "Connector related information about the directory. Fields documented below.\n" }, "description": { "type": "string", "description": "A textual description for the directory.\n" }, "dnsIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "A list of IP addresses of the DNS servers for the directory or connector.\n" }, "edition": { "type": "string", "description": "The MicrosoftAD edition (`Standard` or `Enterprise`). Defaults to `Enterprise` (applies to MicrosoftAD type only).\n" }, "enableSso": { "type": "boolean", "description": "Whether to enable single-sign on for the directory. Requires `alias`. Defaults to `false`.\n" }, "name": { "type": "string", "description": "The fully qualified name for the directory, such as `corp.example.com`\n" }, "password": { "type": "string", "description": "The password for the directory administrator or connector user.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group created by the directory.\n" }, "shortName": { "type": "string", "description": "The short name of the directory, such as `CORP`.\n" }, "size": { "type": "string", "description": "The size of the directory (`Small` or `Large` are accepted values).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "type": { "type": "string", "description": "The directory type (`SimpleAD`, `ADConnector` or `MicrosoftAD` are accepted values). Defaults to `SimpleAD`.\n" }, "vpcSettings": { "$ref": "#/types/aws:directoryservice/DirectoryVpcSettings:DirectoryVpcSettings", "description": "VPC related information about the directory. Fields documented below.\n" } }, "required": [ "accessUrl", "alias", "dnsIpAddresses", "edition", "name", "password", "securityGroupId", "shortName", "size" ], "inputProperties": { "alias": { "type": "string", "description": "The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`.\n" }, "connectSettings": { "$ref": "#/types/aws:directoryservice/DirectoryConnectSettings:DirectoryConnectSettings", "description": "Connector related information about the directory. Fields documented below.\n" }, "description": { "type": "string", "description": "A textual description for the directory.\n" }, "edition": { "type": "string", "description": "The MicrosoftAD edition (`Standard` or `Enterprise`). Defaults to `Enterprise` (applies to MicrosoftAD type only).\n" }, "enableSso": { "type": "boolean", "description": "Whether to enable single-sign on for the directory. Requires `alias`. Defaults to `false`.\n" }, "name": { "type": "string", "description": "The fully qualified name for the directory, such as `corp.example.com`\n" }, "password": { "type": "string", "description": "The password for the directory administrator or connector user.\n" }, "shortName": { "type": "string", "description": "The short name of the directory, such as `CORP`.\n" }, "size": { "type": "string", "description": "The size of the directory (`Small` or `Large` are accepted values).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "type": { "type": "string", "description": "The directory type (`SimpleAD`, `ADConnector` or `MicrosoftAD` are accepted values). Defaults to `SimpleAD`.\n" }, "vpcSettings": { "$ref": "#/types/aws:directoryservice/DirectoryVpcSettings:DirectoryVpcSettings", "description": "VPC related information about the directory. Fields documented below.\n" } }, "requiredInputs": [ "password" ], "stateInputs": { "description": "Input properties used for looking up and filtering Directory resources.\n", "properties": { "accessUrl": { "type": "string", "description": "The access URL for the directory, such as `http://alias.awsapps.com`.\n" }, "alias": { "type": "string", "description": "The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`.\n" }, "connectSettings": { "$ref": "#/types/aws:directoryservice/DirectoryConnectSettings:DirectoryConnectSettings", "description": "Connector related information about the directory. Fields documented below.\n" }, "description": { "type": "string", "description": "A textual description for the directory.\n" }, "dnsIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "A list of IP addresses of the DNS servers for the directory or connector.\n" }, "edition": { "type": "string", "description": "The MicrosoftAD edition (`Standard` or `Enterprise`). Defaults to `Enterprise` (applies to MicrosoftAD type only).\n" }, "enableSso": { "type": "boolean", "description": "Whether to enable single-sign on for the directory. Requires `alias`. Defaults to `false`.\n" }, "name": { "type": "string", "description": "The fully qualified name for the directory, such as `corp.example.com`\n" }, "password": { "type": "string", "description": "The password for the directory administrator or connector user.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group created by the directory.\n" }, "shortName": { "type": "string", "description": "The short name of the directory, such as `CORP`.\n" }, "size": { "type": "string", "description": "The size of the directory (`Small` or `Large` are accepted values).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "type": { "type": "string", "description": "The directory type (`SimpleAD`, `ADConnector` or `MicrosoftAD` are accepted values). Defaults to `SimpleAD`.\n" }, "vpcSettings": { "$ref": "#/types/aws:directoryservice/DirectoryVpcSettings:DirectoryVpcSettings", "description": "VPC related information about the directory. Fields documented below.\n" } }, "type": "object" } }, "aws:directoryservice/logService:LogService": { "description": "Provides a Log subscription for AWS Directory Service that pushes logs to cloudwatch.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {\n retentionInDays: 14,\n});\nconst ad_log_policyPolicyDocument = exampleLogGroup.arn.apply(arn =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n effect: \"Allow\",\n principals: [{\n identifiers: [\"ds.amazonaws.com\"],\n type: \"Service\",\n }],\n resources: [arn],\n }],\n}, { async: true }));\nconst ad_log_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"ad-log-policy\", {\n policyDocument: ad_log_policyPolicyDocument.json,\n policyName: \"ad-log-policy\",\n});\nconst exampleLogService = new aws.directoryservice.LogService(\"example\", {\n directoryId: aws_directory_service_directory_example.id,\n logGroupName: exampleLogGroup.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"exampleLogGroup\", retention_in_days=14)\nad_log_policy_policy_document = example_log_group.arn.apply(lambda arn: aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"identifiers\": [\"ds.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n \"resources\": [arn],\n}]))\nad_log_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"ad-log-policyLogResourcePolicy\",\n policy_document=ad_log_policy_policy_document.json,\n policy_name=\"ad-log-policy\")\nexample_log_service = aws.directoryservice.LogService(\"exampleLogService\",\n directory_id=aws_directory_service_directory[\"example\"][\"id\"],\n log_group_name=example_log_group.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"exampleLogGroup\", new Aws.CloudWatch.LogGroupArgs\n {\n RetentionInDays = 14,\n });\n var ad_log_policyPolicyDocument = exampleLogGroup.Arn.Apply(arn =\u003e Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Effect = \"Allow\",\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"ds.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n Resources = \n {\n arn,\n },\n },\n },\n }));\n var ad_log_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"ad-log-policyLogResourcePolicy\", new Aws.CloudWatch.LogResourcePolicyArgs\n {\n PolicyDocument = ad_log_policyPolicyDocument.Apply(ad_log_policyPolicyDocument =\u003e ad_log_policyPolicyDocument.Json),\n PolicyName = \"ad-log-policy\",\n });\n var exampleLogService = new Aws.DirectoryService.LogService(\"exampleLogService\", new Aws.DirectoryService.LogServiceArgs\n {\n DirectoryId = aws_directory_service_directory.Example.Id,\n LogGroupName = exampleLogGroup.Name,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "directoryId": { "type": "string", "description": "The id of directory.\n" }, "logGroupName": { "type": "string", "description": "Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.\n" } }, "required": [ "directoryId", "logGroupName" ], "inputProperties": { "directoryId": { "type": "string", "description": "The id of directory.\n" }, "logGroupName": { "type": "string", "description": "Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.\n" } }, "requiredInputs": [ "directoryId", "logGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogService resources.\n", "properties": { "directoryId": { "type": "string", "description": "The id of directory.\n" }, "logGroupName": { "type": "string", "description": "Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.\n" } }, "type": "object" } }, "aws:dlm/lifecyclePolicy:LifecyclePolicy": { "description": "Provides a [Data Lifecycle Manager (DLM) lifecycle policy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-lifecycle.html) for managing snapshots.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dlmLifecycleRole = new aws.iam.Role(\"dlm_lifecycle_role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"dlm.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst dlmLifecycle = new aws.iam.RolePolicy(\"dlm_lifecycle\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateSnapshot\",\n \"ec2:DeleteSnapshot\",\n \"ec2:DescribeVolumes\",\n \"ec2:DescribeSnapshots\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateTags\"\n ],\n \"Resource\": \"arn:aws:ec2:*::snapshot/*\"\n }\n ]\n}\n`,\n role: dlmLifecycleRole.id,\n});\nconst example = new aws.dlm.LifecyclePolicy(\"example\", {\n description: \"example DLM lifecycle policy\",\n executionRoleArn: dlmLifecycleRole.arn,\n policyDetails: {\n resourceTypes: [\"VOLUME\"],\n schedules: [{\n copyTags: false,\n createRule: {\n interval: 24,\n intervalUnit: \"HOURS\",\n times: \"23:45\",\n },\n name: \"2 weeks of daily snapshots\",\n retainRule: {\n count: 14,\n },\n tagsToAdd: {\n SnapshotCreator: \"DLM\",\n },\n }],\n targetTags: {\n Snapshot: \"true\",\n },\n },\n state: \"ENABLED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndlm_lifecycle_role = aws.iam.Role(\"dlmLifecycleRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"dlm.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\ndlm_lifecycle = aws.iam.RolePolicy(\"dlmLifecycle\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateSnapshot\",\n \"ec2:DeleteSnapshot\",\n \"ec2:DescribeVolumes\",\n \"ec2:DescribeSnapshots\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateTags\"\n ],\n \"Resource\": \"arn:aws:ec2:*::snapshot/*\"\n }\n ]\n}\n\n\"\"\",\n role=dlm_lifecycle_role.id)\nexample = aws.dlm.LifecyclePolicy(\"example\",\n description=\"example DLM lifecycle policy\",\n execution_role_arn=dlm_lifecycle_role.arn,\n policy_details={\n \"resourceTypes\": [\"VOLUME\"],\n \"schedule\": [{\n \"copyTags\": False,\n \"createRule\": {\n \"interval\": 24,\n \"intervalUnit\": \"HOURS\",\n \"times\": \"23:45\",\n },\n \"name\": \"2 weeks of daily snapshots\",\n \"retainRule\": {\n \"count\": 14,\n },\n \"tagsToAdd\": {\n \"SnapshotCreator\": \"DLM\",\n },\n }],\n \"targetTags\": {\n \"Snapshot\": \"true\",\n },\n },\n state=\"ENABLED\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dlmLifecycleRole = new Aws.Iam.Role(\"dlmLifecycleRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"dlm.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var dlmLifecycle = new Aws.Iam.RolePolicy(\"dlmLifecycle\", new Aws.Iam.RolePolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"ec2:CreateSnapshot\"\",\n \"\"ec2:DeleteSnapshot\"\",\n \"\"ec2:DescribeVolumes\"\",\n \"\"ec2:DescribeSnapshots\"\"\n ],\n \"\"Resource\"\": \"\"*\"\"\n },\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"ec2:CreateTags\"\"\n ],\n \"\"Resource\"\": \"\"arn:aws:ec2:*::snapshot/*\"\"\n }\n ]\n}\n\n\",\n Role = dlmLifecycleRole.Id,\n });\n var example = new Aws.Dlm.LifecyclePolicy(\"example\", new Aws.Dlm.LifecyclePolicyArgs\n {\n Description = \"example DLM lifecycle policy\",\n ExecutionRoleArn = dlmLifecycleRole.Arn,\n PolicyDetails = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsArgs\n {\n ResourceTypes = \n {\n \"VOLUME\",\n },\n Schedule = \n {\n \n {\n { \"copyTags\", false },\n { \"createRule\", \n {\n { \"interval\", 24 },\n { \"intervalUnit\", \"HOURS\" },\n { \"times\", \"23:45\" },\n } },\n { \"name\", \"2 weeks of daily snapshots\" },\n { \"retainRule\", \n {\n { \"count\", 14 },\n } },\n { \"tagsToAdd\", \n {\n { \"SnapshotCreator\", \"DLM\" },\n } },\n },\n },\n TargetTags = \n {\n { \"Snapshot\", \"true\" },\n },\n },\n State = \"ENABLED\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dlm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdlmLifecycleRole, err := iam.NewRole(ctx, \"dlmLifecycleRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"dlm.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"dlmLifecycle\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ec2:CreateSnapshot\\\",\\n\", \" \\\"ec2:DeleteSnapshot\\\",\\n\", \" \\\"ec2:DescribeVolumes\\\",\\n\", \" \\\"ec2:DescribeSnapshots\\\"\\n\", \" ],\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" },\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ec2:CreateTags\\\"\\n\", \" ],\\n\", \" \\\"Resource\\\": \\\"arn:aws:ec2:*::snapshot/*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRole: dlmLifecycleRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dlm.NewLifecyclePolicy(ctx, \"example\", \u0026dlm.LifecyclePolicyArgs{\n\t\t\tDescription: pulumi.String(\"example DLM lifecycle policy\"),\n\t\t\tExecutionRoleArn: dlmLifecycleRole.Arn,\n\t\t\tPolicyDetails: \u0026dlm.LifecyclePolicyPolicyDetailsArgs{\n\t\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"VOLUME\"),\n\t\t\t\t},\n\t\t\t\tSchedule: pulumi.MapArray{\n\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\"copyTags\": pulumi.Bool(false),\n\t\t\t\t\t\t\"createRule\": pulumi.Map{\n\t\t\t\t\t\t\t\"interval\": pulumi.Float64(24),\n\t\t\t\t\t\t\t\"intervalUnit\": pulumi.String(\"HOURS\"),\n\t\t\t\t\t\t\t\"times\": pulumi.String(\"23:45\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"name\": pulumi.String(\"2 weeks of daily snapshots\"),\n\t\t\t\t\t\t\"retainRule\": pulumi.Map{\n\t\t\t\t\t\t\t\"count\": pulumi.Float64(14),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"tagsToAdd\": pulumi.Map{\n\t\t\t\t\t\t\t\"SnapshotCreator\": pulumi.String(\"DLM\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tTargetTags: pulumi.Map{\n\t\t\t\t\t\"Snapshot\": pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tState: pulumi.String(\"ENABLED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DLM Lifecycle Policy.\n" }, "description": { "type": "string", "description": "A description for the DLM lifecycle policy.\n" }, "executionRoleArn": { "type": "string", "description": "The ARN of an IAM role that is able to be assumed by the DLM service.\n" }, "policyDetails": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetails:LifecyclePolicyPolicyDetails", "description": "See the `policy_details` configuration block. Max of 1.\n" }, "state": { "type": "string", "description": "Whether the lifecycle policy should be enabled or disabled. `ENABLED` or `DISABLED` are valid values. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "required": [ "arn", "description", "executionRoleArn", "policyDetails" ], "inputProperties": { "description": { "type": "string", "description": "A description for the DLM lifecycle policy.\n" }, "executionRoleArn": { "type": "string", "description": "The ARN of an IAM role that is able to be assumed by the DLM service.\n" }, "policyDetails": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetails:LifecyclePolicyPolicyDetails", "description": "See the `policy_details` configuration block. Max of 1.\n" }, "state": { "type": "string", "description": "Whether the lifecycle policy should be enabled or disabled. `ENABLED` or `DISABLED` are valid values. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "requiredInputs": [ "description", "executionRoleArn", "policyDetails" ], "stateInputs": { "description": "Input properties used for looking up and filtering LifecyclePolicy resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DLM Lifecycle Policy.\n" }, "description": { "type": "string", "description": "A description for the DLM lifecycle policy.\n" }, "executionRoleArn": { "type": "string", "description": "The ARN of an IAM role that is able to be assumed by the DLM service.\n" }, "policyDetails": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetails:LifecyclePolicyPolicyDetails", "description": "See the `policy_details` configuration block. Max of 1.\n" }, "state": { "type": "string", "description": "Whether the lifecycle policy should be enabled or disabled. `ENABLED` or `DISABLED` are valid values. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object" } }, "aws:dms/certificate:Certificate": { "description": "Provides a DMS (Data Migration Service) certificate resource. DMS certificates can be created, deleted, and imported.\n\n\u003e **Note:** All arguments including the PEM encoded certificate will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new certificate\nconst test = new aws.dms.Certificate(\"test\", {\n certificateId: \"test-dms-certificate-tf\",\n certificatePem: \"...\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new certificate\ntest = aws.dms.Certificate(\"test\",\n certificate_id=\"test-dms-certificate-tf\",\n certificate_pem=\"...\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new certificate\n var test = new Aws.Dms.Certificate(\"test\", new Aws.Dms.CertificateArgs\n {\n CertificateId = \"test-dms-certificate-tf\",\n CertificatePem = \"...\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = dms.NewCertificate(ctx, \"test\", \u0026dms.CertificateArgs{\n\t\t\tCertificateId: pulumi.String(\"test-dms-certificate-tf\"),\n\t\t\tCertificatePem: pulumi.String(\"...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the certificate.\n" }, "certificateId": { "type": "string", "description": "The certificate identifier.\n" }, "certificatePem": { "type": "string", "description": "The contents of the .pem X.509 certificate file for the certificate. Either `certificate_pem` or `certificate_wallet` must be set.\n" }, "certificateWallet": { "type": "string", "description": "The contents of the Oracle Wallet certificate for use with SSL. Either `certificate_pem` or `certificate_wallet` must be set.\n" } }, "required": [ "certificateArn", "certificateId" ], "inputProperties": { "certificateId": { "type": "string", "description": "The certificate identifier.\n" }, "certificatePem": { "type": "string", "description": "The contents of the .pem X.509 certificate file for the certificate. Either `certificate_pem` or `certificate_wallet` must be set.\n" }, "certificateWallet": { "type": "string", "description": "The contents of the Oracle Wallet certificate for use with SSL. Either `certificate_pem` or `certificate_wallet` must be set.\n" } }, "requiredInputs": [ "certificateId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Certificate resources.\n", "properties": { "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the certificate.\n" }, "certificateId": { "type": "string", "description": "The certificate identifier.\n" }, "certificatePem": { "type": "string", "description": "The contents of the .pem X.509 certificate file for the certificate. Either `certificate_pem` or `certificate_wallet` must be set.\n" }, "certificateWallet": { "type": "string", "description": "The contents of the Oracle Wallet certificate for use with SSL. Either `certificate_pem` or `certificate_wallet` must be set.\n" } }, "type": "object" } }, "aws:dms/endpoint:Endpoint": { "description": "Provides a DMS (Data Migration Service) endpoint resource. DMS endpoints can be created, updated, deleted, and imported.\n\n\u003e **Note:** All arguments including the password will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new endpoint\nconst test = new aws.dms.Endpoint(\"test\", {\n certificateArn: \"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012\",\n databaseName: \"test\",\n endpointId: \"test-dms-endpoint-tf\",\n endpointType: \"source\",\n engineName: \"aurora\",\n extraConnectionAttributes: \"\",\n kmsKeyArn: \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n password: \"test\",\n port: 3306,\n serverName: \"test\",\n sslMode: \"none\",\n tags: {\n Name: \"test\",\n },\n username: \"test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new endpoint\ntest = aws.dms.Endpoint(\"test\",\n certificate_arn=\"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012\",\n database_name=\"test\",\n endpoint_id=\"test-dms-endpoint-tf\",\n endpoint_type=\"source\",\n engine_name=\"aurora\",\n extra_connection_attributes=\"\",\n kms_key_arn=\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n password=\"test\",\n port=3306,\n server_name=\"test\",\n ssl_mode=\"none\",\n tags={\n \"Name\": \"test\",\n },\n username=\"test\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new endpoint\n var test = new Aws.Dms.Endpoint(\"test\", new Aws.Dms.EndpointArgs\n {\n CertificateArn = \"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012\",\n DatabaseName = \"test\",\n EndpointId = \"test-dms-endpoint-tf\",\n EndpointType = \"source\",\n EngineName = \"aurora\",\n ExtraConnectionAttributes = \"\",\n KmsKeyArn = \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n Password = \"test\",\n Port = 3306,\n ServerName = \"test\",\n SslMode = \"none\",\n Tags = \n {\n { \"Name\", \"test\" },\n },\n Username = \"test\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = dms.NewEndpoint(ctx, \"test\", \u0026dms.EndpointArgs{\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012\"),\n\t\t\tDatabaseName: pulumi.String(\"test\"),\n\t\t\tEndpointId: pulumi.String(\"test-dms-endpoint-tf\"),\n\t\t\tEndpointType: pulumi.String(\"source\"),\n\t\t\tEngineName: pulumi.String(\"aurora\"),\n\t\t\tExtraConnectionAttributes: pulumi.String(\"\"),\n\t\t\tKmsKeyArn: pulumi.String(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\"),\n\t\t\tPassword: pulumi.String(\"test\"),\n\t\t\tPort: pulumi.Int(3306),\n\t\t\tServerName: pulumi.String(\"test\"),\n\t\t\tSslMode: pulumi.String(\"none\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tUsername: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the certificate.\n" }, "databaseName": { "type": "string", "description": "The name of the endpoint database.\n" }, "elasticsearchSettings": { "$ref": "#/types/aws:dms/EndpointElasticsearchSettings:EndpointElasticsearchSettings", "description": "Configuration block with Elasticsearch settings. Detailed below.\n" }, "endpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the endpoint.\n" }, "endpointId": { "type": "string", "description": "The database endpoint identifier.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint. Can be one of `source | target`.\n" }, "engineName": { "type": "string", "description": "The type of engine for the endpoint. Can be one of `aurora | aurora-postgresql| azuredb | db2 | docdb | dynamodb | elasticsearch | kafka | kinesis | mariadb | mongodb | mysql | oracle | postgres | redshift | s3 | sqlserver | sybase`.\n" }, "extraConnectionAttributes": { "type": "string", "description": "Additional attributes associated with the connection. For available attributes see [Using Extra Connection Attributes with AWS Database Migration Service](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Introduction.ConnectionAttributes.html).\n" }, "kafkaSettings": { "$ref": "#/types/aws:dms/EndpointKafkaSettings:EndpointKafkaSettings", "description": "Configuration block with Kafka settings. Detailed below.\n" }, "kinesisSettings": { "$ref": "#/types/aws:dms/EndpointKinesisSettings:EndpointKinesisSettings", "description": "Configuration block with Kinesis settings. Detailed below.\n" }, "kmsKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n" }, "mongodbSettings": { "$ref": "#/types/aws:dms/EndpointMongodbSettings:EndpointMongodbSettings", "description": "Configuration block with MongoDB settings. Detailed below.\n" }, "password": { "type": "string", "description": "The password to be used to login to the endpoint database.\n" }, "port": { "type": "integer", "description": "The port used by the endpoint database.\n" }, "s3Settings": { "$ref": "#/types/aws:dms/EndpointS3Settings:EndpointS3Settings", "description": "Configuration block with S3 settings. Detailed below.\n" }, "serverName": { "type": "string", "description": "The host name of the server.\n" }, "serviceAccessRole": { "type": "string", "description": "The Amazon Resource Name (ARN) used by the service access IAM role for dynamodb endpoints.\n" }, "sslMode": { "type": "string", "description": "The SSL mode to use for the connection. Can be one of `none | require | verify-ca | verify-full`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "username": { "type": "string", "description": "The user name to be used to login to the endpoint database.\n" } }, "required": [ "certificateArn", "endpointArn", "endpointId", "endpointType", "engineName", "extraConnectionAttributes", "kmsKeyArn", "sslMode" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the certificate.\n" }, "databaseName": { "type": "string", "description": "The name of the endpoint database.\n" }, "elasticsearchSettings": { "$ref": "#/types/aws:dms/EndpointElasticsearchSettings:EndpointElasticsearchSettings", "description": "Configuration block with Elasticsearch settings. Detailed below.\n" }, "endpointId": { "type": "string", "description": "The database endpoint identifier.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint. Can be one of `source | target`.\n" }, "engineName": { "type": "string", "description": "The type of engine for the endpoint. Can be one of `aurora | aurora-postgresql| azuredb | db2 | docdb | dynamodb | elasticsearch | kafka | kinesis | mariadb | mongodb | mysql | oracle | postgres | redshift | s3 | sqlserver | sybase`.\n" }, "extraConnectionAttributes": { "type": "string", "description": "Additional attributes associated with the connection. For available attributes see [Using Extra Connection Attributes with AWS Database Migration Service](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Introduction.ConnectionAttributes.html).\n" }, "kafkaSettings": { "$ref": "#/types/aws:dms/EndpointKafkaSettings:EndpointKafkaSettings", "description": "Configuration block with Kafka settings. Detailed below.\n" }, "kinesisSettings": { "$ref": "#/types/aws:dms/EndpointKinesisSettings:EndpointKinesisSettings", "description": "Configuration block with Kinesis settings. Detailed below.\n" }, "kmsKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n" }, "mongodbSettings": { "$ref": "#/types/aws:dms/EndpointMongodbSettings:EndpointMongodbSettings", "description": "Configuration block with MongoDB settings. Detailed below.\n" }, "password": { "type": "string", "description": "The password to be used to login to the endpoint database.\n" }, "port": { "type": "integer", "description": "The port used by the endpoint database.\n" }, "s3Settings": { "$ref": "#/types/aws:dms/EndpointS3Settings:EndpointS3Settings", "description": "Configuration block with S3 settings. Detailed below.\n" }, "serverName": { "type": "string", "description": "The host name of the server.\n" }, "serviceAccessRole": { "type": "string", "description": "The Amazon Resource Name (ARN) used by the service access IAM role for dynamodb endpoints.\n" }, "sslMode": { "type": "string", "description": "The SSL mode to use for the connection. Can be one of `none | require | verify-ca | verify-full`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "username": { "type": "string", "description": "The user name to be used to login to the endpoint database.\n" } }, "requiredInputs": [ "endpointId", "endpointType", "engineName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Endpoint resources.\n", "properties": { "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the certificate.\n" }, "databaseName": { "type": "string", "description": "The name of the endpoint database.\n" }, "elasticsearchSettings": { "$ref": "#/types/aws:dms/EndpointElasticsearchSettings:EndpointElasticsearchSettings", "description": "Configuration block with Elasticsearch settings. Detailed below.\n" }, "endpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the endpoint.\n" }, "endpointId": { "type": "string", "description": "The database endpoint identifier.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint. Can be one of `source | target`.\n" }, "engineName": { "type": "string", "description": "The type of engine for the endpoint. Can be one of `aurora | aurora-postgresql| azuredb | db2 | docdb | dynamodb | elasticsearch | kafka | kinesis | mariadb | mongodb | mysql | oracle | postgres | redshift | s3 | sqlserver | sybase`.\n" }, "extraConnectionAttributes": { "type": "string", "description": "Additional attributes associated with the connection. For available attributes see [Using Extra Connection Attributes with AWS Database Migration Service](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Introduction.ConnectionAttributes.html).\n" }, "kafkaSettings": { "$ref": "#/types/aws:dms/EndpointKafkaSettings:EndpointKafkaSettings", "description": "Configuration block with Kafka settings. Detailed below.\n" }, "kinesisSettings": { "$ref": "#/types/aws:dms/EndpointKinesisSettings:EndpointKinesisSettings", "description": "Configuration block with Kinesis settings. Detailed below.\n" }, "kmsKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n" }, "mongodbSettings": { "$ref": "#/types/aws:dms/EndpointMongodbSettings:EndpointMongodbSettings", "description": "Configuration block with MongoDB settings. Detailed below.\n" }, "password": { "type": "string", "description": "The password to be used to login to the endpoint database.\n" }, "port": { "type": "integer", "description": "The port used by the endpoint database.\n" }, "s3Settings": { "$ref": "#/types/aws:dms/EndpointS3Settings:EndpointS3Settings", "description": "Configuration block with S3 settings. Detailed below.\n" }, "serverName": { "type": "string", "description": "The host name of the server.\n" }, "serviceAccessRole": { "type": "string", "description": "The Amazon Resource Name (ARN) used by the service access IAM role for dynamodb endpoints.\n" }, "sslMode": { "type": "string", "description": "The SSL mode to use for the connection. Can be one of `none | require | verify-ca | verify-full`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "username": { "type": "string", "description": "The user name to be used to login to the endpoint database.\n" } }, "type": "object" } }, "aws:dms/eventSubscription:EventSubscription": { "description": "Provides a DMS (Data Migration Service) event subscription resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dms.EventSubscription(\"example\", {\n enabled: true,\n eventCategories: [\n \"creation\",\n \"failure\",\n ],\n snsTopicArn: aws_sns_topic.example.arn,\n sourceIds: [aws_dms_replication_task.example.replication_task_id],\n sourceType: \"replication-task\",\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dms.EventSubscription(\"example\",\n enabled=True,\n event_categories=[\n \"creation\",\n \"failure\",\n ],\n sns_topic_arn=aws_sns_topic[\"example\"][\"arn\"],\n source_ids=[aws_dms_replication_task[\"example\"][\"replication_task_id\"]],\n source_type=\"replication-task\",\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Dms.EventSubscription(\"example\", new Aws.Dms.EventSubscriptionArgs\n {\n Enabled = true,\n EventCategories = \n {\n \"creation\",\n \"failure\",\n },\n SnsTopicArn = aws_sns_topic.Example.Arn,\n SourceIds = \n {\n aws_dms_replication_task.Example.Replication_task_id,\n },\n SourceType = \"replication-task\",\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string" }, "enabled": { "type": "boolean", "description": "Whether the event subscription should be enabled.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "List of event categories to listen for, see `DescribeEventCategories` for a canonical list.\n" }, "name": { "type": "string", "description": "Name of event subscription.\n" }, "snsTopicArn": { "type": "string", "description": "SNS topic arn to send events on.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "Ids of sources to listen to.\n" }, "sourceType": { "type": "string", "description": "Type of source for events. Valid values: `replication-instance` or `replication-task`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "required": [ "arn", "eventCategories", "name", "snsTopicArn" ], "inputProperties": { "enabled": { "type": "boolean", "description": "Whether the event subscription should be enabled.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "List of event categories to listen for, see `DescribeEventCategories` for a canonical list.\n" }, "name": { "type": "string", "description": "Name of event subscription.\n" }, "snsTopicArn": { "type": "string", "description": "SNS topic arn to send events on.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "Ids of sources to listen to.\n" }, "sourceType": { "type": "string", "description": "Type of source for events. Valid values: `replication-instance` or `replication-task`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "eventCategories", "snsTopicArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSubscription resources.\n", "properties": { "arn": { "type": "string" }, "enabled": { "type": "boolean", "description": "Whether the event subscription should be enabled.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "List of event categories to listen for, see `DescribeEventCategories` for a canonical list.\n" }, "name": { "type": "string", "description": "Name of event subscription.\n" }, "snsTopicArn": { "type": "string", "description": "SNS topic arn to send events on.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "Ids of sources to listen to.\n" }, "sourceType": { "type": "string", "description": "Type of source for events. Valid values: `replication-instance` or `replication-task`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" } }, "aws:dms/replicationInstance:ReplicationInstance": { "description": "Provides a DMS (Data Migration Service) replication instance resource. DMS replication instances can be created, updated, deleted, and imported.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dmsAssumeRole = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n identifiers: [\"dms.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n}, { async: true }));\nconst dms_access_for_endpoint = new aws.iam.Role(\"dms-access-for-endpoint\", {\n assumeRolePolicy: dmsAssumeRole.json,\n});\nconst dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new aws.iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n role: dms_access_for_endpoint.name,\n});\nconst dms_cloudwatch_logs_role = new aws.iam.Role(\"dms-cloudwatch-logs-role\", {\n assumeRolePolicy: dmsAssumeRole.json,\n});\nconst dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new aws.iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n role: dms_cloudwatch_logs_role.name,\n});\nconst dms_vpc_role = new aws.iam.Role(\"dms-vpc-role\", {\n assumeRolePolicy: dmsAssumeRole.json,\n});\nconst dms_vpc_role_AmazonDMSVPCManagementRole = new aws.iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n role: dms_vpc_role.name,\n});\n// Create a new replication instance\nconst test = new aws.dms.ReplicationInstance(\"test\", {\n allocatedStorage: 20,\n applyImmediately: true,\n autoMinorVersionUpgrade: true,\n availabilityZone: \"us-west-2c\",\n engineVersion: \"3.1.4\",\n kmsKeyArn: \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n multiAz: false,\n preferredMaintenanceWindow: \"sun:10:30-sun:14:30\",\n publiclyAccessible: true,\n replicationInstanceClass: \"dms.t2.micro\",\n replicationInstanceId: \"test-dms-replication-instance-tf\",\n replicationSubnetGroupId: aws_dms_replication_subnet_group_test_dms_replication_subnet_group_tf.id,\n tags: {\n Name: \"test\",\n },\n vpcSecurityGroupIds: [\"sg-12345678\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndms_assume_role = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"identifiers\": [\"dms.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\ndms_access_for_endpoint = aws.iam.Role(\"dms-access-for-endpoint\", assume_role_policy=dms_assume_role.json)\ndms_access_for_endpoint__amazon_dms_redshift_s3_role = aws.iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n role=dms_access_for_endpoint.name)\ndms_cloudwatch_logs_role = aws.iam.Role(\"dms-cloudwatch-logs-role\", assume_role_policy=dms_assume_role.json)\ndms_cloudwatch_logs_role__amazon_dms_cloud_watch_logs_role = aws.iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n role=dms_cloudwatch_logs_role.name)\ndms_vpc_role = aws.iam.Role(\"dms-vpc-role\", assume_role_policy=dms_assume_role.json)\ndms_vpc_role__amazon_dmsvpc_management_role = aws.iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n role=dms_vpc_role.name)\n# Create a new replication instance\ntest = aws.dms.ReplicationInstance(\"test\",\n allocated_storage=20,\n apply_immediately=True,\n auto_minor_version_upgrade=True,\n availability_zone=\"us-west-2c\",\n engine_version=\"3.1.4\",\n kms_key_arn=\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n multi_az=False,\n preferred_maintenance_window=\"sun:10:30-sun:14:30\",\n publicly_accessible=True,\n replication_instance_class=\"dms.t2.micro\",\n replication_instance_id=\"test-dms-replication-instance-tf\",\n replication_subnet_group_id=aws_dms_replication_subnet_group[\"test-dms-replication-subnet-group-tf\"][\"id\"],\n tags={\n \"Name\": \"test\",\n },\n vpc_security_group_ids=[\"sg-12345678\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dmsAssumeRole = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"sts:AssumeRole\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"dms.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n }));\n var dms_access_for_endpoint = new Aws.Iam.Role(\"dms-access-for-endpoint\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(dmsAssumeRole =\u003e dmsAssumeRole.Json),\n });\n var dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new Aws.Iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n Role = dms_access_for_endpoint.Name,\n });\n var dms_cloudwatch_logs_role = new Aws.Iam.Role(\"dms-cloudwatch-logs-role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(dmsAssumeRole =\u003e dmsAssumeRole.Json),\n });\n var dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new Aws.Iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n Role = dms_cloudwatch_logs_role.Name,\n });\n var dms_vpc_role = new Aws.Iam.Role(\"dms-vpc-role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(dmsAssumeRole =\u003e dmsAssumeRole.Json),\n });\n var dms_vpc_role_AmazonDMSVPCManagementRole = new Aws.Iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n Role = dms_vpc_role.Name,\n });\n // Create a new replication instance\n var test = new Aws.Dms.ReplicationInstance(\"test\", new Aws.Dms.ReplicationInstanceArgs\n {\n AllocatedStorage = 20,\n ApplyImmediately = true,\n AutoMinorVersionUpgrade = true,\n AvailabilityZone = \"us-west-2c\",\n EngineVersion = \"3.1.4\",\n KmsKeyArn = \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n MultiAz = false,\n PreferredMaintenanceWindow = \"sun:10:30-sun:14:30\",\n PubliclyAccessible = true,\n ReplicationInstanceClass = \"dms.t2.micro\",\n ReplicationInstanceId = \"test-dms-replication-instance-tf\",\n ReplicationSubnetGroupId = aws_dms_replication_subnet_group.Test_dms_replication_subnet_group_tf.Id,\n Tags = \n {\n { \"Name\", \"test\" },\n },\n VpcSecurityGroupIds = \n {\n \"sg-12345678\",\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allocatedStorage": { "type": "integer", "description": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.\n" }, "applyImmediately": { "type": "boolean", "description": "Indicates whether the changes should be applied immediately or during the next maintenance window. Only used when updating an existing resource.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the replication instance will be created in.\n" }, "engineVersion": { "type": "string", "description": "The engine version number of the replication instance.\n" }, "kmsKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the replication instance is a multi-az deployment. You cannot set the `availability_zone` parameter if the `multi_az` parameter is set to `true`.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n" }, "publiclyAccessible": { "type": "boolean", "description": "Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address.\n" }, "replicationInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replication instance.\n" }, "replicationInstanceClass": { "type": "string", "description": "The compute and memory capacity of the replication instance as specified by the replication instance class. Can be one of `dms.t2.micro | dms.t2.small | dms.t2.medium | dms.t2.large | dms.c4.large | dms.c4.xlarge | dms.c4.2xlarge | dms.c4.4xlarge`\n" }, "replicationInstanceId": { "type": "string", "description": "The replication instance identifier. This parameter is stored as a lowercase string.\n" }, "replicationInstancePrivateIps": { "type": "array", "items": { "type": "string" }, "description": "A list of the private IP addresses of the replication instance.\n" }, "replicationInstancePublicIps": { "type": "array", "items": { "type": "string" }, "description": "A list of the public IP addresses of the replication instance.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "A subnet group to associate with the replication instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC security group IDs to be used with the replication instance. The VPC security groups must work with the VPC containing the replication instance.\n" } }, "required": [ "allocatedStorage", "autoMinorVersionUpgrade", "availabilityZone", "engineVersion", "kmsKeyArn", "multiAz", "preferredMaintenanceWindow", "publiclyAccessible", "replicationInstanceArn", "replicationInstanceClass", "replicationInstanceId", "replicationInstancePrivateIps", "replicationInstancePublicIps", "replicationSubnetGroupId", "vpcSecurityGroupIds" ], "inputProperties": { "allocatedStorage": { "type": "integer", "description": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.\n" }, "applyImmediately": { "type": "boolean", "description": "Indicates whether the changes should be applied immediately or during the next maintenance window. Only used when updating an existing resource.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the replication instance will be created in.\n" }, "engineVersion": { "type": "string", "description": "The engine version number of the replication instance.\n" }, "kmsKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the replication instance is a multi-az deployment. You cannot set the `availability_zone` parameter if the `multi_az` parameter is set to `true`.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n" }, "publiclyAccessible": { "type": "boolean", "description": "Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address.\n" }, "replicationInstanceClass": { "type": "string", "description": "The compute and memory capacity of the replication instance as specified by the replication instance class. Can be one of `dms.t2.micro | dms.t2.small | dms.t2.medium | dms.t2.large | dms.c4.large | dms.c4.xlarge | dms.c4.2xlarge | dms.c4.4xlarge`\n" }, "replicationInstanceId": { "type": "string", "description": "The replication instance identifier. This parameter is stored as a lowercase string.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "A subnet group to associate with the replication instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC security group IDs to be used with the replication instance. The VPC security groups must work with the VPC containing the replication instance.\n" } }, "requiredInputs": [ "replicationInstanceClass", "replicationInstanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationInstance resources.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.\n" }, "applyImmediately": { "type": "boolean", "description": "Indicates whether the changes should be applied immediately or during the next maintenance window. Only used when updating an existing resource.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the replication instance will be created in.\n" }, "engineVersion": { "type": "string", "description": "The engine version number of the replication instance.\n" }, "kmsKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the replication instance is a multi-az deployment. You cannot set the `availability_zone` parameter if the `multi_az` parameter is set to `true`.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n" }, "publiclyAccessible": { "type": "boolean", "description": "Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address.\n" }, "replicationInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replication instance.\n" }, "replicationInstanceClass": { "type": "string", "description": "The compute and memory capacity of the replication instance as specified by the replication instance class. Can be one of `dms.t2.micro | dms.t2.small | dms.t2.medium | dms.t2.large | dms.c4.large | dms.c4.xlarge | dms.c4.2xlarge | dms.c4.4xlarge`\n" }, "replicationInstanceId": { "type": "string", "description": "The replication instance identifier. This parameter is stored as a lowercase string.\n" }, "replicationInstancePrivateIps": { "type": "array", "items": { "type": "string" }, "description": "A list of the private IP addresses of the replication instance.\n" }, "replicationInstancePublicIps": { "type": "array", "items": { "type": "string" }, "description": "A list of the public IP addresses of the replication instance.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "A subnet group to associate with the replication instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC security group IDs to be used with the replication instance. The VPC security groups must work with the VPC containing the replication instance.\n" } }, "type": "object" } }, "aws:dms/replicationSubnetGroup:ReplicationSubnetGroup": { "description": "Provides a DMS (Data Migration Service) replication subnet group resource. DMS replication subnet groups can be created, updated, deleted, and imported.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new replication subnet group\nconst test = new aws.dms.ReplicationSubnetGroup(\"test\", {\n replicationSubnetGroupDescription: \"Test replication subnet group\",\n replicationSubnetGroupId: \"test-dms-replication-subnet-group-tf\",\n subnetIds: [\"subnet-12345678\"],\n tags: {\n Name: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new replication subnet group\ntest = aws.dms.ReplicationSubnetGroup(\"test\",\n replication_subnet_group_description=\"Test replication subnet group\",\n replication_subnet_group_id=\"test-dms-replication-subnet-group-tf\",\n subnet_ids=[\"subnet-12345678\"],\n tags={\n \"Name\": \"test\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new replication subnet group\n var test = new Aws.Dms.ReplicationSubnetGroup(\"test\", new Aws.Dms.ReplicationSubnetGroupArgs\n {\n ReplicationSubnetGroupDescription = \"Test replication subnet group\",\n ReplicationSubnetGroupId = \"test-dms-replication-subnet-group-tf\",\n SubnetIds = \n {\n \"subnet-12345678\",\n },\n Tags = \n {\n { \"Name\", \"test\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = dms.NewReplicationSubnetGroup(ctx, \"test\", \u0026dms.ReplicationSubnetGroupArgs{\n\t\t\tReplicationSubnetGroupDescription: pulumi.String(\"Test replication subnet group\"),\n\t\t\tReplicationSubnetGroupId: pulumi.String(\"test-dms-replication-subnet-group-tf\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-12345678\"),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "replicationSubnetGroupArn": { "type": "string" }, "replicationSubnetGroupDescription": { "type": "string", "description": "The description for the subnet group.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "The name for the replication subnet group. This value is stored as a lowercase string.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of the EC2 subnet IDs for the subnet group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC the subnet group is in.\n" } }, "required": [ "replicationSubnetGroupArn", "replicationSubnetGroupDescription", "replicationSubnetGroupId", "subnetIds", "vpcId" ], "inputProperties": { "replicationSubnetGroupDescription": { "type": "string", "description": "The description for the subnet group.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "The name for the replication subnet group. This value is stored as a lowercase string.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of the EC2 subnet IDs for the subnet group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "replicationSubnetGroupDescription", "replicationSubnetGroupId", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationSubnetGroup resources.\n", "properties": { "replicationSubnetGroupArn": { "type": "string" }, "replicationSubnetGroupDescription": { "type": "string", "description": "The description for the subnet group.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "The name for the replication subnet group. This value is stored as a lowercase string.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of the EC2 subnet IDs for the subnet group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC the subnet group is in.\n" } }, "type": "object" } }, "aws:dms/replicationTask:ReplicationTask": { "description": "Provides a DMS (Data Migration Service) replication task resource. DMS replication tasks can be created, updated, deleted, and imported.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new replication task\nconst test = new aws.dms.ReplicationTask(\"test\", {\n cdcStartTime: \"1.48434688e+09\",\n migrationType: \"full-load\",\n replicationInstanceArn: aws_dms_replication_instance_test_dms_replication_instance_tf.replicationInstanceArn,\n replicationTaskId: \"test-dms-replication-task-tf\",\n replicationTaskSettings: \"...\",\n sourceEndpointArn: aws_dms_endpoint_test_dms_source_endpoint_tf.endpointArn,\n tableMappings: \"{\\\"rules\\\":[{\\\"rule-type\\\":\\\"selection\\\",\\\"rule-id\\\":\\\"1\\\",\\\"rule-name\\\":\\\"1\\\",\\\"object-locator\\\":{\\\"schema-name\\\":\\\"%\\\",\\\"table-name\\\":\\\"%\\\"},\\\"rule-action\\\":\\\"include\\\"}]}\",\n tags: {\n Name: \"test\",\n },\n targetEndpointArn: aws_dms_endpoint_test_dms_target_endpoint_tf.endpointArn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new replication task\ntest = aws.dms.ReplicationTask(\"test\",\n cdc_start_time=1484346880,\n migration_type=\"full-load\",\n replication_instance_arn=aws_dms_replication_instance[\"test-dms-replication-instance-tf\"][\"replication_instance_arn\"],\n replication_task_id=\"test-dms-replication-task-tf\",\n replication_task_settings=\"...\",\n source_endpoint_arn=aws_dms_endpoint[\"test-dms-source-endpoint-tf\"][\"endpoint_arn\"],\n table_mappings=\"{\\\"rules\\\":[{\\\"rule-type\\\":\\\"selection\\\",\\\"rule-id\\\":\\\"1\\\",\\\"rule-name\\\":\\\"1\\\",\\\"object-locator\\\":{\\\"schema-name\\\":\\\"%\\\",\\\"table-name\\\":\\\"%\\\"},\\\"rule-action\\\":\\\"include\\\"}]}\",\n tags={\n \"Name\": \"test\",\n },\n target_endpoint_arn=aws_dms_endpoint[\"test-dms-target-endpoint-tf\"][\"endpoint_arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new replication task\n var test = new Aws.Dms.ReplicationTask(\"test\", new Aws.Dms.ReplicationTaskArgs\n {\n CdcStartTime = \"1484346880\",\n MigrationType = \"full-load\",\n ReplicationInstanceArn = aws_dms_replication_instance.Test_dms_replication_instance_tf.Replication_instance_arn,\n ReplicationTaskId = \"test-dms-replication-task-tf\",\n ReplicationTaskSettings = \"...\",\n SourceEndpointArn = aws_dms_endpoint.Test_dms_source_endpoint_tf.Endpoint_arn,\n TableMappings = \"{\\\"rules\\\":[{\\\"rule-type\\\":\\\"selection\\\",\\\"rule-id\\\":\\\"1\\\",\\\"rule-name\\\":\\\"1\\\",\\\"object-locator\\\":{\\\"schema-name\\\":\\\"%\\\",\\\"table-name\\\":\\\"%\\\"},\\\"rule-action\\\":\\\"include\\\"}]}\",\n Tags = \n {\n { \"Name\", \"test\" },\n },\n TargetEndpointArn = aws_dms_endpoint.Test_dms_target_endpoint_tf.Endpoint_arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = dms.NewReplicationTask(ctx, \"test\", \u0026dms.ReplicationTaskArgs{\n\t\t\tCdcStartTime: pulumi.String(\"1484346880\"),\n\t\t\tMigrationType: pulumi.String(\"full-load\"),\n\t\t\tReplicationInstanceArn: pulumi.String(aws_dms_replication_instance.Test - dms - replication - instance - tf.Replication_instance_arn),\n\t\t\tReplicationTaskId: pulumi.String(\"test-dms-replication-task-tf\"),\n\t\t\tReplicationTaskSettings: pulumi.String(\"...\"),\n\t\t\tSourceEndpointArn: pulumi.String(aws_dms_endpoint.Test - dms - source - endpoint - tf.Endpoint_arn),\n\t\t\tTableMappings: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v\", \"{\\\"rules\\\":[{\\\"rule-type\\\":\\\"selection\\\",\\\"rule-id\\\":\\\"1\\\",\\\"rule-name\\\":\\\"1\\\",\\\"object-locator\\\":{\\\"schema-name\\\":\\\"\", \"%\", \"\\\",\\\"table-name\\\":\\\"\", \"%\", \"\\\"},\\\"rule-action\\\":\\\"include\\\"}]}\")),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tTargetEndpointArn: pulumi.String(aws_dms_endpoint.Test - dms - target - endpoint - tf.Endpoint_arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "cdcStartTime": { "type": "string", "description": "The Unix timestamp integer for the start of the Change Data Capture (CDC) operation.\n" }, "migrationType": { "type": "string", "description": "The migration type. Can be one of `full-load | cdc | full-load-and-cdc`.\n" }, "replicationInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replication instance.\n" }, "replicationTaskArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the replication task.\n" }, "replicationTaskId": { "type": "string", "description": "The replication task identifier.\n" }, "replicationTaskSettings": { "type": "string", "description": "An escaped JSON string that contains the task settings. For a complete list of task settings, see [Task Settings for AWS Database Migration Service Tasks](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html).\n" }, "sourceEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the source endpoint.\n" }, "tableMappings": { "type": "string", "description": "An escaped JSON string that contains the table mappings. For information on table mapping see [Using Table Mapping with an AWS Database Migration Service Task to Select and Filter Data](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the target endpoint.\n" } }, "required": [ "migrationType", "replicationInstanceArn", "replicationTaskArn", "replicationTaskId", "sourceEndpointArn", "tableMappings", "targetEndpointArn" ], "inputProperties": { "cdcStartTime": { "type": "string", "description": "The Unix timestamp integer for the start of the Change Data Capture (CDC) operation.\n" }, "migrationType": { "type": "string", "description": "The migration type. Can be one of `full-load | cdc | full-load-and-cdc`.\n" }, "replicationInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replication instance.\n" }, "replicationTaskId": { "type": "string", "description": "The replication task identifier.\n" }, "replicationTaskSettings": { "type": "string", "description": "An escaped JSON string that contains the task settings. For a complete list of task settings, see [Task Settings for AWS Database Migration Service Tasks](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html).\n" }, "sourceEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the source endpoint.\n" }, "tableMappings": { "type": "string", "description": "An escaped JSON string that contains the table mappings. For information on table mapping see [Using Table Mapping with an AWS Database Migration Service Task to Select and Filter Data](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the target endpoint.\n" } }, "requiredInputs": [ "migrationType", "replicationInstanceArn", "replicationTaskId", "sourceEndpointArn", "tableMappings", "targetEndpointArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationTask resources.\n", "properties": { "cdcStartTime": { "type": "string", "description": "The Unix timestamp integer for the start of the Change Data Capture (CDC) operation.\n" }, "migrationType": { "type": "string", "description": "The migration type. Can be one of `full-load | cdc | full-load-and-cdc`.\n" }, "replicationInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replication instance.\n" }, "replicationTaskArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the replication task.\n" }, "replicationTaskId": { "type": "string", "description": "The replication task identifier.\n" }, "replicationTaskSettings": { "type": "string", "description": "An escaped JSON string that contains the task settings. For a complete list of task settings, see [Task Settings for AWS Database Migration Service Tasks](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html).\n" }, "sourceEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the source endpoint.\n" }, "tableMappings": { "type": "string", "description": "An escaped JSON string that contains the table mappings. For information on table mapping see [Using Table Mapping with an AWS Database Migration Service Task to Select and Filter Data](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the target endpoint.\n" } }, "type": "object" } }, "aws:docdb/cluster:Cluster": { "description": "Manages a DocDB Cluster.\n\nChanges to a DocDB Cluster can occur when you manually change a\nparameter, such as `port`, and are reflected in the next maintenance\nwindow. Because of this, this provider may report a difference in its planning\nphase because a modification has not yet taken place. You can use the\n`apply_immediately` flag to instruct the service to apply the change immediately\n(see documentation below).\n\n\u003e **Note:** using `apply_immediately` can result in a brief downtime as the server reboots.\n\u003e **Note:** All arguments including the username and password will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst docdb = new aws.docdb.Cluster(\"docdb\", {\n backupRetentionPeriod: 5,\n clusterIdentifier: \"my-docdb-cluster\",\n engine: \"docdb\",\n masterPassword: \"mustbeeightchars\",\n masterUsername: \"foo\",\n preferredBackupWindow: \"07:00-09:00\",\n skipFinalSnapshot: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndocdb = aws.docdb.Cluster(\"docdb\",\n backup_retention_period=5,\n cluster_identifier=\"my-docdb-cluster\",\n engine=\"docdb\",\n master_password=\"mustbeeightchars\",\n master_username=\"foo\",\n preferred_backup_window=\"07:00-09:00\",\n skip_final_snapshot=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var docdb = new Aws.DocDB.Cluster(\"docdb\", new Aws.DocDB.ClusterArgs\n {\n BackupRetentionPeriod = 5,\n ClusterIdentifier = \"my-docdb-cluster\",\n Engine = \"docdb\",\n MasterPassword = \"mustbeeightchars\",\n MasterUsername = \"foo\",\n PreferredBackupWindow = \"07:00-09:00\",\n SkipFinalSnapshot = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = docdb.NewCluster(ctx, \"docdb\", \u0026docdb.ClusterArgs{\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tClusterIdentifier: pulumi.String(\"my-docdb-cluster\"),\n\t\t\tEngine: pulumi.String(\"docdb\"),\n\t\t\tMasterPassword: pulumi.String(\"mustbeeightchars\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that\ninstances in the DB cluster can be created in.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifer`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DocDB Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "The DocDB Cluster Resource ID\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance.\n" }, "deletionProtection": { "type": "boolean", "description": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to export to cloudwatch. If omitted, no logs will be exported.\nThe following log types are supported: `audit`, `profiler`.\n" }, "endpoint": { "type": "string", "description": "The DNS address of the DocDB instance\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this DB cluster. Defaults to `docdb`. Valid Values: `docdb`\n" }, "engineVersion": { "type": "string", "description": "The database engine version. Updating this argument results in an outage.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB cluster is deleted. If omitted, no final snapshot will be\nmade.\n" }, "hostedZoneId": { "type": "string", "description": "The Route53 Hosted Zone ID of the endpoint\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may\nshow up in logs, and it will be stored in the state file. Please refer to the DocDB Naming Constraints.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC\nDefault: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string" }, "readerEndpoint": { "type": "string", "description": "A read-only endpoint for the DocDB cluster, automatically load-balanced across replicas\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate\nwith the Cluster\n" } }, "required": [ "applyImmediately", "arn", "availabilityZones", "clusterIdentifier", "clusterIdentifierPrefix", "clusterMembers", "clusterResourceId", "dbClusterParameterGroupName", "dbSubnetGroupName", "endpoint", "engineVersion", "hostedZoneId", "kmsKeyId", "masterUsername", "preferredBackupWindow", "preferredMaintenanceWindow", "readerEndpoint", "vpcSecurityGroupIds" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that\ninstances in the DB cluster can be created in.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifer`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DocDB Instances that are a part of this cluster\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance.\n" }, "deletionProtection": { "type": "boolean", "description": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to export to cloudwatch. If omitted, no logs will be exported.\nThe following log types are supported: `audit`, `profiler`.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this DB cluster. Defaults to `docdb`. Valid Values: `docdb`\n" }, "engineVersion": { "type": "string", "description": "The database engine version. Updating this argument results in an outage.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB cluster is deleted. If omitted, no final snapshot will be\nmade.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may\nshow up in logs, and it will be stored in the state file. Please refer to the DocDB Naming Constraints.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC\nDefault: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate\nwith the Cluster\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that\ninstances in the DB cluster can be created in.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifer`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DocDB Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "The DocDB Cluster Resource ID\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance.\n" }, "deletionProtection": { "type": "boolean", "description": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to export to cloudwatch. If omitted, no logs will be exported.\nThe following log types are supported: `audit`, `profiler`.\n" }, "endpoint": { "type": "string", "description": "The DNS address of the DocDB instance\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this DB cluster. Defaults to `docdb`. Valid Values: `docdb`\n" }, "engineVersion": { "type": "string", "description": "The database engine version. Updating this argument results in an outage.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB cluster is deleted. If omitted, no final snapshot will be\nmade.\n" }, "hostedZoneId": { "type": "string", "description": "The Route53 Hosted Zone ID of the endpoint\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may\nshow up in logs, and it will be stored in the state file. Please refer to the DocDB Naming Constraints.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC\nDefault: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string" }, "readerEndpoint": { "type": "string", "description": "A read-only endpoint for the DocDB cluster, automatically load-balanced across replicas\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate\nwith the Cluster\n" } }, "type": "object" } }, "aws:docdb/clusterInstance:ClusterInstance": { "description": "Provides an DocDB Cluster Resource Instance. A Cluster Instance Resource defines\nattributes that are specific to a single instance in a [DocDB Cluster](https://www.terraform.io/docs/providers/aws/r/docdb_cluster.html).\n\nYou do not designate a primary and subsequent replicas. Instead, you simply add DocDB\nInstances and DocDB manages the replication. You can use the [count](https://www.terraform.io/docs/configuration/resources.html#count)\nmeta-parameter to make multiple instances and join them all to the same DocDB\nCluster, or you may specify different Cluster Instance resources with various\n`instance_class` sizes.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.docdb.Cluster(\"default\", {\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n clusterIdentifier: \"docdb-cluster-demo\",\n masterPassword: \"barbut8chars\",\n masterUsername: \"foo\",\n});\nconst clusterInstances: aws.docdb.ClusterInstance[] = [];\nfor (let i = 0; i \u003c 2; i++) {\n clusterInstances.push(new aws.docdb.ClusterInstance(`cluster_instances-${i}`, {\n clusterIdentifier: defaultCluster.id,\n identifier: `docdb-cluster-demo-${i}`,\n instanceClass: \"db.r5.large\",\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.docdb.Cluster(\"default\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n cluster_identifier=\"docdb-cluster-demo\",\n master_password=\"barbut8chars\",\n master_username=\"foo\")\ncluster_instances = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n cluster_instances.append(aws.docdb.ClusterInstance(f\"clusterInstances-{range['value']}\",\n cluster_identifier=default.id,\n identifier=f\"docdb-cluster-demo-{range['value']}\",\n instance_class=\"db.r5.large\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.DocDB.Cluster(\"default\", new Aws.DocDB.ClusterArgs\n {\n AvailabilityZones = \n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n ClusterIdentifier = \"docdb-cluster-demo\",\n MasterPassword = \"barbut8chars\",\n MasterUsername = \"foo\",\n });\n var clusterInstances = new List\u003cAws.DocDB.ClusterInstance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n clusterInstances.Add(new Aws.DocDB.ClusterInstance($\"clusterInstances-{range.Value}\", new Aws.DocDB.ClusterInstanceArgs\n {\n ClusterIdentifier = @default.Id,\n Identifier = $\"docdb-cluster-demo-{range.Value}\",\n InstanceClass = \"db.r5.large\",\n }));\n }\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/documentdb/latest/developerguide/API_CreateDBInstance.html) about the details.\n" }, "caCertIdentifier": { "type": "string", "description": "(Optional) The identifier of the CA certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.docdb.Cluster` in which to launch this instance.\n" }, "dbSubnetGroupName": { "type": "string", "description": "The DB subnet group to associate with this DB instance.\n" }, "dbiResourceId": { "type": "string", "description": "The region-unique, immutable identifier for the DB instance.\n" }, "endpoint": { "type": "string", "description": "The DNS address for this instance. May not be writable\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the DocDB instance. Defaults to `docdb`. Valid Values: `docdb`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version\n" }, "identifier": { "type": "string", "description": "The indentifier for the DocDB instance, if omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifer`.\n" }, "instanceClass": { "type": "string", "description": "The instance class to use. For details on CPU and memory, see [Scaling for DocDB Instances](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-cluster-manage-performance.html#db-cluster-manage-scaling-instance). DocDB currently\nsupports the below instance classes. Please see [AWS Documentation](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-classes.html#db-instance-class-specs) for complete details.\n- db.r4.large\n- db.r4.xlarge\n- db.r4.2xlarge\n- db.r4.4xlarge\n- db.r4.8xlarge\n- db.r4.16xlarge\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key if one is set to the cluster.\n" }, "port": { "type": "integer", "description": "The database port\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "publiclyAccessible": { "type": "boolean" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance.\n" }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "required": [ "applyImmediately", "arn", "availabilityZone", "caCertIdentifier", "clusterIdentifier", "dbSubnetGroupName", "dbiResourceId", "endpoint", "engineVersion", "identifier", "identifierPrefix", "instanceClass", "kmsKeyId", "port", "preferredBackupWindow", "preferredMaintenanceWindow", "publiclyAccessible", "storageEncrypted", "writer" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/documentdb/latest/developerguide/API_CreateDBInstance.html) about the details.\n" }, "caCertIdentifier": { "type": "string", "description": "(Optional) The identifier of the CA certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.docdb.Cluster` in which to launch this instance.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the DocDB instance. Defaults to `docdb`. Valid Values: `docdb`.\n" }, "identifier": { "type": "string", "description": "The indentifier for the DocDB instance, if omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifer`.\n" }, "instanceClass": { "type": "string", "description": "The instance class to use. For details on CPU and memory, see [Scaling for DocDB Instances](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-cluster-manage-performance.html#db-cluster-manage-scaling-instance). DocDB currently\nsupports the below instance classes. Please see [AWS Documentation](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-classes.html#db-instance-class-specs) for complete details.\n- db.r4.large\n- db.r4.xlarge\n- db.r4.2xlarge\n- db.r4.4xlarge\n- db.r4.8xlarge\n- db.r4.16xlarge\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance.\n" } }, "requiredInputs": [ "clusterIdentifier", "instanceClass" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterInstance resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/documentdb/latest/developerguide/API_CreateDBInstance.html) about the details.\n" }, "caCertIdentifier": { "type": "string", "description": "(Optional) The identifier of the CA certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.docdb.Cluster` in which to launch this instance.\n" }, "dbSubnetGroupName": { "type": "string", "description": "The DB subnet group to associate with this DB instance.\n" }, "dbiResourceId": { "type": "string", "description": "The region-unique, immutable identifier for the DB instance.\n" }, "endpoint": { "type": "string", "description": "The DNS address for this instance. May not be writable\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the DocDB instance. Defaults to `docdb`. Valid Values: `docdb`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version\n" }, "identifier": { "type": "string", "description": "The indentifier for the DocDB instance, if omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifer`.\n" }, "instanceClass": { "type": "string", "description": "The instance class to use. For details on CPU and memory, see [Scaling for DocDB Instances](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-cluster-manage-performance.html#db-cluster-manage-scaling-instance). DocDB currently\nsupports the below instance classes. Please see [AWS Documentation](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-classes.html#db-instance-class-specs) for complete details.\n- db.r4.large\n- db.r4.xlarge\n- db.r4.2xlarge\n- db.r4.4xlarge\n- db.r4.8xlarge\n- db.r4.16xlarge\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key if one is set to the cluster.\n" }, "port": { "type": "integer", "description": "The database port\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "publiclyAccessible": { "type": "boolean" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance.\n" }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "type": "object" } }, "aws:docdb/clusterParameterGroup:ClusterParameterGroup": { "description": "Manages a DocumentDB Cluster Parameter Group\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.ClusterParameterGroup(\"example\", {\n description: \"docdb cluster parameter group\",\n family: \"docdb3.6\",\n parameters: [{\n name: \"tls\",\n value: \"enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.ClusterParameterGroup(\"example\",\n description=\"docdb cluster parameter group\",\n family=\"docdb3.6\",\n parameters=[{\n \"name\": \"tls\",\n \"value\": \"enabled\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DocDB.ClusterParameterGroup(\"example\", new Aws.DocDB.ClusterParameterGroupArgs\n {\n Description = \"docdb cluster parameter group\",\n Family = \"docdb3.6\",\n Parameters = \n {\n new Aws.DocDB.Inputs.ClusterParameterGroupParameterArgs\n {\n Name = \"tls\",\n Value = \"enabled\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = docdb.NewClusterParameterGroup(ctx, \"example\", \u0026docdb.ClusterParameterGroupArgs{\n\t\t\tDescription: pulumi.String(\"docdb cluster parameter group\"),\n\t\t\tFamily: pulumi.String(\"docdb3.6\"),\n\t\t\tParameters: docdb.ClusterParameterGroupParameterArray{\n\t\t\t\t\u0026docdb.ClusterParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"tls\"),\n\t\t\t\t\tValue: pulumi.String(\"enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the documentDB cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the documentDB cluster parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the documentDB cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the documentDB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:docdb/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of documentDB parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "family", "name", "namePrefix" ], "inputProperties": { "description": { "type": "string", "description": "The description of the documentDB cluster parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the documentDB cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the documentDB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:docdb/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of documentDB parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the documentDB cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the documentDB cluster parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the documentDB cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the documentDB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:docdb/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of documentDB parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:docdb/clusterSnapshot:ClusterSnapshot": { "description": "Manages a DocDB database cluster snapshot for DocDB clusters.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.ClusterSnapshot(\"example\", {\n dbClusterIdentifier: aws_docdb_cluster_example.id,\n dbClusterSnapshotIdentifier: \"resourcetestsnapshot1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.ClusterSnapshot(\"example\",\n db_cluster_identifier=aws_docdb_cluster[\"example\"][\"id\"],\n db_cluster_snapshot_identifier=\"resourcetestsnapshot1234\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DocDB.ClusterSnapshot(\"example\", new Aws.DocDB.ClusterSnapshotArgs\n {\n DbClusterIdentifier = aws_docdb_cluster.Example.Id,\n DbClusterSnapshotIdentifier = \"resourcetestsnapshot1234\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = docdb.NewClusterSnapshot(ctx, \"example\", \u0026docdb.ClusterSnapshotArgs{\n\t\t\tDbClusterIdentifier: pulumi.String(aws_docdb_cluster.Example.Id),\n\t\t\tDbClusterSnapshotIdentifier: pulumi.String(\"resourcetestsnapshot1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DocDB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DocDB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DocDB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DocDB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DocDB cluster snapshot.\n" }, "port": { "type": "integer", "description": "Port that the DocDB cluster was listening on at the time of the snapshot.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DocDB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DocDB cluster snapshot is encrypted.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DocDB cluster snapshot.\n" } }, "required": [ "availabilityZones", "dbClusterIdentifier", "dbClusterSnapshotArn", "dbClusterSnapshotIdentifier", "engine", "engineVersion", "kmsKeyId", "port", "snapshotType", "sourceDbClusterSnapshotArn", "status", "storageEncrypted", "vpcId" ], "inputProperties": { "dbClusterIdentifier": { "type": "string", "description": "The DocDB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" } }, "requiredInputs": [ "dbClusterIdentifier", "dbClusterSnapshotIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterSnapshot resources.\n", "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DocDB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DocDB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DocDB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DocDB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DocDB cluster snapshot.\n" }, "port": { "type": "integer", "description": "Port that the DocDB cluster was listening on at the time of the snapshot.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DocDB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DocDB cluster snapshot is encrypted.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DocDB cluster snapshot.\n" } }, "type": "object" } }, "aws:docdb/subnetGroup:SubnetGroup": { "description": "Provides an DocumentDB subnet group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultSubnetGroup = new aws.docdb.SubnetGroup(\"default\", {\n subnetIds: [\n aws_subnet_frontend.id,\n aws_subnet_backend.id,\n ],\n tags: {\n Name: \"My docdb subnet group\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.docdb.SubnetGroup(\"default\",\n subnet_ids=[\n aws_subnet[\"frontend\"][\"id\"],\n aws_subnet[\"backend\"][\"id\"],\n ],\n tags={\n \"Name\": \"My docdb subnet group\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.DocDB.SubnetGroup(\"default\", new Aws.DocDB.SubnetGroupArgs\n {\n SubnetIds = \n {\n aws_subnet.Frontend.Id,\n aws_subnet.Backend.Id,\n },\n Tags = \n {\n { \"Name\", \"My docdb subnet group\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = docdb.NewSubnetGroup(ctx, \"default\", \u0026docdb.SubnetGroupArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_subnet.Frontend.Id),\n\t\t\t\tpulumi.String(aws_subnet.Backend.Id),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"My docdb subnet group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the docDB subnet group.\n" }, "description": { "type": "string", "description": "The description of the docDB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the docDB subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "description", "name", "namePrefix", "subnetIds" ], "inputProperties": { "description": { "type": "string", "description": "The description of the docDB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the docDB subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the docDB subnet group.\n" }, "description": { "type": "string", "description": "The description of the docDB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the docDB subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:dynamodb/globalTable:GlobalTable": { "description": "Manages [DynamoDB Global Tables V1 (version 2017.11.29)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html). These are layered on top of existing DynamoDB Tables.\n\n\u003e **NOTE:** To instead manage [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html), use the `aws.dynamodb.Table` resource `replica` configuration block.\n\n\u003e Note: There are many restrictions before you can properly create DynamoDB Global Tables in multiple regions. See the [AWS DynamoDB Global Table Requirements](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables_reqs_bestpractices.html) for more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst us_east_1 = new aws.Provider(\"us-east-1\", {\n region: \"us-east-1\",\n});\nconst us_west_2 = new aws.Provider(\"us-west-2\", {\n region: \"us-west-2\",\n});\nconst us_east_1Table = new aws.dynamodb.Table(\"us-east-1\", {\n attributes: [{\n name: \"myAttribute\",\n type: \"S\",\n }],\n hashKey: \"myAttribute\",\n readCapacity: 1,\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n writeCapacity: 1,\n}, { provider: us_east_1 });\nconst us_west_2Table = new aws.dynamodb.Table(\"us-west-2\", {\n attributes: [{\n name: \"myAttribute\",\n type: \"S\",\n }],\n hashKey: \"myAttribute\",\n readCapacity: 1,\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n writeCapacity: 1,\n}, { provider: us_west_2 });\nconst myTable = new aws.dynamodb.GlobalTable(\"myTable\", {\n replicas: [\n {\n regionName: \"us-east-1\",\n },\n {\n regionName: \"us-west-2\",\n },\n ],\n}, { provider: us_east_1, dependsOn: [us_east_1Table, us_west_2Table] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\nus_east_1 = pulumi.providers.Aws(\"us-east-1\", region=\"us-east-1\")\nus_west_2 = pulumi.providers.Aws(\"us-west-2\", region=\"us-west-2\")\nus_east_1_table = aws.dynamodb.Table(\"us-east-1Table\",\n attributes=[{\n \"name\": \"myAttribute\",\n \"type\": \"S\",\n }],\n hash_key=\"myAttribute\",\n read_capacity=1,\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n write_capacity=1)\nus_west_2_table = aws.dynamodb.Table(\"us-west-2Table\",\n attributes=[{\n \"name\": \"myAttribute\",\n \"type\": \"S\",\n }],\n hash_key=\"myAttribute\",\n read_capacity=1,\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n write_capacity=1)\nmy_table = aws.dynamodb.GlobalTable(\"myTable\", replicas=[\n {\n \"regionName\": \"us-east-1\",\n },\n {\n \"regionName\": \"us-west-2\",\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var us_east_1 = new Aws.Provider(\"us-east-1\", new Aws.ProviderArgs\n {\n Region = \"us-east-1\",\n });\n var us_west_2 = new Aws.Provider(\"us-west-2\", new Aws.ProviderArgs\n {\n Region = \"us-west-2\",\n });\n var us_east_1Table = new Aws.DynamoDB.Table(\"us-east-1Table\", new Aws.DynamoDB.TableArgs\n {\n Attributes = \n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"myAttribute\",\n Type = \"S\",\n },\n },\n HashKey = \"myAttribute\",\n ReadCapacity = 1,\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n WriteCapacity = 1,\n });\n var us_west_2Table = new Aws.DynamoDB.Table(\"us-west-2Table\", new Aws.DynamoDB.TableArgs\n {\n Attributes = \n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"myAttribute\",\n Type = \"S\",\n },\n },\n HashKey = \"myAttribute\",\n ReadCapacity = 1,\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n WriteCapacity = 1,\n });\n var myTable = new Aws.DynamoDB.GlobalTable(\"myTable\", new Aws.DynamoDB.GlobalTableArgs\n {\n Replicas = \n {\n new Aws.DynamoDB.Inputs.GlobalTableReplicaArgs\n {\n RegionName = \"us-east-1\",\n },\n new Aws.DynamoDB.Inputs.GlobalTableReplicaArgs\n {\n RegionName = \"us-west-2\",\n },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the DynamoDB Global Table\n" }, "name": { "type": "string", "description": "The name of the global table. Must match underlying DynamoDB Table names in all regions.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/GlobalTableReplica:GlobalTableReplica" }, "description": "Underlying DynamoDB Table. At least 1 replica must be defined. See below.\n" } }, "required": [ "arn", "name", "replicas" ], "inputProperties": { "name": { "type": "string", "description": "The name of the global table. Must match underlying DynamoDB Table names in all regions.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/GlobalTableReplica:GlobalTableReplica" }, "description": "Underlying DynamoDB Table. At least 1 replica must be defined. See below.\n" } }, "requiredInputs": [ "replicas" ], "stateInputs": { "description": "Input properties used for looking up and filtering GlobalTable resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DynamoDB Global Table\n" }, "name": { "type": "string", "description": "The name of the global table. Must match underlying DynamoDB Table names in all regions.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/GlobalTableReplica:GlobalTableReplica" }, "description": "Underlying DynamoDB Table. At least 1 replica must be defined. See below.\n" } }, "type": "object" } }, "aws:dynamodb/table:Table": { "description": "Provides a DynamoDB table resource\n\n\u003e **Note:** It is recommended to use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) for `read_capacity` and/or `write_capacity` if there's `autoscaling policy` attached to the table.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following dynamodb table description models the table and GSI shown\nin the [AWS SDK example documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GSI.html)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst basic_dynamodb_table = new aws.dynamodb.Table(\"basic-dynamodb-table\", {\n attributes: [\n {\n name: \"UserId\",\n type: \"S\",\n },\n {\n name: \"GameTitle\",\n type: \"S\",\n },\n {\n name: \"TopScore\",\n type: \"N\",\n },\n ],\n billingMode: \"PROVISIONED\",\n globalSecondaryIndexes: [{\n hashKey: \"GameTitle\",\n name: \"GameTitleIndex\",\n nonKeyAttributes: [\"UserId\"],\n projectionType: \"INCLUDE\",\n rangeKey: \"TopScore\",\n readCapacity: 10,\n writeCapacity: 10,\n }],\n hashKey: \"UserId\",\n rangeKey: \"GameTitle\",\n readCapacity: 20,\n tags: {\n Environment: \"production\",\n Name: \"dynamodb-table-1\",\n },\n ttl: {\n attributeName: \"TimeToExist\",\n enabled: false,\n },\n writeCapacity: 20,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbasic_dynamodb_table = aws.dynamodb.Table(\"basic-dynamodb-table\",\n attributes=[\n {\n \"name\": \"UserId\",\n \"type\": \"S\",\n },\n {\n \"name\": \"GameTitle\",\n \"type\": \"S\",\n },\n {\n \"name\": \"TopScore\",\n \"type\": \"N\",\n },\n ],\n billing_mode=\"PROVISIONED\",\n global_secondary_indexes=[{\n \"hash_key\": \"GameTitle\",\n \"name\": \"GameTitleIndex\",\n \"nonKeyAttributes\": [\"UserId\"],\n \"projectionType\": \"INCLUDE\",\n \"range_key\": \"TopScore\",\n \"read_capacity\": 10,\n \"write_capacity\": 10,\n }],\n hash_key=\"UserId\",\n range_key=\"GameTitle\",\n read_capacity=20,\n tags={\n \"Environment\": \"production\",\n \"Name\": \"dynamodb-table-1\",\n },\n ttl={\n \"attributeName\": \"TimeToExist\",\n \"enabled\": False,\n },\n write_capacity=20)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var basic_dynamodb_table = new Aws.DynamoDB.Table(\"basic-dynamodb-table\", new Aws.DynamoDB.TableArgs\n {\n Attributes = \n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"UserId\",\n Type = \"S\",\n },\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"GameTitle\",\n Type = \"S\",\n },\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TopScore\",\n Type = \"N\",\n },\n },\n BillingMode = \"PROVISIONED\",\n GlobalSecondaryIndexes = \n {\n new Aws.DynamoDB.Inputs.TableGlobalSecondaryIndexArgs\n {\n HashKey = \"GameTitle\",\n Name = \"GameTitleIndex\",\n NonKeyAttributes = \n {\n \"UserId\",\n },\n ProjectionType = \"INCLUDE\",\n RangeKey = \"TopScore\",\n ReadCapacity = 10,\n WriteCapacity = 10,\n },\n },\n HashKey = \"UserId\",\n RangeKey = \"GameTitle\",\n ReadCapacity = 20,\n Tags = \n {\n { \"Environment\", \"production\" },\n { \"Name\", \"dynamodb-table-1\" },\n },\n Ttl = new Aws.DynamoDB.Inputs.TableTtlArgs\n {\n AttributeName = \"TimeToExist\",\n Enabled = false,\n },\n WriteCapacity = 20,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = dynamodb.NewTable(ctx, \"basic-dynamodb-table\", \u0026dynamodb.TableArgs{\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"UserId\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"GameTitle\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TopScore\"),\n\t\t\t\t\tType: pulumi.String(\"N\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tBillingMode: pulumi.String(\"PROVISIONED\"),\n\t\t\tGlobalSecondaryIndexes: dynamodb.TableGlobalSecondaryIndexArray{\n\t\t\t\t\u0026dynamodb.TableGlobalSecondaryIndexArgs{\n\t\t\t\t\tHashKey: pulumi.String(\"GameTitle\"),\n\t\t\t\t\tName: pulumi.String(\"GameTitleIndex\"),\n\t\t\t\t\tNonKeyAttributes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"UserId\"),\n\t\t\t\t\t},\n\t\t\t\t\tProjectionType: pulumi.String(\"INCLUDE\"),\n\t\t\t\t\tRangeKey: pulumi.String(\"TopScore\"),\n\t\t\t\t\tReadCapacity: pulumi.Int(10),\n\t\t\t\t\tWriteCapacity: pulumi.Int(10),\n\t\t\t\t},\n\t\t\t},\n\t\t\tHashKey: pulumi.String(\"UserId\"),\n\t\t\tRangeKey: pulumi.String(\"GameTitle\"),\n\t\t\tReadCapacity: pulumi.Int(20),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t\t\"Name\": pulumi.String(\"dynamodb-table-1\"),\n\t\t\t},\n\t\t\tTtl: \u0026dynamodb.TableTtlArgs{\n\t\t\t\tAttributeName: pulumi.String(\"TimeToExist\"),\n\t\t\t\tEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t\tWriteCapacity: pulumi.Int(20),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Global Tables\n\nThis resource implements support for [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) via `replica` configuration blocks. For working with [DynamoDB Global Tables V1 (version 2017.11.29)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html), see the `aws.dynamodb.GlobalTable` resource.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.Table(\"example\", {\n attributes: [{\n name: \"TestTableHashKey\",\n type: \"S\",\n }],\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"TestTableHashKey\",\n replicas: [\n {\n regionName: \"us-east-2\",\n },\n {\n regionName: \"us-west-2\",\n },\n ],\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.Table(\"example\",\n attributes=[{\n \"name\": \"TestTableHashKey\",\n \"type\": \"S\",\n }],\n billing_mode=\"PAY_PER_REQUEST\",\n hash_key=\"TestTableHashKey\",\n replicas=[\n {\n \"regionName\": \"us-east-2\",\n },\n {\n \"regionName\": \"us-west-2\",\n },\n ],\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.DynamoDB.Table(\"example\", new Aws.DynamoDB.TableArgs\n {\n Attributes = \n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TestTableHashKey\",\n Type = \"S\",\n },\n },\n BillingMode = \"PAY_PER_REQUEST\",\n HashKey = \"TestTableHashKey\",\n Replicas = \n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-east-2\",\n },\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-west-2\",\n },\n },\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TestTableHashKey\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\n\t\t\tHashKey: pulumi.String(\"TestTableHashKey\"),\n\t\t\tReplicas: dynamodb.TableReplicaArray{\n\t\t\t\t\u0026dynamodb.TableReplicaArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-east-2\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableReplicaArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The arn of the table\n" }, "attributes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableAttribute:TableAttribute" }, "description": "List of nested attribute definitions. Only required for `hash_key` and `range_key` attributes. Each attribute has two properties:\n" }, "billingMode": { "type": "string", "description": "Controls how you are charged for read and write throughput and how you manage capacity. The valid values are `PROVISIONED` and `PAY_PER_REQUEST`. Defaults to `PROVISIONED`.\n" }, "globalSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableGlobalSecondaryIndex:TableGlobalSecondaryIndex" }, "description": "Describe a GSI for the table;\nsubject to the normal limits on the number of GSIs, projected\nattributes, etc.\n" }, "hashKey": { "type": "string", "description": "The name of the hash key in the index; must be\ndefined as an attribute in the resource.\n" }, "localSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableLocalSecondaryIndex:TableLocalSecondaryIndex" }, "description": "Describe an LSI on the table;\nthese can only be allocated *at creation* so you cannot change this\ndefinition after you have created the resource.\n" }, "name": { "type": "string", "description": "The name of the index\n" }, "pointInTimeRecovery": { "$ref": "#/types/aws:dynamodb/TablePointInTimeRecovery:TablePointInTimeRecovery", "description": "Point-in-time recovery options.\n" }, "rangeKey": { "type": "string", "description": "The name of the range key; must be defined\n" }, "readCapacity": { "type": "integer", "description": "The number of read units for this index. Must be set if billing_mode is set to PROVISIONED.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableReplica:TableReplica" }, "description": "Configuration block(s) with [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) replication configurations. Detailed below.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dynamodb/TableServerSideEncryption:TableServerSideEncryption", "description": "Encryption at rest options. AWS DynamoDB tables are automatically encrypted at rest with an AWS owned Customer Master Key if this argument isn't specified.\n" }, "streamArn": { "type": "string", "description": "The ARN of the Table Stream. Only available when `stream_enabled = true`\n" }, "streamEnabled": { "type": "boolean", "description": "Indicates whether Streams are to be enabled (true) or disabled (false).\n" }, "streamLabel": { "type": "string", "description": "A timestamp, in ISO 8601 format, for this stream. Note that this timestamp is not\na unique identifier for the stream on its own. However, the combination of AWS customer ID,\ntable name and this field is guaranteed to be unique.\nIt can be used for creating CloudWatch Alarms. Only available when `stream_enabled = true`\n" }, "streamViewType": { "type": "string", "description": "When an item in the table is modified, StreamViewType determines what information is written to the table's stream. Valid values are `KEYS_ONLY`, `NEW_IMAGE`, `OLD_IMAGE`, `NEW_AND_OLD_IMAGES`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to populate on the created table.\n" }, "ttl": { "$ref": "#/types/aws:dynamodb/TableTtl:TableTtl", "description": "Defines ttl, has two properties, and can only be specified once:\n" }, "writeCapacity": { "type": "integer", "description": "The number of write units for this index. Must be set if billing_mode is set to PROVISIONED.\n" } }, "required": [ "arn", "attributes", "hashKey", "name", "pointInTimeRecovery", "serverSideEncryption", "streamArn", "streamLabel", "streamViewType" ], "inputProperties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableAttribute:TableAttribute" }, "description": "List of nested attribute definitions. Only required for `hash_key` and `range_key` attributes. Each attribute has two properties:\n" }, "billingMode": { "type": "string", "description": "Controls how you are charged for read and write throughput and how you manage capacity. The valid values are `PROVISIONED` and `PAY_PER_REQUEST`. Defaults to `PROVISIONED`.\n" }, "globalSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableGlobalSecondaryIndex:TableGlobalSecondaryIndex" }, "description": "Describe a GSI for the table;\nsubject to the normal limits on the number of GSIs, projected\nattributes, etc.\n" }, "hashKey": { "type": "string", "description": "The name of the hash key in the index; must be\ndefined as an attribute in the resource.\n" }, "localSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableLocalSecondaryIndex:TableLocalSecondaryIndex" }, "description": "Describe an LSI on the table;\nthese can only be allocated *at creation* so you cannot change this\ndefinition after you have created the resource.\n" }, "name": { "type": "string", "description": "The name of the index\n" }, "pointInTimeRecovery": { "$ref": "#/types/aws:dynamodb/TablePointInTimeRecovery:TablePointInTimeRecovery", "description": "Point-in-time recovery options.\n" }, "rangeKey": { "type": "string", "description": "The name of the range key; must be defined\n" }, "readCapacity": { "type": "integer", "description": "The number of read units for this index. Must be set if billing_mode is set to PROVISIONED.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableReplica:TableReplica" }, "description": "Configuration block(s) with [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) replication configurations. Detailed below.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dynamodb/TableServerSideEncryption:TableServerSideEncryption", "description": "Encryption at rest options. AWS DynamoDB tables are automatically encrypted at rest with an AWS owned Customer Master Key if this argument isn't specified.\n" }, "streamEnabled": { "type": "boolean", "description": "Indicates whether Streams are to be enabled (true) or disabled (false).\n" }, "streamViewType": { "type": "string", "description": "When an item in the table is modified, StreamViewType determines what information is written to the table's stream. Valid values are `KEYS_ONLY`, `NEW_IMAGE`, `OLD_IMAGE`, `NEW_AND_OLD_IMAGES`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to populate on the created table.\n" }, "ttl": { "$ref": "#/types/aws:dynamodb/TableTtl:TableTtl", "description": "Defines ttl, has two properties, and can only be specified once:\n" }, "writeCapacity": { "type": "integer", "description": "The number of write units for this index. Must be set if billing_mode is set to PROVISIONED.\n" } }, "requiredInputs": [ "attributes", "hashKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering Table resources.\n", "properties": { "arn": { "type": "string", "description": "The arn of the table\n" }, "attributes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableAttribute:TableAttribute" }, "description": "List of nested attribute definitions. Only required for `hash_key` and `range_key` attributes. Each attribute has two properties:\n" }, "billingMode": { "type": "string", "description": "Controls how you are charged for read and write throughput and how you manage capacity. The valid values are `PROVISIONED` and `PAY_PER_REQUEST`. Defaults to `PROVISIONED`.\n" }, "globalSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableGlobalSecondaryIndex:TableGlobalSecondaryIndex" }, "description": "Describe a GSI for the table;\nsubject to the normal limits on the number of GSIs, projected\nattributes, etc.\n" }, "hashKey": { "type": "string", "description": "The name of the hash key in the index; must be\ndefined as an attribute in the resource.\n" }, "localSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableLocalSecondaryIndex:TableLocalSecondaryIndex" }, "description": "Describe an LSI on the table;\nthese can only be allocated *at creation* so you cannot change this\ndefinition after you have created the resource.\n" }, "name": { "type": "string", "description": "The name of the index\n" }, "pointInTimeRecovery": { "$ref": "#/types/aws:dynamodb/TablePointInTimeRecovery:TablePointInTimeRecovery", "description": "Point-in-time recovery options.\n" }, "rangeKey": { "type": "string", "description": "The name of the range key; must be defined\n" }, "readCapacity": { "type": "integer", "description": "The number of read units for this index. Must be set if billing_mode is set to PROVISIONED.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableReplica:TableReplica" }, "description": "Configuration block(s) with [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) replication configurations. Detailed below.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dynamodb/TableServerSideEncryption:TableServerSideEncryption", "description": "Encryption at rest options. AWS DynamoDB tables are automatically encrypted at rest with an AWS owned Customer Master Key if this argument isn't specified.\n" }, "streamArn": { "type": "string", "description": "The ARN of the Table Stream. Only available when `stream_enabled = true`\n" }, "streamEnabled": { "type": "boolean", "description": "Indicates whether Streams are to be enabled (true) or disabled (false).\n" }, "streamLabel": { "type": "string", "description": "A timestamp, in ISO 8601 format, for this stream. Note that this timestamp is not\na unique identifier for the stream on its own. However, the combination of AWS customer ID,\ntable name and this field is guaranteed to be unique.\nIt can be used for creating CloudWatch Alarms. Only available when `stream_enabled = true`\n" }, "streamViewType": { "type": "string", "description": "When an item in the table is modified, StreamViewType determines what information is written to the table's stream. Valid values are `KEYS_ONLY`, `NEW_IMAGE`, `OLD_IMAGE`, `NEW_AND_OLD_IMAGES`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to populate on the created table.\n" }, "ttl": { "$ref": "#/types/aws:dynamodb/TableTtl:TableTtl", "description": "Defines ttl, has two properties, and can only be specified once:\n" }, "writeCapacity": { "type": "integer", "description": "The number of write units for this index. Must be set if billing_mode is set to PROVISIONED.\n" } }, "type": "object" } }, "aws:dynamodb/tableItem:TableItem": { "description": "Provides a DynamoDB table item resource\n\n\u003e **Note:** This resource is not meant to be used for managing large amounts of data in your table, it is not designed to scale.\n You should perform **regular backups** of all data in the table, see [AWS docs for more](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/BackupRestore.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleTable = new aws.dynamodb.Table(\"example\", {\n attributes: [{\n name: \"exampleHashKey\",\n type: \"S\",\n }],\n hashKey: \"exampleHashKey\",\n readCapacity: 10,\n writeCapacity: 10,\n});\nconst exampleTableItem = new aws.dynamodb.TableItem(\"example\", {\n hashKey: exampleTable.hashKey,\n item: `{\n \"exampleHashKey\": {\"S\": \"something\"},\n \"one\": {\"N\": \"11111\"},\n \"two\": {\"N\": \"22222\"},\n \"three\": {\"N\": \"33333\"},\n \"four\": {\"N\": \"44444\"}\n}\n`,\n tableName: exampleTable.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_table = aws.dynamodb.Table(\"exampleTable\",\n attributes=[{\n \"name\": \"exampleHashKey\",\n \"type\": \"S\",\n }],\n hash_key=\"exampleHashKey\",\n read_capacity=10,\n write_capacity=10)\nexample_table_item = aws.dynamodb.TableItem(\"exampleTableItem\",\n hash_key=example_table.hash_key,\n item=\"\"\"{\n \"exampleHashKey\": {\"S\": \"something\"},\n \"one\": {\"N\": \"11111\"},\n \"two\": {\"N\": \"22222\"},\n \"three\": {\"N\": \"33333\"},\n \"four\": {\"N\": \"44444\"}\n}\n\n\"\"\",\n table_name=example_table.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleTable = new Aws.DynamoDB.Table(\"exampleTable\", new Aws.DynamoDB.TableArgs\n {\n Attributes = \n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"exampleHashKey\",\n Type = \"S\",\n },\n },\n HashKey = \"exampleHashKey\",\n ReadCapacity = 10,\n WriteCapacity = 10,\n });\n var exampleTableItem = new Aws.DynamoDB.TableItem(\"exampleTableItem\", new Aws.DynamoDB.TableItemArgs\n {\n HashKey = exampleTable.HashKey,\n Item = @\"{\n \"\"exampleHashKey\"\": {\"\"S\"\": \"\"something\"\"},\n \"\"one\"\": {\"\"N\"\": \"\"11111\"\"},\n \"\"two\"\": {\"\"N\"\": \"\"22222\"\"},\n \"\"three\"\": {\"\"N\"\": \"\"33333\"\"},\n \"\"four\"\": {\"\"N\"\": \"\"44444\"\"}\n}\n\n\",\n TableName = exampleTable.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleTable, err := dynamodb.NewTable(ctx, \"exampleTable\", \u0026dynamodb.TableArgs{\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"exampleHashKey\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tHashKey: pulumi.String(\"exampleHashKey\"),\n\t\t\tReadCapacity: pulumi.Int(10),\n\t\t\tWriteCapacity: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewTableItem(ctx, \"exampleTableItem\", \u0026dynamodb.TableItemArgs{\n\t\t\tHashKey: exampleTable.HashKey,\n\t\t\tItem: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"exampleHashKey\\\": {\\\"S\\\": \\\"something\\\"},\\n\", \" \\\"one\\\": {\\\"N\\\": \\\"11111\\\"},\\n\", \" \\\"two\\\": {\\\"N\\\": \\\"22222\\\"},\\n\", \" \\\"three\\\": {\\\"N\\\": \\\"33333\\\"},\\n\", \" \\\"four\\\": {\\\"N\\\": \\\"44444\\\"}\\n\", \"}\\n\", \"\\n\")),\n\t\t\tTableName: exampleTable.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "hashKey": { "type": "string", "description": "Hash key to use for lookups and identification of the item\n" }, "item": { "type": "string", "description": "JSON representation of a map of attribute name/value pairs, one for each attribute.\nOnly the primary key attributes are required; you can optionally provide other attribute name-value pairs for the item.\n" }, "rangeKey": { "type": "string", "description": "Range key to use for lookups and identification of the item. Required if there is range key defined in the table.\n" }, "tableName": { "type": "string", "description": "The name of the table to contain the item.\n" } }, "required": [ "hashKey", "item", "tableName" ], "inputProperties": { "hashKey": { "type": "string", "description": "Hash key to use for lookups and identification of the item\n" }, "item": { "type": "string", "description": "JSON representation of a map of attribute name/value pairs, one for each attribute.\nOnly the primary key attributes are required; you can optionally provide other attribute name-value pairs for the item.\n" }, "rangeKey": { "type": "string", "description": "Range key to use for lookups and identification of the item. Required if there is range key defined in the table.\n" }, "tableName": { "type": "string", "description": "The name of the table to contain the item.\n" } }, "requiredInputs": [ "hashKey", "item", "tableName" ], "stateInputs": { "description": "Input properties used for looking up and filtering TableItem resources.\n", "properties": { "hashKey": { "type": "string", "description": "Hash key to use for lookups and identification of the item\n" }, "item": { "type": "string", "description": "JSON representation of a map of attribute name/value pairs, one for each attribute.\nOnly the primary key attributes are required; you can optionally provide other attribute name-value pairs for the item.\n" }, "rangeKey": { "type": "string", "description": "Range key to use for lookups and identification of the item. Required if there is range key defined in the table.\n" }, "tableName": { "type": "string", "description": "The name of the table to contain the item.\n" } }, "type": "object" } }, "aws:ebs/defaultKmsKey:DefaultKmsKey": { "description": "Provides a resource to manage the default customer master key (CMK) that your AWS account uses to encrypt EBS volumes.\n\nYour AWS account has an AWS-managed default CMK that is used for encrypting an EBS volume when no CMK is specified in the API call that creates the volume.\nBy using the `aws.ebs.DefaultKmsKey` resource, you can specify a customer-managed CMK to use in place of the AWS-managed default CMK.\n\n\u003e **NOTE:** Creating an `aws.ebs.DefaultKmsKey` resource does not enable default EBS encryption. Use the `aws.ebs.EncryptionByDefault` to enable default EBS encryption.\n\n\u003e **NOTE:** Destroying this resource will reset the default CMK to the account's AWS-managed default CMK for EBS.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.DefaultKmsKey(\"example\", {\n keyArn: aws_kms_key_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.DefaultKmsKey(\"example\", key_arn=aws_kms_key[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ebs.DefaultKmsKey(\"example\", new Aws.Ebs.DefaultKmsKeyArgs\n {\n KeyArn = aws_kms_key.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ebs.NewDefaultKmsKey(ctx, \"example\", \u0026ebs.DefaultKmsKeyArgs{\n\t\t\tKeyArn: pulumi.String(aws_kms_key.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "keyArn": { "type": "string", "description": "The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use to encrypt the EBS volume.\n" } }, "required": [ "keyArn" ], "inputProperties": { "keyArn": { "type": "string", "description": "The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use to encrypt the EBS volume.\n" } }, "requiredInputs": [ "keyArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DefaultKmsKey resources.\n", "properties": { "keyArn": { "type": "string", "description": "The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use to encrypt the EBS volume.\n" } }, "type": "object" } }, "aws:ebs/encryptionByDefault:EncryptionByDefault": { "description": "Provides a resource to manage whether default EBS encryption is enabled for your AWS account in the current AWS region. To manage the default KMS key for the region, see the `aws.ebs.DefaultKmsKey` resource.\n\n\u003e **NOTE:** Removing this resource disables default EBS encryption.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.EncryptionByDefault(\"example\", {\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.EncryptionByDefault(\"example\", enabled=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ebs.EncryptionByDefault(\"example\", new Aws.Ebs.EncryptionByDefaultArgs\n {\n Enabled = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ebs.NewEncryptionByDefault(ctx, \"example\", \u0026ebs.EncryptionByDefaultArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "enabled": { "type": "boolean", "description": "Whether or not default EBS encryption is enabled. Valid values are `true` or `false`. Defaults to `true`.\n" } }, "inputProperties": { "enabled": { "type": "boolean", "description": "Whether or not default EBS encryption is enabled. Valid values are `true` or `false`. Defaults to `true`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering EncryptionByDefault resources.\n", "properties": { "enabled": { "type": "boolean", "description": "Whether or not default EBS encryption is enabled. Valid values are `true` or `false`. Defaults to `true`.\n" } }, "type": "object" } }, "aws:ebs/snapshot:Snapshot": { "description": "Creates a Snapshot of an EBS Volume.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n size: 40,\n tags: {\n Name: \"HelloWorld\",\n },\n});\nconst exampleSnapshot = new aws.ebs.Snapshot(\"example_snapshot\", {\n tags: {\n Name: \"HelloWorld_snap\",\n },\n volumeId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n size=40,\n tags={\n \"Name\": \"HelloWorld\",\n })\nexample_snapshot = aws.ebs.Snapshot(\"exampleSnapshot\",\n tags={\n \"Name\": \"HelloWorld_snap\",\n },\n volume_id=example.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ebs.Volume(\"example\", new Aws.Ebs.VolumeArgs\n {\n AvailabilityZone = \"us-west-2a\",\n Size = 40,\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n var exampleSnapshot = new Aws.Ebs.Snapshot(\"exampleSnapshot\", new Aws.Ebs.SnapshotArgs\n {\n Tags = \n {\n { \"Name\", \"HelloWorld_snap\" },\n },\n VolumeId = example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSize: pulumi.Int(40),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ebs.NewSnapshot(ctx, \"exampleSnapshot\", \u0026ebs.SnapshotArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld_snap\"),\n\t\t\t},\n\t\t\tVolumeId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n" }, "description": { "type": "string", "description": "A description of what the snapshot is.\n" }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the EBS snapshot owner.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the snapshot\n" }, "volumeId": { "type": "string", "description": "The Volume ID of which to make a snapshot.\n" }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "required": [ "arn", "dataEncryptionKeyId", "encrypted", "kmsKeyId", "ownerAlias", "ownerId", "volumeId", "volumeSize" ], "inputProperties": { "description": { "type": "string", "description": "A description of what the snapshot is.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the snapshot\n" }, "volumeId": { "type": "string", "description": "The Volume ID of which to make a snapshot.\n" } }, "requiredInputs": [ "volumeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Snapshot resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n" }, "description": { "type": "string", "description": "A description of what the snapshot is.\n" }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the EBS snapshot owner.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the snapshot\n" }, "volumeId": { "type": "string", "description": "The Volume ID of which to make a snapshot.\n" }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "type": "object" } }, "aws:ebs/snapshotCopy:SnapshotCopy": { "description": "Creates a Snapshot of a snapshot.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n size: 40,\n tags: {\n Name: \"HelloWorld\",\n },\n});\nconst exampleSnapshot = new aws.ebs.Snapshot(\"example_snapshot\", {\n tags: {\n Name: \"HelloWorld_snap\",\n },\n volumeId: example.id,\n});\nconst exampleCopy = new aws.ebs.SnapshotCopy(\"example_copy\", {\n sourceRegion: \"us-west-2\",\n sourceSnapshotId: exampleSnapshot.id,\n tags: {\n Name: \"HelloWorld_copy_snap\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n size=40,\n tags={\n \"Name\": \"HelloWorld\",\n })\nexample_snapshot = aws.ebs.Snapshot(\"exampleSnapshot\",\n tags={\n \"Name\": \"HelloWorld_snap\",\n },\n volume_id=example.id)\nexample_copy = aws.ebs.SnapshotCopy(\"exampleCopy\",\n source_region=\"us-west-2\",\n source_snapshot_id=example_snapshot.id,\n tags={\n \"Name\": \"HelloWorld_copy_snap\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ebs.Volume(\"example\", new Aws.Ebs.VolumeArgs\n {\n AvailabilityZone = \"us-west-2a\",\n Size = 40,\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n var exampleSnapshot = new Aws.Ebs.Snapshot(\"exampleSnapshot\", new Aws.Ebs.SnapshotArgs\n {\n Tags = \n {\n { \"Name\", \"HelloWorld_snap\" },\n },\n VolumeId = example.Id,\n });\n var exampleCopy = new Aws.Ebs.SnapshotCopy(\"exampleCopy\", new Aws.Ebs.SnapshotCopyArgs\n {\n SourceRegion = \"us-west-2\",\n SourceSnapshotId = exampleSnapshot.Id,\n Tags = \n {\n { \"Name\", \"HelloWorld_copy_snap\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSize: pulumi.Int(40),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSnapshot, err := ebs.NewSnapshot(ctx, \"exampleSnapshot\", \u0026ebs.SnapshotArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld_snap\"),\n\t\t\t},\n\t\t\tVolumeId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ebs.NewSnapshotCopy(ctx, \"exampleCopy\", \u0026ebs.SnapshotCopyArgs{\n\t\t\tSourceRegion: pulumi.String(\"us-west-2\"),\n\t\t\tSourceSnapshotId: exampleSnapshot.ID(),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld_copy_snap\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n* `source_snapshot_id` The ARN of the copied snapshot.\n* `source_region` The region of the source snapshot.\n" }, "description": { "type": "string", "description": "A description of what the snapshot is.\n" }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the snapshot owner.\n" }, "sourceRegion": { "type": "string", "description": "The region of the source snapshot.\n" }, "sourceSnapshotId": { "type": "string", "description": "The ARN for the snapshot to be copied.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the snapshot.\n" }, "volumeId": { "type": "string" }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "required": [ "arn", "dataEncryptionKeyId", "ownerAlias", "ownerId", "sourceRegion", "sourceSnapshotId", "volumeId", "volumeSize" ], "inputProperties": { "description": { "type": "string", "description": "A description of what the snapshot is.\n" }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "sourceRegion": { "type": "string", "description": "The region of the source snapshot.\n" }, "sourceSnapshotId": { "type": "string", "description": "The ARN for the snapshot to be copied.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the snapshot.\n" } }, "requiredInputs": [ "sourceRegion", "sourceSnapshotId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotCopy resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n* `source_snapshot_id` The ARN of the copied snapshot.\n* `source_region` The region of the source snapshot.\n" }, "description": { "type": "string", "description": "A description of what the snapshot is.\n" }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the snapshot owner.\n" }, "sourceRegion": { "type": "string", "description": "The region of the source snapshot.\n" }, "sourceSnapshotId": { "type": "string", "description": "The ARN for the snapshot to be copied.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the snapshot.\n" }, "volumeId": { "type": "string" }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "type": "object" } }, "aws:ebs/volume:Volume": { "description": "Manages a single EBS volume.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n size: 40,\n tags: {\n Name: \"HelloWorld\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n size=40,\n tags={\n \"Name\": \"HelloWorld\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ebs.Volume(\"example\", new Aws.Ebs.VolumeArgs\n {\n AvailabilityZone = \"us-west-2a\",\n Size = 40,\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSize: pulumi.Int(40),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n\u003e **NOTE**: One of `size` or `snapshot_id` is required when specifying an EBS volume\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The volume ARN (e.g. arn:aws:ec2:us-east-1:0123456789012:volume/vol-59fcb34e).\n" }, "availabilityZone": { "type": "string", "description": "The AZ where the EBS volume will exist.\n" }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n" }, "iops": { "type": "integer", "description": "The amount of IOPS to provision for the disk.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true.\n" }, "multiAttachEnabled": { "type": "boolean", "description": "Specifies whether to enable Amazon EBS Multi-Attach. Multi-Attach is supported exclusively on `io1` volumes.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "size": { "type": "integer", "description": "The size of the drive in GiBs.\n" }, "snapshotId": { "type": "string", "description": "A snapshot to base the EBS volume off of.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "type": { "type": "string", "description": "The type of EBS volume. Can be \"standard\", \"gp2\", \"io1\", \"sc1\" or \"st1\" (Default: \"gp2\").\n" } }, "required": [ "arn", "availabilityZone", "encrypted", "iops", "kmsKeyId", "size", "snapshotId", "type" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The AZ where the EBS volume will exist.\n" }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n" }, "iops": { "type": "integer", "description": "The amount of IOPS to provision for the disk.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true.\n" }, "multiAttachEnabled": { "type": "boolean", "description": "Specifies whether to enable Amazon EBS Multi-Attach. Multi-Attach is supported exclusively on `io1` volumes.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "size": { "type": "integer", "description": "The size of the drive in GiBs.\n" }, "snapshotId": { "type": "string", "description": "A snapshot to base the EBS volume off of.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "type": { "type": "string", "description": "The type of EBS volume. Can be \"standard\", \"gp2\", \"io1\", \"sc1\" or \"st1\" (Default: \"gp2\").\n" } }, "requiredInputs": [ "availabilityZone" ], "stateInputs": { "description": "Input properties used for looking up and filtering Volume resources.\n", "properties": { "arn": { "type": "string", "description": "The volume ARN (e.g. arn:aws:ec2:us-east-1:0123456789012:volume/vol-59fcb34e).\n" }, "availabilityZone": { "type": "string", "description": "The AZ where the EBS volume will exist.\n" }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n" }, "iops": { "type": "integer", "description": "The amount of IOPS to provision for the disk.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true.\n" }, "multiAttachEnabled": { "type": "boolean", "description": "Specifies whether to enable Amazon EBS Multi-Attach. Multi-Attach is supported exclusively on `io1` volumes.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "size": { "type": "integer", "description": "The size of the drive in GiBs.\n" }, "snapshotId": { "type": "string", "description": "A snapshot to base the EBS volume off of.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "type": { "type": "string", "description": "The type of EBS volume. Can be \"standard\", \"gp2\", \"io1\", \"sc1\" or \"st1\" (Default: \"gp2\").\n" } }, "type": "object" } }, "aws:ec2/ami:Ami": { "description": "The AMI resource allows the creation and management of a completely-custom\n*Amazon Machine Image* (AMI).\n\nIf you just want to duplicate an existing AMI, possibly copying it to another\nregion, it's better to use `aws.ec2.AmiCopy` instead.\n\nIf you just want to share an existing AMI with another AWS account,\nit's better to use `aws.ec2.AmiLaunchPermission` instead.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create an AMI that will start a machine whose root device is backed by\n// an EBS volume populated from a snapshot. It is assumed that such a snapshot\n// already exists with the id \"snap-xxxxxxxx\".\nconst example = new aws.ec2.Ami(\"example\", {\n ebsBlockDevices: [{\n deviceName: \"/dev/xvda\",\n snapshotId: \"snap-xxxxxxxx\",\n volumeSize: 8,\n }],\n rootDeviceName: \"/dev/xvda\",\n virtualizationType: \"hvm\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create an AMI that will start a machine whose root device is backed by\n# an EBS volume populated from a snapshot. It is assumed that such a snapshot\n# already exists with the id \"snap-xxxxxxxx\".\nexample = aws.ec2.Ami(\"example\",\n ebs_block_devices=[{\n \"device_name\": \"/dev/xvda\",\n \"snapshot_id\": \"snap-xxxxxxxx\",\n \"volume_size\": 8,\n }],\n root_device_name=\"/dev/xvda\",\n virtualization_type=\"hvm\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create an AMI that will start a machine whose root device is backed by\n // an EBS volume populated from a snapshot. It is assumed that such a snapshot\n // already exists with the id \"snap-xxxxxxxx\".\n var example = new Aws.Ec2.Ami(\"example\", new Aws.Ec2.AmiArgs\n {\n EbsBlockDevices = \n {\n new Aws.Ec2.Inputs.AmiEbsBlockDeviceArgs\n {\n DeviceName = \"/dev/xvda\",\n SnapshotId = \"snap-xxxxxxxx\",\n VolumeSize = 8,\n },\n },\n RootDeviceName = \"/dev/xvda\",\n VirtualizationType = \"hvm\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewAmi(ctx, \"example\", \u0026ec2.AmiArgs{\n\t\t\tEbsBlockDevices: ec2.AmiEbsBlockDeviceArray{\n\t\t\t\t\u0026ec2.AmiEbsBlockDeviceArgs{\n\t\t\t\t\tDeviceName: pulumi.String(\"/dev/xvda\"),\n\t\t\t\t\tSnapshotId: pulumi.String(\"snap-xxxxxxxx\"),\n\t\t\t\t\tVolumeSize: pulumi.Int(8),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRootDeviceName: pulumi.String(\"/dev/xvda\"),\n\t\t\tVirtualizationType: pulumi.String(\"hvm\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "The ARN of the AMI.\n" }, "description": { "type": "string", "description": "A longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEbsBlockDevice:AmiEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Specifies whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEphemeralBlockDevice:AmiEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g. created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "kernelId": { "type": "string", "description": "The id of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "ramdiskId": { "type": "string", "description": "The id of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "The name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string", "description": "The Snapshot ID for the root volume (for EBS-backed AMIs)\n" }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "required": [ "arn", "ebsBlockDevices", "ephemeralBlockDevices", "imageLocation", "manageEbsSnapshots", "name", "rootSnapshotId" ], "inputProperties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "description": { "type": "string", "description": "A longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEbsBlockDevice:AmiEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Specifies whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEphemeralBlockDevice:AmiEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g. created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "kernelId": { "type": "string", "description": "The id of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "ramdiskId": { "type": "string", "description": "The id of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "The name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Ami resources.\n", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "The ARN of the AMI.\n" }, "description": { "type": "string", "description": "A longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEbsBlockDevice:AmiEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Specifies whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEphemeralBlockDevice:AmiEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g. created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "kernelId": { "type": "string", "description": "The id of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "ramdiskId": { "type": "string", "description": "The id of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "The name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string", "description": "The Snapshot ID for the root volume (for EBS-backed AMIs)\n" }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "type": "object" } }, "aws:ec2/amiCopy:AmiCopy": { "description": "The \"AMI copy\" resource allows duplication of an Amazon Machine Image (AMI),\nincluding cross-region copies.\n\nIf the source AMI has associated EBS snapshots, those will also be duplicated\nalong with the AMI.\n\nThis is useful for taking a single AMI provisioned in one region and making\nit available in another for a multi-region deployment.\n\nCopying an AMI can take several minutes. The creation of this resource will\nblock until the new AMI is available for use on new instances.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.AmiCopy(\"example\", {\n description: \"A copy of ami-xxxxxxxx\",\n sourceAmiId: \"ami-xxxxxxxx\",\n sourceAmiRegion: \"us-west-1\",\n tags: {\n Name: \"HelloWorld\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.AmiCopy(\"example\",\n description=\"A copy of ami-xxxxxxxx\",\n source_ami_id=\"ami-xxxxxxxx\",\n source_ami_region=\"us-west-1\",\n tags={\n \"Name\": \"HelloWorld\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.AmiCopy(\"example\", new Aws.Ec2.AmiCopyArgs\n {\n Description = \"A copy of ami-xxxxxxxx\",\n SourceAmiId = \"ami-xxxxxxxx\",\n SourceAmiRegion = \"us-west-1\",\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewAmiCopy(ctx, \"example\", \u0026ec2.AmiCopyArgs{\n\t\t\tDescription: pulumi.String(\"A copy of ami-xxxxxxxx\"),\n\t\t\tSourceAmiId: pulumi.String(\"ami-xxxxxxxx\"),\n\t\t\tSourceAmiRegion: pulumi.String(\"us-west-1\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "The ARN of the AMI.\n" }, "description": { "type": "string", "description": "A longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEbsBlockDevice:AmiCopyEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Specifies whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "encrypted": { "type": "boolean", "description": "Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshot_id`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEphemeralBlockDevice:AmiCopyEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g. created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "kernelId": { "type": "string", "description": "The id of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "kmsKeyId": { "type": "string", "description": "The full ARN of the AWS Key Management Service (AWS KMS) CMK to use when encrypting the snapshots of\nan image during a copy operation. This parameter is only required if you want to use a non-default CMK;\nif this parameter is not specified, the default CMK for EBS is used\n" }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "ramdiskId": { "type": "string", "description": "The id of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "The name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string" }, "sourceAmiId": { "type": "string", "description": "The id of the AMI to copy. This id must be valid in the region\ngiven by `source_ami_region`.\n" }, "sourceAmiRegion": { "type": "string", "description": "The region from which the AMI will be copied. This may be the\nsame as the AWS provider region in order to create a copy within the same region.\n" }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "required": [ "architecture", "arn", "ebsBlockDevices", "enaSupport", "ephemeralBlockDevices", "imageLocation", "kernelId", "kmsKeyId", "manageEbsSnapshots", "name", "ramdiskId", "rootDeviceName", "rootSnapshotId", "sourceAmiId", "sourceAmiRegion", "sriovNetSupport", "virtualizationType" ], "inputProperties": { "description": { "type": "string", "description": "A longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEbsBlockDevice:AmiCopyEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "encrypted": { "type": "boolean", "description": "Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshot_id`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEphemeralBlockDevice:AmiCopyEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "kmsKeyId": { "type": "string", "description": "The full ARN of the AWS Key Management Service (AWS KMS) CMK to use when encrypting the snapshots of\nan image during a copy operation. This parameter is only required if you want to use a non-default CMK;\nif this parameter is not specified, the default CMK for EBS is used\n" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "sourceAmiId": { "type": "string", "description": "The id of the AMI to copy. This id must be valid in the region\ngiven by `source_ami_region`.\n" }, "sourceAmiRegion": { "type": "string", "description": "The region from which the AMI will be copied. This may be the\nsame as the AWS provider region in order to create a copy within the same region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "sourceAmiId", "sourceAmiRegion" ], "stateInputs": { "description": "Input properties used for looking up and filtering AmiCopy resources.\n", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "The ARN of the AMI.\n" }, "description": { "type": "string", "description": "A longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEbsBlockDevice:AmiCopyEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Specifies whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "encrypted": { "type": "boolean", "description": "Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshot_id`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEphemeralBlockDevice:AmiCopyEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g. created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "kernelId": { "type": "string", "description": "The id of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "kmsKeyId": { "type": "string", "description": "The full ARN of the AWS Key Management Service (AWS KMS) CMK to use when encrypting the snapshots of\nan image during a copy operation. This parameter is only required if you want to use a non-default CMK;\nif this parameter is not specified, the default CMK for EBS is used\n" }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "ramdiskId": { "type": "string", "description": "The id of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "The name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string" }, "sourceAmiId": { "type": "string", "description": "The id of the AMI to copy. This id must be valid in the region\ngiven by `source_ami_region`.\n" }, "sourceAmiRegion": { "type": "string", "description": "The region from which the AMI will be copied. This may be the\nsame as the AWS provider region in order to create a copy within the same region.\n" }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "type": "object" } }, "aws:ec2/amiFromInstance:AmiFromInstance": { "description": "The \"AMI from instance\" resource allows the creation of an Amazon Machine\nImage (AMI) modelled after an existing EBS-backed EC2 instance.\n\nThe created AMI will refer to implicitly-created snapshots of the instance's\nEBS volumes and mimick its assigned block device configuration at the time\nthe resource is created.\n\nThis resource is best applied to an instance that is stopped when this instance\nis created, so that the contents of the created image are predictable. When\napplied to an instance that is running, *the instance will be stopped before taking\nthe snapshots and then started back up again*, resulting in a period of\ndowntime.\n\nNote that the source instance is inspected only at the initial creation of this\nresource. Ongoing updates to the referenced instance will not be propagated into\nthe generated AMI. Users may taint or otherwise recreate the resource in order\nto produce a fresh snapshot.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.AmiFromInstance(\"example\", {\n sourceInstanceId: \"i-xxxxxxxx\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.AmiFromInstance(\"example\", source_instance_id=\"i-xxxxxxxx\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.AmiFromInstance(\"example\", new Aws.Ec2.AmiFromInstanceArgs\n {\n SourceInstanceId = \"i-xxxxxxxx\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewAmiFromInstance(ctx, \"example\", \u0026ec2.AmiFromInstanceArgs{\n\t\t\tSourceInstanceId: pulumi.String(\"i-xxxxxxxx\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "The ARN of the AMI.\n" }, "description": { "type": "string", "description": "A longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEbsBlockDevice:AmiFromInstanceEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Specifies whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEphemeralBlockDevice:AmiFromInstanceEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g. created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "kernelId": { "type": "string", "description": "The id of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "ramdiskId": { "type": "string", "description": "The id of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "The name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string" }, "snapshotWithoutReboot": { "type": "boolean", "description": "Boolean that overrides the behavior of stopping\nthe instance before snapshotting. This is risky since it may cause a snapshot of an\ninconsistent filesystem state, but can be used to avoid downtime if the user otherwise\nguarantees that no filesystem writes will be underway at the time of snapshot.\n" }, "sourceInstanceId": { "type": "string", "description": "The id of the instance to use as the basis of the AMI.\n" }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "required": [ "architecture", "arn", "ebsBlockDevices", "enaSupport", "ephemeralBlockDevices", "imageLocation", "kernelId", "manageEbsSnapshots", "name", "ramdiskId", "rootDeviceName", "rootSnapshotId", "sourceInstanceId", "sriovNetSupport", "virtualizationType" ], "inputProperties": { "description": { "type": "string", "description": "A longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEbsBlockDevice:AmiFromInstanceEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEphemeralBlockDevice:AmiFromInstanceEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "snapshotWithoutReboot": { "type": "boolean", "description": "Boolean that overrides the behavior of stopping\nthe instance before snapshotting. This is risky since it may cause a snapshot of an\ninconsistent filesystem state, but can be used to avoid downtime if the user otherwise\nguarantees that no filesystem writes will be underway at the time of snapshot.\n" }, "sourceInstanceId": { "type": "string", "description": "The id of the instance to use as the basis of the AMI.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "sourceInstanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AmiFromInstance resources.\n", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "The ARN of the AMI.\n" }, "description": { "type": "string", "description": "A longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEbsBlockDevice:AmiFromInstanceEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Specifies whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEphemeralBlockDevice:AmiFromInstanceEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g. created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "kernelId": { "type": "string", "description": "The id of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "ramdiskId": { "type": "string", "description": "The id of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "The name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string" }, "snapshotWithoutReboot": { "type": "boolean", "description": "Boolean that overrides the behavior of stopping\nthe instance before snapshotting. This is risky since it may cause a snapshot of an\ninconsistent filesystem state, but can be used to avoid downtime if the user otherwise\nguarantees that no filesystem writes will be underway at the time of snapshot.\n" }, "sourceInstanceId": { "type": "string", "description": "The id of the instance to use as the basis of the AMI.\n" }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "type": "object" } }, "aws:ec2/amiLaunchPermission:AmiLaunchPermission": { "description": "Adds launch permission to Amazon Machine Image (AMI) from another AWS account.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.AmiLaunchPermission(\"example\", {\n accountId: \"123456789012\",\n imageId: \"ami-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.AmiLaunchPermission(\"example\",\n account_id=\"123456789012\",\n image_id=\"ami-12345678\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.AmiLaunchPermission(\"example\", new Aws.Ec2.AmiLaunchPermissionArgs\n {\n AccountId = \"123456789012\",\n ImageId = \"ami-12345678\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewAmiLaunchPermission(ctx, \"example\", \u0026ec2.AmiLaunchPermissionArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tImageId: pulumi.String(\"ami-12345678\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "An AWS Account ID to add launch permissions.\n" }, "imageId": { "type": "string", "description": "A region-unique name for the AMI.\n" } }, "required": [ "accountId", "imageId" ], "inputProperties": { "accountId": { "type": "string", "description": "An AWS Account ID to add launch permissions.\n" }, "imageId": { "type": "string", "description": "A region-unique name for the AMI.\n" } }, "requiredInputs": [ "accountId", "imageId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AmiLaunchPermission resources.\n", "properties": { "accountId": { "type": "string", "description": "An AWS Account ID to add launch permissions.\n" }, "imageId": { "type": "string", "description": "A region-unique name for the AMI.\n" } }, "type": "object" } }, "aws:ec2/availabilityZoneGroup:AvailabilityZoneGroup": { "description": "Manages an EC2 Availability Zone Group, such as updating its opt-in status.\n\n\u003e **NOTE:** This is an advanced resource. The provider will automatically assume management of the EC2 Availability Zone Group without import and perform no actions on removal from configuration.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.AvailabilityZoneGroup(\"example\", {\n groupName: \"us-west-2-lax-1\",\n optInStatus: \"opted-in\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.AvailabilityZoneGroup(\"example\",\n group_name=\"us-west-2-lax-1\",\n opt_in_status=\"opted-in\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.AvailabilityZoneGroup(\"example\", new Aws.Ec2.AvailabilityZoneGroupArgs\n {\n GroupName = \"us-west-2-lax-1\",\n OptInStatus = \"opted-in\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewAvailabilityZoneGroup(ctx, \"example\", \u0026ec2.AvailabilityZoneGroupArgs{\n\t\t\tGroupName: pulumi.String(\"us-west-2-lax-1\"),\n\t\t\tOptInStatus: pulumi.String(\"opted-in\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "groupName": { "type": "string", "description": "Name of the Availability Zone Group.\n" }, "optInStatus": { "type": "string", "description": "Indicates whether to enable or disable Availability Zone Group. Valid values: `opted-in` or `not-opted-in`.\n" } }, "required": [ "groupName", "optInStatus" ], "inputProperties": { "groupName": { "type": "string", "description": "Name of the Availability Zone Group.\n" }, "optInStatus": { "type": "string", "description": "Indicates whether to enable or disable Availability Zone Group. Valid values: `opted-in` or `not-opted-in`.\n" } }, "requiredInputs": [ "groupName", "optInStatus" ], "stateInputs": { "description": "Input properties used for looking up and filtering AvailabilityZoneGroup resources.\n", "properties": { "groupName": { "type": "string", "description": "Name of the Availability Zone Group.\n" }, "optInStatus": { "type": "string", "description": "Indicates whether to enable or disable Availability Zone Group. Valid values: `opted-in` or `not-opted-in`.\n" } }, "type": "object" } }, "aws:ec2/capacityReservation:CapacityReservation": { "description": "Provides an EC2 Capacity Reservation. This allows you to reserve capacity for your Amazon EC2 instances in a specific Availability Zone for any duration.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCapacityReservation = new aws.ec2.CapacityReservation(\"default\", {\n availabilityZone: \"eu-west-1a\",\n instanceCount: 1,\n instancePlatform: \"Linux/UNIX\",\n instanceType: \"t2.micro\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.CapacityReservation(\"default\",\n availability_zone=\"eu-west-1a\",\n instance_count=1,\n instance_platform=\"Linux/UNIX\",\n instance_type=\"t2.micro\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Ec2.CapacityReservation(\"default\", new Aws.Ec2.CapacityReservationArgs\n {\n AvailabilityZone = \"eu-west-1a\",\n InstanceCount = 1,\n InstancePlatform = \"Linux/UNIX\",\n InstanceType = \"t2.micro\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewCapacityReservation(ctx, \"default\", \u0026ec2.CapacityReservationArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"eu-west-1a\"),\n\t\t\tInstanceCount: pulumi.Int(1),\n\t\t\tInstancePlatform: pulumi.String(\"Linux/UNIX\"),\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Capacity Reservation.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create the Capacity Reservation.\n" }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports EBS-optimized instances.\n" }, "endDate": { "type": "string", "description": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "endDateType": { "type": "string", "description": "Indicates the way in which the Capacity Reservation ends. Specify either `unlimited` or `limited`.\n" }, "ephemeralStorage": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports instances with temporary, block-level storage.\n" }, "instanceCount": { "type": "integer", "description": "The number of instances for which to reserve capacity.\n" }, "instanceMatchCriteria": { "type": "string", "description": "Indicates the type of instance launches that the Capacity Reservation accepts. Specify either `open` or `targeted`.\n" }, "instancePlatform": { "type": "string", "$ref": "#/types/aws:ec2/instancePlatform:InstancePlatform", "description": "The type of operating system for which to reserve capacity. Valid options are `Linux/UNIX`, `Red Hat Enterprise Linux`, `SUSE Linux`, `Windows`, `Windows with SQL Server`, `Windows with SQL Server Enterprise`, `Windows with SQL Server Standard` or `Windows with SQL Server Web`.\n" }, "instanceType": { "type": "string", "$ref": "#/types/aws:ec2/instanceType:InstanceType", "description": "The instance type for which to reserve capacity.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tenancy": { "type": "string", "$ref": "#/types/aws:ec2/tenancy:Tenancy", "description": "Indicates the tenancy of the Capacity Reservation. Specify either `default` or `dedicated`.\n" } }, "required": [ "arn", "availabilityZone", "instanceCount", "instancePlatform", "instanceType" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create the Capacity Reservation.\n" }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports EBS-optimized instances.\n" }, "endDate": { "type": "string", "description": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "endDateType": { "type": "string", "description": "Indicates the way in which the Capacity Reservation ends. Specify either `unlimited` or `limited`.\n" }, "ephemeralStorage": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports instances with temporary, block-level storage.\n" }, "instanceCount": { "type": "integer", "description": "The number of instances for which to reserve capacity.\n" }, "instanceMatchCriteria": { "type": "string", "description": "Indicates the type of instance launches that the Capacity Reservation accepts. Specify either `open` or `targeted`.\n" }, "instancePlatform": { "type": "string", "$ref": "#/types/aws:ec2/instancePlatform:InstancePlatform", "description": "The type of operating system for which to reserve capacity. Valid options are `Linux/UNIX`, `Red Hat Enterprise Linux`, `SUSE Linux`, `Windows`, `Windows with SQL Server`, `Windows with SQL Server Enterprise`, `Windows with SQL Server Standard` or `Windows with SQL Server Web`.\n" }, "instanceType": { "type": "string", "$ref": "#/types/aws:ec2/instanceType:InstanceType", "description": "The instance type for which to reserve capacity.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tenancy": { "type": "string", "$ref": "#/types/aws:ec2/tenancy:Tenancy", "description": "Indicates the tenancy of the Capacity Reservation. Specify either `default` or `dedicated`.\n" } }, "requiredInputs": [ "availabilityZone", "instanceCount", "instancePlatform", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering CapacityReservation resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Capacity Reservation.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create the Capacity Reservation.\n" }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports EBS-optimized instances.\n" }, "endDate": { "type": "string", "description": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "endDateType": { "type": "string", "description": "Indicates the way in which the Capacity Reservation ends. Specify either `unlimited` or `limited`.\n" }, "ephemeralStorage": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports instances with temporary, block-level storage.\n" }, "instanceCount": { "type": "integer", "description": "The number of instances for which to reserve capacity.\n" }, "instanceMatchCriteria": { "type": "string", "description": "Indicates the type of instance launches that the Capacity Reservation accepts. Specify either `open` or `targeted`.\n" }, "instancePlatform": { "type": "string", "$ref": "#/types/aws:ec2/instancePlatform:InstancePlatform", "description": "The type of operating system for which to reserve capacity. Valid options are `Linux/UNIX`, `Red Hat Enterprise Linux`, `SUSE Linux`, `Windows`, `Windows with SQL Server`, `Windows with SQL Server Enterprise`, `Windows with SQL Server Standard` or `Windows with SQL Server Web`.\n" }, "instanceType": { "type": "string", "$ref": "#/types/aws:ec2/instanceType:InstanceType", "description": "The instance type for which to reserve capacity.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tenancy": { "type": "string", "$ref": "#/types/aws:ec2/tenancy:Tenancy", "description": "Indicates the tenancy of the Capacity Reservation. Specify either `default` or `dedicated`.\n" } }, "type": "object" } }, "aws:ec2/customerGateway:CustomerGateway": { "description": "Provides a customer gateway inside a VPC. These objects can be connected to VPN gateways via VPN connections, and allow you to establish tunnels between your network and the VPC.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.CustomerGateway(\"main\", {\n bgpAsn: 65000,\n ipAddress: \"172.83.124.10\",\n tags: {\n Name: \"main-customer-gateway\",\n },\n type: \"ipsec.1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.CustomerGateway(\"main\",\n bgp_asn=65000,\n ip_address=\"172.83.124.10\",\n tags={\n \"Name\": \"main-customer-gateway\",\n },\n type=\"ipsec.1\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.CustomerGateway(\"main\", new Aws.Ec2.CustomerGatewayArgs\n {\n BgpAsn = 65000,\n IpAddress = \"172.83.124.10\",\n Tags = \n {\n { \"Name\", \"main-customer-gateway\" },\n },\n Type = \"ipsec.1\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewCustomerGateway(ctx, \"main\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.Int(65000),\n\t\t\tIpAddress: pulumi.String(\"172.83.124.10\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"main-customer-gateway\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the customer gateway.\n" }, "bgpAsn": { "type": "integer", "description": "The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).\n" }, "ipAddress": { "type": "string", "description": "The IP address of the gateway's Internet-routable external interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the gateway.\n" }, "type": { "type": "string", "description": "The type of customer gateway. The only type AWS\nsupports at this time is \"ipsec.1\".\n" } }, "required": [ "arn", "bgpAsn", "ipAddress", "type" ], "inputProperties": { "bgpAsn": { "type": "integer", "description": "The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).\n" }, "ipAddress": { "type": "string", "description": "The IP address of the gateway's Internet-routable external interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the gateway.\n" }, "type": { "type": "string", "description": "The type of customer gateway. The only type AWS\nsupports at this time is \"ipsec.1\".\n" } }, "requiredInputs": [ "bgpAsn", "ipAddress", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomerGateway resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the customer gateway.\n" }, "bgpAsn": { "type": "integer", "description": "The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).\n" }, "ipAddress": { "type": "string", "description": "The IP address of the gateway's Internet-routable external interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the gateway.\n" }, "type": { "type": "string", "description": "The type of customer gateway. The only type AWS\nsupports at this time is \"ipsec.1\".\n" } }, "type": "object" } }, "aws:ec2/defaultNetworkAcl:DefaultNetworkAcl": { "description": "Provides a resource to manage the default AWS Network ACL. VPC Only.\n\nEach VPC created in AWS comes with a Default Network ACL that can be managed, but not\ndestroyed. **This is an advanced resource**, and has special caveats to be aware\nof when using it. Please read this document in its entirety before using this\nresource.\n\nThe `aws.ec2.DefaultNetworkAcl` behaves differently from normal resources, in that\nthis provider does not _create_ this resource, but instead attempts to \"adopt\" it\ninto management. We can do this because each VPC created has a Default Network\nACL that cannot be destroyed, and is created with a known set of default rules.\n\nWhen this provider first adopts the Default Network ACL, it **immediately removes all\nrules in the ACL**. It then proceeds to create any rules specified in the\nconfiguration. This step is required so that only the rules specified in the\nconfiguration are created.\n\nThis resource treats its inline rules as absolute; only the rules defined\ninline are created, and any additions/removals external to this resource will\nresult in diffs being shown. For these reasons, this resource is incompatible with the\n`aws.ec2.NetworkAclRule` resource.\n\nFor more information about Network ACLs, see the AWS Documentation on\n[Network ACLs][aws-network-acls].\n\n## Basic Example Usage, with default rules\n\nThe following config gives the Default Network ACL the same rules that AWS\nincludes, but pulls the resource under management by this provider. This means that\nany ACL rules added or changed will be detected as drift.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainvpc = new aws.ec2.Vpc(\"mainvpc\", {cidrBlock: \"10.1.0.0/16\"});\nconst _default = new aws.ec2.DefaultNetworkAcl(\"default\", {\n defaultNetworkAclId: mainvpc.defaultNetworkAclId,\n ingress: [{\n protocol: -1,\n ruleNo: 100,\n action: \"allow\",\n cidrBlock: mainvpc.cidrBlock,\n fromPort: 0,\n toPort: 0,\n }],\n egress: [{\n protocol: -1,\n ruleNo: 100,\n action: \"allow\",\n cidrBlock: \"0.0.0.0/0\",\n fromPort: 0,\n toPort: 0,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmainvpc = aws.ec2.Vpc(\"mainvpc\", cidr_block=\"10.1.0.0/16\")\ndefault = aws.ec2.DefaultNetworkAcl(\"default\",\n default_network_acl_id=mainvpc.default_network_acl_id,\n ingress=[{\n \"protocol\": -1,\n \"ruleNo\": 100,\n \"action\": \"allow\",\n \"cidr_block\": mainvpc.cidr_block,\n \"from_port\": 0,\n \"to_port\": 0,\n }],\n egress=[{\n \"protocol\": -1,\n \"ruleNo\": 100,\n \"action\": \"allow\",\n \"cidr_block\": \"0.0.0.0/0\",\n \"from_port\": 0,\n \"to_port\": 0,\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mainvpc = new Aws.Ec2.Vpc(\"mainvpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var @default = new Aws.Ec2.DefaultNetworkAcl(\"default\", new Aws.Ec2.DefaultNetworkAclArgs\n {\n DefaultNetworkAclId = mainvpc.DefaultNetworkAclId,\n Ingress = \n {\n new Aws.Ec2.Inputs.DefaultNetworkAclIngressArgs\n {\n Protocol = \"-1\",\n RuleNo = 100,\n Action = \"allow\",\n CidrBlock = mainvpc.CidrBlock,\n FromPort = 0,\n ToPort = 0,\n },\n },\n Egress = \n {\n new Aws.Ec2.Inputs.DefaultNetworkAclEgressArgs\n {\n Protocol = \"-1\",\n RuleNo = 100,\n Action = \"allow\",\n CidrBlock = \"0.0.0.0/0\",\n FromPort = 0,\n ToPort = 0,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainvpc, err := ec2.NewVpc(ctx, \"mainvpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewDefaultNetworkAcl(ctx, \"default\", \u0026ec2.DefaultNetworkAclArgs{\n\t\t\tDefaultNetworkAclId: mainvpc.DefaultNetworkAclId,\n\t\t\tIngress: ec2.DefaultNetworkAclIngressArray{\n\t\t\t\t\u0026ec2.DefaultNetworkAclIngressArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tRuleNo: pulumi.Int(100),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tCidrBlock: mainvpc.CidrBlock,\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEgress: ec2.DefaultNetworkAclEgressArray{\n\t\t\t\t\u0026ec2.DefaultNetworkAclEgressArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tRuleNo: pulumi.Int(100),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tCidrBlock: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Example config to deny all Egress traffic, allowing Ingress\n\nThe following denies all Egress traffic by omitting any `egress` rules, while\nincluding the default `ingress` rule to allow all traffic.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainvpc = new aws.ec2.Vpc(\"mainvpc\", {cidrBlock: \"10.1.0.0/16\"});\nconst _default = new aws.ec2.DefaultNetworkAcl(\"default\", {\n defaultNetworkAclId: mainvpc.defaultNetworkAclId,\n ingress: [{\n protocol: -1,\n ruleNo: 100,\n action: \"allow\",\n cidrBlock: mainvpc.cidrBlock,\n fromPort: 0,\n toPort: 0,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmainvpc = aws.ec2.Vpc(\"mainvpc\", cidr_block=\"10.1.0.0/16\")\ndefault = aws.ec2.DefaultNetworkAcl(\"default\",\n default_network_acl_id=mainvpc.default_network_acl_id,\n ingress=[{\n \"protocol\": -1,\n \"ruleNo\": 100,\n \"action\": \"allow\",\n \"cidr_block\": mainvpc.cidr_block,\n \"from_port\": 0,\n \"to_port\": 0,\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mainvpc = new Aws.Ec2.Vpc(\"mainvpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var @default = new Aws.Ec2.DefaultNetworkAcl(\"default\", new Aws.Ec2.DefaultNetworkAclArgs\n {\n DefaultNetworkAclId = mainvpc.DefaultNetworkAclId,\n Ingress = \n {\n new Aws.Ec2.Inputs.DefaultNetworkAclIngressArgs\n {\n Protocol = \"-1\",\n RuleNo = 100,\n Action = \"allow\",\n CidrBlock = mainvpc.CidrBlock,\n FromPort = 0,\n ToPort = 0,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainvpc, err := ec2.NewVpc(ctx, \"mainvpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewDefaultNetworkAcl(ctx, \"default\", \u0026ec2.DefaultNetworkAclArgs{\n\t\t\tDefaultNetworkAclId: mainvpc.DefaultNetworkAclId,\n\t\t\tIngress: ec2.DefaultNetworkAclIngressArray{\n\t\t\t\t\u0026ec2.DefaultNetworkAclIngressArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tRuleNo: pulumi.Int(100),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tCidrBlock: mainvpc.CidrBlock,\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Example config to deny all traffic to any Subnet in the Default Network ACL\n\nThis config denies all traffic in the Default ACL. This can be useful if you\nwant a locked down default to force all resources in the VPC to assign a\nnon-default ACL.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainvpc = new aws.ec2.Vpc(\"mainvpc\", {\n cidrBlock: \"10.1.0.0/16\",\n});\nconst defaultDefaultNetworkAcl = new aws.ec2.DefaultNetworkAcl(\"default\", {\n defaultNetworkAclId: mainvpc.defaultNetworkAclId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmainvpc = aws.ec2.Vpc(\"mainvpc\", cidr_block=\"10.1.0.0/16\")\ndefault = aws.ec2.DefaultNetworkAcl(\"default\", default_network_acl_id=mainvpc.default_network_acl_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mainvpc = new Aws.Ec2.Vpc(\"mainvpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var @default = new Aws.Ec2.DefaultNetworkAcl(\"default\", new Aws.Ec2.DefaultNetworkAclArgs\n {\n DefaultNetworkAclId = mainvpc.DefaultNetworkAclId,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainvpc, err := ec2.NewVpc(ctx, \"mainvpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewDefaultNetworkAcl(ctx, \"default\", \u0026ec2.DefaultNetworkAclArgs{\n\t\t\tDefaultNetworkAclId: mainvpc.DefaultNetworkAclId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Default Network ACL\n" }, "defaultNetworkAclId": { "type": "string", "description": "The Network ACL ID to manage. This\nattribute is exported from `aws.ec2.Vpc`, or manually found via the AWS Console.\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclEgress:DefaultNetworkAclEgress" }, "description": "Specifies an egress rule. Parameters defined below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclIngress:DefaultNetworkAclIngress" }, "description": "Specifies an ingress rule. Parameters defined below.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the Default Network ACL\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Subnet IDs to apply the ACL to. See the\nnotes below on managing Subnets in the Default Network ACL\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the associated VPC\n" } }, "required": [ "arn", "defaultNetworkAclId", "ownerId", "vpcId" ], "inputProperties": { "defaultNetworkAclId": { "type": "string", "description": "The Network ACL ID to manage. This\nattribute is exported from `aws.ec2.Vpc`, or manually found via the AWS Console.\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclEgress:DefaultNetworkAclEgress" }, "description": "Specifies an egress rule. Parameters defined below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclIngress:DefaultNetworkAclIngress" }, "description": "Specifies an ingress rule. Parameters defined below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Subnet IDs to apply the ACL to. See the\nnotes below on managing Subnets in the Default Network ACL\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "defaultNetworkAclId" ], "stateInputs": { "description": "Input properties used for looking up and filtering DefaultNetworkAcl resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Default Network ACL\n" }, "defaultNetworkAclId": { "type": "string", "description": "The Network ACL ID to manage. This\nattribute is exported from `aws.ec2.Vpc`, or manually found via the AWS Console.\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclEgress:DefaultNetworkAclEgress" }, "description": "Specifies an egress rule. Parameters defined below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclIngress:DefaultNetworkAclIngress" }, "description": "Specifies an ingress rule. Parameters defined below.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the Default Network ACL\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Subnet IDs to apply the ACL to. See the\nnotes below on managing Subnets in the Default Network ACL\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the associated VPC\n" } }, "type": "object" } }, "aws:ec2/defaultRouteTable:DefaultRouteTable": { "description": "Provides a resource to manage a Default VPC Routing Table.\n\nEach VPC created in AWS comes with a Default Route Table that can be managed, but not\ndestroyed. **This is an advanced resource**, and has special caveats to be aware\nof when using it. Please read this document in its entirety before using this\nresource. It is recommended you **do not** use both `aws.ec2.DefaultRouteTable` to\nmanage the default route table **and** use the `aws.ec2.MainRouteTableAssociation`,\ndue to possible conflict in routes.\n\nThe `aws.ec2.DefaultRouteTable` behaves differently from normal resources, in that\nthis provider does not _create_ this resource, but instead attempts to \"adopt\" it\ninto management. We can do this because each VPC created has a Default Route\nTable that cannot be destroyed, and is created with a single route.\n\nWhen this provider first adopts the Default Route Table, it **immediately removes all\ndefined routes**. It then proceeds to create any routes specified in the\nconfiguration. This step is required so that only the routes specified in the\nconfiguration present in the Default Route Table.\n\nFor more information about Route Tables, see the AWS Documentation on\n[Route Tables][aws-route-tables].\n\nFor more information about managing normal Route Tables in this provider, see our\ndocumentation on [aws.ec2.RouteTable][tf-route-tables].\n\n\u003e **NOTE on Route Tables and Routes:** This provider currently\nprovides both a standalone Route resource and a Route Table resource with routes\ndefined in-line. At this time you cannot use a Route Table with in-line routes\nin conjunction with any Route resources. Doing so will cause\na conflict of rule settings and will overwrite routes.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### With Tags\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultRouteTable = new aws.ec2.DefaultRouteTable(\"r\", {\n defaultRouteTableId: aws_vpc_foo.defaultRouteTableId,\n routes: [{}],\n tags: {\n Name: \"default table\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_route_table = aws.ec2.DefaultRouteTable(\"defaultRouteTable\",\n default_route_table_id=aws_vpc[\"foo\"][\"default_route_table_id\"],\n routes=[{}],\n tags={\n \"Name\": \"default table\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var defaultRouteTable = new Aws.Ec2.DefaultRouteTable(\"defaultRouteTable\", new Aws.Ec2.DefaultRouteTableArgs\n {\n DefaultRouteTableId = aws_vpc.Foo.Default_route_table_id,\n Routes = \n {\n ,\n },\n Tags = \n {\n { \"Name\", \"default table\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewDefaultRouteTable(ctx, \"defaultRouteTable\", \u0026ec2.DefaultRouteTableArgs{\n\t\t\tDefaultRouteTableId: pulumi.String(aws_vpc.Foo.Default_route_table_id),\n\t\t\tRoutes: ec2.DefaultRouteTableRouteArray{\n\t\t\t\tnil,\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"default table\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "defaultRouteTableId": { "type": "string", "description": "The ID of the Default Routing Table.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the route table\n" }, "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultRouteTableRoute:DefaultRouteTableRoute" }, "description": "A list of route objects. Their keys are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "vpcId": { "type": "string" } }, "required": [ "defaultRouteTableId", "ownerId", "routes", "vpcId" ], "inputProperties": { "defaultRouteTableId": { "type": "string", "description": "The ID of the Default Routing Table.\n" }, "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultRouteTableRoute:DefaultRouteTableRoute" }, "description": "A list of route objects. Their keys are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" } }, "requiredInputs": [ "defaultRouteTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering DefaultRouteTable resources.\n", "properties": { "defaultRouteTableId": { "type": "string", "description": "The ID of the Default Routing Table.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the route table\n" }, "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultRouteTableRoute:DefaultRouteTableRoute" }, "description": "A list of route objects. Their keys are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "vpcId": { "type": "string" } }, "type": "object" } }, "aws:ec2/defaultSecurityGroup:DefaultSecurityGroup": { "description": "Provides a resource to manage the default AWS Security Group.\n\nFor EC2 Classic accounts, each region comes with a Default Security Group.\nAdditionally, each VPC created in AWS comes with a Default Security Group that can be managed, but not\ndestroyed. **This is an advanced resource**, and has special caveats to be aware\nof when using it. Please read this document in its entirety before using this\nresource.\n\nThe `aws.ec2.DefaultSecurityGroup` behaves differently from normal resources, in that\nthis provider does not _create_ this resource, but instead \"adopts\" it\ninto management. We can do this because these default security groups cannot be\ndestroyed, and are created with a known set of default ingress/egress rules.\n\nWhen this provider first adopts the Default Security Group, it **immediately removes all\ningress and egress rules in the Security Group**. It then proceeds to create any rules specified in the\nconfiguration. This step is required so that only the rules specified in the\nconfiguration are created.\n\nThis resource treats its inline rules as absolute; only the rules defined\ninline are created, and any additions/removals external to this resource will\nresult in diff shown. For these reasons, this resource is incompatible with the\n`aws.ec2.SecurityGroupRule` resource.\n\nFor more information about Default Security Groups, see the AWS Documentation on\n[Default Security Groups][aws-default-security-groups].\n\n## Basic Example Usage, with default rules\n\nThe following config gives the Default Security Group the same rules that AWS\nprovides by default, but pulls the resource under management by this provider. This means that\nany ingress or egress rules added or changed will be detected as drift.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainvpc = new aws.ec2.Vpc(\"mainvpc\", {\n cidrBlock: \"10.1.0.0/16\",\n});\nconst defaultDefaultSecurityGroup = new aws.ec2.DefaultSecurityGroup(\"default\", {\n egress: [{\n cidrBlocks: [\"0.0.0.0/0\"],\n fromPort: 0,\n protocol: \"-1\",\n toPort: 0,\n }],\n ingress: [{\n fromPort: 0,\n protocol: \"-1\",\n self: true,\n toPort: 0,\n }],\n vpcId: mainvpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmainvpc = aws.ec2.Vpc(\"mainvpc\", cidr_block=\"10.1.0.0/16\")\ndefault = aws.ec2.DefaultSecurityGroup(\"default\",\n egress=[{\n \"cidr_blocks\": [\"0.0.0.0/0\"],\n \"from_port\": 0,\n \"protocol\": \"-1\",\n \"to_port\": 0,\n }],\n ingress=[{\n \"from_port\": 0,\n \"protocol\": -1,\n \"self\": True,\n \"to_port\": 0,\n }],\n vpc_id=mainvpc.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mainvpc = new Aws.Ec2.Vpc(\"mainvpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var @default = new Aws.Ec2.DefaultSecurityGroup(\"default\", new Aws.Ec2.DefaultSecurityGroupArgs\n {\n Egress = \n {\n new Aws.Ec2.Inputs.DefaultSecurityGroupEgressArgs\n {\n CidrBlocks = \n {\n \"0.0.0.0/0\",\n },\n FromPort = 0,\n Protocol = \"-1\",\n ToPort = 0,\n },\n },\n Ingress = \n {\n new Aws.Ec2.Inputs.DefaultSecurityGroupIngressArgs\n {\n FromPort = 0,\n Protocol = \"-1\",\n Self = true,\n ToPort = 0,\n },\n },\n VpcId = mainvpc.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainvpc, err := ec2.NewVpc(ctx, \"mainvpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewDefaultSecurityGroup(ctx, \"default\", \u0026ec2.DefaultSecurityGroupArgs{\n\t\t\tEgress: ec2.DefaultSecurityGroupEgressArray{\n\t\t\t\t\u0026ec2.DefaultSecurityGroupEgressArgs{\n\t\t\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t},\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIngress: ec2.DefaultSecurityGroupIngressArray{\n\t\t\t\t\u0026ec2.DefaultSecurityGroupIngressArgs{\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tSelf: pulumi.Bool(true),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t\tVpcId: mainvpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Example config to deny all Egress traffic, allowing Ingress\n\nThe following denies all Egress traffic by omitting any `egress` rules, while\nincluding the default `ingress` rule to allow all traffic.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainvpc = new aws.ec2.Vpc(\"mainvpc\", {\n cidrBlock: \"10.1.0.0/16\",\n});\nconst defaultDefaultSecurityGroup = new aws.ec2.DefaultSecurityGroup(\"default\", {\n ingress: [{\n fromPort: 0,\n protocol: \"-1\",\n self: true,\n toPort: 0,\n }],\n vpcId: mainvpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmainvpc = aws.ec2.Vpc(\"mainvpc\", cidr_block=\"10.1.0.0/16\")\ndefault = aws.ec2.DefaultSecurityGroup(\"default\",\n ingress=[{\n \"from_port\": 0,\n \"protocol\": -1,\n \"self\": True,\n \"to_port\": 0,\n }],\n vpc_id=mainvpc.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mainvpc = new Aws.Ec2.Vpc(\"mainvpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var @default = new Aws.Ec2.DefaultSecurityGroup(\"default\", new Aws.Ec2.DefaultSecurityGroupArgs\n {\n Ingress = \n {\n new Aws.Ec2.Inputs.DefaultSecurityGroupIngressArgs\n {\n FromPort = 0,\n Protocol = \"-1\",\n Self = true,\n ToPort = 0,\n },\n },\n VpcId = mainvpc.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainvpc, err := ec2.NewVpc(ctx, \"mainvpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewDefaultSecurityGroup(ctx, \"default\", \u0026ec2.DefaultSecurityGroupArgs{\n\t\t\tIngress: ec2.DefaultSecurityGroupIngressArray{\n\t\t\t\t\u0026ec2.DefaultSecurityGroupIngressArgs{\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tSelf: pulumi.Bool(true),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t\tVpcId: mainvpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Usage\n\nWith the exceptions mentioned above, `aws.ec2.DefaultSecurityGroup` should\nidentical behavior to `aws.ec2.SecurityGroup`. Please consult `AWS_SECURITY_GROUP`\nfor further usage documentation.\n\n### Removing `aws.ec2.DefaultSecurityGroup` from your configuration\n\nEach AWS VPC (or region, if using EC2 Classic) comes with a Default Security\nGroup that cannot be deleted. The `aws.ec2.DefaultSecurityGroup` allows you to\nmanage this Security Group, but this provider cannot destroy it. Removing this resource\nfrom your configuration will remove it from your statefile and management, but\nwill not destroy the Security Group. All ingress or egress rules will be left as\nthey are at the time of removal. You can resume managing them via the AWS Console.\n", "properties": { "arn": { "type": "string" }, "description": { "type": "string", "description": "The description of the security group\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupEgress:DefaultSecurityGroupEgress" }, "description": "Can be specified multiple times for each\negress rule. Each egress block supports fields documented below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupIngress:DefaultSecurityGroupIngress" }, "description": "Can be specified multiple times for each\ningress rule. Each ingress block supports fields documented below.\n" }, "name": { "type": "string", "description": "The name of the security group\n" }, "ownerId": { "type": "string", "description": "The owner ID.\n" }, "revokeRulesOnDelete": { "type": "boolean" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID. **Note that changing\nthe `vpc_id` will _not_ restore any default security group rules that were\nmodified, added, or removed.** It will be left in its current state\n" } }, "required": [ "arn", "description", "name", "ownerId", "vpcId" ], "inputProperties": { "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupEgress:DefaultSecurityGroupEgress" }, "description": "Can be specified multiple times for each\negress rule. Each egress block supports fields documented below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupIngress:DefaultSecurityGroupIngress" }, "description": "Can be specified multiple times for each\ningress rule. Each ingress block supports fields documented below.\n" }, "revokeRulesOnDelete": { "type": "boolean" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID. **Note that changing\nthe `vpc_id` will _not_ restore any default security group rules that were\nmodified, added, or removed.** It will be left in its current state\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering DefaultSecurityGroup resources.\n", "properties": { "arn": { "type": "string" }, "description": { "type": "string", "description": "The description of the security group\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupEgress:DefaultSecurityGroupEgress" }, "description": "Can be specified multiple times for each\negress rule. Each egress block supports fields documented below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupIngress:DefaultSecurityGroupIngress" }, "description": "Can be specified multiple times for each\ningress rule. Each ingress block supports fields documented below.\n" }, "name": { "type": "string", "description": "The name of the security group\n" }, "ownerId": { "type": "string", "description": "The owner ID.\n" }, "revokeRulesOnDelete": { "type": "boolean" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID. **Note that changing\nthe `vpc_id` will _not_ restore any default security group rules that were\nmodified, added, or removed.** It will be left in its current state\n" } }, "type": "object" } }, "aws:ec2/defaultSubnet:DefaultSubnet": { "description": "Provides a resource to manage a [default AWS VPC subnet](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html#default-vpc-basics)\nin the current region.\n\nThe `aws.ec2.DefaultSubnet` behaves differently from normal resources, in that\nthis provider does not _create_ this resource, but instead \"adopts\" it\ninto management.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage with tags:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultAz1 = new aws.ec2.DefaultSubnet(\"default_az1\", {\n availabilityZone: \"us-west-2a\",\n tags: {\n Name: \"Default subnet for us-west-2a\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_az1 = aws.ec2.DefaultSubnet(\"defaultAz1\",\n availability_zone=\"us-west-2a\",\n tags={\n \"Name\": \"Default subnet for us-west-2a\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var defaultAz1 = new Aws.Ec2.DefaultSubnet(\"defaultAz1\", new Aws.Ec2.DefaultSubnetArgs\n {\n AvailabilityZone = \"us-west-2a\",\n Tags = \n {\n { \"Name\", \"Default subnet for us-west-2a\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewDefaultSubnet(ctx, \"defaultAz1\", \u0026ec2.DefaultSubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"Default subnet for us-west-2a\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string" }, "assignIpv6AddressOnCreation": { "type": "boolean" }, "availabilityZone": { "type": "string" }, "availabilityZoneId": { "type": "string" }, "cidrBlock": { "type": "string", "description": "The CIDR block for the subnet.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n" }, "ipv6CidrBlockAssociationId": { "type": "string" }, "mapPublicIpOnLaunch": { "type": "boolean", "description": "Specify true to indicate\nthat instances launched into the subnet should be assigned\na public IP address.\n" }, "outpostArn": { "type": "string" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "required": [ "arn", "assignIpv6AddressOnCreation", "availabilityZone", "availabilityZoneId", "cidrBlock", "ipv6CidrBlock", "ipv6CidrBlockAssociationId", "mapPublicIpOnLaunch", "ownerId", "vpcId" ], "inputProperties": { "availabilityZone": { "type": "string" }, "mapPublicIpOnLaunch": { "type": "boolean", "description": "Specify true to indicate\nthat instances launched into the subnet should be assigned\na public IP address.\n" }, "outpostArn": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "availabilityZone" ], "stateInputs": { "description": "Input properties used for looking up and filtering DefaultSubnet resources.\n", "properties": { "arn": { "type": "string" }, "assignIpv6AddressOnCreation": { "type": "boolean" }, "availabilityZone": { "type": "string" }, "availabilityZoneId": { "type": "string" }, "cidrBlock": { "type": "string", "description": "The CIDR block for the subnet.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n" }, "ipv6CidrBlockAssociationId": { "type": "string" }, "mapPublicIpOnLaunch": { "type": "boolean", "description": "Specify true to indicate\nthat instances launched into the subnet should be assigned\na public IP address.\n" }, "outpostArn": { "type": "string" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "type": "object" } }, "aws:ec2/defaultVpc:DefaultVpc": { "description": "Provides a resource to manage the [default AWS VPC](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html)\nin the current region.\n\nFor AWS accounts created after 2013-12-04, each region comes with a Default VPC.\n**This is an advanced resource**, and has special caveats to be aware of when\nusing it. Please read this document in its entirety before using this resource.\n\nThe `aws.ec2.DefaultVpc` behaves differently from normal resources, in that\nthis provider does not _create_ this resource, but instead \"adopts\" it\ninto management.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage with tags:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultDefaultVpc = new aws.ec2.DefaultVpc(\"default\", {\n tags: {\n Name: \"Default VPC\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.DefaultVpc(\"default\", tags={\n \"Name\": \"Default VPC\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Ec2.DefaultVpc(\"default\", new Aws.Ec2.DefaultVpcArgs\n {\n Tags = \n {\n { \"Name\", \"Default VPC\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewDefaultVpc(ctx, \"default\", \u0026ec2.DefaultVpcArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"Default VPC\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of VPC\n" }, "assignGeneratedIpv6CidrBlock": { "type": "boolean", "description": "Whether or not an Amazon-provided IPv6 CIDR\nblock with a /56 prefix length for the VPC was assigned\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block of the VPC\n" }, "defaultNetworkAclId": { "type": "string", "description": "The ID of the network ACL created by default on VPC creation\n" }, "defaultRouteTableId": { "type": "string", "description": "The ID of the route table created by default on VPC creation\n" }, "defaultSecurityGroupId": { "type": "string", "description": "The ID of the security group created by default on VPC creation\n" }, "dhcpOptionsId": { "type": "string" }, "enableClassiclink": { "type": "boolean", "description": "A boolean flag to enable/disable ClassicLink\nfor the VPC. Only valid in regions and accounts that support EC2 Classic.\nSee the [ClassicLink documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) for more information. Defaults false.\n" }, "enableClassiclinkDnsSupport": { "type": "boolean" }, "enableDnsHostnames": { "type": "boolean", "description": "A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.\n" }, "enableDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable DNS support in the VPC. Defaults true.\n" }, "instanceTenancy": { "type": "string", "description": "Tenancy of instances spin up within VPC.\n" }, "ipv6AssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block of the VPC\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block of the VPC\n" }, "mainRouteTableId": { "type": "string", "description": "The ID of the main route table associated with\nthis VPC. Note that you can change a VPC's main route table by using an\n`aws.ec2.MainRouteTableAssociation`\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "assignGeneratedIpv6CidrBlock", "cidrBlock", "defaultNetworkAclId", "defaultRouteTableId", "defaultSecurityGroupId", "dhcpOptionsId", "enableClassiclink", "enableClassiclinkDnsSupport", "enableDnsHostnames", "instanceTenancy", "ipv6AssociationId", "ipv6CidrBlock", "mainRouteTableId", "ownerId" ], "inputProperties": { "enableClassiclink": { "type": "boolean", "description": "A boolean flag to enable/disable ClassicLink\nfor the VPC. Only valid in regions and accounts that support EC2 Classic.\nSee the [ClassicLink documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) for more information. Defaults false.\n" }, "enableClassiclinkDnsSupport": { "type": "boolean" }, "enableDnsHostnames": { "type": "boolean", "description": "A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.\n" }, "enableDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable DNS support in the VPC. Defaults true.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering DefaultVpc resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of VPC\n" }, "assignGeneratedIpv6CidrBlock": { "type": "boolean", "description": "Whether or not an Amazon-provided IPv6 CIDR\nblock with a /56 prefix length for the VPC was assigned\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block of the VPC\n" }, "defaultNetworkAclId": { "type": "string", "description": "The ID of the network ACL created by default on VPC creation\n" }, "defaultRouteTableId": { "type": "string", "description": "The ID of the route table created by default on VPC creation\n" }, "defaultSecurityGroupId": { "type": "string", "description": "The ID of the security group created by default on VPC creation\n" }, "dhcpOptionsId": { "type": "string" }, "enableClassiclink": { "type": "boolean", "description": "A boolean flag to enable/disable ClassicLink\nfor the VPC. Only valid in regions and accounts that support EC2 Classic.\nSee the [ClassicLink documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) for more information. Defaults false.\n" }, "enableClassiclinkDnsSupport": { "type": "boolean" }, "enableDnsHostnames": { "type": "boolean", "description": "A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.\n" }, "enableDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable DNS support in the VPC. Defaults true.\n" }, "instanceTenancy": { "type": "string", "description": "Tenancy of instances spin up within VPC.\n" }, "ipv6AssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block of the VPC\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block of the VPC\n" }, "mainRouteTableId": { "type": "string", "description": "The ID of the main route table associated with\nthis VPC. Note that you can change a VPC's main route table by using an\n`aws.ec2.MainRouteTableAssociation`\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:ec2/defaultVpcDhcpOptions:DefaultVpcDhcpOptions": { "description": "Provides a resource to manage the [default AWS DHCP Options Set](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html#AmazonDNS)\nin the current region.\n\nEach AWS region comes with a default set of DHCP options.\n**This is an advanced resource**, and has special caveats to be aware of when\nusing it. Please read this document in its entirety before using this resource.\n\nThe `aws.ec2.DefaultVpcDhcpOptions` behaves differently from normal resources, in that\nthis provider does not _create_ this resource, but instead \"adopts\" it\ninto management.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage with tags:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultDefaultVpcDhcpOptions = new aws.ec2.DefaultVpcDhcpOptions(\"default\", {\n tags: {\n Name: \"Default DHCP Option Set\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.DefaultVpcDhcpOptions(\"default\", tags={\n \"Name\": \"Default DHCP Option Set\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Ec2.DefaultVpcDhcpOptions(\"default\", new Aws.Ec2.DefaultVpcDhcpOptionsArgs\n {\n Tags = \n {\n { \"Name\", \"Default DHCP Option Set\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewDefaultVpcDhcpOptions(ctx, \"default\", \u0026ec2.DefaultVpcDhcpOptionsArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"Default DHCP Option Set\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the DHCP Options Set.\n" }, "domainName": { "type": "string" }, "domainNameServers": { "type": "string" }, "netbiosNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of NETBIOS name servers.\n" }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n" }, "ntpServers": { "type": "string" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the DHCP options set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "domainName", "domainNameServers", "ntpServers", "ownerId" ], "inputProperties": { "netbiosNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of NETBIOS name servers.\n" }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering DefaultVpcDhcpOptions resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DHCP Options Set.\n" }, "domainName": { "type": "string" }, "domainNameServers": { "type": "string" }, "netbiosNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of NETBIOS name servers.\n" }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n" }, "ntpServers": { "type": "string" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the DHCP options set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:ec2/egressOnlyInternetGateway:EgressOnlyInternetGateway": { "description": "[IPv6 only] Creates an egress-only Internet gateway for your VPC.\nAn egress-only Internet gateway is used to enable outbound communication\nover IPv6 from instances in your VPC to the Internet, and prevents hosts\noutside of your VPC from initiating an IPv6 connection with your instance.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {\n assignGeneratedIpv6CidrBlock: true,\n cidrBlock: \"10.1.0.0/16\",\n});\nconst exampleEgressOnlyInternetGateway = new aws.ec2.EgressOnlyInternetGateway(\"example\", {\n tags: {\n Name: \"main\",\n },\n vpcId: exampleVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_vpc = aws.ec2.Vpc(\"exampleVpc\",\n assign_generated_ipv6_cidr_block=True,\n cidr_block=\"10.1.0.0/16\")\nexample_egress_only_internet_gateway = aws.ec2.EgressOnlyInternetGateway(\"exampleEgressOnlyInternetGateway\",\n tags={\n \"Name\": \"main\",\n },\n vpc_id=example_vpc.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleVpc = new Aws.Ec2.Vpc(\"exampleVpc\", new Aws.Ec2.VpcArgs\n {\n AssignGeneratedIpv6CidrBlock = true,\n CidrBlock = \"10.1.0.0/16\",\n });\n var exampleEgressOnlyInternetGateway = new Aws.Ec2.EgressOnlyInternetGateway(\"exampleEgressOnlyInternetGateway\", new Aws.Ec2.EgressOnlyInternetGatewayArgs\n {\n Tags = \n {\n { \"Name\", \"main\" },\n },\n VpcId = exampleVpc.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"exampleVpc\", \u0026ec2.VpcArgs{\n\t\t\tAssignGeneratedIpv6CidrBlock: pulumi.Bool(true),\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEgressOnlyInternetGateway(ctx, \"exampleEgressOnlyInternetGateway\", \u0026ec2.EgressOnlyInternetGatewayArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "required": [ "vpcId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "requiredInputs": [ "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering EgressOnlyInternetGateway resources.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "type": "object" } }, "aws:ec2/eip:Eip": { "description": "Provides an Elastic IP resource.\n\n\u003e **Note:** EIP may require IGW to exist prior to association. Use `depends_on` to set an explicit dependency on the IGW.\n\n\u003e **Note:** Do not use `network_interface` to associate the EIP to `aws.lb.LoadBalancer` or `aws.ec2.NatGateway` resources. Instead use the `allocation_id` available in those resources to allow AWS to manage the association, otherwise you will see `AuthFailure` errors.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nSingle EIP associated with an instance:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.ec2.Eip(\"lb\", {\n instance: aws_instance_web.id,\n vpc: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.ec2.Eip(\"lb\",\n instance=aws_instance[\"web\"][\"id\"],\n vpc=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lb = new Aws.Ec2.Eip(\"lb\", new Aws.Ec2.EipArgs\n {\n Instance = aws_instance.Web.Id,\n Vpc = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewEip(ctx, \"lb\", \u0026ec2.EipArgs{\n\t\t\tInstance: pulumi.String(aws_instance.Web.Id),\n\t\t\tVpc: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nMultiple EIPs associated with a single network interface:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst multi_ip = new aws.ec2.NetworkInterface(\"multi-ip\", {\n privateIps: [\n \"10.0.0.10\",\n \"10.0.0.11\",\n ],\n subnetId: aws_subnet_main.id,\n});\nconst one = new aws.ec2.Eip(\"one\", {\n associateWithPrivateIp: \"10.0.0.10\",\n networkInterface: multi_ip.id,\n vpc: true,\n});\nconst two = new aws.ec2.Eip(\"two\", {\n associateWithPrivateIp: \"10.0.0.11\",\n networkInterface: multi_ip.id,\n vpc: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmulti_ip = aws.ec2.NetworkInterface(\"multi-ip\",\n private_ips=[\n \"10.0.0.10\",\n \"10.0.0.11\",\n ],\n subnet_id=aws_subnet[\"main\"][\"id\"])\none = aws.ec2.Eip(\"one\",\n associate_with_private_ip=\"10.0.0.10\",\n network_interface=multi_ip.id,\n vpc=True)\ntwo = aws.ec2.Eip(\"two\",\n associate_with_private_ip=\"10.0.0.11\",\n network_interface=multi_ip.id,\n vpc=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var multi_ip = new Aws.Ec2.NetworkInterface(\"multi-ip\", new Aws.Ec2.NetworkInterfaceArgs\n {\n PrivateIps = \n {\n \"10.0.0.10\",\n \"10.0.0.11\",\n },\n SubnetId = aws_subnet.Main.Id,\n });\n var one = new Aws.Ec2.Eip(\"one\", new Aws.Ec2.EipArgs\n {\n AssociateWithPrivateIp = \"10.0.0.10\",\n NetworkInterface = multi_ip.Id,\n Vpc = true,\n });\n var two = new Aws.Ec2.Eip(\"two\", new Aws.Ec2.EipArgs\n {\n AssociateWithPrivateIp = \"10.0.0.11\",\n NetworkInterface = multi_ip.Id,\n Vpc = true,\n });\n }\n\n}\n```\n\nAttaching an EIP to an Instance with a pre-assigned private ip (VPC Only):\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultVpc = new aws.ec2.Vpc(\"default\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsHostnames: true,\n});\nconst gw = new aws.ec2.InternetGateway(\"gw\", {\n vpcId: defaultVpc.id,\n});\nconst tfTestSubnet = new aws.ec2.Subnet(\"tf_test_subnet\", {\n cidrBlock: \"10.0.0.0/24\",\n mapPublicIpOnLaunch: true,\n vpcId: defaultVpc.id,\n}, { dependsOn: [gw] });\nconst foo = new aws.ec2.Instance(\"foo\", {\n // us-west-2\n ami: \"ami-5189a661\",\n instanceType: \"t2.micro\",\n privateIp: \"10.0.0.12\",\n subnetId: tfTestSubnet.id,\n});\nconst bar = new aws.ec2.Eip(\"bar\", {\n associateWithPrivateIp: \"10.0.0.12\",\n instance: foo.id,\n vpc: true,\n}, { dependsOn: [gw] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.Vpc(\"default\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_hostnames=True)\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=default.id)\ntf_test_subnet = aws.ec2.Subnet(\"tfTestSubnet\",\n cidr_block=\"10.0.0.0/24\",\n map_public_ip_on_launch=True,\n vpc_id=default.id)\nfoo = aws.ec2.Instance(\"foo\",\n ami=\"ami-5189a661\",\n instance_type=\"t2.micro\",\n private_ip=\"10.0.0.12\",\n subnet_id=tf_test_subnet.id)\nbar = aws.ec2.Eip(\"bar\",\n associate_with_private_ip=\"10.0.0.12\",\n instance=foo.id,\n vpc=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Ec2.Vpc(\"default\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsHostnames = true,\n });\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new Aws.Ec2.InternetGatewayArgs\n {\n VpcId = @default.Id,\n });\n var tfTestSubnet = new Aws.Ec2.Subnet(\"tfTestSubnet\", new Aws.Ec2.SubnetArgs\n {\n CidrBlock = \"10.0.0.0/24\",\n MapPublicIpOnLaunch = true,\n VpcId = @default.Id,\n });\n var foo = new Aws.Ec2.Instance(\"foo\", new Aws.Ec2.InstanceArgs\n {\n Ami = \"ami-5189a661\",\n InstanceType = \"t2.micro\",\n PrivateIp = \"10.0.0.12\",\n SubnetId = tfTestSubnet.Id,\n });\n var bar = new Aws.Ec2.Eip(\"bar\", new Aws.Ec2.EipArgs\n {\n AssociateWithPrivateIp = \"10.0.0.12\",\n Instance = foo.Id,\n Vpc = true,\n });\n }\n\n}\n```\n\nAllocating EIP from the BYOIP pool:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byoip_ip = new aws.ec2.Eip(\"byoip-ip\", {\n publicIpv4Pool: \"ipv4pool-ec2-012345\",\n vpc: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbyoip_ip = aws.ec2.Eip(\"byoip-ip\",\n public_ipv4_pool=\"ipv4pool-ec2-012345\",\n vpc=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var byoip_ip = new Aws.Ec2.Eip(\"byoip-ip\", new Aws.Ec2.EipArgs\n {\n PublicIpv4Pool = \"ipv4pool-ec2-012345\",\n Vpc = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewEip(ctx, \"byoip-ip\", \u0026ec2.EipArgs{\n\t\t\tPublicIpv4Pool: pulumi.String(\"ipv4pool-ec2-012345\"),\n\t\t\tVpc: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allocationId": { "type": "string" }, "associateWithPrivateIp": { "type": "string", "description": "A user specified primary or secondary private IP address to\nassociate with the Elastic IP address. If no private IP address is specified,\nthe Elastic IP address is associated with the primary private IP address.\n" }, "associationId": { "type": "string" }, "customerOwnedIp": { "type": "string", "description": "Customer owned IP.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "The ID of a customer-owned address pool. For more on customer owned IP addressed check out [Customer-owned IP addresses guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#ip-addressing)\n" }, "domain": { "type": "string" }, "instance": { "type": "string", "description": "EC2 instance ID.\n" }, "networkInterface": { "type": "string", "description": "Network interface ID to associate with.\n" }, "privateDns": { "type": "string", "description": "The Private DNS associated with the Elastic IP address (if in VPC).\n" }, "privateIp": { "type": "string", "description": "Contains the private IP address (if in VPC).\n" }, "publicDns": { "type": "string", "description": "Public DNS associated with the Elastic IP address.\n" }, "publicIp": { "type": "string", "description": "Contains the public IP address.\n" }, "publicIpv4Pool": { "type": "string", "description": "EC2 IPv4 address pool identifier or `amazon`. This option is only available for VPC EIPs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpc": { "type": "boolean", "description": "Boolean if the EIP is in a VPC or not.\n" } }, "required": [ "allocationId", "associationId", "customerOwnedIp", "domain", "instance", "networkInterface", "privateDns", "privateIp", "publicDns", "publicIp", "publicIpv4Pool", "vpc" ], "inputProperties": { "associateWithPrivateIp": { "type": "string", "description": "A user specified primary or secondary private IP address to\nassociate with the Elastic IP address. If no private IP address is specified,\nthe Elastic IP address is associated with the primary private IP address.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "The ID of a customer-owned address pool. For more on customer owned IP addressed check out [Customer-owned IP addresses guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#ip-addressing)\n" }, "instance": { "type": "string", "description": "EC2 instance ID.\n" }, "networkInterface": { "type": "string", "description": "Network interface ID to associate with.\n" }, "publicIpv4Pool": { "type": "string", "description": "EC2 IPv4 address pool identifier or `amazon`. This option is only available for VPC EIPs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpc": { "type": "boolean", "description": "Boolean if the EIP is in a VPC or not.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Eip resources.\n", "properties": { "allocationId": { "type": "string" }, "associateWithPrivateIp": { "type": "string", "description": "A user specified primary or secondary private IP address to\nassociate with the Elastic IP address. If no private IP address is specified,\nthe Elastic IP address is associated with the primary private IP address.\n" }, "associationId": { "type": "string" }, "customerOwnedIp": { "type": "string", "description": "Customer owned IP.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "The ID of a customer-owned address pool. For more on customer owned IP addressed check out [Customer-owned IP addresses guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#ip-addressing)\n" }, "domain": { "type": "string" }, "instance": { "type": "string", "description": "EC2 instance ID.\n" }, "networkInterface": { "type": "string", "description": "Network interface ID to associate with.\n" }, "privateDns": { "type": "string", "description": "The Private DNS associated with the Elastic IP address (if in VPC).\n" }, "privateIp": { "type": "string", "description": "Contains the private IP address (if in VPC).\n" }, "publicDns": { "type": "string", "description": "Public DNS associated with the Elastic IP address.\n" }, "publicIp": { "type": "string", "description": "Contains the public IP address.\n" }, "publicIpv4Pool": { "type": "string", "description": "EC2 IPv4 address pool identifier or `amazon`. This option is only available for VPC EIPs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpc": { "type": "boolean", "description": "Boolean if the EIP is in a VPC or not.\n" } }, "type": "object" } }, "aws:ec2/eipAssociation:EipAssociation": { "description": "Provides an AWS EIP Association as a top level resource, to associate and\ndisassociate Elastic IPs from AWS Instances and Network Interfaces.\n\n\u003e **NOTE:** Do not use this resource to associate an EIP to `aws.lb.LoadBalancer` or `aws.ec2.NatGateway` resources. Instead use the `allocation_id` available in those resources to allow AWS to manage the association, otherwise you will see `AuthFailure` errors.\n\n\u003e **NOTE:** `aws.ec2.EipAssociation` is useful in scenarios where EIPs are either\npre-existing or distributed to customers or users and therefore cannot be changed.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst web = new aws.ec2.Instance(\"web\", {\n ami: \"ami-21f78e11\",\n availabilityZone: \"us-west-2a\",\n instanceType: \"t1.micro\",\n tags: {\n Name: \"HelloWorld\",\n },\n});\nconst example = new aws.ec2.Eip(\"example\", {\n vpc: true,\n});\nconst eipAssoc = new aws.ec2.EipAssociation(\"eip_assoc\", {\n allocationId: example.id,\n instanceId: web.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nweb = aws.ec2.Instance(\"web\",\n ami=\"ami-21f78e11\",\n availability_zone=\"us-west-2a\",\n instance_type=\"t1.micro\",\n tags={\n \"Name\": \"HelloWorld\",\n })\nexample = aws.ec2.Eip(\"example\", vpc=True)\neip_assoc = aws.ec2.EipAssociation(\"eipAssoc\",\n allocation_id=example.id,\n instance_id=web.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var web = new Aws.Ec2.Instance(\"web\", new Aws.Ec2.InstanceArgs\n {\n Ami = \"ami-21f78e11\",\n AvailabilityZone = \"us-west-2a\",\n InstanceType = \"t1.micro\",\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n var example = new Aws.Ec2.Eip(\"example\", new Aws.Ec2.EipArgs\n {\n Vpc = true,\n });\n var eipAssoc = new Aws.Ec2.EipAssociation(\"eipAssoc\", new Aws.Ec2.EipAssociationArgs\n {\n AllocationId = example.Id,\n InstanceId = web.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tweb, err := ec2.NewInstance(ctx, \"web\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-21f78e11\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tInstanceType: pulumi.String(\"t1.micro\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewEip(ctx, \"example\", \u0026ec2.EipArgs{\n\t\t\tVpc: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEipAssociation(ctx, \"eipAssoc\", \u0026ec2.EipAssociationArgs{\n\t\t\tAllocationId: example.ID(),\n\t\t\tInstanceId: web.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allocationId": { "type": "string", "description": "The allocation ID. This is required for EC2-VPC.\n" }, "allowReassociation": { "type": "boolean", "description": "Whether to allow an Elastic IP to\nbe re-associated. Defaults to `true` in VPC.\n" }, "instanceId": { "type": "string", "description": "The ID of the instance. This is required for\nEC2-Classic. For EC2-VPC, you can specify either the instance ID or the\nnetwork interface ID, but not both. The operation fails if you specify an\ninstance ID unless exactly one network interface is attached.\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface. If the\ninstance has more than one network interface, you must specify a network\ninterface ID.\n" }, "privateIpAddress": { "type": "string", "description": "The primary or secondary private IP address\nto associate with the Elastic IP address. If no private IP address is\nspecified, the Elastic IP address is associated with the primary private IP\naddress.\n" }, "publicIp": { "type": "string", "description": "The Elastic IP address. This is required for EC2-Classic.\n" } }, "required": [ "allocationId", "instanceId", "networkInterfaceId", "privateIpAddress", "publicIp" ], "inputProperties": { "allocationId": { "type": "string", "description": "The allocation ID. This is required for EC2-VPC.\n" }, "allowReassociation": { "type": "boolean", "description": "Whether to allow an Elastic IP to\nbe re-associated. Defaults to `true` in VPC.\n" }, "instanceId": { "type": "string", "description": "The ID of the instance. This is required for\nEC2-Classic. For EC2-VPC, you can specify either the instance ID or the\nnetwork interface ID, but not both. The operation fails if you specify an\ninstance ID unless exactly one network interface is attached.\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface. If the\ninstance has more than one network interface, you must specify a network\ninterface ID.\n" }, "privateIpAddress": { "type": "string", "description": "The primary or secondary private IP address\nto associate with the Elastic IP address. If no private IP address is\nspecified, the Elastic IP address is associated with the primary private IP\naddress.\n" }, "publicIp": { "type": "string", "description": "The Elastic IP address. This is required for EC2-Classic.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering EipAssociation resources.\n", "properties": { "allocationId": { "type": "string", "description": "The allocation ID. This is required for EC2-VPC.\n" }, "allowReassociation": { "type": "boolean", "description": "Whether to allow an Elastic IP to\nbe re-associated. Defaults to `true` in VPC.\n" }, "instanceId": { "type": "string", "description": "The ID of the instance. This is required for\nEC2-Classic. For EC2-VPC, you can specify either the instance ID or the\nnetwork interface ID, but not both. The operation fails if you specify an\ninstance ID unless exactly one network interface is attached.\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface. If the\ninstance has more than one network interface, you must specify a network\ninterface ID.\n" }, "privateIpAddress": { "type": "string", "description": "The primary or secondary private IP address\nto associate with the Elastic IP address. If no private IP address is\nspecified, the Elastic IP address is associated with the primary private IP\naddress.\n" }, "publicIp": { "type": "string", "description": "The Elastic IP address. This is required for EC2-Classic.\n" } }, "type": "object" } }, "aws:ec2/fleet:Fleet": { "description": "Provides a resource to manage EC2 Fleets.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Fleet(\"example\", {\n launchTemplateConfig: {\n launchTemplateSpecification: {\n launchTemplateId: aws_launch_template_example.id,\n version: aws_launch_template_example.latestVersion,\n },\n },\n targetCapacitySpecification: {\n defaultTargetCapacityType: \"spot\",\n totalTargetCapacity: 5,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Fleet(\"example\",\n launch_template_config={\n \"launchTemplateSpecification\": {\n \"launchTemplateId\": aws_launch_template[\"example\"][\"id\"],\n \"version\": aws_launch_template[\"example\"][\"latest_version\"],\n },\n },\n target_capacity_specification={\n \"defaultTargetCapacityType\": \"spot\",\n \"totalTargetCapacity\": 5,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.Fleet(\"example\", new Aws.Ec2.FleetArgs\n {\n LaunchTemplateConfig = new Aws.Ec2.Inputs.FleetLaunchTemplateConfigArgs\n {\n LaunchTemplateSpecification = new Aws.Ec2.Inputs.FleetLaunchTemplateConfigLaunchTemplateSpecificationArgs\n {\n LaunchTemplateId = aws_launch_template.Example.Id,\n Version = aws_launch_template.Example.Latest_version,\n },\n },\n TargetCapacitySpecification = new Aws.Ec2.Inputs.FleetTargetCapacitySpecificationArgs\n {\n DefaultTargetCapacityType = \"spot\",\n TotalTargetCapacity = 5,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewFleet(ctx, \"example\", \u0026ec2.FleetArgs{\n\t\t\tLaunchTemplateConfig: \u0026ec2.FleetLaunchTemplateConfigArgs{\n\t\t\t\tLaunchTemplateSpecification: \u0026ec2.FleetLaunchTemplateConfigLaunchTemplateSpecificationArgs{\n\t\t\t\t\tLaunchTemplateId: pulumi.String(aws_launch_template.Example.Id),\n\t\t\t\t\tVersion: pulumi.String(aws_launch_template.Example.Latest_version),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTargetCapacitySpecification: \u0026ec2.FleetTargetCapacitySpecificationArgs{\n\t\t\t\tDefaultTargetCapacityType: pulumi.String(\"spot\"),\n\t\t\t\tTotalTargetCapacity: pulumi.Int(5),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "excessCapacityTerminationPolicy": { "type": "string", "description": "Whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2. Valid values: `no-termination`, `termination`. Defaults to `termination`.\n" }, "launchTemplateConfig": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfig:FleetLaunchTemplateConfig", "description": "Nested argument containing EC2 Launch Template configurations. Defined below.\n" }, "onDemandOptions": { "$ref": "#/types/aws:ec2/FleetOnDemandOptions:FleetOnDemandOptions", "description": "Nested argument containing On-Demand configurations. Defined below.\n" }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Whether EC2 Fleet should replace unhealthy instances. Defaults to `false`.\n" }, "spotOptions": { "$ref": "#/types/aws:ec2/FleetSpotOptions:FleetSpotOptions", "description": "Nested argument containing Spot configurations. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of Fleet tags. To tag instances at launch, specify the tags in the Launch Template.\n" }, "targetCapacitySpecification": { "$ref": "#/types/aws:ec2/FleetTargetCapacitySpecification:FleetTargetCapacitySpecification", "description": "Nested argument containing target capacity configurations. Defined below.\n" }, "terminateInstances": { "type": "boolean", "description": "Whether to terminate instances for an EC2 Fleet if it is deleted successfully. Defaults to `false`.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Whether running instances should be terminated when the EC2 Fleet expires. Defaults to `false`.\n" }, "type": { "type": "string", "description": "The type of request. Indicates whether the EC2 Fleet only requests the target capacity, or also attempts to maintain it. Valid values: `maintain`, `request`. Defaults to `maintain`.\n" } }, "required": [ "launchTemplateConfig", "targetCapacitySpecification" ], "inputProperties": { "excessCapacityTerminationPolicy": { "type": "string", "description": "Whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2. Valid values: `no-termination`, `termination`. Defaults to `termination`.\n" }, "launchTemplateConfig": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfig:FleetLaunchTemplateConfig", "description": "Nested argument containing EC2 Launch Template configurations. Defined below.\n" }, "onDemandOptions": { "$ref": "#/types/aws:ec2/FleetOnDemandOptions:FleetOnDemandOptions", "description": "Nested argument containing On-Demand configurations. Defined below.\n" }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Whether EC2 Fleet should replace unhealthy instances. Defaults to `false`.\n" }, "spotOptions": { "$ref": "#/types/aws:ec2/FleetSpotOptions:FleetSpotOptions", "description": "Nested argument containing Spot configurations. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of Fleet tags. To tag instances at launch, specify the tags in the Launch Template.\n" }, "targetCapacitySpecification": { "$ref": "#/types/aws:ec2/FleetTargetCapacitySpecification:FleetTargetCapacitySpecification", "description": "Nested argument containing target capacity configurations. Defined below.\n" }, "terminateInstances": { "type": "boolean", "description": "Whether to terminate instances for an EC2 Fleet if it is deleted successfully. Defaults to `false`.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Whether running instances should be terminated when the EC2 Fleet expires. Defaults to `false`.\n" }, "type": { "type": "string", "description": "The type of request. Indicates whether the EC2 Fleet only requests the target capacity, or also attempts to maintain it. Valid values: `maintain`, `request`. Defaults to `maintain`.\n" } }, "requiredInputs": [ "launchTemplateConfig", "targetCapacitySpecification" ], "stateInputs": { "description": "Input properties used for looking up and filtering Fleet resources.\n", "properties": { "excessCapacityTerminationPolicy": { "type": "string", "description": "Whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2. Valid values: `no-termination`, `termination`. Defaults to `termination`.\n" }, "launchTemplateConfig": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfig:FleetLaunchTemplateConfig", "description": "Nested argument containing EC2 Launch Template configurations. Defined below.\n" }, "onDemandOptions": { "$ref": "#/types/aws:ec2/FleetOnDemandOptions:FleetOnDemandOptions", "description": "Nested argument containing On-Demand configurations. Defined below.\n" }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Whether EC2 Fleet should replace unhealthy instances. Defaults to `false`.\n" }, "spotOptions": { "$ref": "#/types/aws:ec2/FleetSpotOptions:FleetSpotOptions", "description": "Nested argument containing Spot configurations. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of Fleet tags. To tag instances at launch, specify the tags in the Launch Template.\n" }, "targetCapacitySpecification": { "$ref": "#/types/aws:ec2/FleetTargetCapacitySpecification:FleetTargetCapacitySpecification", "description": "Nested argument containing target capacity configurations. Defined below.\n" }, "terminateInstances": { "type": "boolean", "description": "Whether to terminate instances for an EC2 Fleet if it is deleted successfully. Defaults to `false`.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Whether running instances should be terminated when the EC2 Fleet expires. Defaults to `false`.\n" }, "type": { "type": "string", "description": "The type of request. Indicates whether the EC2 Fleet only requests the target capacity, or also attempts to maintain it. Valid values: `maintain`, `request`. Defaults to `maintain`.\n" } }, "type": "object" } }, "aws:ec2/flowLog:FlowLog": { "description": "Provides a VPC/Subnet/ENI Flow Log to capture IP traffic for a specific network\ninterface, subnet, or VPC. Logs are sent to a CloudWatch Log Group or a S3 Bucket.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### CloudWatch Logging\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {});\nconst exampleRole = new aws.iam.Role(\"example\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"vpc-flow-logs.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n`,\n});\nconst exampleFlowLog = new aws.ec2.FlowLog(\"example\", {\n iamRoleArn: exampleRole.arn,\n logDestination: exampleLogGroup.arn,\n trafficType: \"ALL\",\n vpcId: aws_vpc_example.id,\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n role: exampleRole.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"exampleLogGroup\")\nexample_role = aws.iam.Role(\"exampleRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"vpc-flow-logs.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n\n\"\"\")\nexample_flow_log = aws.ec2.FlowLog(\"exampleFlowLog\",\n iam_role_arn=example_role.arn,\n log_destination=example_log_group.arn,\n traffic_type=\"ALL\",\n vpc_id=aws_vpc[\"example\"][\"id\"])\nexample_role_policy = aws.iam.RolePolicy(\"exampleRolePolicy\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n\n\"\"\",\n role=example_role.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"exampleLogGroup\", new Aws.CloudWatch.LogGroupArgs\n {\n });\n var exampleRole = new Aws.Iam.Role(\"exampleRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Sid\"\": \"\"\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"vpc-flow-logs.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"sts:AssumeRole\"\"\n }\n ]\n}\n\n\",\n });\n var exampleFlowLog = new Aws.Ec2.FlowLog(\"exampleFlowLog\", new Aws.Ec2.FlowLogArgs\n {\n IamRoleArn = exampleRole.Arn,\n LogDestination = exampleLogGroup.Arn,\n TrafficType = \"ALL\",\n VpcId = aws_vpc.Example.Id,\n });\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"exampleRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"logs:CreateLogGroup\"\",\n \"\"logs:CreateLogStream\"\",\n \"\"logs:PutLogEvents\"\",\n \"\"logs:DescribeLogGroups\"\",\n \"\"logs:DescribeLogStreams\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\n\",\n Role = exampleRole.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"exampleLogGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"exampleRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"vpc-flow-logs.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewFlowLog(ctx, \"exampleFlowLog\", \u0026ec2.FlowLogArgs{\n\t\t\tIamRoleArn: exampleRole.Arn,\n\t\t\tLogDestination: exampleLogGroup.Arn,\n\t\t\tTrafficType: pulumi.String(\"ALL\"),\n\t\t\tVpcId: pulumi.String(aws_vpc.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"exampleRolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"logs:CreateLogGroup\\\",\\n\", \" \\\"logs:CreateLogStream\\\",\\n\", \" \\\"logs:PutLogEvents\\\",\\n\", \" \\\"logs:DescribeLogGroups\\\",\\n\", \" \\\"logs:DescribeLogStreams\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRole: exampleRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### S3 Logging\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucket = new aws.s3.Bucket(\"example\", {});\nconst exampleFlowLog = new aws.ec2.FlowLog(\"example\", {\n logDestination: exampleBucket.arn,\n logDestinationType: \"s3\",\n trafficType: \"ALL\",\n vpcId: aws_vpc_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket = aws.s3.Bucket(\"exampleBucket\")\nexample_flow_log = aws.ec2.FlowLog(\"exampleFlowLog\",\n log_destination=example_bucket.arn,\n log_destination_type=\"s3\",\n traffic_type=\"ALL\",\n vpc_id=aws_vpc[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleBucket = new Aws.S3.Bucket(\"exampleBucket\", new Aws.S3.BucketArgs\n {\n });\n var exampleFlowLog = new Aws.Ec2.FlowLog(\"exampleFlowLog\", new Aws.Ec2.FlowLogArgs\n {\n LogDestination = exampleBucket.Arn,\n LogDestinationType = \"s3\",\n TrafficType = \"ALL\",\n VpcId = aws_vpc.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucket, err := s3.NewBucket(ctx, \"exampleBucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewFlowLog(ctx, \"exampleFlowLog\", \u0026ec2.FlowLogArgs{\n\t\t\tLogDestination: exampleBucket.Arn,\n\t\t\tLogDestinationType: pulumi.String(\"s3\"),\n\t\t\tTrafficType: pulumi.String(\"ALL\"),\n\t\t\tVpcId: pulumi.String(aws_vpc.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Flow Log.\n" }, "eniId": { "type": "string", "description": "Elastic Network Interface ID to attach to\n" }, "iamRoleArn": { "type": "string", "description": "The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group\n" }, "logDestination": { "type": "string", "description": "The ARN of the logging destination.\n" }, "logDestinationType": { "type": "string", "description": "The type of the logging destination. Valid values: `cloud-watch-logs`, `s3`. Default: `cloud-watch-logs`.\n" }, "logFormat": { "type": "string", "description": "The fields to include in the flow log record, in the order in which they should appear.\n" }, "logGroupName": { "type": "string", "description": "*Deprecated:* Use `log_destination` instead. The name of the CloudWatch log group.\n", "deprecationMessage": "use 'log_destination' argument instead" }, "maxAggregationInterval": { "type": "integer", "description": "The maximum interval of time\nduring which a flow of packets is captured and aggregated into a flow\nlog record. Valid Values: `60` seconds (1 minute) or `600` seconds (10\nminutes). Default: `600`.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to attach to\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "trafficType": { "type": "string", "description": "The type of traffic to capture. Valid values: `ACCEPT`,`REJECT`, `ALL`.\n" }, "vpcId": { "type": "string", "description": "VPC ID to attach to\n" } }, "required": [ "arn", "logDestination", "logFormat", "logGroupName", "trafficType" ], "inputProperties": { "eniId": { "type": "string", "description": "Elastic Network Interface ID to attach to\n" }, "iamRoleArn": { "type": "string", "description": "The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group\n" }, "logDestination": { "type": "string", "description": "The ARN of the logging destination.\n" }, "logDestinationType": { "type": "string", "description": "The type of the logging destination. Valid values: `cloud-watch-logs`, `s3`. Default: `cloud-watch-logs`.\n" }, "logFormat": { "type": "string", "description": "The fields to include in the flow log record, in the order in which they should appear.\n" }, "logGroupName": { "type": "string", "description": "*Deprecated:* Use `log_destination` instead. The name of the CloudWatch log group.\n", "deprecationMessage": "use 'log_destination' argument instead" }, "maxAggregationInterval": { "type": "integer", "description": "The maximum interval of time\nduring which a flow of packets is captured and aggregated into a flow\nlog record. Valid Values: `60` seconds (1 minute) or `600` seconds (10\nminutes). Default: `600`.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to attach to\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "trafficType": { "type": "string", "description": "The type of traffic to capture. Valid values: `ACCEPT`,`REJECT`, `ALL`.\n" }, "vpcId": { "type": "string", "description": "VPC ID to attach to\n" } }, "requiredInputs": [ "trafficType" ], "stateInputs": { "description": "Input properties used for looking up and filtering FlowLog resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Flow Log.\n" }, "eniId": { "type": "string", "description": "Elastic Network Interface ID to attach to\n" }, "iamRoleArn": { "type": "string", "description": "The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group\n" }, "logDestination": { "type": "string", "description": "The ARN of the logging destination.\n" }, "logDestinationType": { "type": "string", "description": "The type of the logging destination. Valid values: `cloud-watch-logs`, `s3`. Default: `cloud-watch-logs`.\n" }, "logFormat": { "type": "string", "description": "The fields to include in the flow log record, in the order in which they should appear.\n" }, "logGroupName": { "type": "string", "description": "*Deprecated:* Use `log_destination` instead. The name of the CloudWatch log group.\n", "deprecationMessage": "use 'log_destination' argument instead" }, "maxAggregationInterval": { "type": "integer", "description": "The maximum interval of time\nduring which a flow of packets is captured and aggregated into a flow\nlog record. Valid Values: `60` seconds (1 minute) or `600` seconds (10\nminutes). Default: `600`.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to attach to\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "trafficType": { "type": "string", "description": "The type of traffic to capture. Valid values: `ACCEPT`,`REJECT`, `ALL`.\n" }, "vpcId": { "type": "string", "description": "VPC ID to attach to\n" } }, "type": "object" } }, "aws:ec2/instance:Instance": { "description": "Provides an EC2 instance resource. This allows instances to be created, updated,\nand deleted.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = pulumi.output(aws.getAmi({\n filters: [\n {\n name: \"name\",\n values: [\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\"],\n },\n {\n name: \"virtualization-type\",\n values: [\"hvm\"],\n },\n ],\n mostRecent: true,\n owners: [\"099720109477\"], // Canonical\n}, { async: true }));\nconst web = new aws.ec2.Instance(\"web\", {\n ami: ubuntu.id,\n instanceType: \"t2.micro\",\n tags: {\n Name: \"HelloWorld\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.get_ami(filters=[\n {\n \"name\": \"name\",\n \"values\": [\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\"],\n },\n {\n \"name\": \"virtualization-type\",\n \"values\": [\"hvm\"],\n },\n ],\n most_recent=True,\n owners=[\"099720109477\"])\nweb = aws.ec2.Instance(\"web\",\n ami=ubuntu.id,\n instance_type=\"t2.micro\",\n tags={\n \"Name\": \"HelloWorld\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ubuntu = Output.Create(Aws.GetAmi.InvokeAsync(new Aws.GetAmiArgs\n {\n Filters = \n {\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"name\",\n Values = \n {\n \"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\",\n },\n },\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"virtualization-type\",\n Values = \n {\n \"hvm\",\n },\n },\n },\n MostRecent = true,\n Owners = \n {\n \"099720109477\",\n },\n }));\n var web = new Aws.Ec2.Instance(\"web\", new Aws.Ec2.InstanceArgs\n {\n Ami = ubuntu.Apply(ubuntu =\u003e ubuntu.Id),\n InstanceType = \"t2.micro\",\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\tubuntu, err := aws.GetAmi(ctx, \u0026aws.GetAmiArgs{\n\t\t\tFilters: []aws.GetAmiFilter{\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"virtualization-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"hvm\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tMostRecent: \u0026opt0,\n\t\t\tOwners: []string{\n\t\t\t\t\"099720109477\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"web\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(ubuntu.Id),\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "ami": { "type": "string", "description": "The AMI to use for the instance.\n" }, "arn": { "type": "string", "description": "The ARN of the instance.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC. Boolean value.\n" }, "availabilityZone": { "type": "string", "description": "The AZ to start the instance in.\n" }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is\nonly supported on creation of instance type that support CPU Options\n[CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n" }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/InstanceCreditSpecification:InstanceCreditSpecification", "description": "Customize the credit specification of the instance. See Credit Specification below for more details.\n" }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination)\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\nNote that if this is not set on an instance type that is optimized by default then\nthis will show as disabled but if the instance type is optimized by default then\nthere is no need to set this and there is no effect to disabling it.\nSee the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n" }, "hostId": { "type": "string", "description": "The Id of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n" }, "iamInstanceProfile": { "type": "string", "description": "The IAM Instance Profile to\nlaunch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the\ninstance. Amazon defaults this to `stop` for EBS-backed instances and\n`terminate` for instance-store instances. Cannot be set on instance-store\ninstances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n" }, "instanceState": { "type": "string", "description": "The state of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`. See [Instance Lifecycle](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) for more information.\n", "language": { "csharp": { "name": "State" } } }, "instanceType": { "type": "string", "$ref": "#/types/aws:ec2/instanceType:InstanceType", "description": "The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance.\n" }, "ipv6AddressCount": { "type": "integer", "description": "A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n" }, "keyName": { "type": "string", "description": "The key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/InstanceMetadataOptions:InstanceMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n" }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceNetworkInterface:InstanceNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n" }, "outpostArn": { "type": "string", "description": "The ARN of the Outpost the instance is assigned to.\n" }, "passwordData": { "type": "string", "description": "Base-64 encoded encrypted password data for the instance.\nUseful for getting the administrator password for instances running Microsoft Windows.\nThis attribute is only exported if `get_password_data` is true.\nNote that this encrypted value will be stored in the state file, as with all exported attributes.\nSee [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "placementGroup": { "type": "string", "description": "The Placement Group to start the instance in.\n" }, "primaryNetworkInterfaceId": { "type": "string", "description": "The ID of the instance's primary network interface.\n" }, "privateDns": { "type": "string", "description": "The private DNS name assigned to the instance. Can only be\nused inside the Amazon EC2, and only available if you've enabled DNS hostnames\nfor your VPC\n" }, "privateIp": { "type": "string", "description": "Private IP address to associate with the\ninstance in a VPC.\n" }, "publicDns": { "type": "string", "description": "The public DNS name assigned to the instance. For EC2-VPC, this\nis only available if you've enabled DNS hostnames for your VPC\n" }, "publicIp": { "type": "string", "description": "The public IP address assigned to the instance, if applicable. **NOTE**: If you are using an `aws.ec2.Eip` with your instance, you should refer to the EIP's address directly and not use `public_ip`, as this field will change after the EIP is attached.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/InstanceRootBlockDevice:InstanceRootBlockDevice", "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names (EC2-Classic) or IDs (default VPC) to associate with.\n", "deprecationMessage": "Use of `securityGroups` is discouraged as it does not allow for changes and will force your instance to be replaced if changes are made. To avoid this, use `vpcSecurityGroupIds` which allows for updates." }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when\nthe destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n" }, "subnetId": { "type": "string", "description": "The VPC Subnet ID to launch in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tenancy": { "type": "string", "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for the import-instance command.\n" }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n" }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the devices created by the instance at launch time.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with.\n" } }, "required": [ "ami", "arn", "associatePublicIpAddress", "availabilityZone", "cpuCoreCount", "cpuThreadsPerCore", "ebsBlockDevices", "ephemeralBlockDevices", "hostId", "instanceState", "instanceType", "ipv6AddressCount", "ipv6Addresses", "keyName", "metadataOptions", "networkInterfaces", "outpostArn", "passwordData", "placementGroup", "primaryNetworkInterfaceId", "privateDns", "privateIp", "publicDns", "publicIp", "rootBlockDevice", "securityGroups", "subnetId", "tenancy", "volumeTags", "vpcSecurityGroupIds" ], "inputProperties": { "ami": { "type": "string", "description": "The AMI to use for the instance.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC. Boolean value.\n" }, "availabilityZone": { "type": "string", "description": "The AZ to start the instance in.\n" }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is\nonly supported on creation of instance type that support CPU Options\n[CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n" }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/InstanceCreditSpecification:InstanceCreditSpecification", "description": "Customize the credit specification of the instance. See Credit Specification below for more details.\n" }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination)\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\nNote that if this is not set on an instance type that is optimized by default then\nthis will show as disabled but if the instance type is optimized by default then\nthere is no need to set this and there is no effect to disabling it.\nSee the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n" }, "hostId": { "type": "string", "description": "The Id of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n" }, "iamInstanceProfile": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/instanceProfile:InstanceProfile" } ], "description": "The IAM Instance Profile to\nlaunch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the\ninstance. Amazon defaults this to `stop` for EBS-backed instances and\n`terminate` for instance-store instances. Cannot be set on instance-store\ninstances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n" }, "instanceType": { "type": "string", "$ref": "#/types/aws:ec2/instanceType:InstanceType", "description": "The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance.\n" }, "ipv6AddressCount": { "type": "integer", "description": "A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n" }, "keyName": { "type": "string", "description": "The key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/InstanceMetadataOptions:InstanceMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n" }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceNetworkInterface:InstanceNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n" }, "placementGroup": { "type": "string", "description": "The Placement Group to start the instance in.\n" }, "privateIp": { "type": "string", "description": "Private IP address to associate with the\ninstance in a VPC.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/InstanceRootBlockDevice:InstanceRootBlockDevice", "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names (EC2-Classic) or IDs (default VPC) to associate with.\n", "deprecationMessage": "Use of `securityGroups` is discouraged as it does not allow for changes and will force your instance to be replaced if changes are made. To avoid this, use `vpcSecurityGroupIds` which allows for updates." }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when\nthe destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n" }, "subnetId": { "type": "string", "description": "The VPC Subnet ID to launch in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tenancy": { "type": "string", "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for the import-instance command.\n" }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n" }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the devices created by the instance at launch time.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with.\n" } }, "requiredInputs": [ "ami", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "ami": { "type": "string", "description": "The AMI to use for the instance.\n" }, "arn": { "type": "string", "description": "The ARN of the instance.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC. Boolean value.\n" }, "availabilityZone": { "type": "string", "description": "The AZ to start the instance in.\n" }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is\nonly supported on creation of instance type that support CPU Options\n[CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n" }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/InstanceCreditSpecification:InstanceCreditSpecification", "description": "Customize the credit specification of the instance. See Credit Specification below for more details.\n" }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination)\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\nNote that if this is not set on an instance type that is optimized by default then\nthis will show as disabled but if the instance type is optimized by default then\nthere is no need to set this and there is no effect to disabling it.\nSee the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n" }, "hostId": { "type": "string", "description": "The Id of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n" }, "iamInstanceProfile": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/instanceProfile:InstanceProfile" } ], "description": "The IAM Instance Profile to\nlaunch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the\ninstance. Amazon defaults this to `stop` for EBS-backed instances and\n`terminate` for instance-store instances. Cannot be set on instance-store\ninstances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n" }, "instanceState": { "type": "string", "description": "The state of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`. See [Instance Lifecycle](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) for more information.\n", "language": { "csharp": { "name": "State" } } }, "instanceType": { "type": "string", "$ref": "#/types/aws:ec2/instanceType:InstanceType", "description": "The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance.\n" }, "ipv6AddressCount": { "type": "integer", "description": "A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n" }, "keyName": { "type": "string", "description": "The key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/InstanceMetadataOptions:InstanceMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n" }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceNetworkInterface:InstanceNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n" }, "outpostArn": { "type": "string", "description": "The ARN of the Outpost the instance is assigned to.\n" }, "passwordData": { "type": "string", "description": "Base-64 encoded encrypted password data for the instance.\nUseful for getting the administrator password for instances running Microsoft Windows.\nThis attribute is only exported if `get_password_data` is true.\nNote that this encrypted value will be stored in the state file, as with all exported attributes.\nSee [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "placementGroup": { "type": "string", "description": "The Placement Group to start the instance in.\n" }, "primaryNetworkInterfaceId": { "type": "string", "description": "The ID of the instance's primary network interface.\n" }, "privateDns": { "type": "string", "description": "The private DNS name assigned to the instance. Can only be\nused inside the Amazon EC2, and only available if you've enabled DNS hostnames\nfor your VPC\n" }, "privateIp": { "type": "string", "description": "Private IP address to associate with the\ninstance in a VPC.\n" }, "publicDns": { "type": "string", "description": "The public DNS name assigned to the instance. For EC2-VPC, this\nis only available if you've enabled DNS hostnames for your VPC\n" }, "publicIp": { "type": "string", "description": "The public IP address assigned to the instance, if applicable. **NOTE**: If you are using an `aws.ec2.Eip` with your instance, you should refer to the EIP's address directly and not use `public_ip`, as this field will change after the EIP is attached.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/InstanceRootBlockDevice:InstanceRootBlockDevice", "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names (EC2-Classic) or IDs (default VPC) to associate with.\n", "deprecationMessage": "Use of `securityGroups` is discouraged as it does not allow for changes and will force your instance to be replaced if changes are made. To avoid this, use `vpcSecurityGroupIds` which allows for updates." }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when\nthe destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n" }, "subnetId": { "type": "string", "description": "The VPC Subnet ID to launch in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tenancy": { "type": "string", "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for the import-instance command.\n" }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n" }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the devices created by the instance at launch time.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with.\n" } }, "type": "object" } }, "aws:ec2/internetGateway:InternetGateway": { "description": "Provides a resource to create a VPC Internet Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {\n tags: {\n Name: \"main\",\n },\n vpcId: aws_vpc_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\",\n tags={\n \"Name\": \"main\",\n },\n vpc_id=aws_vpc[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new Aws.Ec2.InternetGatewayArgs\n {\n Tags = \n {\n { \"Name\", \"main\" },\n },\n VpcId = aws_vpc.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t\tVpcId: pulumi.String(aws_vpc.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Internet Gateway.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the internet gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "required": [ "arn", "ownerId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering InternetGateway resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Internet Gateway.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the internet gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "type": "object" } }, "aws:ec2/keyPair:KeyPair": { "description": "Provides an [EC2 key pair](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) resource. A key pair is used to control login access to EC2 instances.\n\nCurrently this resource requires an existing user-supplied key pair. This key pair's public key will be registered with AWS to allow logging-in to EC2 instances.\n\nWhen importing an existing key pair the public key material may be in any format supported by AWS. Supported formats (per the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#how-to-generate-your-own-key-and-import-it-to-aws)) are:\n\n* OpenSSH public key format (the format in ~/.ssh/authorized_keys)\n* Base64 encoded DER format\n* SSH public key file format as specified in RFC4716\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst deployer = new aws.ec2.KeyPair(\"deployer\", {\n publicKey: \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndeployer = aws.ec2.KeyPair(\"deployer\", public_key=\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var deployer = new Aws.Ec2.KeyPair(\"deployer\", new Aws.Ec2.KeyPairArgs\n {\n PublicKey = \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewKeyPair(ctx, \"deployer\", \u0026ec2.KeyPairArgs{\n\t\t\tPublicKey: pulumi.String(\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The key pair ARN.\n" }, "fingerprint": { "type": "string", "description": "The MD5 public key fingerprint as specified in section 4 of RFC 4716.\n" }, "keyName": { "type": "string", "description": "The name for the key pair.\n" }, "keyNamePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `key_name`.\n" }, "keyPairId": { "type": "string", "description": "The key pair ID.\n" }, "publicKey": { "type": "string", "description": "The public key material.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "fingerprint", "keyName", "keyPairId", "publicKey" ], "inputProperties": { "keyName": { "type": "string", "description": "The name for the key pair.\n" }, "keyNamePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `key_name`.\n" }, "publicKey": { "type": "string", "description": "The public key material.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "publicKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering KeyPair resources.\n", "properties": { "arn": { "type": "string", "description": "The key pair ARN.\n" }, "fingerprint": { "type": "string", "description": "The MD5 public key fingerprint as specified in section 4 of RFC 4716.\n" }, "keyName": { "type": "string", "description": "The name for the key pair.\n" }, "keyNamePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `key_name`.\n" }, "keyPairId": { "type": "string", "description": "The key pair ID.\n" }, "publicKey": { "type": "string", "description": "The public key material.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:ec2/launchConfiguration:LaunchConfiguration": { "description": "Provides a resource to create a new launch configuration, used for autoscaling groups.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = pulumi.output(aws.getAmi({\n filters: [\n {\n name: \"name\",\n values: [\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\"],\n },\n {\n name: \"virtualization-type\",\n values: [\"hvm\"],\n },\n ],\n mostRecent: true,\n owners: [\"099720109477\"], // Canonical\n}, { async: true }));\nconst asConf = new aws.ec2.LaunchConfiguration(\"as_conf\", {\n imageId: ubuntu.id,\n instanceType: \"t2.micro\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.get_ami(filters=[\n {\n \"name\": \"name\",\n \"values\": [\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\"],\n },\n {\n \"name\": \"virtualization-type\",\n \"values\": [\"hvm\"],\n },\n ],\n most_recent=True,\n owners=[\"099720109477\"])\nas_conf = aws.ec2.LaunchConfiguration(\"asConf\",\n image_id=ubuntu.id,\n instance_type=\"t2.micro\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ubuntu = Output.Create(Aws.GetAmi.InvokeAsync(new Aws.GetAmiArgs\n {\n Filters = \n {\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"name\",\n Values = \n {\n \"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\",\n },\n },\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"virtualization-type\",\n Values = \n {\n \"hvm\",\n },\n },\n },\n MostRecent = true,\n Owners = \n {\n \"099720109477\",\n },\n }));\n var asConf = new Aws.Ec2.LaunchConfiguration(\"asConf\", new Aws.Ec2.LaunchConfigurationArgs\n {\n ImageId = ubuntu.Apply(ubuntu =\u003e ubuntu.Id),\n InstanceType = \"t2.micro\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\tubuntu, err := aws.GetAmi(ctx, \u0026aws.GetAmiArgs{\n\t\t\tFilters: []aws.GetAmiFilter{\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"virtualization-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"hvm\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tMostRecent: \u0026opt0,\n\t\t\tOwners: []string{\n\t\t\t\t\"099720109477\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewLaunchConfiguration(ctx, \"asConf\", \u0026ec2.LaunchConfigurationArgs{\n\t\t\tImageId: pulumi.String(ubuntu.Id),\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Using with AutoScaling Groups\n\nLaunch Configurations cannot be updated after creation with the Amazon\nWeb Service API. In order to update a Launch Configuration, this provider will\ndestroy the existing resource and create a replacement. In order to effectively\nuse a Launch Configuration resource with an [AutoScaling Group resource](https://www.terraform.io/docs/providers/aws/r/autoscaling_group.html),\nit's recommended to specify `create_before_destroy` in a [lifecycle](https://www.terraform.io/docs/configuration/resources.html#lifecycle) block.\nEither omit the Launch Configuration `name` attribute, or specify a partial name\nwith `name_prefix`. Example:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = pulumi.output(aws.getAmi({\n filters: [\n {\n name: \"name\",\n values: [\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\"],\n },\n {\n name: \"virtualization-type\",\n values: [\"hvm\"],\n },\n ],\n mostRecent: true,\n owners: [\"099720109477\"], // Canonical\n}, { async: true }));\nconst asConf = new aws.ec2.LaunchConfiguration(\"as_conf\", {\n imageId: ubuntu.id,\n instanceType: \"t2.micro\",\n namePrefix: \"lc-example-\",\n});\nconst bar = new aws.autoscaling.Group(\"bar\", {\n launchConfiguration: asConf.name,\n maxSize: 2,\n minSize: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.get_ami(filters=[\n {\n \"name\": \"name\",\n \"values\": [\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\"],\n },\n {\n \"name\": \"virtualization-type\",\n \"values\": [\"hvm\"],\n },\n ],\n most_recent=True,\n owners=[\"099720109477\"])\nas_conf = aws.ec2.LaunchConfiguration(\"asConf\",\n image_id=ubuntu.id,\n instance_type=\"t2.micro\",\n name_prefix=\"lc-example-\")\nbar = aws.autoscaling.Group(\"bar\",\n launch_configuration=as_conf.name,\n max_size=2,\n min_size=1)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ubuntu = Output.Create(Aws.GetAmi.InvokeAsync(new Aws.GetAmiArgs\n {\n Filters = \n {\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"name\",\n Values = \n {\n \"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\",\n },\n },\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"virtualization-type\",\n Values = \n {\n \"hvm\",\n },\n },\n },\n MostRecent = true,\n Owners = \n {\n \"099720109477\",\n },\n }));\n var asConf = new Aws.Ec2.LaunchConfiguration(\"asConf\", new Aws.Ec2.LaunchConfigurationArgs\n {\n ImageId = ubuntu.Apply(ubuntu =\u003e ubuntu.Id),\n InstanceType = \"t2.micro\",\n NamePrefix = \"lc-example-\",\n });\n var bar = new Aws.AutoScaling.Group(\"bar\", new Aws.AutoScaling.GroupArgs\n {\n LaunchConfiguration = asConf.Name,\n MaxSize = 2,\n MinSize = 1,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\tubuntu, err := aws.GetAmi(ctx, \u0026aws.GetAmiArgs{\n\t\t\tFilters: []aws.GetAmiFilter{\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"virtualization-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"hvm\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tMostRecent: \u0026opt0,\n\t\t\tOwners: []string{\n\t\t\t\t\"099720109477\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tasConf, err := ec2.NewLaunchConfiguration(ctx, \"asConf\", \u0026ec2.LaunchConfigurationArgs{\n\t\t\tImageId: pulumi.String(ubuntu.Id),\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tNamePrefix: pulumi.String(\"lc-example-\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"bar\", \u0026autoscaling.GroupArgs{\n\t\t\tLaunchConfiguration: asConf.Name,\n\t\t\tMaxSize: pulumi.Int(2),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nWith this setup this provider generates a unique name for your Launch\nConfiguration and can then update the AutoScaling Group without conflict before\ndestroying the previous Launch Configuration.\n\n## Using with Spot Instances\n\nLaunch configurations can set the spot instance pricing to be used for the\nAuto Scaling Group to reserve instances. Simply specifying the `spot_price`\nparameter will set the price on the Launch Configuration which will attempt to\nreserve your instances at this price. See the [AWS Spot Instance\ndocumentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances.html)\nfor more information or how to launch [Spot Instances](https://www.terraform.io/docs/providers/aws/r/spot_instance_request.html) with this provider.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = pulumi.output(aws.getAmi({\n filters: [\n {\n name: \"name\",\n values: [\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\"],\n },\n {\n name: \"virtualization-type\",\n values: [\"hvm\"],\n },\n ],\n mostRecent: true,\n owners: [\"099720109477\"], // Canonical\n}, { async: true }));\nconst asConf = new aws.ec2.LaunchConfiguration(\"as_conf\", {\n imageId: ubuntu.id,\n instanceType: \"m4.large\",\n spotPrice: \"0.001\",\n});\nconst bar = new aws.autoscaling.Group(\"bar\", {\n launchConfiguration: asConf.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.get_ami(filters=[\n {\n \"name\": \"name\",\n \"values\": [\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\"],\n },\n {\n \"name\": \"virtualization-type\",\n \"values\": [\"hvm\"],\n },\n ],\n most_recent=True,\n owners=[\"099720109477\"])\nas_conf = aws.ec2.LaunchConfiguration(\"asConf\",\n image_id=ubuntu.id,\n instance_type=\"m4.large\",\n spot_price=\"0.001\")\nbar = aws.autoscaling.Group(\"bar\", launch_configuration=as_conf.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ubuntu = Output.Create(Aws.GetAmi.InvokeAsync(new Aws.GetAmiArgs\n {\n Filters = \n {\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"name\",\n Values = \n {\n \"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\",\n },\n },\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"virtualization-type\",\n Values = \n {\n \"hvm\",\n },\n },\n },\n MostRecent = true,\n Owners = \n {\n \"099720109477\",\n },\n }));\n var asConf = new Aws.Ec2.LaunchConfiguration(\"asConf\", new Aws.Ec2.LaunchConfigurationArgs\n {\n ImageId = ubuntu.Apply(ubuntu =\u003e ubuntu.Id),\n InstanceType = \"m4.large\",\n SpotPrice = \"0.001\",\n });\n var bar = new Aws.AutoScaling.Group(\"bar\", new Aws.AutoScaling.GroupArgs\n {\n LaunchConfiguration = asConf.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\tubuntu, err := aws.GetAmi(ctx, \u0026aws.GetAmiArgs{\n\t\t\tFilters: []aws.GetAmiFilter{\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"virtualization-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"hvm\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tMostRecent: \u0026opt0,\n\t\t\tOwners: []string{\n\t\t\t\t\"099720109477\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tasConf, err := ec2.NewLaunchConfiguration(ctx, \"asConf\", \u0026ec2.LaunchConfigurationArgs{\n\t\t\tImageId: pulumi.String(ubuntu.Id),\n\t\t\tInstanceType: pulumi.String(\"m4.large\"),\n\t\t\tSpotPrice: pulumi.String(\"0.001\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"bar\", \u0026autoscaling.GroupArgs{\n\t\t\tLaunchConfiguration: asConf.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Block devices\n\nEach of the `*_block_device` attributes controls a portion of the AWS\nLaunch Configuration's \"Block Device Mapping\". It's a good idea to familiarize yourself with [AWS's Block Device\nMapping docs](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html)\nto understand the implications of using these attributes.\n\nThe `root_block_device` mapping supports the following:\n\n* `volume_type` - (Optional) The type of volume. Can be `\"standard\"`, `\"gp2\"`,\n or `\"io1\"`. (Default: `\"standard\"`).\n* `volume_size` - (Optional) The size of the volume in gigabytes.\n* `iops` - (Optional) The amount of provisioned\n [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html).\n This must be set with a `volume_type` of `\"io1\"`.\n* `delete_on_termination` - (Optional) Whether the volume should be destroyed\n on instance termination (Default: `true`).\n* `encrypted` - (Optional) Whether the volume should be encrypted or not. (Default: `false`).\n\nModifying any of the `root_block_device` settings requires resource\nreplacement.\n\nEach `ebs_block_device` supports the following:\n\n* `device_name` - (Required) The name of the device to mount.\n* `snapshot_id` - (Optional) The Snapshot ID to mount.\n* `volume_type` - (Optional) The type of volume. Can be `\"standard\"`, `\"gp2\"`,\n or `\"io1\"`. (Default: `\"standard\"`).\n* `volume_size` - (Optional) The size of the volume in gigabytes.\n* `iops` - (Optional) The amount of provisioned\n [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html).\n This must be set with a `volume_type` of `\"io1\"`.\n* `delete_on_termination` - (Optional) Whether the volume should be destroyed\n on instance termination (Default: `true`).\n* `encrypted` - (Optional) Whether the volume should be encrypted or not. Do not use this option if you are using `snapshot_id` as the encrypted flag will be determined by the snapshot. (Default: `false`).\n\nModifying any `ebs_block_device` currently requires resource replacement.\n\nEach `ephemeral_block_device` supports the following:\n\n* `device_name` - The name of the block device to mount on the instance.\n* `virtual_name` - The [Instance Store Device\n Name](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames)\n (e.g. `\"ephemeral0\"`)\n\nEach AWS Instance type has a different set of Instance Store block devices\navailable for attachment. AWS [publishes a\nlist](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#StorageOnInstanceTypes)\nof which ephemeral devices are available on each type. The devices are always\nidentified by the `virtual_name` in the format `\"ephemeral{0..N}\"`.\n\n\u003e **NOTE:** Changes to `*_block_device` configuration of _existing_ resources\ncannot currently be detected by this provider. After updating to block device\nconfiguration, resource recreation can be manually triggered by using the\n[`up` command with the --replace argument](https://www.pulumi.com/docs/reference/cli/pulumi_up/).\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the launch configuration.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEbsBlockDevice:LaunchConfigurationEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. See Block Devices below for details.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\n" }, "enableMonitoring": { "type": "boolean", "description": "Enables/disables detailed monitoring. This is enabled by default.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEphemeralBlockDevice:LaunchConfigurationEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "iamInstanceProfile": { "type": "string", "description": "The name attribute of the IAM instance profile to associate\nwith launched instances.\n" }, "imageId": { "type": "string", "description": "The EC2 image ID to launch.\n" }, "instanceType": { "type": "string", "description": "The size of instance to launch.\n" }, "keyName": { "type": "string", "description": "The key name that should be used for the instance.\n" }, "name": { "type": "string", "description": "The name of the launch configuration. If you leave\nthis blank, this provider will auto-generate a unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "placementTenancy": { "type": "string", "description": "The tenancy of the instance. Valid values are\n`\"default\"` or `\"dedicated\"`, see [AWS's Create Launch Configuration](http://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateLaunchConfiguration.html)\nfor more details\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/LaunchConfigurationRootBlockDevice:LaunchConfigurationRootBlockDevice", "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of associated security group IDS.\n" }, "spotPrice": { "type": "string", "description": "The maximum price to use for reserving spot instances.\n" }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n" }, "vpcClassicLinkId": { "type": "string", "description": "The ID of a ClassicLink-enabled VPC. Only applies to EC2-Classic instances. (eg. `vpc-2730681a`)\n" }, "vpcClassicLinkSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "The IDs of one or more security groups for the specified ClassicLink-enabled VPC (eg. `sg-46ae3d11`).\n" } }, "required": [ "arn", "ebsBlockDevices", "ebsOptimized", "imageId", "instanceType", "keyName", "name", "rootBlockDevice" ], "inputProperties": { "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEbsBlockDevice:LaunchConfigurationEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. See Block Devices below for details.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\n" }, "enableMonitoring": { "type": "boolean", "description": "Enables/disables detailed monitoring. This is enabled by default.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEphemeralBlockDevice:LaunchConfigurationEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "iamInstanceProfile": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/instanceProfile:InstanceProfile" } ], "description": "The name attribute of the IAM instance profile to associate\nwith launched instances.\n" }, "imageId": { "type": "string", "description": "The EC2 image ID to launch.\n" }, "instanceType": { "type": "string", "description": "The size of instance to launch.\n" }, "keyName": { "type": "string", "description": "The key name that should be used for the instance.\n" }, "name": { "type": "string", "description": "The name of the launch configuration. If you leave\nthis blank, this provider will auto-generate a unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "placementTenancy": { "type": "string", "description": "The tenancy of the instance. Valid values are\n`\"default\"` or `\"dedicated\"`, see [AWS's Create Launch Configuration](http://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateLaunchConfiguration.html)\nfor more details\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/LaunchConfigurationRootBlockDevice:LaunchConfigurationRootBlockDevice", "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of associated security group IDS.\n" }, "spotPrice": { "type": "string", "description": "The maximum price to use for reserving spot instances.\n" }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n" }, "vpcClassicLinkId": { "type": "string", "description": "The ID of a ClassicLink-enabled VPC. Only applies to EC2-Classic instances. (eg. `vpc-2730681a`)\n" }, "vpcClassicLinkSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "The IDs of one or more security groups for the specified ClassicLink-enabled VPC (eg. `sg-46ae3d11`).\n" } }, "requiredInputs": [ "imageId", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering LaunchConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the launch configuration.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEbsBlockDevice:LaunchConfigurationEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. See Block Devices below for details.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\n" }, "enableMonitoring": { "type": "boolean", "description": "Enables/disables detailed monitoring. This is enabled by default.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEphemeralBlockDevice:LaunchConfigurationEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "iamInstanceProfile": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/instanceProfile:InstanceProfile" } ], "description": "The name attribute of the IAM instance profile to associate\nwith launched instances.\n" }, "imageId": { "type": "string", "description": "The EC2 image ID to launch.\n" }, "instanceType": { "type": "string", "description": "The size of instance to launch.\n" }, "keyName": { "type": "string", "description": "The key name that should be used for the instance.\n" }, "name": { "type": "string", "description": "The name of the launch configuration. If you leave\nthis blank, this provider will auto-generate a unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "placementTenancy": { "type": "string", "description": "The tenancy of the instance. Valid values are\n`\"default\"` or `\"dedicated\"`, see [AWS's Create Launch Configuration](http://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateLaunchConfiguration.html)\nfor more details\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/LaunchConfigurationRootBlockDevice:LaunchConfigurationRootBlockDevice", "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of associated security group IDS.\n" }, "spotPrice": { "type": "string", "description": "The maximum price to use for reserving spot instances.\n" }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n" }, "vpcClassicLinkId": { "type": "string", "description": "The ID of a ClassicLink-enabled VPC. Only applies to EC2-Classic instances. (eg. `vpc-2730681a`)\n" }, "vpcClassicLinkSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "The IDs of one or more security groups for the specified ClassicLink-enabled VPC (eg. `sg-46ae3d11`).\n" } }, "type": "object" } }, "aws:ec2/launchTemplate:LaunchTemplate": { "description": "Provides an EC2 launch template resource. Can be used to create instances or auto scaling groups.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the instance profile.\n" }, "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateBlockDeviceMapping:LaunchTemplateBlockDeviceMapping" }, "description": "Specify volumes to attach to the instance besides the volumes specified by the AMI.\nSee Block Devices below for details.\n" }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCapacityReservationSpecification:LaunchTemplateCapacityReservationSpecification", "description": "Targeting for EC2 capacity reservations. See Capacity Reservation Specification below for more details.\n" }, "cpuOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateCpuOptions:LaunchTemplateCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCreditSpecification:LaunchTemplateCreditSpecification", "description": "Customize the credit specification of the instance. See Credit\nSpecification below for more details.\n" }, "defaultVersion": { "type": "integer", "description": "The default version of the launch template.\n" }, "description": { "type": "string", "description": "Description of the launch template.\n" }, "disableApiTermination": { "type": "boolean", "description": "If `true`, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination)\n" }, "ebsOptimized": { "type": "string", "description": "If `true`, the launched EC2 instance will be EBS-optimized.\n" }, "elasticGpuSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticGpuSpecification:LaunchTemplateElasticGpuSpecification" }, "description": "The elastic GPU to attach to the instance. See Elastic GPU\nbelow for more details.\n" }, "elasticInferenceAccelerator": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticInferenceAccelerator:LaunchTemplateElasticInferenceAccelerator", "description": "Configuration block containing an Elastic Inference Accelerator to attach to the instance. See Elastic Inference Accelerator below for more details.\n" }, "hibernationOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateHibernationOptions:LaunchTemplateHibernationOptions", "description": "The hibernation options for the instance. See Hibernation Options below for more details.\n" }, "iamInstanceProfile": { "$ref": "#/types/aws:ec2/LaunchTemplateIamInstanceProfile:LaunchTemplateIamInstanceProfile", "description": "The IAM Instance Profile to launch the instance with. See Instance Profile\nbelow for more details.\n" }, "imageId": { "type": "string", "description": "The AMI from which to launch the instance.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Can be `stop` or `terminate`.\n(Default: `stop`).\n" }, "instanceMarketOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceMarketOptions:LaunchTemplateInstanceMarketOptions", "description": "The market (purchasing) option for the instance. See Market Options\nbelow for details.\n" }, "instanceType": { "type": "string", "description": "The type of the instance.\n" }, "kernelId": { "type": "string", "description": "The kernel ID.\n" }, "keyName": { "type": "string", "description": "The key name to use for the instance.\n" }, "latestVersion": { "type": "integer", "description": "The latest version of the launch template.\n" }, "licenseSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateLicenseSpecification:LaunchTemplateLicenseSpecification" }, "description": "A list of license specifications to associate with. See License Specification below for more details.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateMetadataOptions:LaunchTemplateMetadataOptions", "description": "Customize the metadata options for the instance. See Metadata Options below for more details.\n" }, "monitoring": { "$ref": "#/types/aws:ec2/LaunchTemplateMonitoring:LaunchTemplateMonitoring", "description": "The monitoring option for the instance. See Monitoring below for more details.\n" }, "name": { "type": "string", "description": "The name of the launch template. If you leave this blank, this provider will auto-generate a unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateNetworkInterface:LaunchTemplateNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network\nInterfaces below for more details.\n" }, "placement": { "$ref": "#/types/aws:ec2/LaunchTemplatePlacement:LaunchTemplatePlacement", "description": "The placement of the instance. See Placement below for more details.\n" }, "ramDiskId": { "type": "string", "description": "The ID of the RAM disk.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names to associate with. If you are creating Instances in a VPC, use\n`vpc_security_group_ids` instead.\n" }, "tagSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateTagSpecification:LaunchTemplateTagSpecification" }, "description": "The tags to apply to the resources during launch. See Tag Specifications below for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the launch template.\n" }, "userData": { "type": "string", "description": "The Base64-encoded user data to provide when launching the instance.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with.\n" } }, "required": [ "arn", "defaultVersion", "latestVersion", "metadataOptions", "name" ], "inputProperties": { "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateBlockDeviceMapping:LaunchTemplateBlockDeviceMapping" }, "description": "Specify volumes to attach to the instance besides the volumes specified by the AMI.\nSee Block Devices below for details.\n" }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCapacityReservationSpecification:LaunchTemplateCapacityReservationSpecification", "description": "Targeting for EC2 capacity reservations. See Capacity Reservation Specification below for more details.\n" }, "cpuOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateCpuOptions:LaunchTemplateCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCreditSpecification:LaunchTemplateCreditSpecification", "description": "Customize the credit specification of the instance. See Credit\nSpecification below for more details.\n" }, "description": { "type": "string", "description": "Description of the launch template.\n" }, "disableApiTermination": { "type": "boolean", "description": "If `true`, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination)\n" }, "ebsOptimized": { "type": "string", "description": "If `true`, the launched EC2 instance will be EBS-optimized.\n" }, "elasticGpuSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticGpuSpecification:LaunchTemplateElasticGpuSpecification" }, "description": "The elastic GPU to attach to the instance. See Elastic GPU\nbelow for more details.\n" }, "elasticInferenceAccelerator": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticInferenceAccelerator:LaunchTemplateElasticInferenceAccelerator", "description": "Configuration block containing an Elastic Inference Accelerator to attach to the instance. See Elastic Inference Accelerator below for more details.\n" }, "hibernationOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateHibernationOptions:LaunchTemplateHibernationOptions", "description": "The hibernation options for the instance. See Hibernation Options below for more details.\n" }, "iamInstanceProfile": { "$ref": "#/types/aws:ec2/LaunchTemplateIamInstanceProfile:LaunchTemplateIamInstanceProfile", "description": "The IAM Instance Profile to launch the instance with. See Instance Profile\nbelow for more details.\n" }, "imageId": { "type": "string", "description": "The AMI from which to launch the instance.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Can be `stop` or `terminate`.\n(Default: `stop`).\n" }, "instanceMarketOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceMarketOptions:LaunchTemplateInstanceMarketOptions", "description": "The market (purchasing) option for the instance. See Market Options\nbelow for details.\n" }, "instanceType": { "type": "string", "description": "The type of the instance.\n" }, "kernelId": { "type": "string", "description": "The kernel ID.\n" }, "keyName": { "type": "string", "description": "The key name to use for the instance.\n" }, "licenseSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateLicenseSpecification:LaunchTemplateLicenseSpecification" }, "description": "A list of license specifications to associate with. See License Specification below for more details.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateMetadataOptions:LaunchTemplateMetadataOptions", "description": "Customize the metadata options for the instance. See Metadata Options below for more details.\n" }, "monitoring": { "$ref": "#/types/aws:ec2/LaunchTemplateMonitoring:LaunchTemplateMonitoring", "description": "The monitoring option for the instance. See Monitoring below for more details.\n" }, "name": { "type": "string", "description": "The name of the launch template. If you leave this blank, this provider will auto-generate a unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateNetworkInterface:LaunchTemplateNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network\nInterfaces below for more details.\n" }, "placement": { "$ref": "#/types/aws:ec2/LaunchTemplatePlacement:LaunchTemplatePlacement", "description": "The placement of the instance. See Placement below for more details.\n" }, "ramDiskId": { "type": "string", "description": "The ID of the RAM disk.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names to associate with. If you are creating Instances in a VPC, use\n`vpc_security_group_ids` instead.\n" }, "tagSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateTagSpecification:LaunchTemplateTagSpecification" }, "description": "The tags to apply to the resources during launch. See Tag Specifications below for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the launch template.\n" }, "userData": { "type": "string", "description": "The Base64-encoded user data to provide when launching the instance.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LaunchTemplate resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the instance profile.\n" }, "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateBlockDeviceMapping:LaunchTemplateBlockDeviceMapping" }, "description": "Specify volumes to attach to the instance besides the volumes specified by the AMI.\nSee Block Devices below for details.\n" }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCapacityReservationSpecification:LaunchTemplateCapacityReservationSpecification", "description": "Targeting for EC2 capacity reservations. See Capacity Reservation Specification below for more details.\n" }, "cpuOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateCpuOptions:LaunchTemplateCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCreditSpecification:LaunchTemplateCreditSpecification", "description": "Customize the credit specification of the instance. See Credit\nSpecification below for more details.\n" }, "defaultVersion": { "type": "integer", "description": "The default version of the launch template.\n" }, "description": { "type": "string", "description": "Description of the launch template.\n" }, "disableApiTermination": { "type": "boolean", "description": "If `true`, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination)\n" }, "ebsOptimized": { "type": "string", "description": "If `true`, the launched EC2 instance will be EBS-optimized.\n" }, "elasticGpuSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticGpuSpecification:LaunchTemplateElasticGpuSpecification" }, "description": "The elastic GPU to attach to the instance. See Elastic GPU\nbelow for more details.\n" }, "elasticInferenceAccelerator": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticInferenceAccelerator:LaunchTemplateElasticInferenceAccelerator", "description": "Configuration block containing an Elastic Inference Accelerator to attach to the instance. See Elastic Inference Accelerator below for more details.\n" }, "hibernationOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateHibernationOptions:LaunchTemplateHibernationOptions", "description": "The hibernation options for the instance. See Hibernation Options below for more details.\n" }, "iamInstanceProfile": { "$ref": "#/types/aws:ec2/LaunchTemplateIamInstanceProfile:LaunchTemplateIamInstanceProfile", "description": "The IAM Instance Profile to launch the instance with. See Instance Profile\nbelow for more details.\n" }, "imageId": { "type": "string", "description": "The AMI from which to launch the instance.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Can be `stop` or `terminate`.\n(Default: `stop`).\n" }, "instanceMarketOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceMarketOptions:LaunchTemplateInstanceMarketOptions", "description": "The market (purchasing) option for the instance. See Market Options\nbelow for details.\n" }, "instanceType": { "type": "string", "description": "The type of the instance.\n" }, "kernelId": { "type": "string", "description": "The kernel ID.\n" }, "keyName": { "type": "string", "description": "The key name to use for the instance.\n" }, "latestVersion": { "type": "integer", "description": "The latest version of the launch template.\n" }, "licenseSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateLicenseSpecification:LaunchTemplateLicenseSpecification" }, "description": "A list of license specifications to associate with. See License Specification below for more details.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateMetadataOptions:LaunchTemplateMetadataOptions", "description": "Customize the metadata options for the instance. See Metadata Options below for more details.\n" }, "monitoring": { "$ref": "#/types/aws:ec2/LaunchTemplateMonitoring:LaunchTemplateMonitoring", "description": "The monitoring option for the instance. See Monitoring below for more details.\n" }, "name": { "type": "string", "description": "The name of the launch template. If you leave this blank, this provider will auto-generate a unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateNetworkInterface:LaunchTemplateNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network\nInterfaces below for more details.\n" }, "placement": { "$ref": "#/types/aws:ec2/LaunchTemplatePlacement:LaunchTemplatePlacement", "description": "The placement of the instance. See Placement below for more details.\n" }, "ramDiskId": { "type": "string", "description": "The ID of the RAM disk.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names to associate with. If you are creating Instances in a VPC, use\n`vpc_security_group_ids` instead.\n" }, "tagSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateTagSpecification:LaunchTemplateTagSpecification" }, "description": "The tags to apply to the resources during launch. See Tag Specifications below for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the launch template.\n" }, "userData": { "type": "string", "description": "The Base64-encoded user data to provide when launching the instance.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with.\n" } }, "type": "object" } }, "aws:ec2/localGatewayRoute:LocalGatewayRoute": { "description": "Manages an EC2 Local Gateway Route. More information can be found in the [Outposts User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#routing).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.LocalGatewayRoute(\"example\", {\n destinationCidrBlock: \"172.16.0.0/16\",\n localGatewayRouteTableId: data.aws_ec2_local_gateway_route_table.example.id,\n localGatewayVirtualInterfaceGroupId: data.aws_ec2_local_gateway_virtual_interface_group.example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.LocalGatewayRoute(\"example\",\n destination_cidr_block=\"172.16.0.0/16\",\n local_gateway_route_table_id=data[\"aws_ec2_local_gateway_route_table\"][\"example\"][\"id\"],\n local_gateway_virtual_interface_group_id=data[\"aws_ec2_local_gateway_virtual_interface_group\"][\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.LocalGatewayRoute(\"example\", new Aws.Ec2.LocalGatewayRouteArgs\n {\n DestinationCidrBlock = \"172.16.0.0/16\",\n LocalGatewayRouteTableId = data.Aws_ec2_local_gateway_route_table.Example.Id,\n LocalGatewayVirtualInterfaceGroupId = data.Aws_ec2_local_gateway_virtual_interface_group.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewLocalGatewayRoute(ctx, \"example\", \u0026ec2.LocalGatewayRouteArgs{\n\t\t\tDestinationCidrBlock: pulumi.String(\"172.16.0.0/16\"),\n\t\t\tLocalGatewayRouteTableId: pulumi.String(data.Aws_ec2_local_gateway_route_table.Example.Id),\n\t\t\tLocalGatewayVirtualInterfaceGroupId: pulumi.String(data.Aws_ec2_local_gateway_virtual_interface_group.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "destinationCidrBlock": { "type": "string", "description": "IPv4 CIDR range used for destination matches. Routing decisions are based on the most specific match.\n" }, "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n" }, "localGatewayVirtualInterfaceGroupId": { "type": "string", "description": "Identifier of EC2 Local Gateway Virtual Interface Group.\n" } }, "required": [ "destinationCidrBlock", "localGatewayRouteTableId", "localGatewayVirtualInterfaceGroupId" ], "inputProperties": { "destinationCidrBlock": { "type": "string", "description": "IPv4 CIDR range used for destination matches. Routing decisions are based on the most specific match.\n" }, "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n" }, "localGatewayVirtualInterfaceGroupId": { "type": "string", "description": "Identifier of EC2 Local Gateway Virtual Interface Group.\n" } }, "requiredInputs": [ "destinationCidrBlock", "localGatewayRouteTableId", "localGatewayVirtualInterfaceGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocalGatewayRoute resources.\n", "properties": { "destinationCidrBlock": { "type": "string", "description": "IPv4 CIDR range used for destination matches. Routing decisions are based on the most specific match.\n" }, "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n" }, "localGatewayVirtualInterfaceGroupId": { "type": "string", "description": "Identifier of EC2 Local Gateway Virtual Interface Group.\n" } }, "type": "object" } }, "aws:ec2/localGatewayRouteTableVpcAssociation:LocalGatewayRouteTableVpcAssociation": { "description": "Manages an EC2 Local Gateway Route Table VPC Association. More information can be found in the [Outposts User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-local-gateways.html#vpc-associations).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLocalGatewayRouteTable = aws.ec2.getLocalGatewayRouteTable({\n outpostArn: \"arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567890abcdef\",\n});\nconst exampleVpc = new aws.ec2.Vpc(\"exampleVpc\", {cidrBlock: \"10.0.0.0/16\"});\nconst exampleLocalGatewayRouteTableVpcAssociation = new aws.ec2.LocalGatewayRouteTableVpcAssociation(\"exampleLocalGatewayRouteTableVpcAssociation\", {\n localGatewayRouteTableId: exampleLocalGatewayRouteTable.then(exampleLocalGatewayRouteTable =\u003e exampleLocalGatewayRouteTable.id),\n vpcId: exampleVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_local_gateway_route_table = aws.ec2.get_local_gateway_route_table(outpost_arn=\"arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567890abcdef\")\nexample_vpc = aws.ec2.Vpc(\"exampleVpc\", cidr_block=\"10.0.0.0/16\")\nexample_local_gateway_route_table_vpc_association = aws.ec2.LocalGatewayRouteTableVpcAssociation(\"exampleLocalGatewayRouteTableVpcAssociation\",\n local_gateway_route_table_id=example_local_gateway_route_table.id,\n vpc_id=example_vpc.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleLocalGatewayRouteTable = Output.Create(Aws.Ec2.GetLocalGatewayRouteTable.InvokeAsync(new Aws.Ec2.GetLocalGatewayRouteTableArgs\n {\n OutpostArn = \"arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567890abcdef\",\n }));\n var exampleVpc = new Aws.Ec2.Vpc(\"exampleVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var exampleLocalGatewayRouteTableVpcAssociation = new Aws.Ec2.LocalGatewayRouteTableVpcAssociation(\"exampleLocalGatewayRouteTableVpcAssociation\", new Aws.Ec2.LocalGatewayRouteTableVpcAssociationArgs\n {\n LocalGatewayRouteTableId = exampleLocalGatewayRouteTable.Apply(exampleLocalGatewayRouteTable =\u003e exampleLocalGatewayRouteTable.Id),\n VpcId = exampleVpc.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567890abcdef\"\n\t\texampleLocalGatewayRouteTable, err := ec2.GetLocalGatewayRouteTable(ctx, \u0026ec2.GetLocalGatewayRouteTableArgs{\n\t\t\tOutpostArn: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"exampleVpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewLocalGatewayRouteTableVpcAssociation(ctx, \"exampleLocalGatewayRouteTableVpcAssociation\", \u0026ec2.LocalGatewayRouteTableVpcAssociationArgs{\n\t\t\tLocalGatewayRouteTableId: pulumi.String(exampleLocalGatewayRouteTable.Id),\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "localGatewayId": { "type": "string" }, "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" } }, "required": [ "localGatewayId", "localGatewayRouteTableId", "vpcId" ], "inputProperties": { "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" } }, "requiredInputs": [ "localGatewayRouteTableId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocalGatewayRouteTableVpcAssociation resources.\n", "properties": { "localGatewayId": { "type": "string" }, "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" } }, "type": "object" } }, "aws:ec2/mainRouteTableAssociation:MainRouteTableAssociation": { "description": "Provides a resource for managing the main routing table of a VPC.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainRouteTableAssociation = new aws.ec2.MainRouteTableAssociation(\"a\", {\n routeTableId: aws_route_table_bar.id,\n vpcId: aws_vpc_foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain_route_table_association = aws.ec2.MainRouteTableAssociation(\"mainRouteTableAssociation\",\n route_table_id=aws_route_table[\"bar\"][\"id\"],\n vpc_id=aws_vpc[\"foo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mainRouteTableAssociation = new Aws.Ec2.MainRouteTableAssociation(\"mainRouteTableAssociation\", new Aws.Ec2.MainRouteTableAssociationArgs\n {\n RouteTableId = aws_route_table.Bar.Id,\n VpcId = aws_vpc.Foo.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewMainRouteTableAssociation(ctx, \"mainRouteTableAssociation\", \u0026ec2.MainRouteTableAssociationArgs{\n\t\t\tRouteTableId: pulumi.String(aws_route_table.Bar.Id),\n\t\t\tVpcId: pulumi.String(aws_vpc.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Notes\n\nOn VPC creation, the AWS API always creates an initial Main Route Table. This\nresource records the ID of that Route Table under `original_route_table_id`.\nThe \"Delete\" action for a `main_route_table_association` consists of resetting\nthis original table as the Main Route Table for the VPC. You'll see this\nadditional Route Table in the AWS console; it must remain intact in order for\nthe `main_route_table_association` delete to work properly.\n", "properties": { "originalRouteTableId": { "type": "string", "description": "Used internally, see __Notes__ below\n" }, "routeTableId": { "type": "string", "description": "The ID of the Route Table to set as the new\nmain route table for the target VPC\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC whose main route table should be set\n" } }, "required": [ "originalRouteTableId", "routeTableId", "vpcId" ], "inputProperties": { "routeTableId": { "type": "string", "description": "The ID of the Route Table to set as the new\nmain route table for the target VPC\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC whose main route table should be set\n" } }, "requiredInputs": [ "routeTableId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MainRouteTableAssociation resources.\n", "properties": { "originalRouteTableId": { "type": "string", "description": "Used internally, see __Notes__ below\n" }, "routeTableId": { "type": "string", "description": "The ID of the Route Table to set as the new\nmain route table for the target VPC\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC whose main route table should be set\n" } }, "type": "object" } }, "aws:ec2/natGateway:NatGateway": { "description": "Provides a resource to create a VPC NAT Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.NatGateway(\"gw\", {\n allocationId: aws_eip_nat.id,\n subnetId: aws_subnet_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.NatGateway(\"gw\",\n allocation_id=aws_eip[\"nat\"][\"id\"],\n subnet_id=aws_subnet[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var gw = new Aws.Ec2.NatGateway(\"gw\", new Aws.Ec2.NatGatewayArgs\n {\n AllocationId = aws_eip.Nat.Id,\n SubnetId = aws_subnet.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewNatGateway(ctx, \"gw\", \u0026ec2.NatGatewayArgs{\n\t\t\tAllocationId: pulumi.String(aws_eip.Nat.Id),\n\t\t\tSubnetId: pulumi.String(aws_subnet.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nUsage with tags:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.NatGateway(\"gw\", {\n allocationId: aws_eip_nat.id,\n subnetId: aws_subnet_example.id,\n tags: {\n Name: \"gw NAT\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.NatGateway(\"gw\",\n allocation_id=aws_eip[\"nat\"][\"id\"],\n subnet_id=aws_subnet[\"example\"][\"id\"],\n tags={\n \"Name\": \"gw NAT\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var gw = new Aws.Ec2.NatGateway(\"gw\", new Aws.Ec2.NatGatewayArgs\n {\n AllocationId = aws_eip.Nat.Id,\n SubnetId = aws_subnet.Example.Id,\n Tags = \n {\n { \"Name\", \"gw NAT\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewNatGateway(ctx, \"gw\", \u0026ec2.NatGatewayArgs{\n\t\t\tAllocationId: pulumi.String(aws_eip.Nat.Id),\n\t\t\tSubnetId: pulumi.String(aws_subnet.Example.Id),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"gw NAT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allocationId": { "type": "string", "description": "The Allocation ID of the Elastic IP address for the gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "The ENI ID of the network interface created by the NAT gateway.\n" }, "privateIp": { "type": "string", "description": "The private IP address of the NAT Gateway.\n" }, "publicIp": { "type": "string", "description": "The public IP address of the NAT Gateway.\n" }, "subnetId": { "type": "string", "description": "The Subnet ID of the subnet in which to place the gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "allocationId", "networkInterfaceId", "privateIp", "publicIp", "subnetId" ], "inputProperties": { "allocationId": { "type": "string", "description": "The Allocation ID of the Elastic IP address for the gateway.\n" }, "subnetId": { "type": "string", "description": "The Subnet ID of the subnet in which to place the gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "allocationId", "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NatGateway resources.\n", "properties": { "allocationId": { "type": "string", "description": "The Allocation ID of the Elastic IP address for the gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "The ENI ID of the network interface created by the NAT gateway.\n" }, "privateIp": { "type": "string", "description": "The private IP address of the NAT Gateway.\n" }, "publicIp": { "type": "string", "description": "The public IP address of the NAT Gateway.\n" }, "subnetId": { "type": "string", "description": "The Subnet ID of the subnet in which to place the gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:ec2/networkAcl:NetworkAcl": { "description": "Provides an network ACL resource. You might set up network ACLs with rules similar\nto your security groups in order to add an additional layer of security to your VPC.\n\n\u003e **NOTE on Network ACLs and Network ACL Rules:** This provider currently\nprovides both a standalone Network ACL Rule resource and a Network ACL resource with rules\ndefined in-line. At this time you cannot use a Network ACL with in-line rules\nin conjunction with any Network ACL Rule resources. Doing so will cause\na conflict of rule settings and will overwrite rules.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.NetworkAcl(\"main\", {\n egress: [{\n action: \"allow\",\n cidrBlock: \"10.3.0.0/18\",\n fromPort: 443,\n protocol: \"tcp\",\n ruleNo: 200,\n toPort: 443,\n }],\n ingress: [{\n action: \"allow\",\n cidrBlock: \"10.3.0.0/18\",\n fromPort: 80,\n protocol: \"tcp\",\n ruleNo: 100,\n toPort: 80,\n }],\n tags: {\n Name: \"main\",\n },\n vpcId: aws_vpc_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.NetworkAcl(\"main\",\n egress=[{\n \"action\": \"allow\",\n \"cidr_block\": \"10.3.0.0/18\",\n \"from_port\": 443,\n \"protocol\": \"tcp\",\n \"ruleNo\": 200,\n \"to_port\": 443,\n }],\n ingress=[{\n \"action\": \"allow\",\n \"cidr_block\": \"10.3.0.0/18\",\n \"from_port\": 80,\n \"protocol\": \"tcp\",\n \"ruleNo\": 100,\n \"to_port\": 80,\n }],\n tags={\n \"Name\": \"main\",\n },\n vpc_id=aws_vpc[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.NetworkAcl(\"main\", new Aws.Ec2.NetworkAclArgs\n {\n Egress = \n {\n new Aws.Ec2.Inputs.NetworkAclEgressArgs\n {\n Action = \"allow\",\n CidrBlock = \"10.3.0.0/18\",\n FromPort = 443,\n Protocol = \"tcp\",\n RuleNo = 200,\n ToPort = 443,\n },\n },\n Ingress = \n {\n new Aws.Ec2.Inputs.NetworkAclIngressArgs\n {\n Action = \"allow\",\n CidrBlock = \"10.3.0.0/18\",\n FromPort = 80,\n Protocol = \"tcp\",\n RuleNo = 100,\n ToPort = 80,\n },\n },\n Tags = \n {\n { \"Name\", \"main\" },\n },\n VpcId = aws_vpc.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewNetworkAcl(ctx, \"main\", \u0026ec2.NetworkAclArgs{\n\t\t\tEgress: ec2.NetworkAclEgressArray{\n\t\t\t\t\u0026ec2.NetworkAclEgressArgs{\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tCidrBlock: pulumi.String(\"10.3.0.0/18\"),\n\t\t\t\t\tFromPort: pulumi.Int(443),\n\t\t\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tRuleNo: pulumi.Int(200),\n\t\t\t\t\tToPort: pulumi.Int(443),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIngress: ec2.NetworkAclIngressArray{\n\t\t\t\t\u0026ec2.NetworkAclIngressArgs{\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tCidrBlock: pulumi.String(\"10.3.0.0/18\"),\n\t\t\t\t\tFromPort: pulumi.Int(80),\n\t\t\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tRuleNo: pulumi.Int(100),\n\t\t\t\t\tToPort: pulumi.Int(80),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t\tVpcId: pulumi.String(aws_vpc.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the network ACL\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclEgress:NetworkAclEgress" }, "description": "Specifies an egress rule. Parameters defined below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclIngress:NetworkAclIngress" }, "description": "Specifies an ingress rule. Parameters defined below.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the network ACL.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Subnet IDs to apply the ACL to\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the associated VPC.\n" } }, "required": [ "arn", "egress", "ingress", "ownerId", "subnetIds", "vpcId" ], "inputProperties": { "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclEgress:NetworkAclEgress" }, "description": "Specifies an egress rule. Parameters defined below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclIngress:NetworkAclIngress" }, "description": "Specifies an ingress rule. Parameters defined below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Subnet IDs to apply the ACL to\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the associated VPC.\n" } }, "requiredInputs": [ "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkAcl resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the network ACL\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclEgress:NetworkAclEgress" }, "description": "Specifies an egress rule. Parameters defined below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclIngress:NetworkAclIngress" }, "description": "Specifies an ingress rule. Parameters defined below.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the network ACL.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Subnet IDs to apply the ACL to\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the associated VPC.\n" } }, "type": "object" } }, "aws:ec2/networkAclRule:NetworkAclRule": { "description": "Creates an entry (a rule) in a network ACL with the specified rule number.\n\n\u003e **NOTE on Network ACLs and Network ACL Rules:** This provider currently\nprovides both a standalone Network ACL Rule resource and a Network ACL resource with rules\ndefined in-line. At this time you cannot use a Network ACL with in-line rules\nin conjunction with any Network ACL Rule resources. Doing so will cause\na conflict of rule settings and will overwrite rules.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst barNetworkAcl = new aws.ec2.NetworkAcl(\"barNetworkAcl\", {vpcId: aws_vpc.foo.id});\nconst barNetworkAclRule = new aws.ec2.NetworkAclRule(\"barNetworkAclRule\", {\n networkAclId: barNetworkAcl.id,\n ruleNumber: 200,\n egress: false,\n protocol: \"tcp\",\n ruleAction: \"allow\",\n cidrBlock: aws_vpc.foo.cidr_block,\n fromPort: 22,\n toPort: 22,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar_network_acl = aws.ec2.NetworkAcl(\"barNetworkAcl\", vpc_id=aws_vpc[\"foo\"][\"id\"])\nbar_network_acl_rule = aws.ec2.NetworkAclRule(\"barNetworkAclRule\",\n network_acl_id=bar_network_acl.id,\n rule_number=200,\n egress=False,\n protocol=\"tcp\",\n rule_action=\"allow\",\n cidr_block=aws_vpc[\"foo\"][\"cidr_block\"],\n from_port=22,\n to_port=22)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var barNetworkAcl = new Aws.Ec2.NetworkAcl(\"barNetworkAcl\", new Aws.Ec2.NetworkAclArgs\n {\n VpcId = aws_vpc.Foo.Id,\n });\n var barNetworkAclRule = new Aws.Ec2.NetworkAclRule(\"barNetworkAclRule\", new Aws.Ec2.NetworkAclRuleArgs\n {\n NetworkAclId = barNetworkAcl.Id,\n RuleNumber = 200,\n Egress = false,\n Protocol = \"tcp\",\n RuleAction = \"allow\",\n CidrBlock = aws_vpc.Foo.Cidr_block,\n FromPort = 22,\n ToPort = 22,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbarNetworkAcl, err := ec2.NewNetworkAcl(ctx, \"barNetworkAcl\", \u0026ec2.NetworkAclArgs{\n\t\t\tVpcId: pulumi.String(aws_vpc.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewNetworkAclRule(ctx, \"barNetworkAclRule\", \u0026ec2.NetworkAclRuleArgs{\n\t\t\tNetworkAclId: barNetworkAcl.ID(),\n\t\t\tRuleNumber: pulumi.Int(200),\n\t\t\tEgress: pulumi.Bool(false),\n\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\tRuleAction: pulumi.String(\"allow\"),\n\t\t\tCidrBlock: pulumi.String(aws_vpc.Foo.Cidr_block),\n\t\t\tFromPort: pulumi.Int(22),\n\t\t\tToPort: pulumi.Int(22),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n\u003e **Note:** One of either `cidr_block` or `ipv6_cidr_block` is required.\n{{% /example %}}\n{{% /examples %}}", "properties": { "cidrBlock": { "type": "string", "description": "The network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).\n" }, "egress": { "type": "boolean", "description": "Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet). Default `false`.\n" }, "fromPort": { "type": "integer", "description": "The from port to match.\n" }, "icmpCode": { "type": "string", "description": "ICMP protocol: The ICMP code. Required if specifying ICMP for the protocol. e.g. -1\n" }, "icmpType": { "type": "string", "description": "ICMP protocol: The ICMP type. Required if specifying ICMP for the protocol. e.g. -1\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block to allow or deny.\n" }, "networkAclId": { "type": "string", "description": "The ID of the network ACL.\n" }, "protocol": { "type": "string", "description": "The protocol. A value of -1 means all protocols.\n" }, "ruleAction": { "type": "string", "description": "Indicates whether to allow or deny the traffic that matches the rule. Accepted values: `allow` | `deny`\n" }, "ruleNumber": { "type": "integer", "description": "The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.\n" }, "toPort": { "type": "integer", "description": "The to port to match.\n" } }, "required": [ "networkAclId", "protocol", "ruleAction", "ruleNumber" ], "inputProperties": { "cidrBlock": { "type": "string", "description": "The network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).\n" }, "egress": { "type": "boolean", "description": "Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet). Default `false`.\n" }, "fromPort": { "type": "integer", "description": "The from port to match.\n" }, "icmpCode": { "type": "string", "description": "ICMP protocol: The ICMP code. Required if specifying ICMP for the protocol. e.g. -1\n" }, "icmpType": { "type": "string", "description": "ICMP protocol: The ICMP type. Required if specifying ICMP for the protocol. e.g. -1\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block to allow or deny.\n" }, "networkAclId": { "type": "string", "description": "The ID of the network ACL.\n" }, "protocol": { "type": "string", "description": "The protocol. A value of -1 means all protocols.\n" }, "ruleAction": { "type": "string", "description": "Indicates whether to allow or deny the traffic that matches the rule. Accepted values: `allow` | `deny`\n" }, "ruleNumber": { "type": "integer", "description": "The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.\n" }, "toPort": { "type": "integer", "description": "The to port to match.\n" } }, "requiredInputs": [ "networkAclId", "protocol", "ruleAction", "ruleNumber" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkAclRule resources.\n", "properties": { "cidrBlock": { "type": "string", "description": "The network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).\n" }, "egress": { "type": "boolean", "description": "Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet). Default `false`.\n" }, "fromPort": { "type": "integer", "description": "The from port to match.\n" }, "icmpCode": { "type": "string", "description": "ICMP protocol: The ICMP code. Required if specifying ICMP for the protocol. e.g. -1\n" }, "icmpType": { "type": "string", "description": "ICMP protocol: The ICMP type. Required if specifying ICMP for the protocol. e.g. -1\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block to allow or deny.\n" }, "networkAclId": { "type": "string", "description": "The ID of the network ACL.\n" }, "protocol": { "type": "string", "description": "The protocol. A value of -1 means all protocols.\n" }, "ruleAction": { "type": "string", "description": "Indicates whether to allow or deny the traffic that matches the rule. Accepted values: `allow` | `deny`\n" }, "ruleNumber": { "type": "integer", "description": "The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.\n" }, "toPort": { "type": "integer", "description": "The to port to match.\n" } }, "type": "object" } }, "aws:ec2/networkInterface:NetworkInterface": { "description": "Provides an Elastic network interface (ENI) resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.NetworkInterface(\"test\", {\n attachments: [{\n deviceIndex: 1,\n instance: aws_instance_test.id,\n }],\n privateIps: [\"10.0.0.50\"],\n securityGroups: [aws_security_group_web.id],\n subnetId: aws_subnet_public_a.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.NetworkInterface(\"test\",\n attachments=[{\n \"device_index\": 1,\n \"instance\": aws_instance[\"test\"][\"id\"],\n }],\n private_ips=[\"10.0.0.50\"],\n security_groups=[aws_security_group[\"web\"][\"id\"]],\n subnet_id=aws_subnet[\"public_a\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.Ec2.NetworkInterface(\"test\", new Aws.Ec2.NetworkInterfaceArgs\n {\n Attachments = \n {\n new Aws.Ec2.Inputs.NetworkInterfaceAttachmentArgs\n {\n DeviceIndex = 1,\n Instance = aws_instance.Test.Id,\n },\n },\n PrivateIps = \n {\n \"10.0.0.50\",\n },\n SecurityGroups = \n {\n aws_security_group.Web.Id,\n },\n SubnetId = aws_subnet.Public_a.Id,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "attachments": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInterfaceAttachment:NetworkInterfaceAttachment" }, "description": "Block to define the attachment of the ENI. Documented below.\n" }, "description": { "type": "string", "description": "A description for the network interface.\n" }, "macAddress": { "type": "string", "description": "The MAC address of the network interface.\n" }, "outpostArn": { "type": "string" }, "privateDnsName": { "type": "string", "description": "The private DNS name of the network interface (IPv4).\n" }, "privateIp": { "type": "string" }, "privateIps": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI.\n" }, "privateIpsCount": { "type": "integer", "description": "Number of secondary private IPs to assign to the ENI. The total number of private IPs will be 1 + private_ips_count, as a primary private IP will be assiged to an ENI by default.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the ENI.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Whether to enable source destination checking for the ENI. Default true.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to create the ENI in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "attachments", "macAddress", "outpostArn", "privateDnsName", "privateIp", "privateIps", "privateIpsCount", "securityGroups", "subnetId" ], "inputProperties": { "attachments": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInterfaceAttachment:NetworkInterfaceAttachment" }, "description": "Block to define the attachment of the ENI. Documented below.\n" }, "description": { "type": "string", "description": "A description for the network interface.\n" }, "privateIp": { "type": "string" }, "privateIps": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI.\n" }, "privateIpsCount": { "type": "integer", "description": "Number of secondary private IPs to assign to the ENI. The total number of private IPs will be 1 + private_ips_count, as a primary private IP will be assiged to an ENI by default.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the ENI.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Whether to enable source destination checking for the ENI. Default true.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to create the ENI in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkInterface resources.\n", "properties": { "attachments": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInterfaceAttachment:NetworkInterfaceAttachment" }, "description": "Block to define the attachment of the ENI. Documented below.\n" }, "description": { "type": "string", "description": "A description for the network interface.\n" }, "macAddress": { "type": "string", "description": "The MAC address of the network interface.\n" }, "outpostArn": { "type": "string" }, "privateDnsName": { "type": "string", "description": "The private DNS name of the network interface (IPv4).\n" }, "privateIp": { "type": "string" }, "privateIps": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI.\n" }, "privateIpsCount": { "type": "integer", "description": "Number of secondary private IPs to assign to the ENI. The total number of private IPs will be 1 + private_ips_count, as a primary private IP will be assiged to an ENI by default.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the ENI.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Whether to enable source destination checking for the ENI. Default true.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to create the ENI in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:ec2/networkInterfaceAttachment:NetworkInterfaceAttachment": { "description": "Attach an Elastic network interface (ENI) resource with EC2 instance.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.NetworkInterfaceAttachment(\"test\", {\n deviceIndex: 0,\n instanceId: aws_instance_test.id,\n networkInterfaceId: aws_network_interface_test.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.NetworkInterfaceAttachment(\"test\",\n device_index=0,\n instance_id=aws_instance[\"test\"][\"id\"],\n network_interface_id=aws_network_interface[\"test\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.Ec2.NetworkInterfaceAttachment(\"test\", new Aws.Ec2.NetworkInterfaceAttachmentArgs\n {\n DeviceIndex = 0,\n InstanceId = aws_instance.Test.Id,\n NetworkInterfaceId = aws_network_interface.Test.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewNetworkInterfaceAttachment(ctx, \"test\", \u0026ec2.NetworkInterfaceAttachmentArgs{\n\t\t\tDeviceIndex: pulumi.Int(0),\n\t\t\tInstanceId: pulumi.String(aws_instance.Test.Id),\n\t\t\tNetworkInterfaceId: pulumi.String(aws_network_interface.Test.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "attachmentId": { "type": "string", "description": "The ENI Attachment ID.\n" }, "deviceIndex": { "type": "integer", "description": "Network interface index (int).\n" }, "instanceId": { "type": "string", "description": "Instance ID to attach.\n" }, "networkInterfaceId": { "type": "string", "description": "ENI ID to attach.\n" }, "status": { "type": "string", "description": "The status of the Network Interface Attachment.\n" } }, "required": [ "attachmentId", "deviceIndex", "instanceId", "networkInterfaceId", "status" ], "inputProperties": { "deviceIndex": { "type": "integer", "description": "Network interface index (int).\n" }, "instanceId": { "type": "string", "description": "Instance ID to attach.\n" }, "networkInterfaceId": { "type": "string", "description": "ENI ID to attach.\n" } }, "requiredInputs": [ "deviceIndex", "instanceId", "networkInterfaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkInterfaceAttachment resources.\n", "properties": { "attachmentId": { "type": "string", "description": "The ENI Attachment ID.\n" }, "deviceIndex": { "type": "integer", "description": "Network interface index (int).\n" }, "instanceId": { "type": "string", "description": "Instance ID to attach.\n" }, "networkInterfaceId": { "type": "string", "description": "ENI ID to attach.\n" }, "status": { "type": "string", "description": "The status of the Network Interface Attachment.\n" } }, "type": "object" } }, "aws:ec2/networkInterfaceSecurityGroupAttachment:NetworkInterfaceSecurityGroupAttachment": { "description": "This resource attaches a security group to an Elastic Network Interface (ENI).\nIt can be used to attach a security group to any existing ENI, be it a\nsecondary ENI or one attached as the primary interface on an instance.\n\n\u003e **NOTE on instances, interfaces, and security groups:** This provider currently\nprovides the capability to assign security groups via the [`aws.ec2.Instance`][1]\nand the [`aws.ec2.NetworkInterface`][2] resources. Using this resource in\nconjunction with security groups provided in-line in those resources will cause\nconflicts, and will lead to spurious diffs and undefined behavior - please use\none or the other.\n\n[1]: https://www.terraform.io/docs/providers/aws/d/instance.html\n[2]: https://www.terraform.io/docs/providers/aws/r/network_interface.html\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following provides a very basic example of setting up an instance (provided\nby `instance`) in the default security group, creating a security group\n(provided by `sg`) and then attaching the security group to the instance's\nprimary network interface via the `aws.ec2.NetworkInterfaceSecurityGroupAttachment` resource,\nnamed `sg_attachment`:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ami = pulumi.output(aws.getAmi({\n filters: [{\n name: \"name\",\n values: [\"amzn-ami-hvm-*\"],\n }],\n mostRecent: true,\n owners: [\"amazon\"],\n}, { async: true }));\nconst instance = new aws.ec2.Instance(\"instance\", {\n ami: ami.id,\n instanceType: \"t2.micro\",\n tags: {\n type: \"test-instance\",\n },\n});\nconst sg = new aws.ec2.SecurityGroup(\"sg\", {\n tags: {\n type: \"test-security-group\",\n },\n});\nconst sgAttachment = new aws.ec2.NetworkInterfaceSecurityGroupAttachment(\"sg_attachment\", {\n networkInterfaceId: instance.primaryNetworkInterfaceId,\n securityGroupId: sg.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nami = aws.get_ami(filters=[{\n \"name\": \"name\",\n \"values\": [\"amzn-ami-hvm-*\"],\n }],\n most_recent=True,\n owners=[\"amazon\"])\ninstance = aws.ec2.Instance(\"instance\",\n ami=ami.id,\n instance_type=\"t2.micro\",\n tags={\n \"type\": \"test-instance\",\n })\nsg = aws.ec2.SecurityGroup(\"sg\", tags={\n \"type\": \"test-security-group\",\n})\nsg_attachment = aws.ec2.NetworkInterfaceSecurityGroupAttachment(\"sgAttachment\",\n network_interface_id=instance.primary_network_interface_id,\n security_group_id=sg.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ami = Output.Create(Aws.GetAmi.InvokeAsync(new Aws.GetAmiArgs\n {\n Filters = \n {\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"name\",\n Values = \n {\n \"amzn-ami-hvm-*\",\n },\n },\n },\n MostRecent = true,\n Owners = \n {\n \"amazon\",\n },\n }));\n var instance = new Aws.Ec2.Instance(\"instance\", new Aws.Ec2.InstanceArgs\n {\n Ami = ami.Apply(ami =\u003e ami.Id),\n InstanceType = \"t2.micro\",\n Tags = \n {\n { \"type\", \"test-instance\" },\n },\n });\n var sg = new Aws.Ec2.SecurityGroup(\"sg\", new Aws.Ec2.SecurityGroupArgs\n {\n Tags = \n {\n { \"type\", \"test-security-group\" },\n },\n });\n var sgAttachment = new Aws.Ec2.NetworkInterfaceSecurityGroupAttachment(\"sgAttachment\", new Aws.Ec2.NetworkInterfaceSecurityGroupAttachmentArgs\n {\n NetworkInterfaceId = instance.PrimaryNetworkInterfaceId,\n SecurityGroupId = sg.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\tami, err := aws.GetAmi(ctx, \u0026aws.GetAmiArgs{\n\t\t\tFilters: []aws.GetAmiFilter{\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"amzn-ami-hvm-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tMostRecent: \u0026opt0,\n\t\t\tOwners: []string{\n\t\t\t\t\"amazon\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinstance, err := ec2.NewInstance(ctx, \"instance\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(ami.Id),\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"type\": pulumi.String(\"test-instance\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsg, err := ec2.NewSecurityGroup(ctx, \"sg\", \u0026ec2.SecurityGroupArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"type\": pulumi.String(\"test-security-group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewNetworkInterfaceSecurityGroupAttachment(ctx, \"sgAttachment\", \u0026ec2.NetworkInterfaceSecurityGroupAttachmentArgs{\n\t\t\tNetworkInterfaceId: instance.PrimaryNetworkInterfaceId,\n\t\t\tSecurityGroupId: sg.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nIn this example, `instance` is provided by the `aws.ec2.Instance` data source,\nfetching an external instance, possibly not managed by this provider.\n`sg_attachment` then attaches to the output instance's `network_interface_id`:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst instance = pulumi.output(aws.ec2.getInstance({\n instanceId: \"i-1234567890abcdef0\",\n}, { async: true }));\nconst sg = new aws.ec2.SecurityGroup(\"sg\", {\n tags: {\n type: \"test-security-group\",\n },\n});\nconst sgAttachment = new aws.ec2.NetworkInterfaceSecurityGroupAttachment(\"sg_attachment\", {\n networkInterfaceId: instance.networkInterfaceId,\n securityGroupId: sg.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ninstance = aws.ec2.get_instance(instance_id=\"i-1234567890abcdef0\")\nsg = aws.ec2.SecurityGroup(\"sg\", tags={\n \"type\": \"test-security-group\",\n})\nsg_attachment = aws.ec2.NetworkInterfaceSecurityGroupAttachment(\"sgAttachment\",\n network_interface_id=instance.network_interface_id,\n security_group_id=sg.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var instance = Output.Create(Aws.Ec2.GetInstance.InvokeAsync(new Aws.Ec2.GetInstanceArgs\n {\n InstanceId = \"i-1234567890abcdef0\",\n }));\n var sg = new Aws.Ec2.SecurityGroup(\"sg\", new Aws.Ec2.SecurityGroupArgs\n {\n Tags = \n {\n { \"type\", \"test-security-group\" },\n },\n });\n var sgAttachment = new Aws.Ec2.NetworkInterfaceSecurityGroupAttachment(\"sgAttachment\", new Aws.Ec2.NetworkInterfaceSecurityGroupAttachmentArgs\n {\n NetworkInterfaceId = instance.Apply(instance =\u003e instance.NetworkInterfaceId),\n SecurityGroupId = sg.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"i-1234567890abcdef0\"\n\t\tinstance, err := ec2.LookupInstance(ctx, \u0026ec2.LookupInstanceArgs{\n\t\t\tInstanceId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsg, err := ec2.NewSecurityGroup(ctx, \"sg\", \u0026ec2.SecurityGroupArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"type\": pulumi.String(\"test-security-group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewNetworkInterfaceSecurityGroupAttachment(ctx, \"sgAttachment\", \u0026ec2.NetworkInterfaceSecurityGroupAttachmentArgs{\n\t\t\tNetworkInterfaceId: pulumi.String(instance.NetworkInterfaceId),\n\t\t\tSecurityGroupId: sg.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Output Reference\n\nThere are no outputs for this resource.\n", "properties": { "networkInterfaceId": { "type": "string", "description": "The ID of the network interface to attach to.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n" } }, "required": [ "networkInterfaceId", "securityGroupId" ], "inputProperties": { "networkInterfaceId": { "type": "string", "description": "The ID of the network interface to attach to.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n" } }, "requiredInputs": [ "networkInterfaceId", "securityGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkInterfaceSecurityGroupAttachment resources.\n", "properties": { "networkInterfaceId": { "type": "string", "description": "The ID of the network interface to attach to.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n" } }, "type": "object" } }, "aws:ec2/peeringConnectionOptions:PeeringConnectionOptions": { "description": "Provides a resource to manage VPC peering connection options.\n\n\u003e **NOTE on VPC Peering Connections and VPC Peering Connection Options:** This provider provides\nboth a standalone VPC Peering Connection Options and a VPC Peering Connection\nresource with `accepter` and `requester` attributes. Do not manage options for the same VPC peering\nconnection in both a VPC Peering Connection resource and a VPC Peering Connection Options resource.\nDoing so will cause a conflict of options and will overwrite the options.\nUsing a VPC Peering Connection Options resource decouples management of the connection options from\nmanagement of the VPC Peering Connection and allows options to be set correctly in cross-region and\ncross-account scenarios.\n\nBasic usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooVpc = new aws.ec2.Vpc(\"foo\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst bar = new aws.ec2.Vpc(\"bar\", {\n cidrBlock: \"10.1.0.0/16\",\n});\nconst fooVpcPeeringConnection = new aws.ec2.VpcPeeringConnection(\"foo\", {\n autoAccept: true,\n peerVpcId: bar.id,\n vpcId: fooVpc.id,\n});\nconst fooPeeringConnectionOptions = new aws.ec2.PeeringConnectionOptions(\"foo\", {\n accepter: {\n allowRemoteVpcDnsResolution: true,\n },\n requester: {\n allowClassicLinkToRemoteVpc: true,\n allowVpcToRemoteClassicLink: true,\n },\n vpcPeeringConnectionId: fooVpcPeeringConnection.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_vpc = aws.ec2.Vpc(\"fooVpc\", cidr_block=\"10.0.0.0/16\")\nbar = aws.ec2.Vpc(\"bar\", cidr_block=\"10.1.0.0/16\")\nfoo_vpc_peering_connection = aws.ec2.VpcPeeringConnection(\"fooVpcPeeringConnection\",\n auto_accept=True,\n peer_vpc_id=bar.id,\n vpc_id=foo_vpc.id)\nfoo_peering_connection_options = aws.ec2.PeeringConnectionOptions(\"fooPeeringConnectionOptions\",\n accepter={\n \"allowRemoteVpcDnsResolution\": True,\n },\n requester={\n \"allowClassicLinkToRemoteVpc\": True,\n \"allowVpcToRemoteClassicLink\": True,\n },\n vpc_peering_connection_id=foo_vpc_peering_connection.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooVpc = new Aws.Ec2.Vpc(\"fooVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var bar = new Aws.Ec2.Vpc(\"bar\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var fooVpcPeeringConnection = new Aws.Ec2.VpcPeeringConnection(\"fooVpcPeeringConnection\", new Aws.Ec2.VpcPeeringConnectionArgs\n {\n AutoAccept = true,\n PeerVpcId = bar.Id,\n VpcId = fooVpc.Id,\n });\n var fooPeeringConnectionOptions = new Aws.Ec2.PeeringConnectionOptions(\"fooPeeringConnectionOptions\", new Aws.Ec2.PeeringConnectionOptionsArgs\n {\n Accepter = new Aws.Ec2.Inputs.PeeringConnectionOptionsAccepterArgs\n {\n AllowRemoteVpcDnsResolution = true,\n },\n Requester = new Aws.Ec2.Inputs.PeeringConnectionOptionsRequesterArgs\n {\n AllowClassicLinkToRemoteVpc = true,\n AllowVpcToRemoteClassicLink = true,\n },\n VpcPeeringConnectionId = fooVpcPeeringConnection.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooVpc, err := ec2.NewVpc(ctx, \"fooVpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewVpc(ctx, \"bar\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooVpcPeeringConnection, err := ec2.NewVpcPeeringConnection(ctx, \"fooVpcPeeringConnection\", \u0026ec2.VpcPeeringConnectionArgs{\n\t\t\tAutoAccept: pulumi.Bool(true),\n\t\t\tPeerVpcId: bar.ID(),\n\t\t\tVpcId: fooVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewPeeringConnectionOptions(ctx, \"fooPeeringConnectionOptions\", \u0026ec2.PeeringConnectionOptionsArgs{\n\t\t\tAccepter: \u0026ec2.PeeringConnectionOptionsAccepterArgs{\n\t\t\t\tAllowRemoteVpcDnsResolution: pulumi.Bool(true),\n\t\t\t},\n\t\t\tRequester: \u0026ec2.PeeringConnectionOptionsRequesterArgs{\n\t\t\t\tAllowClassicLinkToRemoteVpc: pulumi.Bool(true),\n\t\t\t\tAllowVpcToRemoteClassicLink: pulumi.Bool(true),\n\t\t\t},\n\t\t\tVpcPeeringConnectionId: fooVpcPeeringConnection.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nBasic cross-account usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst requester = new aws.Provider(\"requester\", {});\nconst accepter = new aws.Provider(\"accepter\", {});\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsHostnames: true,\n enableDnsSupport: true,\n}, { provider: requester });\nconst peerVpc = new aws.ec2.Vpc(\"peer\", {\n cidrBlock: \"10.1.0.0/16\",\n enableDnsHostnames: true,\n enableDnsSupport: true,\n}, { provider: accepter });\nconst peerCallerIdentity = pulumi.output(aws.getCallerIdentity({ provider: accepter, async: true }));\nconst peerVpcPeeringConnection = new aws.ec2.VpcPeeringConnection(\"peer\", {\n autoAccept: false,\n peerOwnerId: peerCallerIdentity.accountId,\n peerVpcId: peerVpc.id,\n tags: {\n Side: \"Requester\",\n },\n vpcId: main.id,\n}, { provider: requester });\nconst peerVpcPeeringConnectionAccepter = new aws.ec2.VpcPeeringConnectionAccepter(\"peer\", {\n autoAccept: true,\n tags: {\n Side: \"Accepter\",\n },\n vpcPeeringConnectionId: peerVpcPeeringConnection.id,\n}, { provider: accepter });\nconst requesterPeeringConnectionOptions = new aws.ec2.PeeringConnectionOptions(\"requester\", {\n requester: {\n allowRemoteVpcDnsResolution: true,\n },\n // As options can't be set until the connection has been accepted\n // create an explicit dependency on the accepter.\n vpcPeeringConnectionId: peerVpcPeeringConnectionAccepter.id,\n}, { provider: requester });\nconst accepterPeeringConnectionOptions = new aws.ec2.PeeringConnectionOptions(\"accepter\", {\n accepter: {\n allowRemoteVpcDnsResolution: true,\n },\n vpcPeeringConnectionId: peerVpcPeeringConnectionAccepter.id,\n}, { provider: accepter });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\nrequester = pulumi.providers.Aws(\"requester\")\naccepter = pulumi.providers.Aws(\"accepter\")\nmain = aws.ec2.Vpc(\"main\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_hostnames=True,\n enable_dns_support=True)\npeer_vpc = aws.ec2.Vpc(\"peerVpc\",\n cidr_block=\"10.1.0.0/16\",\n enable_dns_hostnames=True,\n enable_dns_support=True)\npeer_caller_identity = aws.get_caller_identity()\npeer_vpc_peering_connection = aws.ec2.VpcPeeringConnection(\"peerVpcPeeringConnection\",\n auto_accept=False,\n peer_owner_id=peer_caller_identity.account_id,\n peer_vpc_id=peer_vpc.id,\n tags={\n \"Side\": \"Requester\",\n },\n vpc_id=main.id)\npeer_vpc_peering_connection_accepter = aws.ec2.VpcPeeringConnectionAccepter(\"peerVpcPeeringConnectionAccepter\",\n auto_accept=True,\n tags={\n \"Side\": \"Accepter\",\n },\n vpc_peering_connection_id=peer_vpc_peering_connection.id)\nrequester_peering_connection_options = aws.ec2.PeeringConnectionOptions(\"requesterPeeringConnectionOptions\",\n requester={\n \"allowRemoteVpcDnsResolution\": True,\n },\n vpc_peering_connection_id=peer_vpc_peering_connection_accepter.id)\naccepter_peering_connection_options = aws.ec2.PeeringConnectionOptions(\"accepterPeeringConnectionOptions\",\n accepter={\n \"allowRemoteVpcDnsResolution\": True,\n },\n vpc_peering_connection_id=peer_vpc_peering_connection_accepter.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var requester = new Aws.Provider(\"requester\", new Aws.ProviderArgs\n {\n });\n var accepter = new Aws.Provider(\"accepter\", new Aws.ProviderArgs\n {\n });\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsHostnames = true,\n EnableDnsSupport = true,\n });\n var peerVpc = new Aws.Ec2.Vpc(\"peerVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n EnableDnsHostnames = true,\n EnableDnsSupport = true,\n });\n var peerCallerIdentity = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n var peerVpcPeeringConnection = new Aws.Ec2.VpcPeeringConnection(\"peerVpcPeeringConnection\", new Aws.Ec2.VpcPeeringConnectionArgs\n {\n AutoAccept = false,\n PeerOwnerId = peerCallerIdentity.Apply(peerCallerIdentity =\u003e peerCallerIdentity.AccountId),\n PeerVpcId = peerVpc.Id,\n Tags = \n {\n { \"Side\", \"Requester\" },\n },\n VpcId = main.Id,\n });\n var peerVpcPeeringConnectionAccepter = new Aws.Ec2.VpcPeeringConnectionAccepter(\"peerVpcPeeringConnectionAccepter\", new Aws.Ec2.VpcPeeringConnectionAccepterArgs\n {\n AutoAccept = true,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n VpcPeeringConnectionId = peerVpcPeeringConnection.Id,\n });\n var requesterPeeringConnectionOptions = new Aws.Ec2.PeeringConnectionOptions(\"requesterPeeringConnectionOptions\", new Aws.Ec2.PeeringConnectionOptionsArgs\n {\n Requester = new Aws.Ec2.Inputs.PeeringConnectionOptionsRequesterArgs\n {\n AllowRemoteVpcDnsResolution = true,\n },\n VpcPeeringConnectionId = peerVpcPeeringConnectionAccepter.Id,\n });\n var accepterPeeringConnectionOptions = new Aws.Ec2.PeeringConnectionOptions(\"accepterPeeringConnectionOptions\", new Aws.Ec2.PeeringConnectionOptionsArgs\n {\n Accepter = new Aws.Ec2.Inputs.PeeringConnectionOptionsAccepterArgs\n {\n AllowRemoteVpcDnsResolution = true,\n },\n VpcPeeringConnectionId = peerVpcPeeringConnectionAccepter.Id,\n });\n }\n\n}\n```\n", "properties": { "accepter": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsAccepter:PeeringConnectionOptionsAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts\nthe peering connection (a maximum of one).\n" }, "requester": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsRequester:PeeringConnectionOptionsRequester", "description": "A optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests\nthe peering connection (a maximum of one).\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The ID of the requester VPC peering connection.\n" } }, "required": [ "accepter", "requester", "vpcPeeringConnectionId" ], "inputProperties": { "accepter": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsAccepter:PeeringConnectionOptionsAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts\nthe peering connection (a maximum of one).\n" }, "requester": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsRequester:PeeringConnectionOptionsRequester", "description": "A optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests\nthe peering connection (a maximum of one).\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The ID of the requester VPC peering connection.\n" } }, "requiredInputs": [ "vpcPeeringConnectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PeeringConnectionOptions resources.\n", "properties": { "accepter": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsAccepter:PeeringConnectionOptionsAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts\nthe peering connection (a maximum of one).\n" }, "requester": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsRequester:PeeringConnectionOptionsRequester", "description": "A optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests\nthe peering connection (a maximum of one).\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The ID of the requester VPC peering connection.\n" } }, "type": "object" } }, "aws:ec2/placementGroup:PlacementGroup": { "description": "Provides an EC2 placement group. Read more about placement groups\nin [AWS Docs](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst web = new aws.ec2.PlacementGroup(\"web\", {\n strategy: \"cluster\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nweb = aws.ec2.PlacementGroup(\"web\", strategy=\"cluster\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var web = new Aws.Ec2.PlacementGroup(\"web\", new Aws.Ec2.PlacementGroupArgs\n {\n Strategy = \"cluster\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewPlacementGroup(ctx, \"web\", \u0026ec2.PlacementGroupArgs{\n\t\t\tStrategy: pulumi.String(\"cluster\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the placement group.\n" }, "name": { "type": "string", "description": "The name of the placement group.\n" }, "placementGroupId": { "type": "string", "description": "The ID of the placement group.\n" }, "strategy": { "type": "string", "$ref": "#/types/aws:ec2/placementStrategy:PlacementStrategy", "description": "The placement strategy. Can be `\"cluster\"`, `\"partition\"` or `\"spread\"`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "required": [ "arn", "name", "placementGroupId", "strategy" ], "inputProperties": { "name": { "type": "string", "description": "The name of the placement group.\n" }, "strategy": { "type": "string", "$ref": "#/types/aws:ec2/placementStrategy:PlacementStrategy", "description": "The placement strategy. Can be `\"cluster\"`, `\"partition\"` or `\"spread\"`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "requiredInputs": [ "strategy" ], "stateInputs": { "description": "Input properties used for looking up and filtering PlacementGroup resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the placement group.\n" }, "name": { "type": "string", "description": "The name of the placement group.\n" }, "placementGroupId": { "type": "string", "description": "The ID of the placement group.\n" }, "strategy": { "type": "string", "$ref": "#/types/aws:ec2/placementStrategy:PlacementStrategy", "description": "The placement strategy. Can be `\"cluster\"`, `\"partition\"` or `\"spread\"`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object" } }, "aws:ec2/proxyProtocolPolicy:ProxyProtocolPolicy": { "description": "Provides a proxy protocol policy, which allows an ELB to carry a client connection information to a backend.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [\n {\n instancePort: 25,\n instanceProtocol: \"tcp\",\n lbPort: 25,\n lbProtocol: \"tcp\",\n },\n {\n instancePort: 587,\n instanceProtocol: \"tcp\",\n lbPort: 587,\n lbProtocol: \"tcp\",\n },\n ],\n});\nconst smtp = new aws.ec2.ProxyProtocolPolicy(\"smtp\", {\n instancePorts: [\n \"25\",\n \"587\",\n ],\n loadBalancer: lb.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[\n {\n \"instance_port\": 25,\n \"instanceProtocol\": \"tcp\",\n \"lb_port\": 25,\n \"lbProtocol\": \"tcp\",\n },\n {\n \"instance_port\": 587,\n \"instanceProtocol\": \"tcp\",\n \"lb_port\": 587,\n \"lbProtocol\": \"tcp\",\n },\n ])\nsmtp = aws.ec2.ProxyProtocolPolicy(\"smtp\",\n instance_ports=[\n \"25\",\n \"587\",\n ],\n load_balancer=lb.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 25,\n InstanceProtocol = \"tcp\",\n LbPort = 25,\n LbProtocol = \"tcp\",\n },\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 587,\n InstanceProtocol = \"tcp\",\n LbPort = 587,\n LbProtocol = \"tcp\",\n },\n },\n });\n var smtp = new Aws.Ec2.ProxyProtocolPolicy(\"smtp\", new Aws.Ec2.ProxyProtocolPolicyArgs\n {\n InstancePorts = \n {\n \"25\",\n \"587\",\n },\n LoadBalancer = lb.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(25),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tLbPort: pulumi.Int(25),\n\t\t\t\t\tLbProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(587),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tLbPort: pulumi.Int(587),\n\t\t\t\t\tLbProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewProxyProtocolPolicy(ctx, \"smtp\", \u0026ec2.ProxyProtocolPolicyArgs{\n\t\t\tInstancePorts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"25\"),\n\t\t\t\tpulumi.String(\"587\"),\n\t\t\t},\n\t\t\tLoadBalancer: lb.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "instancePorts": { "type": "array", "items": { "type": "string" }, "description": "List of instance ports to which the policy\nshould be applied. This can be specified if the protocol is SSL or TCP.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" } }, "required": [ "instancePorts", "loadBalancer" ], "inputProperties": { "instancePorts": { "type": "array", "items": { "type": "string" }, "description": "List of instance ports to which the policy\nshould be applied. This can be specified if the protocol is SSL or TCP.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" } }, "requiredInputs": [ "instancePorts", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProxyProtocolPolicy resources.\n", "properties": { "instancePorts": { "type": "array", "items": { "type": "string" }, "description": "List of instance ports to which the policy\nshould be applied. This can be specified if the protocol is SSL or TCP.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" } }, "type": "object" } }, "aws:ec2/route:Route": { "description": "Provides a resource to create a routing table entry (a route) in a VPC routing table.\n\n\u003e **NOTE on Route Tables and Routes:** This provider currently\nprovides both a standalone Route resource and a Route Table resource with routes\ndefined in-line. At this time you cannot use a Route Table with in-line routes\nin conjunction with any Route resources. Doing so will cause\na conflict of rule settings and will overwrite rules.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst route = new aws.ec2.Route(\"route\", {\n routeTableId: \"rtb-4fbb3ac4\",\n destinationCidrBlock: \"10.0.1.0/22\",\n vpcPeeringConnectionId: \"pcx-45ff3dc1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroute = aws.ec2.Route(\"route\",\n route_table_id=\"rtb-4fbb3ac4\",\n destination_cidr_block=\"10.0.1.0/22\",\n vpc_peering_connection_id=\"pcx-45ff3dc1\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var route = new Aws.Ec2.Route(\"route\", new Aws.Ec2.RouteArgs\n {\n RouteTableId = \"rtb-4fbb3ac4\",\n DestinationCidrBlock = \"10.0.1.0/22\",\n VpcPeeringConnectionId = \"pcx-45ff3dc1\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewRoute(ctx, \"route\", \u0026ec2.RouteArgs{\n\t\t\tRouteTableId: pulumi.String(\"rtb-4fbb3ac4\"),\n\t\t\tDestinationCidrBlock: pulumi.String(\"10.0.1.0/22\"),\n\t\t\tVpcPeeringConnectionId: pulumi.String(\"pcx-45ff3dc1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Example IPv6 Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpc = new aws.ec2.Vpc(\"vpc\", {\n assignGeneratedIpv6CidrBlock: true,\n cidrBlock: \"10.1.0.0/16\",\n});\nconst egress = new aws.ec2.EgressOnlyInternetGateway(\"egress\", {\n vpcId: vpc.id,\n});\nconst route = new aws.ec2.Route(\"r\", {\n destinationIpv6CidrBlock: \"::/0\",\n egressOnlyGatewayId: egress.id,\n routeTableId: \"rtb-4fbb3ac4\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvpc = aws.ec2.Vpc(\"vpc\",\n assign_generated_ipv6_cidr_block=True,\n cidr_block=\"10.1.0.0/16\")\negress = aws.ec2.EgressOnlyInternetGateway(\"egress\", vpc_id=vpc.id)\nroute = aws.ec2.Route(\"route\",\n destination_ipv6_cidr_block=\"::/0\",\n egress_only_gateway_id=egress.id,\n route_table_id=\"rtb-4fbb3ac4\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var vpc = new Aws.Ec2.Vpc(\"vpc\", new Aws.Ec2.VpcArgs\n {\n AssignGeneratedIpv6CidrBlock = true,\n CidrBlock = \"10.1.0.0/16\",\n });\n var egress = new Aws.Ec2.EgressOnlyInternetGateway(\"egress\", new Aws.Ec2.EgressOnlyInternetGatewayArgs\n {\n VpcId = vpc.Id,\n });\n var route = new Aws.Ec2.Route(\"route\", new Aws.Ec2.RouteArgs\n {\n DestinationIpv6CidrBlock = \"::/0\",\n EgressOnlyGatewayId = egress.Id,\n RouteTableId = \"rtb-4fbb3ac4\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tvpc, err := ec2.NewVpc(ctx, \"vpc\", \u0026ec2.VpcArgs{\n\t\t\tAssignGeneratedIpv6CidrBlock: pulumi.Bool(true),\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tegress, err := ec2.NewEgressOnlyInternetGateway(ctx, \"egress\", \u0026ec2.EgressOnlyInternetGatewayArgs{\n\t\t\tVpcId: vpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewRoute(ctx, \"route\", \u0026ec2.RouteArgs{\n\t\t\tDestinationIpv6CidrBlock: pulumi.String(\"::/0\"),\n\t\t\tEgressOnlyGatewayId: egress.ID(),\n\t\t\tRouteTableId: pulumi.String(\"rtb-4fbb3ac4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "destinationCidrBlock": { "type": "string", "description": "The destination CIDR block.\n" }, "destinationIpv6CidrBlock": { "type": "string", "description": "The destination IPv6 CIDR block.\n" }, "destinationPrefixListId": { "type": "string" }, "egressOnlyGatewayId": { "type": "string", "description": "Identifier of a VPC Egress Only Internet Gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of a VPC internet gateway or a virtual private gateway.\n" }, "instanceId": { "type": "string", "description": "Identifier of an EC2 instance.\n" }, "instanceOwnerId": { "type": "string" }, "natGatewayId": { "type": "string", "description": "Identifier of a VPC NAT gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "Identifier of an EC2 network interface.\n" }, "origin": { "type": "string" }, "routeTableId": { "type": "string", "description": "The ID of the routing table.\n" }, "state": { "type": "string" }, "transitGatewayId": { "type": "string", "description": "Identifier of an EC2 Transit Gateway.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "Identifier of a VPC peering connection.\n" } }, "required": [ "destinationPrefixListId", "egressOnlyGatewayId", "gatewayId", "instanceId", "instanceOwnerId", "natGatewayId", "networkInterfaceId", "origin", "routeTableId", "state" ], "inputProperties": { "destinationCidrBlock": { "type": "string", "description": "The destination CIDR block.\n" }, "destinationIpv6CidrBlock": { "type": "string", "description": "The destination IPv6 CIDR block.\n" }, "egressOnlyGatewayId": { "type": "string", "description": "Identifier of a VPC Egress Only Internet Gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of a VPC internet gateway or a virtual private gateway.\n" }, "instanceId": { "type": "string", "description": "Identifier of an EC2 instance.\n" }, "natGatewayId": { "type": "string", "description": "Identifier of a VPC NAT gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "Identifier of an EC2 network interface.\n" }, "routeTableId": { "type": "string", "description": "The ID of the routing table.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of an EC2 Transit Gateway.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "Identifier of a VPC peering connection.\n" } }, "requiredInputs": [ "routeTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Route resources.\n", "properties": { "destinationCidrBlock": { "type": "string", "description": "The destination CIDR block.\n" }, "destinationIpv6CidrBlock": { "type": "string", "description": "The destination IPv6 CIDR block.\n" }, "destinationPrefixListId": { "type": "string" }, "egressOnlyGatewayId": { "type": "string", "description": "Identifier of a VPC Egress Only Internet Gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of a VPC internet gateway or a virtual private gateway.\n" }, "instanceId": { "type": "string", "description": "Identifier of an EC2 instance.\n" }, "instanceOwnerId": { "type": "string" }, "natGatewayId": { "type": "string", "description": "Identifier of a VPC NAT gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "Identifier of an EC2 network interface.\n" }, "origin": { "type": "string" }, "routeTableId": { "type": "string", "description": "The ID of the routing table.\n" }, "state": { "type": "string" }, "transitGatewayId": { "type": "string", "description": "Identifier of an EC2 Transit Gateway.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "Identifier of a VPC peering connection.\n" } }, "type": "object" } }, "aws:ec2/routeTable:RouteTable": { "description": "Provides a resource to create a VPC routing table.\n\n\u003e **NOTE on Route Tables and Routes:** This provider currently\nprovides both a standalone Route resource and a Route Table resource with routes\ndefined in-line. At this time you cannot use a Route Table with in-line routes\nin conjunction with any Route resources. Doing so will cause\na conflict of rule settings and will overwrite rules.\n\n\u003e **NOTE on `gateway_id` and `nat_gateway_id`:** The AWS API is very forgiving with these two\nattributes and the `aws.ec2.RouteTable` resource can be created with a NAT ID specified as a Gateway ID attribute.\nThis _will_ lead to a permanent diff between your configuration and statefile, as the API returns the correct\nparameters in the returned route table. If you're experiencing constant diffs in your `aws.ec2.RouteTable` resources,\nthe first thing to check is whether or not you're specifying a NAT ID instead of a Gateway ID, or vice-versa.\n\n\u003e **NOTE on `propagating_vgws` and the `aws.ec2.VpnGatewayRoutePropagation` resource:**\nIf the `propagating_vgws` argument is present, it's not supported to _also_\ndefine route propagations using `aws.ec2.VpnGatewayRoutePropagation`, since\nthis resource will delete any propagating gateways not explicitly listed in\n`propagating_vgws`. Omit this argument when defining route propagation using\nthe separate resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst routeTable = new aws.ec2.RouteTable(\"r\", {\n routes: [\n {\n cidrBlock: \"10.0.1.0/24\",\n gatewayId: aws_internet_gateway_main.id,\n },\n {\n egressOnlyGatewayId: aws_egress_only_internet_gateway_foo.id,\n ipv6CidrBlock: \"::/0\",\n },\n ],\n tags: {\n Name: \"main\",\n },\n vpcId: aws_vpc_default.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroute_table = aws.ec2.RouteTable(\"routeTable\",\n routes=[\n {\n \"cidr_block\": \"10.0.1.0/24\",\n \"gateway_id\": aws_internet_gateway[\"main\"][\"id\"],\n },\n {\n \"egress_only_gateway_id\": aws_egress_only_internet_gateway[\"foo\"][\"id\"],\n \"ipv6_cidr_block\": \"::/0\",\n },\n ],\n tags={\n \"Name\": \"main\",\n },\n vpc_id=aws_vpc[\"default\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var routeTable = new Aws.Ec2.RouteTable(\"routeTable\", new Aws.Ec2.RouteTableArgs\n {\n Routes = \n {\n new Aws.Ec2.Inputs.RouteTableRouteArgs\n {\n CidrBlock = \"10.0.1.0/24\",\n GatewayId = aws_internet_gateway.Main.Id,\n },\n new Aws.Ec2.Inputs.RouteTableRouteArgs\n {\n EgressOnlyGatewayId = aws_egress_only_internet_gateway.Foo.Id,\n Ipv6CidrBlock = \"::/0\",\n },\n },\n Tags = \n {\n { \"Name\", \"main\" },\n },\n VpcId = aws_vpc.Default.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewRouteTable(ctx, \"routeTable\", \u0026ec2.RouteTableArgs{\n\t\t\tRoutes: ec2.RouteTableRouteArray{\n\t\t\t\t\u0026ec2.RouteTableRouteArgs{\n\t\t\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\t\t\tGatewayId: pulumi.String(aws_internet_gateway.Main.Id),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.RouteTableRouteArgs{\n\t\t\t\t\tEgressOnlyGatewayId: pulumi.String(aws_egress_only_internet_gateway.Foo.Id),\n\t\t\t\t\tIpv6CidrBlock: pulumi.String(\"::/0\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t\tVpcId: pulumi.String(aws_vpc.Default.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the route table.\n" }, "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/RouteTableRoute:RouteTableRoute" }, "description": "A list of route objects. Their keys are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "required": [ "ownerId", "propagatingVgws", "routes", "vpcId" ], "inputProperties": { "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/RouteTableRoute:RouteTableRoute" }, "description": "A list of route objects. Their keys are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "requiredInputs": [ "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteTable resources.\n", "properties": { "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the route table.\n" }, "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/RouteTableRoute:RouteTableRoute" }, "description": "A list of route objects. Their keys are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "type": "object" } }, "aws:ec2/routeTableAssociation:RouteTableAssociation": { "description": "Provides a resource to create an association between a route table and a subnet or a route table and an\ninternet gateway or virtual private gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst routeTableAssociation = new aws.ec2.RouteTableAssociation(\"routeTableAssociation\", {\n subnetId: aws_subnet.foo.id,\n routeTableId: aws_route_table.bar.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroute_table_association = aws.ec2.RouteTableAssociation(\"routeTableAssociation\",\n subnet_id=aws_subnet[\"foo\"][\"id\"],\n route_table_id=aws_route_table[\"bar\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var routeTableAssociation = new Aws.Ec2.RouteTableAssociation(\"routeTableAssociation\", new Aws.Ec2.RouteTableAssociationArgs\n {\n SubnetId = aws_subnet.Foo.Id,\n RouteTableId = aws_route_table.Bar.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewRouteTableAssociation(ctx, \"routeTableAssociation\", \u0026ec2.RouteTableAssociationArgs{\n\t\t\tSubnetId: pulumi.String(aws_subnet.Foo.Id),\n\t\t\tRouteTableId: pulumi.String(aws_route_table.Bar.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst routeTableAssociation = new aws.ec2.RouteTableAssociation(\"routeTableAssociation\", {\n gatewayId: aws_internet_gateway.foo.id,\n routeTableId: aws_route_table.bar.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroute_table_association = aws.ec2.RouteTableAssociation(\"routeTableAssociation\",\n gateway_id=aws_internet_gateway[\"foo\"][\"id\"],\n route_table_id=aws_route_table[\"bar\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var routeTableAssociation = new Aws.Ec2.RouteTableAssociation(\"routeTableAssociation\", new Aws.Ec2.RouteTableAssociationArgs\n {\n GatewayId = aws_internet_gateway.Foo.Id,\n RouteTableId = aws_route_table.Bar.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewRouteTableAssociation(ctx, \"routeTableAssociation\", \u0026ec2.RouteTableAssociationArgs{\n\t\t\tGatewayId: pulumi.String(aws_internet_gateway.Foo.Id),\n\t\t\tRouteTableId: pulumi.String(aws_route_table.Bar.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "gatewayId": { "type": "string", "description": "The gateway ID to create an association. Conflicts with `subnet_id`.\n" }, "routeTableId": { "type": "string", "description": "The ID of the routing table to associate with.\n" }, "subnetId": { "type": "string", "description": "The subnet ID to create an association. Conflicts with `gateway_id`.\n" } }, "required": [ "routeTableId" ], "inputProperties": { "gatewayId": { "type": "string", "description": "The gateway ID to create an association. Conflicts with `subnet_id`.\n" }, "routeTableId": { "type": "string", "description": "The ID of the routing table to associate with.\n" }, "subnetId": { "type": "string", "description": "The subnet ID to create an association. Conflicts with `gateway_id`.\n" } }, "requiredInputs": [ "routeTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteTableAssociation resources.\n", "properties": { "gatewayId": { "type": "string", "description": "The gateway ID to create an association. Conflicts with `subnet_id`.\n" }, "routeTableId": { "type": "string", "description": "The ID of the routing table to associate with.\n" }, "subnetId": { "type": "string", "description": "The subnet ID to create an association. Conflicts with `gateway_id`.\n" } }, "type": "object" } }, "aws:ec2/securityGroup:SecurityGroup": { "description": "Provides a security group resource.\n\n\u003e **NOTE on Security Groups and Security Group Rules:** This provider currently\nprovides both a standalone Security Group Rule resource (a single `ingress` or\n`egress` rule), and a Security Group resource with `ingress` and `egress` rules\ndefined in-line. At this time you cannot use a Security Group with in-line rules\nin conjunction with any Security Group Rule resources. Doing so will cause\na conflict of rule settings and will overwrite rules.\n\n\u003e **NOTE:** Referencing Security Groups across VPC peering has certain restrictions. More information is available in the [VPC Peering User Guide](https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-security-groups.html).\n\n\u003e **NOTE:** Due to [AWS Lambda improved VPC networking changes that began deploying in September 2019](https://aws.amazon.com/blogs/compute/announcing-improved-vpc-networking-for-aws-lambda-functions/), security groups associated with Lambda Functions can take up to 45 minutes to successfully delete.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst allowTls = new aws.ec2.SecurityGroup(\"allowTls\", {\n description: \"Allow TLS inbound traffic\",\n vpcId: aws_vpc.main.id,\n ingress: [{\n description: \"TLS from VPC\",\n fromPort: 443,\n toPort: 443,\n protocol: \"tcp\",\n cidrBlocks: [aws_vpc.main.cidr_block],\n }],\n egress: [{\n fromPort: 0,\n toPort: 0,\n protocol: \"-1\",\n cidrBlocks: [\"0.0.0.0/0\"],\n }],\n tags: {\n Name: \"allow_tls\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nallow_tls = aws.ec2.SecurityGroup(\"allowTls\",\n description=\"Allow TLS inbound traffic\",\n vpc_id=aws_vpc[\"main\"][\"id\"],\n ingress=[{\n \"description\": \"TLS from VPC\",\n \"from_port\": 443,\n \"to_port\": 443,\n \"protocol\": \"tcp\",\n \"cidr_blocks\": [aws_vpc[\"main\"][\"cidr_block\"]],\n }],\n egress=[{\n \"from_port\": 0,\n \"to_port\": 0,\n \"protocol\": \"-1\",\n \"cidr_blocks\": [\"0.0.0.0/0\"],\n }],\n tags={\n \"Name\": \"allow_tls\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var allowTls = new Aws.Ec2.SecurityGroup(\"allowTls\", new Aws.Ec2.SecurityGroupArgs\n {\n Description = \"Allow TLS inbound traffic\",\n VpcId = aws_vpc.Main.Id,\n Ingress = \n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n Description = \"TLS from VPC\",\n FromPort = 443,\n ToPort = 443,\n Protocol = \"tcp\",\n CidrBlocks = \n {\n aws_vpc.Main.Cidr_block,\n },\n },\n },\n Egress = \n {\n new Aws.Ec2.Inputs.SecurityGroupEgressArgs\n {\n FromPort = 0,\n ToPort = 0,\n Protocol = \"-1\",\n CidrBlocks = \n {\n \"0.0.0.0/0\",\n },\n },\n },\n Tags = \n {\n { \"Name\", \"allow_tls\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Usage with prefix list IDs\n\nPrefix list IDs are managed by AWS internally. Prefix list IDs\nare associated with a prefix list name, or service name, that is linked to a specific region.\nPrefix list IDs are exported on VPC Endpoints, so you can use this format:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ...\nconst myEndpoint = new aws.ec2.VpcEndpoint(\"my_endpoint\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ...\nmy_endpoint = aws.ec2.VpcEndpoint(\"myEndpoint\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // ...\n var myEndpoint = new Aws.Ec2.VpcEndpoint(\"myEndpoint\", new Aws.Ec2.VpcEndpointArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpcEndpoint(ctx, \"myEndpoint\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the security group\n" }, "description": { "type": "string", "description": "Description of this egress rule.\n", "default": "Managed by Pulumi" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupEgress:SecurityGroupEgress" }, "description": "Can be specified multiple times for each\negress rule. Each egress block supports fields documented below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupIngress:SecurityGroupIngress" }, "description": "Can be specified multiple times for each\ningress rule. Each ingress block supports fields documented below.\n" }, "name": { "type": "string", "description": "The name of the security group. If omitted, this provider will\nassign a random, unique name\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "ownerId": { "type": "string", "description": "The owner ID.\n" }, "revokeRulesOnDelete": { "type": "boolean", "description": "Instruct this provider to revoke all of the\nSecurity Groups attached ingress and egress rules before deleting the rule\nitself. This is normally not needed, however certain AWS services such as\nElastic Map Reduce may automatically add required rules to security groups used\nwith the service, and those rules may contain a cyclic dependency that prevent\nthe security groups from being destroyed without removing the dependency first.\nDefault `false`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "required": [ "arn", "description", "egress", "ingress", "name", "ownerId", "vpcId" ], "inputProperties": { "description": { "type": "string", "description": "Description of this egress rule.\n", "default": "Managed by Pulumi" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupEgress:SecurityGroupEgress" }, "description": "Can be specified multiple times for each\negress rule. Each egress block supports fields documented below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupIngress:SecurityGroupIngress" }, "description": "Can be specified multiple times for each\ningress rule. Each ingress block supports fields documented below.\n" }, "name": { "type": "string", "description": "The name of the security group. If omitted, this provider will\nassign a random, unique name\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "revokeRulesOnDelete": { "type": "boolean", "description": "Instruct this provider to revoke all of the\nSecurity Groups attached ingress and egress rules before deleting the rule\nitself. This is normally not needed, however certain AWS services such as\nElastic Map Reduce may automatically add required rules to security groups used\nwith the service, and those rules may contain a cyclic dependency that prevent\nthe security groups from being destroyed without removing the dependency first.\nDefault `false`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SecurityGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the security group\n" }, "description": { "type": "string", "description": "Description of this egress rule.\n", "default": "Managed by Pulumi" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupEgress:SecurityGroupEgress" }, "description": "Can be specified multiple times for each\negress rule. Each egress block supports fields documented below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupIngress:SecurityGroupIngress" }, "description": "Can be specified multiple times for each\ningress rule. Each ingress block supports fields documented below.\n" }, "name": { "type": "string", "description": "The name of the security group. If omitted, this provider will\nassign a random, unique name\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "ownerId": { "type": "string", "description": "The owner ID.\n" }, "revokeRulesOnDelete": { "type": "boolean", "description": "Instruct this provider to revoke all of the\nSecurity Groups attached ingress and egress rules before deleting the rule\nitself. This is normally not needed, however certain AWS services such as\nElastic Map Reduce may automatically add required rules to security groups used\nwith the service, and those rules may contain a cyclic dependency that prevent\nthe security groups from being destroyed without removing the dependency first.\nDefault `false`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "type": "object" } }, "aws:ec2/securityGroupRule:SecurityGroupRule": { "description": "Provides a security group rule resource. Represents a single `ingress` or\n`egress` group rule, which can be added to external Security Groups.\n\n\u003e **NOTE on Security Groups and Security Group Rules:** This provider currently\nprovides both a standalone Security Group Rule resource (a single `ingress` or\n`egress` rule), and a Security Group resource with `ingress` and `egress` rules\ndefined in-line. At this time you cannot use a Security Group with in-line rules\nin conjunction with any Security Group Rule resources. Doing so will cause\na conflict of rule settings and will overwrite rules.\n\n\u003e **NOTE:** Setting `protocol = \"all\"` or `protocol = -1` with `from_port` and `to_port` will result in the EC2 API creating a security group rule with all ports open. This API behavior cannot be controlled by this provider and may generate warnings in the future.\n\n\u003e **NOTE:** Referencing Security Groups across VPC peering has certain restrictions. More information is available in the [VPC Peering User Guide](https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-security-groups.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.SecurityGroupRule(\"example\", {\n type: \"ingress\",\n fromPort: 0,\n toPort: 65535,\n protocol: \"tcp\",\n cidrBlocks: aws_vpc.example.cidr_block,\n securityGroupId: \"sg-123456\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.SecurityGroupRule(\"example\",\n type=\"ingress\",\n from_port=0,\n to_port=65535,\n protocol=\"tcp\",\n cidr_blocks=aws_vpc[\"example\"][\"cidr_block\"],\n security_group_id=\"sg-123456\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.SecurityGroupRule(\"example\", new Aws.Ec2.SecurityGroupRuleArgs\n {\n Type = \"ingress\",\n FromPort = 0,\n ToPort = 65535,\n Protocol = \"tcp\",\n CidrBlocks = aws_vpc.Example.Cidr_block,\n SecurityGroupId = \"sg-123456\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewSecurityGroupRule(ctx, \"example\", \u0026ec2.SecurityGroupRuleArgs{\n\t\t\tType: pulumi.String(\"ingress\"),\n\t\t\tFromPort: pulumi.Int(0),\n\t\t\tToPort: pulumi.Int(65535),\n\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\tCidrBlocks: aws_vpc.Example.Cidr_block,\n\t\t\tSecurityGroupId: pulumi.String(\"sg-123456\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Usage with prefix list IDs\n\nPrefix list IDs are manged by AWS internally. Prefix list IDs\nare associated with a prefix list name, or service name, that is linked to a specific region.\nPrefix list IDs are exported on VPC Endpoints, so you can use this format:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ...\nconst myEndpoint = new aws.ec2.VpcEndpoint(\"my_endpoint\", {});\nconst allowAll = new aws.ec2.SecurityGroupRule(\"allow_all\", {\n fromPort: 0,\n prefixListIds: [myEndpoint.prefixListId],\n protocol: \"-1\",\n securityGroupId: \"sg-123456\",\n toPort: 0,\n type: \"egress\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ...\nmy_endpoint = aws.ec2.VpcEndpoint(\"myEndpoint\")\nallow_all = aws.ec2.SecurityGroupRule(\"allowAll\",\n from_port=0,\n prefix_list_ids=[my_endpoint.prefix_list_id],\n protocol=\"-1\",\n security_group_id=\"sg-123456\",\n to_port=0,\n type=\"egress\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // ...\n var myEndpoint = new Aws.Ec2.VpcEndpoint(\"myEndpoint\", new Aws.Ec2.VpcEndpointArgs\n {\n });\n var allowAll = new Aws.Ec2.SecurityGroupRule(\"allowAll\", new Aws.Ec2.SecurityGroupRuleArgs\n {\n FromPort = 0,\n PrefixListIds = \n {\n myEndpoint.PrefixListId,\n },\n Protocol = \"-1\",\n SecurityGroupId = \"sg-123456\",\n ToPort = 0,\n Type = \"egress\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyEndpoint, err := ec2.NewVpcEndpoint(ctx, \"myEndpoint\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSecurityGroupRule(ctx, \"allowAll\", \u0026ec2.SecurityGroupRuleArgs{\n\t\t\tFromPort: pulumi.Int(0),\n\t\t\tPrefixListIds: pulumi.StringArray{\n\t\t\t\tmyEndpoint.PrefixListId,\n\t\t\t},\n\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\tSecurityGroupId: pulumi.String(\"sg-123456\"),\n\t\t\tToPort: pulumi.Int(0),\n\t\t\tType: pulumi.String(\"egress\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks. Cannot be specified with `source_security_group_id`.\n" }, "description": { "type": "string", "description": "Description of the rule.\n" }, "fromPort": { "type": "integer", "description": "The start port (or ICMP type number if protocol is \"icmp\" or \"icmpv6\").\n" }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks.\n" }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of prefix list IDs (for allowing access to VPC endpoints).\nOnly valid with `egress`.\n" }, "protocol": { "type": "string", "description": "The protocol. If not icmp, icmpv6, tcp, udp, or all use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)\n" }, "securityGroupId": { "type": "string", "description": "The security group to apply this rule to.\n" }, "self": { "type": "boolean", "description": "If true, the security group itself will be added as\na source to this ingress rule. Cannot be specified with `source_security_group_id`.\n" }, "sourceSecurityGroupId": { "type": "string", "description": "The security group id to allow access to/from,\ndepending on the `type`. Cannot be specified with `cidr_blocks` and `self`.\n" }, "toPort": { "type": "integer", "description": "The end port (or ICMP code if protocol is \"icmp\").\n" }, "type": { "type": "string", "description": "The type of rule being created. Valid options are `ingress` (inbound)\nor `egress` (outbound).\n" } }, "required": [ "fromPort", "protocol", "securityGroupId", "sourceSecurityGroupId", "toPort", "type" ], "inputProperties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks. Cannot be specified with `source_security_group_id`.\n" }, "description": { "type": "string", "description": "Description of the rule.\n" }, "fromPort": { "type": "integer", "description": "The start port (or ICMP type number if protocol is \"icmp\" or \"icmpv6\").\n" }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks.\n" }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of prefix list IDs (for allowing access to VPC endpoints).\nOnly valid with `egress`.\n" }, "protocol": { "type": "string", "description": "The protocol. If not icmp, icmpv6, tcp, udp, or all use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)\n" }, "securityGroupId": { "type": "string", "description": "The security group to apply this rule to.\n" }, "self": { "type": "boolean", "description": "If true, the security group itself will be added as\na source to this ingress rule. Cannot be specified with `source_security_group_id`.\n" }, "sourceSecurityGroupId": { "type": "string", "description": "The security group id to allow access to/from,\ndepending on the `type`. Cannot be specified with `cidr_blocks` and `self`.\n" }, "toPort": { "type": "integer", "description": "The end port (or ICMP code if protocol is \"icmp\").\n" }, "type": { "type": "string", "description": "The type of rule being created. Valid options are `ingress` (inbound)\nor `egress` (outbound).\n" } }, "requiredInputs": [ "fromPort", "protocol", "securityGroupId", "toPort", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityGroupRule resources.\n", "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks. Cannot be specified with `source_security_group_id`.\n" }, "description": { "type": "string", "description": "Description of the rule.\n" }, "fromPort": { "type": "integer", "description": "The start port (or ICMP type number if protocol is \"icmp\" or \"icmpv6\").\n" }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks.\n" }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of prefix list IDs (for allowing access to VPC endpoints).\nOnly valid with `egress`.\n" }, "protocol": { "type": "string", "description": "The protocol. If not icmp, icmpv6, tcp, udp, or all use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)\n" }, "securityGroupId": { "type": "string", "description": "The security group to apply this rule to.\n" }, "self": { "type": "boolean", "description": "If true, the security group itself will be added as\na source to this ingress rule. Cannot be specified with `source_security_group_id`.\n" }, "sourceSecurityGroupId": { "type": "string", "description": "The security group id to allow access to/from,\ndepending on the `type`. Cannot be specified with `cidr_blocks` and `self`.\n" }, "toPort": { "type": "integer", "description": "The end port (or ICMP code if protocol is \"icmp\").\n" }, "type": { "type": "string", "description": "The type of rule being created. Valid options are `ingress` (inbound)\nor `egress` (outbound).\n" } }, "type": "object" } }, "aws:ec2/snapshotCreateVolumePermission:SnapshotCreateVolumePermission": { "description": "Adds permission to create volumes off of a given EBS Snapshot.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n size: 40,\n});\nconst exampleSnapshot = new aws.ebs.Snapshot(\"example_snapshot\", {\n volumeId: example.id,\n});\nconst examplePerm = new aws.ec2.SnapshotCreateVolumePermission(\"example_perm\", {\n accountId: \"12345678\",\n snapshotId: exampleSnapshot.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n size=40)\nexample_snapshot = aws.ebs.Snapshot(\"exampleSnapshot\", volume_id=example.id)\nexample_perm = aws.ec2.SnapshotCreateVolumePermission(\"examplePerm\",\n account_id=\"12345678\",\n snapshot_id=example_snapshot.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ebs.Volume(\"example\", new Aws.Ebs.VolumeArgs\n {\n AvailabilityZone = \"us-west-2a\",\n Size = 40,\n });\n var exampleSnapshot = new Aws.Ebs.Snapshot(\"exampleSnapshot\", new Aws.Ebs.SnapshotArgs\n {\n VolumeId = example.Id,\n });\n var examplePerm = new Aws.Ec2.SnapshotCreateVolumePermission(\"examplePerm\", new Aws.Ec2.SnapshotCreateVolumePermissionArgs\n {\n AccountId = \"12345678\",\n SnapshotId = exampleSnapshot.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSize: pulumi.Int(40),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSnapshot, err := ebs.NewSnapshot(ctx, \"exampleSnapshot\", \u0026ebs.SnapshotArgs{\n\t\t\tVolumeId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSnapshotCreateVolumePermission(ctx, \"examplePerm\", \u0026ec2.SnapshotCreateVolumePermissionArgs{\n\t\t\tAccountId: pulumi.String(\"12345678\"),\n\t\t\tSnapshotId: exampleSnapshot.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "An AWS Account ID to add create volume permissions\n" }, "snapshotId": { "type": "string", "description": "A snapshot ID\n" } }, "required": [ "accountId", "snapshotId" ], "inputProperties": { "accountId": { "type": "string", "description": "An AWS Account ID to add create volume permissions\n" }, "snapshotId": { "type": "string", "description": "A snapshot ID\n" } }, "requiredInputs": [ "accountId", "snapshotId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotCreateVolumePermission resources.\n", "properties": { "accountId": { "type": "string", "description": "An AWS Account ID to add create volume permissions\n" }, "snapshotId": { "type": "string", "description": "A snapshot ID\n" } }, "type": "object" } }, "aws:ec2/spotDatafeedSubscription:SpotDatafeedSubscription": { "description": "\u003e **Note:** There is only a single subscription allowed per account.\n\nTo help you understand the charges for your Spot instances, Amazon EC2 provides a data feed that describes your Spot instance usage and pricing.\nThis data feed is sent to an Amazon S3 bucket that you specify when you subscribe to the data feed.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultBucket = new aws.s3.Bucket(\"default\", {});\nconst defaultSpotDatafeedSubscription = new aws.ec2.SpotDatafeedSubscription(\"default\", {\n bucket: defaultBucket.bucket,\n prefix: \"my_subdirectory\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_bucket = aws.s3.Bucket(\"defaultBucket\")\ndefault_spot_datafeed_subscription = aws.ec2.SpotDatafeedSubscription(\"defaultSpotDatafeedSubscription\",\n bucket=default_bucket.bucket,\n prefix=\"my_subdirectory\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var defaultBucket = new Aws.S3.Bucket(\"defaultBucket\", new Aws.S3.BucketArgs\n {\n });\n var defaultSpotDatafeedSubscription = new Aws.Ec2.SpotDatafeedSubscription(\"defaultSpotDatafeedSubscription\", new Aws.Ec2.SpotDatafeedSubscriptionArgs\n {\n Bucket = defaultBucket.BucketName,\n Prefix = \"my_subdirectory\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultBucket, err := s3.NewBucket(ctx, \"defaultBucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSpotDatafeedSubscription(ctx, \"defaultSpotDatafeedSubscription\", \u0026ec2.SpotDatafeedSubscriptionArgs{\n\t\t\tBucket: defaultBucket.Bucket,\n\t\t\tPrefix: pulumi.String(\"my_subdirectory\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket in which to store the Spot instance data feed.\n" }, "prefix": { "type": "string", "description": "Path of folder inside bucket to place spot pricing data.\n" } }, "required": [ "bucket" ], "inputProperties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket in which to store the Spot instance data feed.\n" }, "prefix": { "type": "string", "description": "Path of folder inside bucket to place spot pricing data.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering SpotDatafeedSubscription resources.\n", "properties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket in which to store the Spot instance data feed.\n" }, "prefix": { "type": "string", "description": "Path of folder inside bucket to place spot pricing data.\n" } }, "type": "object" } }, "aws:ec2/spotFleetRequest:SpotFleetRequest": { "description": "Provides an EC2 Spot Fleet Request resource. This allows a fleet of Spot\ninstances to be requested on the Spot market.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Using launch specifications\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Request a Spot fleet\nconst cheapCompute = new aws.ec2.SpotFleetRequest(\"cheap_compute\", {\n allocationStrategy: \"diversified\",\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n launchSpecifications: [\n {\n ami: \"ami-1234\",\n iamInstanceProfileArn: aws_iam_instance_profile_example.arn,\n instanceType: \"m4.10xlarge\",\n placementTenancy: \"dedicated\",\n spotPrice: \"2.793\",\n },\n {\n ami: \"ami-5678\",\n availabilityZone: \"us-west-1a\",\n iamInstanceProfileArn: aws_iam_instance_profile_example.arn,\n instanceType: \"m4.4xlarge\",\n keyName: \"my-key\",\n rootBlockDevices: [{\n volumeSize: 300,\n volumeType: \"gp2\",\n }],\n spotPrice: \"1.117\",\n subnetId: \"subnet-1234\",\n tags: {\n Name: \"spot-fleet-example\",\n },\n weightedCapacity: \"35\",\n },\n ],\n spotPrice: \"0.03\",\n targetCapacity: 6,\n validUntil: \"2019-11-04T20:44:20Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Request a Spot fleet\ncheap_compute = aws.ec2.SpotFleetRequest(\"cheapCompute\",\n allocation_strategy=\"diversified\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n launch_specifications=[\n {\n \"ami\": \"ami-1234\",\n \"iamInstanceProfileArn\": aws_iam_instance_profile[\"example\"][\"arn\"],\n \"instance_type\": \"m4.10xlarge\",\n \"placement_tenancy\": \"dedicated\",\n \"spot_price\": \"2.793\",\n },\n {\n \"ami\": \"ami-5678\",\n \"availability_zone\": \"us-west-1a\",\n \"iamInstanceProfileArn\": aws_iam_instance_profile[\"example\"][\"arn\"],\n \"instance_type\": \"m4.4xlarge\",\n \"key_name\": \"my-key\",\n \"root_block_device\": [{\n \"volume_size\": \"300\",\n \"volumeType\": \"gp2\",\n }],\n \"spot_price\": \"1.117\",\n \"subnet_id\": \"subnet-1234\",\n \"tags\": {\n \"Name\": \"spot-fleet-example\",\n },\n \"weightedCapacity\": 35,\n },\n ],\n spot_price=\"0.03\",\n target_capacity=6,\n valid_until=\"2019-11-04T20:44:20Z\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Request a Spot fleet\n var cheapCompute = new Aws.Ec2.SpotFleetRequest(\"cheapCompute\", new Aws.Ec2.SpotFleetRequestArgs\n {\n AllocationStrategy = \"diversified\",\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n LaunchSpecifications = \n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n Ami = \"ami-1234\",\n IamInstanceProfileArn = aws_iam_instance_profile.Example.Arn,\n InstanceType = \"m4.10xlarge\",\n PlacementTenancy = \"dedicated\",\n SpotPrice = \"2.793\",\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n Ami = \"ami-5678\",\n AvailabilityZone = \"us-west-1a\",\n IamInstanceProfileArn = aws_iam_instance_profile.Example.Arn,\n InstanceType = \"m4.4xlarge\",\n KeyName = \"my-key\",\n RootBlockDevice = \n {\n \n {\n { \"volumeSize\", \"300\" },\n { \"volumeType\", \"gp2\" },\n },\n },\n SpotPrice = \"1.117\",\n SubnetId = \"subnet-1234\",\n Tags = \n {\n { \"Name\", \"spot-fleet-example\" },\n },\n WeightedCapacity = \"35\",\n },\n },\n SpotPrice = \"0.03\",\n TargetCapacity = 6,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewSpotFleetRequest(ctx, \"cheapCompute\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tAllocationStrategy: pulumi.String(\"diversified\"),\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tLaunchSpecifications: ec2.SpotFleetRequestLaunchSpecificationArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tAmi: pulumi.String(\"ami-1234\"),\n\t\t\t\t\tIamInstanceProfileArn: pulumi.String(aws_iam_instance_profile.Example.Arn),\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.10xlarge\"),\n\t\t\t\t\tPlacementTenancy: pulumi.String(\"dedicated\"),\n\t\t\t\t\tSpotPrice: pulumi.String(\"2.793\"),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tAmi: pulumi.String(\"ami-5678\"),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-1a\"),\n\t\t\t\t\tIamInstanceProfileArn: pulumi.String(aws_iam_instance_profile.Example.Arn),\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.4xlarge\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t\tRootBlockDevice: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"volumeSize\": pulumi.String(\"300\"),\n\t\t\t\t\t\t\t\"volumeType\": pulumi.String(\"gp2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tSpotPrice: pulumi.String(\"1.117\"),\n\t\t\t\t\tSubnetId: pulumi.String(\"subnet-1234\"),\n\t\t\t\t\tTags: pulumi.Map{\n\t\t\t\t\t\t\"Name\": pulumi.String(\"spot-fleet-example\"),\n\t\t\t\t\t},\n\t\t\t\t\tWeightedCapacity: pulumi.String(\"35\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSpotPrice: pulumi.String(\"0.03\"),\n\t\t\tTargetCapacity: pulumi.Int(6),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Using multiple launch specifications\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.SpotFleetRequest(\"foo\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n launchSpecifications: [\n {\n ami: \"ami-d06a90b0\",\n availabilityZone: \"us-west-2a\",\n instanceType: \"m1.small\",\n keyName: \"my-key\",\n },\n {\n ami: \"ami-d06a90b0\",\n availabilityZone: \"us-west-2a\",\n instanceType: \"m5.large\",\n keyName: \"my-key\",\n },\n ],\n spotPrice: \"0.005\",\n targetCapacity: 2,\n validUntil: \"2019-11-04T20:44:20Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.SpotFleetRequest(\"foo\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n launch_specifications=[\n {\n \"ami\": \"ami-d06a90b0\",\n \"availability_zone\": \"us-west-2a\",\n \"instance_type\": \"m1.small\",\n \"key_name\": \"my-key\",\n },\n {\n \"ami\": \"ami-d06a90b0\",\n \"availability_zone\": \"us-west-2a\",\n \"instance_type\": \"m5.large\",\n \"key_name\": \"my-key\",\n },\n ],\n spot_price=\"0.005\",\n target_capacity=2,\n valid_until=\"2019-11-04T20:44:20Z\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ec2.SpotFleetRequest(\"foo\", new Aws.Ec2.SpotFleetRequestArgs\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n LaunchSpecifications = \n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n Ami = \"ami-d06a90b0\",\n AvailabilityZone = \"us-west-2a\",\n InstanceType = \"m1.small\",\n KeyName = \"my-key\",\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n Ami = \"ami-d06a90b0\",\n AvailabilityZone = \"us-west-2a\",\n InstanceType = \"m5.large\",\n KeyName = \"my-key\",\n },\n },\n SpotPrice = \"0.005\",\n TargetCapacity = 2,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewSpotFleetRequest(ctx, \"foo\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tLaunchSpecifications: ec2.SpotFleetRequestLaunchSpecificationArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tAmi: pulumi.String(\"ami-d06a90b0\"),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\t\t\tInstanceType: pulumi.String(\"m1.small\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tAmi: pulumi.String(\"ami-d06a90b0\"),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\t\t\tInstanceType: pulumi.String(\"m5.large\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSpotPrice: pulumi.String(\"0.005\"),\n\t\t\tTargetCapacity: pulumi.Int(2),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n{{% /example %}}\n{{% /examples %}}", "properties": { "allocationStrategy": { "type": "string", "description": "Indicates how to allocate the target capacity across\nthe Spot pools specified by the Spot fleet request. The default is\n`lowestPrice`.\n" }, "clientToken": { "type": "string" }, "excessCapacityTerminationPolicy": { "type": "string", "description": "Indicates whether running Spot\ninstances should be terminated if the target capacity of the Spot fleet\nrequest is decreased below the current size of the Spot fleet.\n" }, "fleetType": { "type": "string", "description": "The type of fleet request. Indicates whether the Spot Fleet only requests the target\ncapacity or also attempts to maintain it. Default is `maintain`.\n" }, "iamFleetRole": { "type": "string", "description": "Grants the Spot fleet permission to terminate\nSpot instances on your behalf when you cancel its Spot fleet request using\nCancelSpotFleetRequests or when the Spot fleet request expires, if you set\nterminateInstancesWithExpiration.\n" }, "instanceInterruptionBehaviour": { "type": "string", "description": "Indicates whether a Spot\ninstance stops or terminates when it is interrupted. Default is\n`terminate`.\n" }, "instancePoolsToUseCount": { "type": "integer", "description": "The number of Spot pools across which to allocate your target Spot capacity.\nValid only when `allocation_strategy` is set to `lowestPrice`. Spot Fleet selects\nthe cheapest Spot pools and evenly allocates your target Spot capacity across\nthe number of Spot pools that you specify.\n" }, "launchSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecification:SpotFleetRequestLaunchSpecification" }, "description": "Used to define the launch configuration of the\nspot-fleet request. Can be specified multiple times to define different bids\nacross different markets and instance types. Conflicts with `launch_template_config`. At least one of `launch_specification` or `launch_template_config` is required.\n" }, "launchTemplateConfigs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfig:SpotFleetRequestLaunchTemplateConfig" }, "description": "Launch template configuration block. See Launch Template Configs below for more details. Conflicts with `launch_specification`. At least one of `launch_specification` or `launch_template_config` is required.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "A list of elastic load balancer names to add to the Spot fleet.\n" }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Indicates whether Spot fleet should replace unhealthy instances. Default `false`.\n" }, "spotPrice": { "type": "string", "description": "The maximum spot bid for this override request.\n" }, "spotRequestState": { "type": "string", "description": "The state of the Spot fleet request.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetCapacity": { "type": "integer", "description": "The number of units to request. You can choose to set the\ntarget capacity in terms of instances or a performance characteristic that is\nimportant to your application workload, such as vCPUs, memory, or I/O.\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "A list of `aws.alb.TargetGroup` ARNs, for use with Application Load Balancing.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Indicates whether running Spot\ninstances should be terminated when the Spot fleet request expires.\n" }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n" }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. Defaults to 24 hours.\n" }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "required": [ "clientToken", "iamFleetRole", "loadBalancers", "spotRequestState", "targetCapacity", "targetGroupArns" ], "inputProperties": { "allocationStrategy": { "type": "string", "description": "Indicates how to allocate the target capacity across\nthe Spot pools specified by the Spot fleet request. The default is\n`lowestPrice`.\n" }, "excessCapacityTerminationPolicy": { "type": "string", "description": "Indicates whether running Spot\ninstances should be terminated if the target capacity of the Spot fleet\nrequest is decreased below the current size of the Spot fleet.\n" }, "fleetType": { "type": "string", "description": "The type of fleet request. Indicates whether the Spot Fleet only requests the target\ncapacity or also attempts to maintain it. Default is `maintain`.\n" }, "iamFleetRole": { "type": "string", "description": "Grants the Spot fleet permission to terminate\nSpot instances on your behalf when you cancel its Spot fleet request using\nCancelSpotFleetRequests or when the Spot fleet request expires, if you set\nterminateInstancesWithExpiration.\n" }, "instanceInterruptionBehaviour": { "type": "string", "description": "Indicates whether a Spot\ninstance stops or terminates when it is interrupted. Default is\n`terminate`.\n" }, "instancePoolsToUseCount": { "type": "integer", "description": "The number of Spot pools across which to allocate your target Spot capacity.\nValid only when `allocation_strategy` is set to `lowestPrice`. Spot Fleet selects\nthe cheapest Spot pools and evenly allocates your target Spot capacity across\nthe number of Spot pools that you specify.\n" }, "launchSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecification:SpotFleetRequestLaunchSpecification" }, "description": "Used to define the launch configuration of the\nspot-fleet request. Can be specified multiple times to define different bids\nacross different markets and instance types. Conflicts with `launch_template_config`. At least one of `launch_specification` or `launch_template_config` is required.\n" }, "launchTemplateConfigs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfig:SpotFleetRequestLaunchTemplateConfig" }, "description": "Launch template configuration block. See Launch Template Configs below for more details. Conflicts with `launch_specification`. At least one of `launch_specification` or `launch_template_config` is required.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "A list of elastic load balancer names to add to the Spot fleet.\n" }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Indicates whether Spot fleet should replace unhealthy instances. Default `false`.\n" }, "spotPrice": { "type": "string", "description": "The maximum spot bid for this override request.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetCapacity": { "type": "integer", "description": "The number of units to request. You can choose to set the\ntarget capacity in terms of instances or a performance characteristic that is\nimportant to your application workload, such as vCPUs, memory, or I/O.\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "A list of `aws.alb.TargetGroup` ARNs, for use with Application Load Balancing.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Indicates whether running Spot\ninstances should be terminated when the Spot fleet request expires.\n" }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n" }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. Defaults to 24 hours.\n" }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "requiredInputs": [ "iamFleetRole", "targetCapacity" ], "stateInputs": { "description": "Input properties used for looking up and filtering SpotFleetRequest resources.\n", "properties": { "allocationStrategy": { "type": "string", "description": "Indicates how to allocate the target capacity across\nthe Spot pools specified by the Spot fleet request. The default is\n`lowestPrice`.\n" }, "clientToken": { "type": "string" }, "excessCapacityTerminationPolicy": { "type": "string", "description": "Indicates whether running Spot\ninstances should be terminated if the target capacity of the Spot fleet\nrequest is decreased below the current size of the Spot fleet.\n" }, "fleetType": { "type": "string", "description": "The type of fleet request. Indicates whether the Spot Fleet only requests the target\ncapacity or also attempts to maintain it. Default is `maintain`.\n" }, "iamFleetRole": { "type": "string", "description": "Grants the Spot fleet permission to terminate\nSpot instances on your behalf when you cancel its Spot fleet request using\nCancelSpotFleetRequests or when the Spot fleet request expires, if you set\nterminateInstancesWithExpiration.\n" }, "instanceInterruptionBehaviour": { "type": "string", "description": "Indicates whether a Spot\ninstance stops or terminates when it is interrupted. Default is\n`terminate`.\n" }, "instancePoolsToUseCount": { "type": "integer", "description": "The number of Spot pools across which to allocate your target Spot capacity.\nValid only when `allocation_strategy` is set to `lowestPrice`. Spot Fleet selects\nthe cheapest Spot pools and evenly allocates your target Spot capacity across\nthe number of Spot pools that you specify.\n" }, "launchSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecification:SpotFleetRequestLaunchSpecification" }, "description": "Used to define the launch configuration of the\nspot-fleet request. Can be specified multiple times to define different bids\nacross different markets and instance types. Conflicts with `launch_template_config`. At least one of `launch_specification` or `launch_template_config` is required.\n" }, "launchTemplateConfigs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfig:SpotFleetRequestLaunchTemplateConfig" }, "description": "Launch template configuration block. See Launch Template Configs below for more details. Conflicts with `launch_specification`. At least one of `launch_specification` or `launch_template_config` is required.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "A list of elastic load balancer names to add to the Spot fleet.\n" }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Indicates whether Spot fleet should replace unhealthy instances. Default `false`.\n" }, "spotPrice": { "type": "string", "description": "The maximum spot bid for this override request.\n" }, "spotRequestState": { "type": "string", "description": "The state of the Spot fleet request.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetCapacity": { "type": "integer", "description": "The number of units to request. You can choose to set the\ntarget capacity in terms of instances or a performance characteristic that is\nimportant to your application workload, such as vCPUs, memory, or I/O.\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "A list of `aws.alb.TargetGroup` ARNs, for use with Application Load Balancing.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Indicates whether running Spot\ninstances should be terminated when the Spot fleet request expires.\n" }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n" }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. Defaults to 24 hours.\n" }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "type": "object" } }, "aws:ec2/spotInstanceRequest:SpotInstanceRequest": { "description": "Provides an EC2 Spot Instance Request resource. This allows instances to be\nrequested on the spot market.\n\nBy default this provider creates Spot Instance Requests with a `persistent` type,\nwhich means that for the duration of their lifetime, AWS will launch an\ninstance with the configured details if and when the spot market will accept\nthe requested price.\n\nOn destruction, this provider will make an attempt to terminate the associated Spot\nInstance if there is one present.\n\nSpot Instances requests with a `one-time` type will close the spot request\nwhen the instance is terminated either by the request being below the current spot\nprice availability or by a user.\n\n\u003e **NOTE:** Because their behavior depends on the live status of the spot\nmarket, Spot Instance Requests have a unique lifecycle that makes them behave\ndifferently than other resources. Most importantly: there is __no\nguarantee__ that a Spot Instance exists to fulfill the request at any given\npoint in time. See the [AWS Spot Instance\ndocumentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances.html)\nfor more information.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Request a spot instance at $0.03\nconst cheapWorker = new aws.ec2.SpotInstanceRequest(\"cheap_worker\", {\n ami: \"ami-1234\",\n instanceType: \"c4.xlarge\",\n spotPrice: \"0.03\",\n tags: {\n Name: \"CheapWorker\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Request a spot instance at $0.03\ncheap_worker = aws.ec2.SpotInstanceRequest(\"cheapWorker\",\n ami=\"ami-1234\",\n instance_type=\"c4.xlarge\",\n spot_price=\"0.03\",\n tags={\n \"Name\": \"CheapWorker\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Request a spot instance at $0.03\n var cheapWorker = new Aws.Ec2.SpotInstanceRequest(\"cheapWorker\", new Aws.Ec2.SpotInstanceRequestArgs\n {\n Ami = \"ami-1234\",\n InstanceType = \"c4.xlarge\",\n SpotPrice = \"0.03\",\n Tags = \n {\n { \"Name\", \"CheapWorker\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewSpotInstanceRequest(ctx, \"cheapWorker\", \u0026ec2.SpotInstanceRequestArgs{\n\t\t\tAmi: pulumi.String(\"ami-1234\"),\n\t\t\tInstanceType: pulumi.String(\"c4.xlarge\"),\n\t\t\tSpotPrice: pulumi.String(\"0.03\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"CheapWorker\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "ami": { "type": "string", "description": "The AMI to use for the instance.\n" }, "arn": { "type": "string" }, "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC. Boolean value.\n" }, "availabilityZone": { "type": "string", "description": "The AZ to start the instance in.\n" }, "blockDurationMinutes": { "type": "integer", "description": "The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).\nThe duration period starts as soon as your Spot instance receives its instance ID. At the end of the duration period, Amazon EC2 marks the Spot instance for termination and provides a Spot instance termination notice, which gives the instance a two-minute warning before it terminates.\nNote that you can't specify an Availability Zone group or a launch group if you specify a duration.\n" }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is\nonly supported on creation of instance type that support CPU Options\n[CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n" }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCreditSpecification:SpotInstanceRequestCreditSpecification", "description": "Customize the credit specification of the instance. See Credit Specification below for more details.\n" }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination)\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEbsBlockDevice:SpotInstanceRequestEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\nNote that if this is not set on an instance type that is optimized by default then\nthis will show as disabled but if the instance type is optimized by default then\nthere is no need to set this and there is no effect to disabling it.\nSee the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEphemeralBlockDevice:SpotInstanceRequestEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n" }, "hostId": { "type": "string", "description": "The Id of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n" }, "iamInstanceProfile": { "type": "string", "description": "The IAM Instance Profile to\nlaunch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the\ninstance. Amazon defaults this to `stop` for EBS-backed instances and\n`terminate` for instance-store instances. Cannot be set on instance-store\ninstances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n" }, "instanceInterruptionBehaviour": { "type": "string", "description": "Indicates whether a Spot instance stops or terminates when it is interrupted. Default is `terminate` as this is the current AWS behaviour.\n" }, "instanceState": { "type": "string" }, "instanceType": { "type": "string", "description": "The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance.\n" }, "ipv6AddressCount": { "type": "integer", "description": "A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n" }, "keyName": { "type": "string", "description": "The key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n" }, "launchGroup": { "type": "string", "description": "A launch group is a group of spot instances that launch together and terminate together.\nIf left empty instances are launched and terminated individually.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestMetadataOptions:SpotInstanceRequestMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n" }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestNetworkInterface:SpotInstanceRequestNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n" }, "outpostArn": { "type": "string" }, "passwordData": { "type": "string" }, "placementGroup": { "type": "string", "description": "The Placement Group to start the instance in.\n" }, "primaryNetworkInterfaceId": { "type": "string" }, "privateDns": { "type": "string", "description": "The private DNS name assigned to the instance. Can only be\nused inside the Amazon EC2, and only available if you've enabled DNS hostnames\nfor your VPC\n" }, "privateIp": { "type": "string", "description": "Private IP address to associate with the\ninstance in a VPC.\n" }, "publicDns": { "type": "string", "description": "The public DNS name assigned to the instance. For EC2-VPC, this\nis only available if you've enabled DNS hostnames for your VPC\n" }, "publicIp": { "type": "string", "description": "The public IP address assigned to the instance, if applicable.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/SpotInstanceRequestRootBlockDevice:SpotInstanceRequestRootBlockDevice", "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names (EC2-Classic) or IDs (default VPC) to associate with.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when\nthe destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n" }, "spotBidStatus": { "type": "string", "description": "The current [bid\nstatus](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html)\nof the Spot Instance Request.\n* `spot_request_state` The current [request\nstate](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html#creating-spot-request-status)\nof the Spot Instance Request.\n" }, "spotInstanceId": { "type": "string", "description": "The Instance ID (if any) that is currently fulfilling\nthe Spot Instance request.\n" }, "spotPrice": { "type": "string", "description": "The maximum price to request on the spot market.\n" }, "spotRequestState": { "type": "string" }, "spotType": { "type": "string", "description": "If set to `one-time`, after\nthe instance is terminated, the spot request will be closed.\n" }, "subnetId": { "type": "string", "description": "The VPC Subnet ID to launch in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tenancy": { "type": "string", "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for the import-instance command.\n" }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n" }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n" }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. The default end date is 7 days from the current date.\n" }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the devices created by the instance at launch time.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with.\n" }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "required": [ "ami", "arn", "associatePublicIpAddress", "availabilityZone", "cpuCoreCount", "cpuThreadsPerCore", "ebsBlockDevices", "ephemeralBlockDevices", "hostId", "instanceState", "instanceType", "ipv6AddressCount", "ipv6Addresses", "keyName", "metadataOptions", "networkInterfaces", "outpostArn", "passwordData", "placementGroup", "primaryNetworkInterfaceId", "privateDns", "privateIp", "publicDns", "publicIp", "rootBlockDevice", "securityGroups", "spotBidStatus", "spotInstanceId", "spotRequestState", "subnetId", "tenancy", "validFrom", "validUntil", "vpcSecurityGroupIds" ], "inputProperties": { "ami": { "type": "string", "description": "The AMI to use for the instance.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC. Boolean value.\n" }, "availabilityZone": { "type": "string", "description": "The AZ to start the instance in.\n" }, "blockDurationMinutes": { "type": "integer", "description": "The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).\nThe duration period starts as soon as your Spot instance receives its instance ID. At the end of the duration period, Amazon EC2 marks the Spot instance for termination and provides a Spot instance termination notice, which gives the instance a two-minute warning before it terminates.\nNote that you can't specify an Availability Zone group or a launch group if you specify a duration.\n" }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is\nonly supported on creation of instance type that support CPU Options\n[CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n" }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCreditSpecification:SpotInstanceRequestCreditSpecification", "description": "Customize the credit specification of the instance. See Credit Specification below for more details.\n" }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination)\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEbsBlockDevice:SpotInstanceRequestEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\nNote that if this is not set on an instance type that is optimized by default then\nthis will show as disabled but if the instance type is optimized by default then\nthere is no need to set this and there is no effect to disabling it.\nSee the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEphemeralBlockDevice:SpotInstanceRequestEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n" }, "hostId": { "type": "string", "description": "The Id of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n" }, "iamInstanceProfile": { "type": "string", "description": "The IAM Instance Profile to\nlaunch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the\ninstance. Amazon defaults this to `stop` for EBS-backed instances and\n`terminate` for instance-store instances. Cannot be set on instance-store\ninstances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n" }, "instanceInterruptionBehaviour": { "type": "string", "description": "Indicates whether a Spot instance stops or terminates when it is interrupted. Default is `terminate` as this is the current AWS behaviour.\n" }, "instanceType": { "type": "string", "description": "The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance.\n" }, "ipv6AddressCount": { "type": "integer", "description": "A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n" }, "keyName": { "type": "string", "description": "The key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n" }, "launchGroup": { "type": "string", "description": "A launch group is a group of spot instances that launch together and terminate together.\nIf left empty instances are launched and terminated individually.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestMetadataOptions:SpotInstanceRequestMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n" }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestNetworkInterface:SpotInstanceRequestNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n" }, "placementGroup": { "type": "string", "description": "The Placement Group to start the instance in.\n" }, "privateIp": { "type": "string", "description": "Private IP address to associate with the\ninstance in a VPC.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/SpotInstanceRequestRootBlockDevice:SpotInstanceRequestRootBlockDevice", "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names (EC2-Classic) or IDs (default VPC) to associate with.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when\nthe destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n" }, "spotPrice": { "type": "string", "description": "The maximum price to request on the spot market.\n" }, "spotType": { "type": "string", "description": "If set to `one-time`, after\nthe instance is terminated, the spot request will be closed.\n" }, "subnetId": { "type": "string", "description": "The VPC Subnet ID to launch in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tenancy": { "type": "string", "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for the import-instance command.\n" }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n" }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n" }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. The default end date is 7 days from the current date.\n" }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the devices created by the instance at launch time.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with.\n" }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "requiredInputs": [ "ami", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering SpotInstanceRequest resources.\n", "properties": { "ami": { "type": "string", "description": "The AMI to use for the instance.\n" }, "arn": { "type": "string" }, "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC. Boolean value.\n" }, "availabilityZone": { "type": "string", "description": "The AZ to start the instance in.\n" }, "blockDurationMinutes": { "type": "integer", "description": "The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).\nThe duration period starts as soon as your Spot instance receives its instance ID. At the end of the duration period, Amazon EC2 marks the Spot instance for termination and provides a Spot instance termination notice, which gives the instance a two-minute warning before it terminates.\nNote that you can't specify an Availability Zone group or a launch group if you specify a duration.\n" }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is\nonly supported on creation of instance type that support CPU Options\n[CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n" }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCreditSpecification:SpotInstanceRequestCreditSpecification", "description": "Customize the credit specification of the instance. See Credit Specification below for more details.\n" }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination)\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEbsBlockDevice:SpotInstanceRequestEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\nNote that if this is not set on an instance type that is optimized by default then\nthis will show as disabled but if the instance type is optimized by default then\nthere is no need to set this and there is no effect to disabling it.\nSee the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEphemeralBlockDevice:SpotInstanceRequestEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n" }, "hostId": { "type": "string", "description": "The Id of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n" }, "iamInstanceProfile": { "type": "string", "description": "The IAM Instance Profile to\nlaunch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the\ninstance. Amazon defaults this to `stop` for EBS-backed instances and\n`terminate` for instance-store instances. Cannot be set on instance-store\ninstances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n" }, "instanceInterruptionBehaviour": { "type": "string", "description": "Indicates whether a Spot instance stops or terminates when it is interrupted. Default is `terminate` as this is the current AWS behaviour.\n" }, "instanceState": { "type": "string" }, "instanceType": { "type": "string", "description": "The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance.\n" }, "ipv6AddressCount": { "type": "integer", "description": "A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n" }, "keyName": { "type": "string", "description": "The key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n" }, "launchGroup": { "type": "string", "description": "A launch group is a group of spot instances that launch together and terminate together.\nIf left empty instances are launched and terminated individually.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestMetadataOptions:SpotInstanceRequestMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n" }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestNetworkInterface:SpotInstanceRequestNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n" }, "outpostArn": { "type": "string" }, "passwordData": { "type": "string" }, "placementGroup": { "type": "string", "description": "The Placement Group to start the instance in.\n" }, "primaryNetworkInterfaceId": { "type": "string" }, "privateDns": { "type": "string", "description": "The private DNS name assigned to the instance. Can only be\nused inside the Amazon EC2, and only available if you've enabled DNS hostnames\nfor your VPC\n" }, "privateIp": { "type": "string", "description": "Private IP address to associate with the\ninstance in a VPC.\n" }, "publicDns": { "type": "string", "description": "The public DNS name assigned to the instance. For EC2-VPC, this\nis only available if you've enabled DNS hostnames for your VPC\n" }, "publicIp": { "type": "string", "description": "The public IP address assigned to the instance, if applicable.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/SpotInstanceRequestRootBlockDevice:SpotInstanceRequestRootBlockDevice", "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names (EC2-Classic) or IDs (default VPC) to associate with.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when\nthe destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n" }, "spotBidStatus": { "type": "string", "description": "The current [bid\nstatus](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html)\nof the Spot Instance Request.\n* `spot_request_state` The current [request\nstate](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html#creating-spot-request-status)\nof the Spot Instance Request.\n" }, "spotInstanceId": { "type": "string", "description": "The Instance ID (if any) that is currently fulfilling\nthe Spot Instance request.\n" }, "spotPrice": { "type": "string", "description": "The maximum price to request on the spot market.\n" }, "spotRequestState": { "type": "string" }, "spotType": { "type": "string", "description": "If set to `one-time`, after\nthe instance is terminated, the spot request will be closed.\n" }, "subnetId": { "type": "string", "description": "The VPC Subnet ID to launch in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tenancy": { "type": "string", "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for the import-instance command.\n" }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n" }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n" }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. The default end date is 7 days from the current date.\n" }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the devices created by the instance at launch time.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with.\n" }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "type": "object" } }, "aws:ec2/subnet:Subnet": { "description": "Provides an VPC subnet resource.\n\n\u003e **NOTE:** Due to [AWS Lambda improved VPC networking changes that began deploying in September 2019](https://aws.amazon.com/blogs/compute/announcing-improved-vpc-networking-for-aws-lambda-functions/), subnets associated with Lambda Functions can take up to 45 minutes to successfully delete.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Subnet(\"main\", {\n cidrBlock: \"10.0.1.0/24\",\n tags: {\n Name: \"Main\",\n },\n vpcId: aws_vpc_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Subnet(\"main\",\n cidr_block=\"10.0.1.0/24\",\n tags={\n \"Name\": \"Main\",\n },\n vpc_id=aws_vpc[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Subnet(\"main\", new Aws.Ec2.SubnetArgs\n {\n CidrBlock = \"10.0.1.0/24\",\n Tags = \n {\n { \"Name\", \"Main\" },\n },\n VpcId = aws_vpc.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewSubnet(ctx, \"main\", \u0026ec2.SubnetArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"Main\"),\n\t\t\t},\n\t\t\tVpcId: pulumi.String(aws_vpc.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Subnets In Secondary VPC CIDR Blocks\n\nWhen managing subnets in one of a VPC's secondary CIDR blocks created using a `aws.ec2.VpcIpv4CidrBlockAssociation`\nresource, it is recommended to reference that resource's `vpc_id` attribute to ensure correct dependency ordering.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst secondaryCidr = new aws.ec2.VpcIpv4CidrBlockAssociation(\"secondary_cidr\", {\n cidrBlock: \"172.2.0.0/16\",\n vpcId: aws_vpc_main.id,\n});\nconst inSecondaryCidr = new aws.ec2.Subnet(\"in_secondary_cidr\", {\n cidrBlock: \"172.2.0.0/24\",\n vpcId: secondaryCidr.vpcId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsecondary_cidr = aws.ec2.VpcIpv4CidrBlockAssociation(\"secondaryCidr\",\n cidr_block=\"172.2.0.0/16\",\n vpc_id=aws_vpc[\"main\"][\"id\"])\nin_secondary_cidr = aws.ec2.Subnet(\"inSecondaryCidr\",\n cidr_block=\"172.2.0.0/24\",\n vpc_id=secondary_cidr.vpc_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var secondaryCidr = new Aws.Ec2.VpcIpv4CidrBlockAssociation(\"secondaryCidr\", new Aws.Ec2.VpcIpv4CidrBlockAssociationArgs\n {\n CidrBlock = \"172.2.0.0/16\",\n VpcId = aws_vpc.Main.Id,\n });\n var inSecondaryCidr = new Aws.Ec2.Subnet(\"inSecondaryCidr\", new Aws.Ec2.SubnetArgs\n {\n CidrBlock = \"172.2.0.0/24\",\n VpcId = secondaryCidr.VpcId,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsecondaryCidr, err := ec2.NewVpcIpv4CidrBlockAssociation(ctx, \"secondaryCidr\", \u0026ec2.VpcIpv4CidrBlockAssociationArgs{\n\t\t\tCidrBlock: pulumi.String(\"172.2.0.0/16\"),\n\t\t\tVpcId: pulumi.String(aws_vpc.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSubnet(ctx, \"inSecondaryCidr\", \u0026ec2.SubnetArgs{\n\t\t\tCidrBlock: pulumi.String(\"172.2.0.0/24\"),\n\t\t\tVpcId: secondaryCidr.VpcId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the subnet.\n" }, "assignIpv6AddressOnCreation": { "type": "boolean", "description": "Specify true to indicate\nthat network interfaces created in the specified subnet should be\nassigned an IPv6 address. Default is `false`\n" }, "availabilityZone": { "type": "string", "description": "The AZ for the subnet.\n" }, "availabilityZoneId": { "type": "string", "description": "The AZ ID of the subnet.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block for the subnet.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 network range for the subnet,\nin CIDR notation. The subnet size must use a /64 prefix length.\n" }, "ipv6CidrBlockAssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block.\n" }, "mapPublicIpOnLaunch": { "type": "boolean", "description": "Specify true to indicate\nthat instances launched into the subnet should be assigned\na public IP address. Default is `false`.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "required": [ "arn", "availabilityZone", "availabilityZoneId", "cidrBlock", "ipv6CidrBlock", "ipv6CidrBlockAssociationId", "ownerId", "vpcId" ], "inputProperties": { "assignIpv6AddressOnCreation": { "type": "boolean", "description": "Specify true to indicate\nthat network interfaces created in the specified subnet should be\nassigned an IPv6 address. Default is `false`\n" }, "availabilityZone": { "type": "string", "description": "The AZ for the subnet.\n" }, "availabilityZoneId": { "type": "string", "description": "The AZ ID of the subnet.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block for the subnet.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 network range for the subnet,\nin CIDR notation. The subnet size must use a /64 prefix length.\n" }, "mapPublicIpOnLaunch": { "type": "boolean", "description": "Specify true to indicate\nthat instances launched into the subnet should be assigned\na public IP address. Default is `false`.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "requiredInputs": [ "cidrBlock", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Subnet resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the subnet.\n" }, "assignIpv6AddressOnCreation": { "type": "boolean", "description": "Specify true to indicate\nthat network interfaces created in the specified subnet should be\nassigned an IPv6 address. Default is `false`\n" }, "availabilityZone": { "type": "string", "description": "The AZ for the subnet.\n" }, "availabilityZoneId": { "type": "string", "description": "The AZ ID of the subnet.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block for the subnet.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 network range for the subnet,\nin CIDR notation. The subnet size must use a /64 prefix length.\n" }, "ipv6CidrBlockAssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block.\n" }, "mapPublicIpOnLaunch": { "type": "boolean", "description": "Specify true to indicate\nthat instances launched into the subnet should be assigned\na public IP address. Default is `false`.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "type": "object" } }, "aws:ec2/tag:Tag": { "properties": { "key": { "type": "string", "description": "The tag name.\n" }, "resourceId": { "type": "string", "description": "The ID of the EC2 resource to manage the tag for.\n" }, "value": { "type": "string", "description": "The value of the tag.\n" } }, "required": [ "key", "resourceId", "value" ], "inputProperties": { "key": { "type": "string", "description": "The tag name.\n" }, "resourceId": { "type": "string", "description": "The ID of the EC2 resource to manage the tag for.\n" }, "value": { "type": "string", "description": "The value of the tag.\n" } }, "requiredInputs": [ "key", "resourceId", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering Tag resources.\n", "properties": { "key": { "type": "string", "description": "The tag name.\n" }, "resourceId": { "type": "string", "description": "The ID of the EC2 resource to manage the tag for.\n" }, "value": { "type": "string", "description": "The value of the tag.\n" } }, "type": "object" } }, "aws:ec2/trafficMirrorFilter:TrafficMirrorFilter": { "description": "Provides an Traffic mirror filter. \nRead [limits and considerations](https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html) for traffic mirroring\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nTo create a basic traffic mirror filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.TrafficMirrorFilter(\"foo\", {\n description: \"traffic mirror filter - example\",\n networkServices: [\"amazon-dns\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.TrafficMirrorFilter(\"foo\",\n description=\"traffic mirror filter - example\",\n network_services=[\"amazon-dns\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ec2.TrafficMirrorFilter(\"foo\", new Aws.Ec2.TrafficMirrorFilterArgs\n {\n Description = \"traffic mirror filter - example\",\n NetworkServices = \n {\n \"amazon-dns\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewTrafficMirrorFilter(ctx, \"foo\", \u0026ec2.TrafficMirrorFilterArgs{\n\t\t\tDescription: pulumi.String(\"traffic mirror filter - example\"),\n\t\t\tNetworkServices: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"amazon-dns\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "A description of the filter.\n" }, "networkServices": { "type": "array", "items": { "type": "string" }, "description": "List of amazon network services that should be mirrored. Valid values: `amazon-dns`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "inputProperties": { "description": { "type": "string", "description": "A description of the filter.\n" }, "networkServices": { "type": "array", "items": { "type": "string" }, "description": "List of amazon network services that should be mirrored. Valid values: `amazon-dns`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TrafficMirrorFilter resources.\n", "properties": { "description": { "type": "string", "description": "A description of the filter.\n" }, "networkServices": { "type": "array", "items": { "type": "string" }, "description": "List of amazon network services that should be mirrored. Valid values: `amazon-dns`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object" } }, "aws:ec2/trafficMirrorFilterRule:TrafficMirrorFilterRule": { "description": "Provides an Traffic mirror filter rule. \nRead [limits and considerations](https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html) for traffic mirroring\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nTo create a basic traffic mirror session\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst filter = new aws.ec2.TrafficMirrorFilter(\"filter\", {\n description: \"traffic mirror filter - example\",\n networkServices: [\"amazon-dns\"],\n});\nconst ruleout = new aws.ec2.TrafficMirrorFilterRule(\"ruleout\", {\n description: \"test rule\",\n destinationCidrBlock: \"10.0.0.0/8\",\n ruleAction: \"accept\",\n ruleNumber: 1,\n sourceCidrBlock: \"10.0.0.0/8\",\n trafficDirection: \"egress\",\n trafficMirrorFilterId: filter.id,\n});\nconst rulein = new aws.ec2.TrafficMirrorFilterRule(\"rulein\", {\n description: \"test rule\",\n destinationCidrBlock: \"10.0.0.0/8\",\n destinationPortRange: {\n fromPort: 22,\n toPort: 53,\n },\n protocol: 6,\n ruleAction: \"accept\",\n ruleNumber: 1,\n sourceCidrBlock: \"10.0.0.0/8\",\n sourcePortRange: {\n fromPort: 0,\n toPort: 10,\n },\n trafficDirection: \"ingress\",\n trafficMirrorFilterId: filter.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfilter = aws.ec2.TrafficMirrorFilter(\"filter\",\n description=\"traffic mirror filter - example\",\n network_services=[\"amazon-dns\"])\nruleout = aws.ec2.TrafficMirrorFilterRule(\"ruleout\",\n description=\"test rule\",\n destination_cidr_block=\"10.0.0.0/8\",\n rule_action=\"accept\",\n rule_number=1,\n source_cidr_block=\"10.0.0.0/8\",\n traffic_direction=\"egress\",\n traffic_mirror_filter_id=filter.id)\nrulein = aws.ec2.TrafficMirrorFilterRule(\"rulein\",\n description=\"test rule\",\n destination_cidr_block=\"10.0.0.0/8\",\n destination_port_range={\n \"from_port\": 22,\n \"to_port\": 53,\n },\n protocol=6,\n rule_action=\"accept\",\n rule_number=1,\n source_cidr_block=\"10.0.0.0/8\",\n source_port_range={\n \"from_port\": 0,\n \"to_port\": 10,\n },\n traffic_direction=\"ingress\",\n traffic_mirror_filter_id=filter.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var filter = new Aws.Ec2.TrafficMirrorFilter(\"filter\", new Aws.Ec2.TrafficMirrorFilterArgs\n {\n Description = \"traffic mirror filter - example\",\n NetworkServices = \n {\n \"amazon-dns\",\n },\n });\n var ruleout = new Aws.Ec2.TrafficMirrorFilterRule(\"ruleout\", new Aws.Ec2.TrafficMirrorFilterRuleArgs\n {\n Description = \"test rule\",\n DestinationCidrBlock = \"10.0.0.0/8\",\n RuleAction = \"accept\",\n RuleNumber = 1,\n SourceCidrBlock = \"10.0.0.0/8\",\n TrafficDirection = \"egress\",\n TrafficMirrorFilterId = filter.Id,\n });\n var rulein = new Aws.Ec2.TrafficMirrorFilterRule(\"rulein\", new Aws.Ec2.TrafficMirrorFilterRuleArgs\n {\n Description = \"test rule\",\n DestinationCidrBlock = \"10.0.0.0/8\",\n DestinationPortRange = new Aws.Ec2.Inputs.TrafficMirrorFilterRuleDestinationPortRangeArgs\n {\n FromPort = 22,\n ToPort = 53,\n },\n Protocol = 6,\n RuleAction = \"accept\",\n RuleNumber = 1,\n SourceCidrBlock = \"10.0.0.0/8\",\n SourcePortRange = new Aws.Ec2.Inputs.TrafficMirrorFilterRuleSourcePortRangeArgs\n {\n FromPort = 0,\n ToPort = 10,\n },\n TrafficDirection = \"ingress\",\n TrafficMirrorFilterId = filter.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfilter, err := ec2.NewTrafficMirrorFilter(ctx, \"filter\", \u0026ec2.TrafficMirrorFilterArgs{\n\t\t\tDescription: pulumi.String(\"traffic mirror filter - example\"),\n\t\t\tNetworkServices: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"amazon-dns\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewTrafficMirrorFilterRule(ctx, \"ruleout\", \u0026ec2.TrafficMirrorFilterRuleArgs{\n\t\t\tDescription: pulumi.String(\"test rule\"),\n\t\t\tDestinationCidrBlock: pulumi.String(\"10.0.0.0/8\"),\n\t\t\tRuleAction: pulumi.String(\"accept\"),\n\t\t\tRuleNumber: pulumi.Int(1),\n\t\t\tSourceCidrBlock: pulumi.String(\"10.0.0.0/8\"),\n\t\t\tTrafficDirection: pulumi.String(\"egress\"),\n\t\t\tTrafficMirrorFilterId: filter.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewTrafficMirrorFilterRule(ctx, \"rulein\", \u0026ec2.TrafficMirrorFilterRuleArgs{\n\t\t\tDescription: pulumi.String(\"test rule\"),\n\t\t\tDestinationCidrBlock: pulumi.String(\"10.0.0.0/8\"),\n\t\t\tDestinationPortRange: \u0026ec2.TrafficMirrorFilterRuleDestinationPortRangeArgs{\n\t\t\t\tFromPort: pulumi.Int(22),\n\t\t\t\tToPort: pulumi.Int(53),\n\t\t\t},\n\t\t\tProtocol: pulumi.Int(6),\n\t\t\tRuleAction: pulumi.String(\"accept\"),\n\t\t\tRuleNumber: pulumi.Int(1),\n\t\t\tSourceCidrBlock: pulumi.String(\"10.0.0.0/8\"),\n\t\t\tSourcePortRange: \u0026ec2.TrafficMirrorFilterRuleSourcePortRangeArgs{\n\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\tToPort: pulumi.Int(10),\n\t\t\t},\n\t\t\tTrafficDirection: pulumi.String(\"ingress\"),\n\t\t\tTrafficMirrorFilterId: filter.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "A description of the traffic mirror filter rule.\n" }, "destinationCidrBlock": { "type": "string", "description": "The destination CIDR block to assign to the Traffic Mirror rule.\n" }, "destinationPortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleDestinationPortRange:TrafficMirrorFilterRuleDestinationPortRange", "description": "The destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "protocol": { "type": "integer", "description": "The protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see [Protocol Numbers](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.\n" }, "ruleAction": { "type": "string", "description": "The action to take (accept | reject) on the filtered traffic. Valid values are `accept` and `reject`\n" }, "ruleNumber": { "type": "integer", "description": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.\n" }, "sourceCidrBlock": { "type": "string", "description": "The source CIDR block to assign to the Traffic Mirror rule.\n" }, "sourcePortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleSourcePortRange:TrafficMirrorFilterRuleSourcePortRange", "description": "The source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "trafficDirection": { "type": "string", "description": "The direction of traffic to be captured. Valid values are `ingress` and `egress`\n" }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to which this rule should be added\n" } }, "required": [ "destinationCidrBlock", "ruleAction", "ruleNumber", "sourceCidrBlock", "trafficDirection", "trafficMirrorFilterId" ], "inputProperties": { "description": { "type": "string", "description": "A description of the traffic mirror filter rule.\n" }, "destinationCidrBlock": { "type": "string", "description": "The destination CIDR block to assign to the Traffic Mirror rule.\n" }, "destinationPortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleDestinationPortRange:TrafficMirrorFilterRuleDestinationPortRange", "description": "The destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "protocol": { "type": "integer", "description": "The protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see [Protocol Numbers](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.\n" }, "ruleAction": { "type": "string", "description": "The action to take (accept | reject) on the filtered traffic. Valid values are `accept` and `reject`\n" }, "ruleNumber": { "type": "integer", "description": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.\n" }, "sourceCidrBlock": { "type": "string", "description": "The source CIDR block to assign to the Traffic Mirror rule.\n" }, "sourcePortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleSourcePortRange:TrafficMirrorFilterRuleSourcePortRange", "description": "The source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "trafficDirection": { "type": "string", "description": "The direction of traffic to be captured. Valid values are `ingress` and `egress`\n" }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to which this rule should be added\n" } }, "requiredInputs": [ "destinationCidrBlock", "ruleAction", "ruleNumber", "sourceCidrBlock", "trafficDirection", "trafficMirrorFilterId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrafficMirrorFilterRule resources.\n", "properties": { "description": { "type": "string", "description": "A description of the traffic mirror filter rule.\n" }, "destinationCidrBlock": { "type": "string", "description": "The destination CIDR block to assign to the Traffic Mirror rule.\n" }, "destinationPortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleDestinationPortRange:TrafficMirrorFilterRuleDestinationPortRange", "description": "The destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "protocol": { "type": "integer", "description": "The protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see [Protocol Numbers](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.\n" }, "ruleAction": { "type": "string", "description": "The action to take (accept | reject) on the filtered traffic. Valid values are `accept` and `reject`\n" }, "ruleNumber": { "type": "integer", "description": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.\n" }, "sourceCidrBlock": { "type": "string", "description": "The source CIDR block to assign to the Traffic Mirror rule.\n" }, "sourcePortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleSourcePortRange:TrafficMirrorFilterRuleSourcePortRange", "description": "The source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "trafficDirection": { "type": "string", "description": "The direction of traffic to be captured. Valid values are `ingress` and `egress`\n" }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to which this rule should be added\n" } }, "type": "object" } }, "aws:ec2/trafficMirrorSession:TrafficMirrorSession": { "description": "Provides an Traffic mirror session. \nRead [limits and considerations](https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html) for traffic mirroring\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nTo create a basic traffic mirror session\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst filter = new aws.ec2.TrafficMirrorFilter(\"filter\", {\n description: \"traffic mirror filter - example\",\n networkServices: [\"amazon-dns\"],\n});\nconst target = new aws.ec2.TrafficMirrorTarget(\"target\", {\n networkLoadBalancerArn: aws_lb_lb.arn,\n});\nconst session = new aws.ec2.TrafficMirrorSession(\"session\", {\n description: \"traffic mirror session - example\",\n networkInterfaceId: aws_instance_test.primaryNetworkInterfaceId,\n trafficMirrorFilterId: filter.id,\n trafficMirrorTargetId: target.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfilter = aws.ec2.TrafficMirrorFilter(\"filter\",\n description=\"traffic mirror filter - example\",\n network_services=[\"amazon-dns\"])\ntarget = aws.ec2.TrafficMirrorTarget(\"target\", network_load_balancer_arn=aws_lb[\"lb\"][\"arn\"])\nsession = aws.ec2.TrafficMirrorSession(\"session\",\n description=\"traffic mirror session - example\",\n network_interface_id=aws_instance[\"test\"][\"primary_network_interface_id\"],\n traffic_mirror_filter_id=filter.id,\n traffic_mirror_target_id=target.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var filter = new Aws.Ec2.TrafficMirrorFilter(\"filter\", new Aws.Ec2.TrafficMirrorFilterArgs\n {\n Description = \"traffic mirror filter - example\",\n NetworkServices = \n {\n \"amazon-dns\",\n },\n });\n var target = new Aws.Ec2.TrafficMirrorTarget(\"target\", new Aws.Ec2.TrafficMirrorTargetArgs\n {\n NetworkLoadBalancerArn = aws_lb.Lb.Arn,\n });\n var session = new Aws.Ec2.TrafficMirrorSession(\"session\", new Aws.Ec2.TrafficMirrorSessionArgs\n {\n Description = \"traffic mirror session - example\",\n NetworkInterfaceId = aws_instance.Test.Primary_network_interface_id,\n TrafficMirrorFilterId = filter.Id,\n TrafficMirrorTargetId = target.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfilter, err := ec2.NewTrafficMirrorFilter(ctx, \"filter\", \u0026ec2.TrafficMirrorFilterArgs{\n\t\t\tDescription: pulumi.String(\"traffic mirror filter - example\"),\n\t\t\tNetworkServices: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"amazon-dns\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttarget, err := ec2.NewTrafficMirrorTarget(ctx, \"target\", \u0026ec2.TrafficMirrorTargetArgs{\n\t\t\tNetworkLoadBalancerArn: pulumi.String(aws_lb.Lb.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewTrafficMirrorSession(ctx, \"session\", \u0026ec2.TrafficMirrorSessionArgs{\n\t\t\tDescription: pulumi.String(\"traffic mirror session - example\"),\n\t\t\tNetworkInterfaceId: pulumi.String(aws_instance.Test.Primary_network_interface_id),\n\t\t\tTrafficMirrorFilterId: filter.ID(),\n\t\t\tTrafficMirrorTargetId: target.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the traffic mirror session.\n" }, "description": { "type": "string", "description": "A description of the traffic mirror session.\n" }, "networkInterfaceId": { "type": "string", "description": "ID of the source network interface. Not all network interfaces are eligible as mirror sources. On EC2 instances only nitro based instances support mirroring.\n" }, "packetLength": { "type": "integer", "description": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror.\n" }, "sessionNumber": { "type": "integer", "description": "- The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to be used\n" }, "trafficMirrorTargetId": { "type": "string", "description": "ID of the traffic mirror target to be used\n" }, "virtualNetworkId": { "type": "integer", "description": "- The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see RFC 7348. If you do not specify a VirtualNetworkId, an account-wide unique id is chosen at random.\n" } }, "required": [ "arn", "networkInterfaceId", "sessionNumber", "trafficMirrorFilterId", "trafficMirrorTargetId", "virtualNetworkId" ], "inputProperties": { "description": { "type": "string", "description": "A description of the traffic mirror session.\n" }, "networkInterfaceId": { "type": "string", "description": "ID of the source network interface. Not all network interfaces are eligible as mirror sources. On EC2 instances only nitro based instances support mirroring.\n" }, "packetLength": { "type": "integer", "description": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror.\n" }, "sessionNumber": { "type": "integer", "description": "- The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to be used\n" }, "trafficMirrorTargetId": { "type": "string", "description": "ID of the traffic mirror target to be used\n" }, "virtualNetworkId": { "type": "integer", "description": "- The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see RFC 7348. If you do not specify a VirtualNetworkId, an account-wide unique id is chosen at random.\n" } }, "requiredInputs": [ "networkInterfaceId", "sessionNumber", "trafficMirrorFilterId", "trafficMirrorTargetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrafficMirrorSession resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the traffic mirror session.\n" }, "description": { "type": "string", "description": "A description of the traffic mirror session.\n" }, "networkInterfaceId": { "type": "string", "description": "ID of the source network interface. Not all network interfaces are eligible as mirror sources. On EC2 instances only nitro based instances support mirroring.\n" }, "packetLength": { "type": "integer", "description": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror.\n" }, "sessionNumber": { "type": "integer", "description": "- The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to be used\n" }, "trafficMirrorTargetId": { "type": "string", "description": "ID of the traffic mirror target to be used\n" }, "virtualNetworkId": { "type": "integer", "description": "- The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see RFC 7348. If you do not specify a VirtualNetworkId, an account-wide unique id is chosen at random.\n" } }, "type": "object" } }, "aws:ec2/trafficMirrorTarget:TrafficMirrorTarget": { "description": "Provides an Traffic mirror target. \nRead [limits and considerations](https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html) for traffic mirroring\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nTo create a basic traffic mirror session\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst nlb = new aws.ec2.TrafficMirrorTarget(\"nlb\", {\n description: \"NLB target\",\n networkLoadBalancerArn: aws_lb_lb.arn,\n});\nconst eni = new aws.ec2.TrafficMirrorTarget(\"eni\", {\n description: \"ENI target\",\n networkInterfaceId: aws_instance_test.primaryNetworkInterfaceId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnlb = aws.ec2.TrafficMirrorTarget(\"nlb\",\n description=\"NLB target\",\n network_load_balancer_arn=aws_lb[\"lb\"][\"arn\"])\neni = aws.ec2.TrafficMirrorTarget(\"eni\",\n description=\"ENI target\",\n network_interface_id=aws_instance[\"test\"][\"primary_network_interface_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var nlb = new Aws.Ec2.TrafficMirrorTarget(\"nlb\", new Aws.Ec2.TrafficMirrorTargetArgs\n {\n Description = \"NLB target\",\n NetworkLoadBalancerArn = aws_lb.Lb.Arn,\n });\n var eni = new Aws.Ec2.TrafficMirrorTarget(\"eni\", new Aws.Ec2.TrafficMirrorTargetArgs\n {\n Description = \"ENI target\",\n NetworkInterfaceId = aws_instance.Test.Primary_network_interface_id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewTrafficMirrorTarget(ctx, \"nlb\", \u0026ec2.TrafficMirrorTargetArgs{\n\t\t\tDescription: pulumi.String(\"NLB target\"),\n\t\t\tNetworkLoadBalancerArn: pulumi.String(aws_lb.Lb.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewTrafficMirrorTarget(ctx, \"eni\", \u0026ec2.TrafficMirrorTargetArgs{\n\t\t\tDescription: pulumi.String(\"ENI target\"),\n\t\t\tNetworkInterfaceId: pulumi.String(aws_instance.Test.Primary_network_interface_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the traffic mirror target.\n" }, "description": { "type": "string", "description": "A description of the traffic mirror session.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface ID that is associated with the target.\n" }, "networkLoadBalancerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "required": [ "arn" ], "inputProperties": { "description": { "type": "string", "description": "A description of the traffic mirror session.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface ID that is associated with the target.\n" }, "networkLoadBalancerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TrafficMirrorTarget resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the traffic mirror target.\n" }, "description": { "type": "string", "description": "A description of the traffic mirror session.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface ID that is associated with the target.\n" }, "networkLoadBalancerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object" } }, "aws:ec2/transitGatewayPeeringAttachmentAccepter:TransitGatewayPeeringAttachmentAccepter": { "description": "Manages the accepter's side of an EC2 Transit Gateway Peering Attachment.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.TransitGatewayPeeringAttachmentAccepter(\"example\", {\n tags: {\n Name: \"Example cross-account attachment\",\n },\n transitGatewayAttachmentId: aws_ec2_transit_gateway_peering_attachment_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.TransitGatewayPeeringAttachmentAccepter(\"example\",\n tags={\n \"Name\": \"Example cross-account attachment\",\n },\n transit_gateway_attachment_id=aws_ec2_transit_gateway_peering_attachment[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.TransitGatewayPeeringAttachmentAccepter(\"example\", new Aws.Ec2.TransitGatewayPeeringAttachmentAccepterArgs\n {\n Tags = \n {\n { \"Name\", \"Example cross-account attachment\" },\n },\n TransitGatewayAttachmentId = aws_ec2_transit_gateway_peering_attachment.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewTransitGatewayPeeringAttachmentAccepter(ctx, \"example\", \u0026ec2.TransitGatewayPeeringAttachmentAccepterArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"Example cross-account attachment\"),\n\t\t\t},\n\t\t\tTransitGatewayAttachmentId: pulumi.String(aws_ec2_transit_gateway_peering_attachment.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "peerAccountId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 TGW peering.\n" }, "peerRegion": { "type": "string" }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway to peer with.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Peering Attachment to manage.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "required": [ "peerAccountId", "peerRegion", "peerTransitGatewayId", "transitGatewayAttachmentId", "transitGatewayId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Peering Attachment to manage.\n" } }, "requiredInputs": [ "transitGatewayAttachmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TransitGatewayPeeringAttachmentAccepter resources.\n", "properties": { "peerAccountId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 TGW peering.\n" }, "peerRegion": { "type": "string" }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway to peer with.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Peering Attachment to manage.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "type": "object" } }, "aws:ec2/volumeAttachment:VolumeAttachment": { "description": "Provides an AWS EBS Volume Attachment as a top level resource, to attach and\ndetach volumes from AWS Instances.\n\n\u003e **NOTE on EBS block devices:** If you use `ebs_block_device` on an `aws.ec2.Instance`, this provider will assume management over the full set of non-root EBS block devices for the instance, and treats additional block devices as drift. For this reason, `ebs_block_device` cannot be mixed with external `aws.ebs.Volume` + `aws_ebs_volume_attachment` resources for a given instance.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst web = new aws.ec2.Instance(\"web\", {\n ami: \"ami-21f78e11\",\n availabilityZone: \"us-west-2a\",\n instanceType: \"t1.micro\",\n tags: {\n Name: \"HelloWorld\",\n },\n});\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n size: 1,\n});\nconst ebsAtt = new aws.ec2.VolumeAttachment(\"ebs_att\", {\n deviceName: \"/dev/sdh\",\n instanceId: web.id,\n volumeId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nweb = aws.ec2.Instance(\"web\",\n ami=\"ami-21f78e11\",\n availability_zone=\"us-west-2a\",\n instance_type=\"t1.micro\",\n tags={\n \"Name\": \"HelloWorld\",\n })\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n size=1)\nebs_att = aws.ec2.VolumeAttachment(\"ebsAtt\",\n device_name=\"/dev/sdh\",\n instance_id=web.id,\n volume_id=example.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var web = new Aws.Ec2.Instance(\"web\", new Aws.Ec2.InstanceArgs\n {\n Ami = \"ami-21f78e11\",\n AvailabilityZone = \"us-west-2a\",\n InstanceType = \"t1.micro\",\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n var example = new Aws.Ebs.Volume(\"example\", new Aws.Ebs.VolumeArgs\n {\n AvailabilityZone = \"us-west-2a\",\n Size = 1,\n });\n var ebsAtt = new Aws.Ec2.VolumeAttachment(\"ebsAtt\", new Aws.Ec2.VolumeAttachmentArgs\n {\n DeviceName = \"/dev/sdh\",\n InstanceId = web.Id,\n VolumeId = example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tweb, err := ec2.NewInstance(ctx, \"web\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-21f78e11\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tInstanceType: pulumi.String(\"t1.micro\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSize: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVolumeAttachment(ctx, \"ebsAtt\", \u0026ec2.VolumeAttachmentArgs{\n\t\t\tDeviceName: pulumi.String(\"/dev/sdh\"),\n\t\t\tInstanceId: web.ID(),\n\t\t\tVolumeId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "deviceName": { "type": "string", "description": "The device name to expose to the instance (for\nexample, `/dev/sdh` or `xvdh`). See [Device Naming on Linux Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html#available-ec2-device-names) and [Device Naming on Windows Instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/device_naming.html#available-ec2-device-names) for more information.\n" }, "forceDetach": { "type": "boolean", "description": "Set to `true` if you want to force the\nvolume to detach. Useful if previous attempts failed, but use this option only\nas a last resort, as this can result in **data loss**. See\n[Detaching an Amazon EBS Volume from an Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) for more information.\n" }, "instanceId": { "type": "string", "description": "ID of the Instance to attach to\n" }, "skipDestroy": { "type": "boolean", "description": "Set this to true if you do not wish\nto detach the volume from the instance to which it is attached at destroy\ntime, and instead just remove the attachment from this provider state. This is\nuseful when destroying an instance which has volumes created by some other\nmeans attached.\n" }, "volumeId": { "type": "string", "description": "ID of the Volume to be attached\n" } }, "required": [ "deviceName", "instanceId", "volumeId" ], "inputProperties": { "deviceName": { "type": "string", "description": "The device name to expose to the instance (for\nexample, `/dev/sdh` or `xvdh`). See [Device Naming on Linux Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html#available-ec2-device-names) and [Device Naming on Windows Instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/device_naming.html#available-ec2-device-names) for more information.\n" }, "forceDetach": { "type": "boolean", "description": "Set to `true` if you want to force the\nvolume to detach. Useful if previous attempts failed, but use this option only\nas a last resort, as this can result in **data loss**. See\n[Detaching an Amazon EBS Volume from an Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) for more information.\n" }, "instanceId": { "type": "string", "description": "ID of the Instance to attach to\n" }, "skipDestroy": { "type": "boolean", "description": "Set this to true if you do not wish\nto detach the volume from the instance to which it is attached at destroy\ntime, and instead just remove the attachment from this provider state. This is\nuseful when destroying an instance which has volumes created by some other\nmeans attached.\n" }, "volumeId": { "type": "string", "description": "ID of the Volume to be attached\n" } }, "requiredInputs": [ "deviceName", "instanceId", "volumeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VolumeAttachment resources.\n", "properties": { "deviceName": { "type": "string", "description": "The device name to expose to the instance (for\nexample, `/dev/sdh` or `xvdh`). See [Device Naming on Linux Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html#available-ec2-device-names) and [Device Naming on Windows Instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/device_naming.html#available-ec2-device-names) for more information.\n" }, "forceDetach": { "type": "boolean", "description": "Set to `true` if you want to force the\nvolume to detach. Useful if previous attempts failed, but use this option only\nas a last resort, as this can result in **data loss**. See\n[Detaching an Amazon EBS Volume from an Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) for more information.\n" }, "instanceId": { "type": "string", "description": "ID of the Instance to attach to\n" }, "skipDestroy": { "type": "boolean", "description": "Set this to true if you do not wish\nto detach the volume from the instance to which it is attached at destroy\ntime, and instead just remove the attachment from this provider state. This is\nuseful when destroying an instance which has volumes created by some other\nmeans attached.\n" }, "volumeId": { "type": "string", "description": "ID of the Volume to be attached\n" } }, "type": "object" } }, "aws:ec2/vpc:Vpc": { "description": "Provides a VPC resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nBasic usage with tags:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n instanceTenancy: \"dedicated\",\n tags: {\n Name: \"main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\",\n cidr_block=\"10.0.0.0/16\",\n instance_tenancy=\"dedicated\",\n tags={\n \"Name\": \"main\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n InstanceTenancy = \"dedicated\",\n Tags = \n {\n { \"Name\", \"main\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tInstanceTenancy: pulumi.String(\"dedicated\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of VPC\n" }, "assignGeneratedIpv6CidrBlock": { "type": "boolean", "description": "Requests an Amazon-provided IPv6 CIDR\nblock with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or\nthe size of the CIDR block. Default is `false`.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block for the VPC.\n" }, "defaultNetworkAclId": { "type": "string", "description": "The ID of the network ACL created by default on VPC creation\n" }, "defaultRouteTableId": { "type": "string", "description": "The ID of the route table created by default on VPC creation\n" }, "defaultSecurityGroupId": { "type": "string", "description": "The ID of the security group created by default on VPC creation\n" }, "dhcpOptionsId": { "type": "string" }, "enableClassiclink": { "type": "boolean", "description": "A boolean flag to enable/disable ClassicLink\nfor the VPC. Only valid in regions and accounts that support EC2 Classic.\nSee the [ClassicLink documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) for more information. Defaults false.\n" }, "enableClassiclinkDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable ClassicLink DNS Support for the VPC.\nOnly valid in regions and accounts that support EC2 Classic.\n" }, "enableDnsHostnames": { "type": "boolean", "description": "A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.\n" }, "enableDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable DNS support in the VPC. Defaults true.\n" }, "instanceTenancy": { "type": "string", "description": "A tenancy option for instances launched into the VPC\n" }, "ipv6AssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n" }, "mainRouteTableId": { "type": "string", "description": "The ID of the main route table associated with\nthis VPC. Note that you can change a VPC's main route table by using an\n`aws.ec2.MainRouteTableAssociation`.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "cidrBlock", "defaultNetworkAclId", "defaultRouteTableId", "defaultSecurityGroupId", "dhcpOptionsId", "enableClassiclink", "enableClassiclinkDnsSupport", "enableDnsHostnames", "ipv6AssociationId", "ipv6CidrBlock", "mainRouteTableId", "ownerId" ], "inputProperties": { "assignGeneratedIpv6CidrBlock": { "type": "boolean", "description": "Requests an Amazon-provided IPv6 CIDR\nblock with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or\nthe size of the CIDR block. Default is `false`.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block for the VPC.\n" }, "enableClassiclink": { "type": "boolean", "description": "A boolean flag to enable/disable ClassicLink\nfor the VPC. Only valid in regions and accounts that support EC2 Classic.\nSee the [ClassicLink documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) for more information. Defaults false.\n" }, "enableClassiclinkDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable ClassicLink DNS Support for the VPC.\nOnly valid in regions and accounts that support EC2 Classic.\n" }, "enableDnsHostnames": { "type": "boolean", "description": "A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.\n" }, "enableDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable DNS support in the VPC. Defaults true.\n" }, "instanceTenancy": { "type": "string", "description": "A tenancy option for instances launched into the VPC\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "cidrBlock" ], "stateInputs": { "description": "Input properties used for looking up and filtering Vpc resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of VPC\n" }, "assignGeneratedIpv6CidrBlock": { "type": "boolean", "description": "Requests an Amazon-provided IPv6 CIDR\nblock with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or\nthe size of the CIDR block. Default is `false`.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block for the VPC.\n" }, "defaultNetworkAclId": { "type": "string", "description": "The ID of the network ACL created by default on VPC creation\n" }, "defaultRouteTableId": { "type": "string", "description": "The ID of the route table created by default on VPC creation\n" }, "defaultSecurityGroupId": { "type": "string", "description": "The ID of the security group created by default on VPC creation\n" }, "dhcpOptionsId": { "type": "string" }, "enableClassiclink": { "type": "boolean", "description": "A boolean flag to enable/disable ClassicLink\nfor the VPC. Only valid in regions and accounts that support EC2 Classic.\nSee the [ClassicLink documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) for more information. Defaults false.\n" }, "enableClassiclinkDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable ClassicLink DNS Support for the VPC.\nOnly valid in regions and accounts that support EC2 Classic.\n" }, "enableDnsHostnames": { "type": "boolean", "description": "A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.\n" }, "enableDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable DNS support in the VPC. Defaults true.\n" }, "instanceTenancy": { "type": "string", "description": "A tenancy option for instances launched into the VPC\n" }, "ipv6AssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n" }, "mainRouteTableId": { "type": "string", "description": "The ID of the main route table associated with\nthis VPC. Note that you can change a VPC's main route table by using an\n`aws.ec2.MainRouteTableAssociation`.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:ec2/vpcDhcpOptions:VpcDhcpOptions": { "description": "Provides a VPC DHCP Options resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dnsResolver = new aws.ec2.VpcDhcpOptions(\"dns_resolver\", {\n domainNameServers: [\n \"8.8.8.8\",\n \"8.8.4.4\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndns_resolver = aws.ec2.VpcDhcpOptions(\"dnsResolver\", domain_name_servers=[\n \"8.8.8.8\",\n \"8.8.4.4\",\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dnsResolver = new Aws.Ec2.VpcDhcpOptions(\"dnsResolver\", new Aws.Ec2.VpcDhcpOptionsArgs\n {\n DomainNameServers = \n {\n \"8.8.8.8\",\n \"8.8.4.4\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpcDhcpOptions(ctx, \"dnsResolver\", \u0026ec2.VpcDhcpOptionsArgs{\n\t\t\tDomainNameServers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"8.8.8.8\"),\n\t\t\t\tpulumi.String(\"8.8.4.4\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nFull usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.VpcDhcpOptions(\"foo\", {\n domainName: \"service.consul\",\n domainNameServers: [\n \"127.0.0.1\",\n \"10.0.0.2\",\n ],\n netbiosNameServers: [\"127.0.0.1\"],\n netbiosNodeType: \"2\",\n ntpServers: [\"127.0.0.1\"],\n tags: {\n Name: \"foo-name\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.VpcDhcpOptions(\"foo\",\n domain_name=\"service.consul\",\n domain_name_servers=[\n \"127.0.0.1\",\n \"10.0.0.2\",\n ],\n netbios_name_servers=[\"127.0.0.1\"],\n netbios_node_type=2,\n ntp_servers=[\"127.0.0.1\"],\n tags={\n \"Name\": \"foo-name\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ec2.VpcDhcpOptions(\"foo\", new Aws.Ec2.VpcDhcpOptionsArgs\n {\n DomainName = \"service.consul\",\n DomainNameServers = \n {\n \"127.0.0.1\",\n \"10.0.0.2\",\n },\n NetbiosNameServers = \n {\n \"127.0.0.1\",\n },\n NetbiosNodeType = \"2\",\n NtpServers = \n {\n \"127.0.0.1\",\n },\n Tags = \n {\n { \"Name\", \"foo-name\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpcDhcpOptions(ctx, \"foo\", \u0026ec2.VpcDhcpOptionsArgs{\n\t\t\tDomainName: pulumi.String(\"service.consul\"),\n\t\t\tDomainNameServers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"127.0.0.1\"),\n\t\t\t\tpulumi.String(\"10.0.0.2\"),\n\t\t\t},\n\t\t\tNetbiosNameServers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"127.0.0.1\"),\n\t\t\t},\n\t\t\tNetbiosNodeType: pulumi.String(\"2\"),\n\t\t\tNtpServers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"127.0.0.1\"),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"foo-name\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Remarks\n\n* Notice that all arguments are optional but you have to specify at least one argument.\n* `domain_name_servers`, `netbios_name_servers`, `ntp_servers` are limited by AWS to maximum four servers only.\n* To actually use the DHCP Options Set you need to associate it to a VPC using `aws.ec2.VpcDhcpOptionsAssociation`.\n* If you delete a DHCP Options Set, all VPCs using it will be associated to AWS's `default` DHCP Option Set.\n* In most cases unless you're configuring your own DNS you'll want to set `domain_name_servers` to `AmazonProvidedDNS`.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DHCP Options Set.\n" }, "domainName": { "type": "string", "description": "the suffix domain name to use by default when resolving non Fully Qualified Domain Names. In other words, this is what ends up being the `search` value in the `/etc/resolv.conf` file.\n" }, "domainNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of name servers to configure in `/etc/resolv.conf`. If you want to use the default AWS nameservers you should set this to `AmazonProvidedDNS`.\n" }, "netbiosNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of NETBIOS name servers.\n" }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n" }, "ntpServers": { "type": "array", "items": { "type": "string" }, "description": "List of NTP servers to configure.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the DHCP options set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "ownerId" ], "inputProperties": { "domainName": { "type": "string", "description": "the suffix domain name to use by default when resolving non Fully Qualified Domain Names. In other words, this is what ends up being the `search` value in the `/etc/resolv.conf` file.\n" }, "domainNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of name servers to configure in `/etc/resolv.conf`. If you want to use the default AWS nameservers you should set this to `AmazonProvidedDNS`.\n" }, "netbiosNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of NETBIOS name servers.\n" }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n" }, "ntpServers": { "type": "array", "items": { "type": "string" }, "description": "List of NTP servers to configure.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering VpcDhcpOptions resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DHCP Options Set.\n" }, "domainName": { "type": "string", "description": "the suffix domain name to use by default when resolving non Fully Qualified Domain Names. In other words, this is what ends up being the `search` value in the `/etc/resolv.conf` file.\n" }, "domainNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of name servers to configure in `/etc/resolv.conf`. If you want to use the default AWS nameservers you should set this to `AmazonProvidedDNS`.\n" }, "netbiosNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of NETBIOS name servers.\n" }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n" }, "ntpServers": { "type": "array", "items": { "type": "string" }, "description": "List of NTP servers to configure.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the DHCP options set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:ec2/vpcDhcpOptionsAssociation:VpcDhcpOptionsAssociation": { "description": "Provides a VPC DHCP Options Association resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dnsResolver = new aws.ec2.VpcDhcpOptionsAssociation(\"dns_resolver\", {\n dhcpOptionsId: aws_vpc_dhcp_options_foo.id,\n vpcId: aws_vpc_foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndns_resolver = aws.ec2.VpcDhcpOptionsAssociation(\"dnsResolver\",\n dhcp_options_id=aws_vpc_dhcp_options[\"foo\"][\"id\"],\n vpc_id=aws_vpc[\"foo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dnsResolver = new Aws.Ec2.VpcDhcpOptionsAssociation(\"dnsResolver\", new Aws.Ec2.VpcDhcpOptionsAssociationArgs\n {\n DhcpOptionsId = aws_vpc_dhcp_options.Foo.Id,\n VpcId = aws_vpc.Foo.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpcDhcpOptionsAssociation(ctx, \"dnsResolver\", \u0026ec2.VpcDhcpOptionsAssociationArgs{\n\t\t\tDhcpOptionsId: pulumi.String(aws_vpc_dhcp_options.Foo.Id),\n\t\t\tVpcId: pulumi.String(aws_vpc.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Remarks\n\n* You can only associate one DHCP Options Set to a given VPC ID.\n* Removing the DHCP Options Association automatically sets AWS's `default` DHCP Options Set to the VPC.\n", "properties": { "dhcpOptionsId": { "type": "string", "description": "The ID of the DHCP Options Set to associate to the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to which we would like to associate a DHCP Options Set.\n" } }, "required": [ "dhcpOptionsId", "vpcId" ], "inputProperties": { "dhcpOptionsId": { "type": "string", "description": "The ID of the DHCP Options Set to associate to the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to which we would like to associate a DHCP Options Set.\n" } }, "requiredInputs": [ "dhcpOptionsId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcDhcpOptionsAssociation resources.\n", "properties": { "dhcpOptionsId": { "type": "string", "description": "The ID of the DHCP Options Set to associate to the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to which we would like to associate a DHCP Options Set.\n" } }, "type": "object" } }, "aws:ec2/vpcEndpoint:VpcEndpoint": { "description": "Provides a VPC Endpoint resource.\n\n\u003e **NOTE on VPC Endpoints and VPC Endpoint Associations:** This provider provides both standalone VPC Endpoint Associations for\nRoute Tables - (an association between a VPC endpoint and a single `route_table_id`) and\nSubnets - (an association between a VPC endpoint and a single `subnet_id`) and\na VPC Endpoint resource with `route_table_ids` and `subnet_ids` attributes.\nDo not use the same resource ID in both a VPC Endpoint resource and a VPC Endpoint Association resource.\nDoing so will cause a conflict of associations and will overwrite the association.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = new aws.ec2.VpcEndpoint(\"s3\", {\n serviceName: \"com.amazonaws.us-west-2.s3\",\n vpcId: aws_vpc_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.ec2.VpcEndpoint(\"s3\",\n service_name=\"com.amazonaws.us-west-2.s3\",\n vpc_id=aws_vpc[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var s3 = new Aws.Ec2.VpcEndpoint(\"s3\", new Aws.Ec2.VpcEndpointArgs\n {\n ServiceName = \"com.amazonaws.us-west-2.s3\",\n VpcId = aws_vpc.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpcEndpoint(ctx, \"s3\", \u0026ec2.VpcEndpointArgs{\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.s3\"),\n\t\t\tVpcId: pulumi.String(aws_vpc.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Basic w/ Tags\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = new aws.ec2.VpcEndpoint(\"s3\", {\n serviceName: \"com.amazonaws.us-west-2.s3\",\n tags: {\n Environment: \"test\",\n },\n vpcId: aws_vpc_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.ec2.VpcEndpoint(\"s3\",\n service_name=\"com.amazonaws.us-west-2.s3\",\n tags={\n \"Environment\": \"test\",\n },\n vpc_id=aws_vpc[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var s3 = new Aws.Ec2.VpcEndpoint(\"s3\", new Aws.Ec2.VpcEndpointArgs\n {\n ServiceName = \"com.amazonaws.us-west-2.s3\",\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n VpcId = aws_vpc.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpcEndpoint(ctx, \"s3\", \u0026ec2.VpcEndpointArgs{\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.s3\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tVpcId: pulumi.String(aws_vpc.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Interface Endpoint Type\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec2 = new aws.ec2.VpcEndpoint(\"ec2\", {\n privateDnsEnabled: true,\n securityGroupIds: [aws_security_group_sg1.id],\n serviceName: \"com.amazonaws.us-west-2.ec2\",\n vpcEndpointType: \"Interface\",\n vpcId: aws_vpc_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec2 = aws.ec2.VpcEndpoint(\"ec2\",\n private_dns_enabled=True,\n security_group_ids=[aws_security_group[\"sg1\"][\"id\"]],\n service_name=\"com.amazonaws.us-west-2.ec2\",\n vpc_endpoint_type=\"Interface\",\n vpc_id=aws_vpc[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ec2 = new Aws.Ec2.VpcEndpoint(\"ec2\", new Aws.Ec2.VpcEndpointArgs\n {\n PrivateDnsEnabled = true,\n SecurityGroupIds = \n {\n aws_security_group.Sg1.Id,\n },\n ServiceName = \"com.amazonaws.us-west-2.ec2\",\n VpcEndpointType = \"Interface\",\n VpcId = aws_vpc.Main.Id,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Non-AWS Service\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ptfeServiceVpcEndpoint = new aws.ec2.VpcEndpoint(\"ptfe_service\", {\n privateDnsEnabled: false,\n securityGroupIds: [aws_security_group_ptfe_service.id],\n serviceName: var_ptfe_service,\n subnetIds: [local_subnet_ids],\n vpcEndpointType: \"Interface\",\n vpcId: var_vpc_id,\n});\nconst internal = pulumi.output(aws.route53.getZone({\n name: \"vpc.internal.\",\n privateZone: true,\n vpcId: var_vpc_id,\n}, { async: true }));\nconst ptfeServiceRecord = new aws.route53.Record(\"ptfe_service\", {\n name: pulumi.interpolate`ptfe.${internal.name!}`,\n records: [ptfeServiceVpcEndpoint.dnsEntries.apply(dnsEntries =\u003e (\u003cany\u003ednsEntries[0])[\"dns_name\"])],\n ttl: 300,\n type: \"CNAME\",\n zoneId: internal.zoneId!,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nptfe_service_vpc_endpoint = aws.ec2.VpcEndpoint(\"ptfeServiceVpcEndpoint\",\n private_dns_enabled=False,\n security_group_ids=[aws_security_group[\"ptfe_service\"][\"id\"]],\n service_name=var[\"ptfe_service\"],\n subnet_ids=[local[\"subnet_ids\"]],\n vpc_endpoint_type=\"Interface\",\n vpc_id=var[\"vpc_id\"])\ninternal = aws.route53.get_zone(name=\"vpc.internal.\",\n private_zone=True,\n vpc_id=var[\"vpc_id\"])\nptfe_service_record = aws.route53.Record(\"ptfeServiceRecord\",\n name=f\"ptfe.{internal.name}\",\n records=[ptfe_service_vpc_endpoint.dns_entries[0][\"dns_name\"]],\n ttl=\"300\",\n type=\"CNAME\",\n zone_id=internal.zone_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ptfeServiceVpcEndpoint = new Aws.Ec2.VpcEndpoint(\"ptfeServiceVpcEndpoint\", new Aws.Ec2.VpcEndpointArgs\n {\n PrivateDnsEnabled = false,\n SecurityGroupIds = \n {\n aws_security_group.Ptfe_service.Id,\n },\n ServiceName = @var.Ptfe_service,\n SubnetIds = \n {\n local.Subnet_ids,\n },\n VpcEndpointType = \"Interface\",\n VpcId = @var.Vpc_id,\n });\n var @internal = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs\n {\n Name = \"vpc.internal.\",\n PrivateZone = true,\n VpcId = @var.Vpc_id,\n }));\n var ptfeServiceRecord = new Aws.Route53.Record(\"ptfeServiceRecord\", new Aws.Route53.RecordArgs\n {\n Name = @internal.Apply(@internal =\u003e $\"ptfe.{@internal.Name}\"),\n Records = \n {\n ptfeServiceVpcEndpoint.DnsEntries.Apply(dnsEntries =\u003e dnsEntries[0])[\"dns_name\"],\n },\n Ttl = 300,\n Type = \"CNAME\",\n ZoneId = @internal.Apply(@internal =\u003e @internal.ZoneId),\n });\n }\n\n}\n```\n\n\u003e **NOTE The `dns_entry` output is a list of maps:** This provider interpolation support for lists of maps requires the `lookup` and `[]` until full support of lists of maps is available\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC endpoint.\n" }, "autoAccept": { "type": "boolean", "description": "Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).\n" }, "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type `Gateway`.\n" }, "dnsEntries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcEndpointDnsEntry:VpcEndpointDnsEntry" }, "description": "The DNS entries for the VPC Endpoint. Applicable for endpoints of type `Interface`. DNS blocks are documented below.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type `Interface`.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC endpoint.\n" }, "policy": { "type": "string", "description": "A policy to attach to the endpoint that controls access to the service. Defaults to full access. All `Gateway` and some `Interface` endpoints support policies - see the [relevant AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) for more details.\n" }, "prefixListId": { "type": "string", "description": "The prefix list ID of the exposed AWS service. Applicable for endpoints of type `Gateway`.\n" }, "privateDnsEnabled": { "type": "boolean", "description": "Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type `Interface`.\nDefaults to `false`.\n" }, "requesterManaged": { "type": "boolean", "description": "Whether or not the VPC Endpoint is being managed by its service - `true` or `false`.\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "One or more route table IDs. Applicable for endpoints of type `Gateway`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups to associate with the network interface. Required for endpoints of type `Interface`.\n" }, "serviceName": { "type": "string", "description": "The service name. For AWS services the service name is usually in the form `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.\u003cregion\u003e.notebook`).\n" }, "state": { "type": "string", "description": "The state of the VPC endpoint.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type `Interface`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcEndpointType": { "type": "string", "description": "The VPC endpoint type, `Gateway` or `Interface`. Defaults to `Gateway`.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the endpoint will be used.\n" } }, "required": [ "arn", "cidrBlocks", "dnsEntries", "networkInterfaceIds", "ownerId", "policy", "prefixListId", "requesterManaged", "routeTableIds", "securityGroupIds", "serviceName", "state", "subnetIds", "vpcId" ], "inputProperties": { "autoAccept": { "type": "boolean", "description": "Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).\n" }, "policy": { "type": "string", "description": "A policy to attach to the endpoint that controls access to the service. Defaults to full access. All `Gateway` and some `Interface` endpoints support policies - see the [relevant AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) for more details.\n" }, "privateDnsEnabled": { "type": "boolean", "description": "Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type `Interface`.\nDefaults to `false`.\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "One or more route table IDs. Applicable for endpoints of type `Gateway`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups to associate with the network interface. Required for endpoints of type `Interface`.\n" }, "serviceName": { "type": "string", "description": "The service name. For AWS services the service name is usually in the form `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.\u003cregion\u003e.notebook`).\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type `Interface`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcEndpointType": { "type": "string", "description": "The VPC endpoint type, `Gateway` or `Interface`. Defaults to `Gateway`.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the endpoint will be used.\n" } }, "requiredInputs": [ "serviceName", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC endpoint.\n" }, "autoAccept": { "type": "boolean", "description": "Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).\n" }, "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type `Gateway`.\n" }, "dnsEntries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcEndpointDnsEntry:VpcEndpointDnsEntry" }, "description": "The DNS entries for the VPC Endpoint. Applicable for endpoints of type `Interface`. DNS blocks are documented below.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type `Interface`.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC endpoint.\n" }, "policy": { "type": "string", "description": "A policy to attach to the endpoint that controls access to the service. Defaults to full access. All `Gateway` and some `Interface` endpoints support policies - see the [relevant AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) for more details.\n" }, "prefixListId": { "type": "string", "description": "The prefix list ID of the exposed AWS service. Applicable for endpoints of type `Gateway`.\n" }, "privateDnsEnabled": { "type": "boolean", "description": "Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type `Interface`.\nDefaults to `false`.\n" }, "requesterManaged": { "type": "boolean", "description": "Whether or not the VPC Endpoint is being managed by its service - `true` or `false`.\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "One or more route table IDs. Applicable for endpoints of type `Gateway`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups to associate with the network interface. Required for endpoints of type `Interface`.\n" }, "serviceName": { "type": "string", "description": "The service name. For AWS services the service name is usually in the form `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.\u003cregion\u003e.notebook`).\n" }, "state": { "type": "string", "description": "The state of the VPC endpoint.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type `Interface`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcEndpointType": { "type": "string", "description": "The VPC endpoint type, `Gateway` or `Interface`. Defaults to `Gateway`.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the endpoint will be used.\n" } }, "type": "object" } }, "aws:ec2/vpcEndpointConnectionNotification:VpcEndpointConnectionNotification": { "description": "Provides a VPC Endpoint connection notification resource.\nConnection notifications notify subscribers of VPC Endpoint events.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst topic = new aws.sns.Topic(\"topic\", {\n policy: `{\n \"Version\":\"2012-10-17\",\n \"Statement\":[{\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"vpce.amazonaws.com\"\n },\n \"Action\": \"SNS:Publish\",\n \"Resource\": \"arn:aws:sns:*:*:vpce-notification-topic\"\n }]\n}\n`,\n});\nconst fooVpcEndpointService = new aws.ec2.VpcEndpointService(\"foo\", {\n acceptanceRequired: false,\n networkLoadBalancerArns: [aws_lb_test.arn],\n});\nconst fooVpcEndpointConnectionNotification = new aws.ec2.VpcEndpointConnectionNotification(\"foo\", {\n connectionEvents: [\n \"Accept\",\n \"Reject\",\n ],\n connectionNotificationArn: topic.arn,\n vpcEndpointServiceId: fooVpcEndpointService.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntopic = aws.sns.Topic(\"topic\", policy=\"\"\"{\n \"Version\":\"2012-10-17\",\n \"Statement\":[{\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"vpce.amazonaws.com\"\n },\n \"Action\": \"SNS:Publish\",\n \"Resource\": \"arn:aws:sns:*:*:vpce-notification-topic\"\n }]\n}\n\n\"\"\")\nfoo_vpc_endpoint_service = aws.ec2.VpcEndpointService(\"fooVpcEndpointService\",\n acceptance_required=False,\n network_load_balancer_arns=[aws_lb[\"test\"][\"arn\"]])\nfoo_vpc_endpoint_connection_notification = aws.ec2.VpcEndpointConnectionNotification(\"fooVpcEndpointConnectionNotification\",\n connection_events=[\n \"Accept\",\n \"Reject\",\n ],\n connection_notification_arn=topic.arn,\n vpc_endpoint_service_id=foo_vpc_endpoint_service.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var topic = new Aws.Sns.Topic(\"topic\", new Aws.Sns.TopicArgs\n {\n Policy = @\"{\n \"\"Version\"\":\"\"2012-10-17\"\",\n \"\"Statement\"\":[{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"vpce.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"SNS:Publish\"\",\n \"\"Resource\"\": \"\"arn:aws:sns:*:*:vpce-notification-topic\"\"\n }]\n}\n\n\",\n });\n var fooVpcEndpointService = new Aws.Ec2.VpcEndpointService(\"fooVpcEndpointService\", new Aws.Ec2.VpcEndpointServiceArgs\n {\n AcceptanceRequired = false,\n NetworkLoadBalancerArns = \n {\n aws_lb.Test.Arn,\n },\n });\n var fooVpcEndpointConnectionNotification = new Aws.Ec2.VpcEndpointConnectionNotification(\"fooVpcEndpointConnectionNotification\", new Aws.Ec2.VpcEndpointConnectionNotificationArgs\n {\n ConnectionEvents = \n {\n \"Accept\",\n \"Reject\",\n },\n ConnectionNotificationArn = topic.Arn,\n VpcEndpointServiceId = fooVpcEndpointService.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttopic, err := sns.NewTopic(ctx, \"topic\", \u0026sns.TopicArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\":\\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\":[{\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"vpce.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"SNS:Publish\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:sns:*:*:vpce-notification-topic\\\"\\n\", \" }]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooVpcEndpointService, err := ec2.NewVpcEndpointService(ctx, \"fooVpcEndpointService\", \u0026ec2.VpcEndpointServiceArgs{\n\t\t\tAcceptanceRequired: pulumi.Bool(false),\n\t\t\tNetworkLoadBalancerArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_lb.Test.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcEndpointConnectionNotification(ctx, \"fooVpcEndpointConnectionNotification\", \u0026ec2.VpcEndpointConnectionNotificationArgs{\n\t\t\tConnectionEvents: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Accept\"),\n\t\t\t\tpulumi.String(\"Reject\"),\n\t\t\t},\n\t\t\tConnectionNotificationArn: topic.Arn,\n\t\t\tVpcEndpointServiceId: fooVpcEndpointService.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "connectionEvents": { "type": "array", "items": { "type": "string" }, "description": "One or more endpoint [events](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpointConnectionNotification.html#API_CreateVpcEndpointConnectionNotification_RequestParameters) for which to receive notifications.\n" }, "connectionNotificationArn": { "type": "string", "description": "The ARN of the SNS topic for the notifications.\n" }, "notificationType": { "type": "string", "description": "The type of notification.\n" }, "state": { "type": "string", "description": "The state of the notification.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC Endpoint to receive notifications for.\n" }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC Endpoint Service to receive notifications for.\n" } }, "required": [ "connectionEvents", "connectionNotificationArn", "notificationType", "state" ], "inputProperties": { "connectionEvents": { "type": "array", "items": { "type": "string" }, "description": "One or more endpoint [events](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpointConnectionNotification.html#API_CreateVpcEndpointConnectionNotification_RequestParameters) for which to receive notifications.\n" }, "connectionNotificationArn": { "type": "string", "description": "The ARN of the SNS topic for the notifications.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC Endpoint to receive notifications for.\n" }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC Endpoint Service to receive notifications for.\n" } }, "requiredInputs": [ "connectionEvents", "connectionNotificationArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointConnectionNotification resources.\n", "properties": { "connectionEvents": { "type": "array", "items": { "type": "string" }, "description": "One or more endpoint [events](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpointConnectionNotification.html#API_CreateVpcEndpointConnectionNotification_RequestParameters) for which to receive notifications.\n" }, "connectionNotificationArn": { "type": "string", "description": "The ARN of the SNS topic for the notifications.\n" }, "notificationType": { "type": "string", "description": "The type of notification.\n" }, "state": { "type": "string", "description": "The state of the notification.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC Endpoint to receive notifications for.\n" }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC Endpoint Service to receive notifications for.\n" } }, "type": "object" } }, "aws:ec2/vpcEndpointRouteTableAssociation:VpcEndpointRouteTableAssociation": { "description": "Manages a VPC Endpoint Route Table Association\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.VpcEndpointRouteTableAssociation(\"example\", {\n routeTableId: aws_route_table_example.id,\n vpcEndpointId: aws_vpc_endpoint_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.VpcEndpointRouteTableAssociation(\"example\",\n route_table_id=aws_route_table[\"example\"][\"id\"],\n vpc_endpoint_id=aws_vpc_endpoint[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.VpcEndpointRouteTableAssociation(\"example\", new Aws.Ec2.VpcEndpointRouteTableAssociationArgs\n {\n RouteTableId = aws_route_table.Example.Id,\n VpcEndpointId = aws_vpc_endpoint.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpcEndpointRouteTableAssociation(ctx, \"example\", \u0026ec2.VpcEndpointRouteTableAssociationArgs{\n\t\t\tRouteTableId: pulumi.String(aws_route_table.Example.Id),\n\t\t\tVpcEndpointId: pulumi.String(aws_vpc_endpoint.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "routeTableId": { "type": "string", "description": "Identifier of the EC2 Route Table to be associated with the VPC Endpoint.\n" }, "vpcEndpointId": { "type": "string", "description": "Identifier of the VPC Endpoint with which the EC2 Route Table will be associated.\n" } }, "required": [ "routeTableId", "vpcEndpointId" ], "inputProperties": { "routeTableId": { "type": "string", "description": "Identifier of the EC2 Route Table to be associated with the VPC Endpoint.\n" }, "vpcEndpointId": { "type": "string", "description": "Identifier of the VPC Endpoint with which the EC2 Route Table will be associated.\n" } }, "requiredInputs": [ "routeTableId", "vpcEndpointId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointRouteTableAssociation resources.\n", "properties": { "routeTableId": { "type": "string", "description": "Identifier of the EC2 Route Table to be associated with the VPC Endpoint.\n" }, "vpcEndpointId": { "type": "string", "description": "Identifier of the VPC Endpoint with which the EC2 Route Table will be associated.\n" } }, "type": "object" } }, "aws:ec2/vpcEndpointService:VpcEndpointService": { "description": "Provides a VPC Endpoint Service resource.\nService consumers can create an _Interface_ VPC Endpoint to connect to the service.\n\n\u003e **NOTE on VPC Endpoint Services and VPC Endpoint Service Allowed Principals:** This provider provides\nboth a standalone VPC Endpoint Service Allowed Principal resource\nand a VPC Endpoint Service resource with an `allowed_principals` attribute. Do not use the same principal ARN in both\na VPC Endpoint Service resource and a VPC Endpoint Service Allowed Principal resource. Doing so will cause a conflict\nand will overwrite the association.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.VpcEndpointService(\"example\", {\n acceptanceRequired: false,\n networkLoadBalancerArns: [aws_lb_example.arn],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.VpcEndpointService(\"example\",\n acceptance_required=False,\n network_load_balancer_arns=[aws_lb[\"example\"][\"arn\"]])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.VpcEndpointService(\"example\", new Aws.Ec2.VpcEndpointServiceArgs\n {\n AcceptanceRequired = false,\n NetworkLoadBalancerArns = \n {\n aws_lb.Example.Arn,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpcEndpointService(ctx, \"example\", \u0026ec2.VpcEndpointServiceArgs{\n\t\t\tAcceptanceRequired: pulumi.Bool(false),\n\t\t\tNetworkLoadBalancerArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_lb.Example.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Basic w/ Tags\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.VpcEndpointService(\"example\", {\n acceptanceRequired: false,\n networkLoadBalancerArns: [aws_lb_example.arn],\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.VpcEndpointService(\"example\",\n acceptance_required=False,\n network_load_balancer_arns=[aws_lb[\"example\"][\"arn\"]],\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.VpcEndpointService(\"example\", new Aws.Ec2.VpcEndpointServiceArgs\n {\n AcceptanceRequired = false,\n NetworkLoadBalancerArns = \n {\n aws_lb.Example.Arn,\n },\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpcEndpointService(ctx, \"example\", \u0026ec2.VpcEndpointServiceArgs{\n\t\t\tAcceptanceRequired: pulumi.Bool(false),\n\t\t\tNetworkLoadBalancerArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_lb.Example.Arn),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "acceptanceRequired": { "type": "boolean", "description": "Whether or not VPC endpoint connection requests to the service must be accepted by the service owner - `true` or `false`.\n" }, "allowedPrincipals": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of one or more principals allowed to discover the endpoint service.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC endpoint service.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The Availability Zones in which the service is available.\n" }, "baseEndpointDnsNames": { "type": "array", "items": { "type": "string" }, "description": "The DNS names for the service.\n" }, "managesVpcEndpoints": { "type": "boolean", "description": "Whether or not the service manages its VPC endpoints - `true` or `false`.\n" }, "networkLoadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of one or more Network Load Balancers for the endpoint service.\n" }, "privateDnsName": { "type": "string", "description": "The private DNS name for the service.\n" }, "serviceName": { "type": "string", "description": "The service name.\n" }, "serviceType": { "type": "string", "description": "The service type, `Gateway` or `Interface`.\n" }, "state": { "type": "string", "description": "The state of the VPC endpoint service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "acceptanceRequired", "allowedPrincipals", "arn", "availabilityZones", "baseEndpointDnsNames", "managesVpcEndpoints", "networkLoadBalancerArns", "privateDnsName", "serviceName", "serviceType", "state" ], "inputProperties": { "acceptanceRequired": { "type": "boolean", "description": "Whether or not VPC endpoint connection requests to the service must be accepted by the service owner - `true` or `false`.\n" }, "allowedPrincipals": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of one or more principals allowed to discover the endpoint service.\n" }, "networkLoadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of one or more Network Load Balancers for the endpoint service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "acceptanceRequired", "networkLoadBalancerArns" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointService resources.\n", "properties": { "acceptanceRequired": { "type": "boolean", "description": "Whether or not VPC endpoint connection requests to the service must be accepted by the service owner - `true` or `false`.\n" }, "allowedPrincipals": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of one or more principals allowed to discover the endpoint service.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC endpoint service.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The Availability Zones in which the service is available.\n" }, "baseEndpointDnsNames": { "type": "array", "items": { "type": "string" }, "description": "The DNS names for the service.\n" }, "managesVpcEndpoints": { "type": "boolean", "description": "Whether or not the service manages its VPC endpoints - `true` or `false`.\n" }, "networkLoadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of one or more Network Load Balancers for the endpoint service.\n" }, "privateDnsName": { "type": "string", "description": "The private DNS name for the service.\n" }, "serviceName": { "type": "string", "description": "The service name.\n" }, "serviceType": { "type": "string", "description": "The service type, `Gateway` or `Interface`.\n" }, "state": { "type": "string", "description": "The state of the VPC endpoint service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:ec2/vpcEndpointServiceAllowedPrinciple:VpcEndpointServiceAllowedPrinciple": { "description": "Provides a resource to allow a principal to discover a VPC endpoint service.\n\n\u003e **NOTE on VPC Endpoint Services and VPC Endpoint Service Allowed Principals:** This provider provides\nboth a standalone VPC Endpoint Service Allowed Principal resource\nand a VPC Endpoint Service resource with an `allowed_principals` attribute. Do not use the same principal ARN in both\na VPC Endpoint Service resource and a VPC Endpoint Service Allowed Principal resource. Doing so will cause a conflict\nand will overwrite the association.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.getCallerIdentity({ async: true }));\nconst allowMeToFoo = new aws.ec2.VpcEndpointServiceAllowedPrinciple(\"allow_me_to_foo\", {\n principalArn: current.arn,\n vpcEndpointServiceId: aws_vpc_endpoint_service_foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nallow_me_to_foo = aws.ec2.VpcEndpointServiceAllowedPrinciple(\"allowMeToFoo\",\n principal_arn=current.arn,\n vpc_endpoint_service_id=aws_vpc_endpoint_service[\"foo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n var allowMeToFoo = new Aws.Ec2.VpcEndpointServiceAllowedPrinciple(\"allowMeToFoo\", new Aws.Ec2.VpcEndpointServiceAllowedPrincipleArgs\n {\n PrincipalArn = current.Apply(current =\u003e current.Arn),\n VpcEndpointServiceId = aws_vpc_endpoint_service.Foo.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcEndpointServiceAllowedPrinciple(ctx, \"allowMeToFoo\", \u0026ec2.VpcEndpointServiceAllowedPrincipleArgs{\n\t\t\tPrincipalArn: pulumi.String(current.Arn),\n\t\t\tVpcEndpointServiceId: pulumi.String(aws_vpc_endpoint_service.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "principalArn": { "type": "string", "description": "The ARN of the principal to allow permissions.\n" }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC endpoint service to allow permission.\n" } }, "required": [ "principalArn", "vpcEndpointServiceId" ], "inputProperties": { "principalArn": { "type": "string", "description": "The ARN of the principal to allow permissions.\n" }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC endpoint service to allow permission.\n" } }, "requiredInputs": [ "principalArn", "vpcEndpointServiceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointServiceAllowedPrinciple resources.\n", "properties": { "principalArn": { "type": "string", "description": "The ARN of the principal to allow permissions.\n" }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC endpoint service to allow permission.\n" } }, "type": "object" } }, "aws:ec2/vpcEndpointSubnetAssociation:VpcEndpointSubnetAssociation": { "description": "Provides a resource to create an association between a VPC endpoint and a subnet.\n\n\u003e **NOTE on VPC Endpoints and VPC Endpoint Subnet Associations:** This provider provides\nboth a standalone VPC Endpoint Subnet Association (an association between a VPC endpoint\nand a single `subnet_id`) and a VPC Endpoint resource with a `subnet_ids`\nattribute. Do not use the same subnet ID in both a VPC Endpoint resource and a VPC Endpoint Subnet\nAssociation resource. Doing so will cause a conflict of associations and will overwrite the association.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst snEc2 = new aws.ec2.VpcEndpointSubnetAssociation(\"sn_ec2\", {\n subnetId: aws_subnet_sn.id,\n vpcEndpointId: aws_vpc_endpoint_ec2.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsn_ec2 = aws.ec2.VpcEndpointSubnetAssociation(\"snEc2\",\n subnet_id=aws_subnet[\"sn\"][\"id\"],\n vpc_endpoint_id=aws_vpc_endpoint[\"ec2\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var snEc2 = new Aws.Ec2.VpcEndpointSubnetAssociation(\"snEc2\", new Aws.Ec2.VpcEndpointSubnetAssociationArgs\n {\n SubnetId = aws_subnet.Sn.Id,\n VpcEndpointId = aws_vpc_endpoint.Ec2.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpcEndpointSubnetAssociation(ctx, \"snEc2\", \u0026ec2.VpcEndpointSubnetAssociationArgs{\n\t\t\tSubnetId: pulumi.String(aws_subnet.Sn.Id),\n\t\t\tVpcEndpointId: pulumi.String(aws_vpc_endpoint.Ec2.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "subnetId": { "type": "string", "description": "The ID of the subnet to be associated with the VPC endpoint.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint with which the subnet will be associated.\n" } }, "required": [ "subnetId", "vpcEndpointId" ], "inputProperties": { "subnetId": { "type": "string", "description": "The ID of the subnet to be associated with the VPC endpoint.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint with which the subnet will be associated.\n" } }, "requiredInputs": [ "subnetId", "vpcEndpointId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointSubnetAssociation resources.\n", "properties": { "subnetId": { "type": "string", "description": "The ID of the subnet to be associated with the VPC endpoint.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint with which the subnet will be associated.\n" } }, "type": "object" } }, "aws:ec2/vpcIpv4CidrBlockAssociation:VpcIpv4CidrBlockAssociation": { "description": "Provides a resource to associate additional IPv4 CIDR blocks with a VPC.\n\nWhen a VPC is created, a primary IPv4 CIDR block for the VPC must be specified.\nThe `aws.ec2.VpcIpv4CidrBlockAssociation` resource allows further IPv4 CIDR blocks to be added to the VPC.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst secondaryCidr = new aws.ec2.VpcIpv4CidrBlockAssociation(\"secondary_cidr\", {\n cidrBlock: \"172.2.0.0/16\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nsecondary_cidr = aws.ec2.VpcIpv4CidrBlockAssociation(\"secondaryCidr\",\n cidr_block=\"172.2.0.0/16\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var secondaryCidr = new Aws.Ec2.VpcIpv4CidrBlockAssociation(\"secondaryCidr\", new Aws.Ec2.VpcIpv4CidrBlockAssociationArgs\n {\n CidrBlock = \"172.2.0.0/16\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpv4CidrBlockAssociation(ctx, \"secondaryCidr\", \u0026ec2.VpcIpv4CidrBlockAssociationArgs{\n\t\t\tCidrBlock: pulumi.String(\"172.2.0.0/16\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "cidrBlock": { "type": "string", "description": "The additional IPv4 CIDR block to associate with the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to make the association with.\n" } }, "required": [ "cidrBlock", "vpcId" ], "inputProperties": { "cidrBlock": { "type": "string", "description": "The additional IPv4 CIDR block to associate with the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to make the association with.\n" } }, "requiredInputs": [ "cidrBlock", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpv4CidrBlockAssociation resources.\n", "properties": { "cidrBlock": { "type": "string", "description": "The additional IPv4 CIDR block to associate with the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to make the association with.\n" } }, "type": "object" } }, "aws:ec2/vpcPeeringConnection:VpcPeeringConnection": { "description": "Provides a resource to manage a VPC peering connection.\n\n\u003e **NOTE on VPC Peering Connections and VPC Peering Connection Options:** This provider provides\nboth a standalone VPC Peering Connection Options and a VPC Peering Connection\nresource with `accepter` and `requester` attributes. Do not manage options for the same VPC peering\nconnection in both a VPC Peering Connection resource and a VPC Peering Connection Options resource.\nDoing so will cause a conflict of options and will overwrite the options.\nUsing a VPC Peering Connection Options resource decouples management of the connection options from\nmanagement of the VPC Peering Connection and allows options to be set correctly in cross-account scenarios.\n\n\u003e **Note:** For cross-account (requester's AWS account differs from the accepter's AWS account) or inter-region\nVPC Peering Connections use the `aws.ec2.VpcPeeringConnection` resource to manage the requester's side of the\nconnection and use the `aws.ec2.VpcPeeringConnectionAccepter` resource to manage the accepter's side of the connection.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.VpcPeeringConnection(\"foo\", {\n peerOwnerId: var_peer_owner_id,\n peerVpcId: aws_vpc_bar.id,\n vpcId: aws_vpc_foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.VpcPeeringConnection(\"foo\",\n peer_owner_id=var[\"peer_owner_id\"],\n peer_vpc_id=aws_vpc[\"bar\"][\"id\"],\n vpc_id=aws_vpc[\"foo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ec2.VpcPeeringConnection(\"foo\", new Aws.Ec2.VpcPeeringConnectionArgs\n {\n PeerOwnerId = @var.Peer_owner_id,\n PeerVpcId = aws_vpc.Bar.Id,\n VpcId = aws_vpc.Foo.Id,\n });\n }\n\n}\n```\n\nBasic usage with connection options:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.VpcPeeringConnection(\"foo\", {\n accepter: {\n allowRemoteVpcDnsResolution: true,\n },\n peerOwnerId: var_peer_owner_id,\n peerVpcId: aws_vpc_bar.id,\n requester: {\n allowRemoteVpcDnsResolution: true,\n },\n vpcId: aws_vpc_foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.VpcPeeringConnection(\"foo\",\n accepter={\n \"allowRemoteVpcDnsResolution\": True,\n },\n peer_owner_id=var[\"peer_owner_id\"],\n peer_vpc_id=aws_vpc[\"bar\"][\"id\"],\n requester={\n \"allowRemoteVpcDnsResolution\": True,\n },\n vpc_id=aws_vpc[\"foo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ec2.VpcPeeringConnection(\"foo\", new Aws.Ec2.VpcPeeringConnectionArgs\n {\n Accepter = new Aws.Ec2.Inputs.VpcPeeringConnectionAccepterArgs\n {\n AllowRemoteVpcDnsResolution = true,\n },\n PeerOwnerId = @var.Peer_owner_id,\n PeerVpcId = aws_vpc.Bar.Id,\n Requester = new Aws.Ec2.Inputs.VpcPeeringConnectionRequesterArgs\n {\n AllowRemoteVpcDnsResolution = true,\n },\n VpcId = aws_vpc.Foo.Id,\n });\n }\n\n}\n```\n\nBasic usage with tags:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooVpc = new aws.ec2.Vpc(\"foo\", {\n cidrBlock: \"10.1.0.0/16\",\n});\nconst bar = new aws.ec2.Vpc(\"bar\", {\n cidrBlock: \"10.2.0.0/16\",\n});\nconst fooVpcPeeringConnection = new aws.ec2.VpcPeeringConnection(\"foo\", {\n autoAccept: true,\n peerOwnerId: var_peer_owner_id,\n peerVpcId: bar.id,\n tags: {\n Name: \"VPC Peering between foo and bar\",\n },\n vpcId: fooVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_vpc = aws.ec2.Vpc(\"fooVpc\", cidr_block=\"10.1.0.0/16\")\nbar = aws.ec2.Vpc(\"bar\", cidr_block=\"10.2.0.0/16\")\nfoo_vpc_peering_connection = aws.ec2.VpcPeeringConnection(\"fooVpcPeeringConnection\",\n auto_accept=True,\n peer_owner_id=var[\"peer_owner_id\"],\n peer_vpc_id=bar.id,\n tags={\n \"Name\": \"VPC Peering between foo and bar\",\n },\n vpc_id=foo_vpc.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooVpc = new Aws.Ec2.Vpc(\"fooVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var bar = new Aws.Ec2.Vpc(\"bar\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.2.0.0/16\",\n });\n var fooVpcPeeringConnection = new Aws.Ec2.VpcPeeringConnection(\"fooVpcPeeringConnection\", new Aws.Ec2.VpcPeeringConnectionArgs\n {\n AutoAccept = true,\n PeerOwnerId = @var.Peer_owner_id,\n PeerVpcId = bar.Id,\n Tags = \n {\n { \"Name\", \"VPC Peering between foo and bar\" },\n },\n VpcId = fooVpc.Id,\n });\n }\n\n}\n```\n\nBasic usage with region:\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooVpc = new aws.ec2.Vpc(\"fooVpc\", {cidrBlock: \"10.1.0.0/16\"});\nconst bar = new aws.ec2.Vpc(\"bar\", {cidrBlock: \"10.2.0.0/16\"});\nconst fooVpcPeeringConnection = new aws.ec2.VpcPeeringConnection(\"fooVpcPeeringConnection\", {\n peerOwnerId: _var.peer_owner_id,\n peerVpcId: bar.id,\n vpcId: fooVpc.id,\n peerRegion: \"us-east-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_vpc = aws.ec2.Vpc(\"fooVpc\", cidr_block=\"10.1.0.0/16\")\nbar = aws.ec2.Vpc(\"bar\", cidr_block=\"10.2.0.0/16\")\nfoo_vpc_peering_connection = aws.ec2.VpcPeeringConnection(\"fooVpcPeeringConnection\",\n peer_owner_id=var[\"peer_owner_id\"],\n peer_vpc_id=bar.id,\n vpc_id=foo_vpc.id,\n peer_region=\"us-east-1\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooVpc = new Aws.Ec2.Vpc(\"fooVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var bar = new Aws.Ec2.Vpc(\"bar\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.2.0.0/16\",\n });\n var fooVpcPeeringConnection = new Aws.Ec2.VpcPeeringConnection(\"fooVpcPeeringConnection\", new Aws.Ec2.VpcPeeringConnectionArgs\n {\n PeerOwnerId = @var.Peer_owner_id,\n PeerVpcId = bar.Id,\n VpcId = fooVpc.Id,\n PeerRegion = \"us-east-1\",\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Notes\n\nIf both VPCs are not in the same AWS account do not enable the `auto_accept` attribute.\nThe accepter can manage its side of the connection using the `aws.ec2.VpcPeeringConnectionAccepter` resource\nor accept the connection manually using the AWS Management Console, AWS CLI, through SDKs, etc.\n", "properties": { "acceptStatus": { "type": "string", "description": "The status of the VPC Peering Connection request.\n" }, "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts\nthe peering connection (a maximum of one).\n" }, "autoAccept": { "type": "boolean", "description": "Accept the peering (both VPCs need to be in the same AWS account).\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the owner of the peer VPC.\nDefaults to the account ID the [AWS provider](https://www.terraform.io/docs/providers/aws/index.html) is currently connected to.\n" }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC of the [VPC Peering Connection]. `auto_accept` must be `false`,\nand use the `aws.ec2.VpcPeeringConnectionAccepter` to manage the accepter side.\n" }, "peerVpcId": { "type": "string", "description": "The ID of the VPC with which you are creating the VPC Peering Connection.\n" }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionRequester:VpcPeeringConnectionRequester", "description": "A optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests\nthe peering connection (a maximum of one).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the requester VPC.\n" } }, "required": [ "acceptStatus", "accepter", "peerOwnerId", "peerRegion", "peerVpcId", "requester", "vpcId" ], "inputProperties": { "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts\nthe peering connection (a maximum of one).\n" }, "autoAccept": { "type": "boolean", "description": "Accept the peering (both VPCs need to be in the same AWS account).\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the owner of the peer VPC.\nDefaults to the account ID the [AWS provider](https://www.terraform.io/docs/providers/aws/index.html) is currently connected to.\n" }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC of the [VPC Peering Connection]. `auto_accept` must be `false`,\nand use the `aws.ec2.VpcPeeringConnectionAccepter` to manage the accepter side.\n" }, "peerVpcId": { "type": "string", "description": "The ID of the VPC with which you are creating the VPC Peering Connection.\n" }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionRequester:VpcPeeringConnectionRequester", "description": "A optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests\nthe peering connection (a maximum of one).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the requester VPC.\n" } }, "requiredInputs": [ "peerVpcId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcPeeringConnection resources.\n", "properties": { "acceptStatus": { "type": "string", "description": "The status of the VPC Peering Connection request.\n" }, "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts\nthe peering connection (a maximum of one).\n" }, "autoAccept": { "type": "boolean", "description": "Accept the peering (both VPCs need to be in the same AWS account).\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the owner of the peer VPC.\nDefaults to the account ID the [AWS provider](https://www.terraform.io/docs/providers/aws/index.html) is currently connected to.\n" }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC of the [VPC Peering Connection]. `auto_accept` must be `false`,\nand use the `aws.ec2.VpcPeeringConnectionAccepter` to manage the accepter side.\n" }, "peerVpcId": { "type": "string", "description": "The ID of the VPC with which you are creating the VPC Peering Connection.\n" }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionRequester:VpcPeeringConnectionRequester", "description": "A optional configuration block that allows for [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests\nthe peering connection (a maximum of one).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the requester VPC.\n" } }, "type": "object" } }, "aws:ec2/vpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter": { "description": "Provides a resource to manage the accepter's side of a VPC Peering Connection.\n\nWhen a cross-account (requester's AWS account differs from the accepter's AWS account) or an inter-region\nVPC Peering Connection is created, a VPC Peering Connection resource is automatically created in the\naccepter's account.\nThe requester can use the `aws.ec2.VpcPeeringConnection` resource to manage its side of the connection\nand the accepter can use the `aws.ec2.VpcPeeringConnectionAccepter` resource to \"adopt\" its side of the\nconnection into management.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst peer = new aws.Provider(\"peer\", {\n region: \"us-west-2\",\n});\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst peerVpc = new aws.ec2.Vpc(\"peer\", {\n cidrBlock: \"10.1.0.0/16\",\n}, { provider: peer });\nconst peerCallerIdentity = pulumi.output(aws.getCallerIdentity({ provider: peer, async: true }));\n// Requester's side of the connection.\nconst peerVpcPeeringConnection = new aws.ec2.VpcPeeringConnection(\"peer\", {\n autoAccept: false,\n peerOwnerId: peerCallerIdentity.accountId,\n peerRegion: \"us-west-2\",\n peerVpcId: peerVpc.id,\n tags: {\n Side: \"Requester\",\n },\n vpcId: main.id,\n});\n// Accepter's side of the connection.\nconst peerVpcPeeringConnectionAccepter = new aws.ec2.VpcPeeringConnectionAccepter(\"peer\", {\n autoAccept: true,\n tags: {\n Side: \"Accepter\",\n },\n vpcPeeringConnectionId: peerVpcPeeringConnection.id,\n}, { provider: peer });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\npeer = pulumi.providers.Aws(\"peer\", region=\"us-west-2\")\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\npeer_vpc = aws.ec2.Vpc(\"peerVpc\", cidr_block=\"10.1.0.0/16\")\npeer_caller_identity = aws.get_caller_identity()\n# Requester's side of the connection.\npeer_vpc_peering_connection = aws.ec2.VpcPeeringConnection(\"peerVpcPeeringConnection\",\n auto_accept=False,\n peer_owner_id=peer_caller_identity.account_id,\n peer_region=\"us-west-2\",\n peer_vpc_id=peer_vpc.id,\n tags={\n \"Side\": \"Requester\",\n },\n vpc_id=main.id)\n# Accepter's side of the connection.\npeer_vpc_peering_connection_accepter = aws.ec2.VpcPeeringConnectionAccepter(\"peerVpcPeeringConnectionAccepter\",\n auto_accept=True,\n tags={\n \"Side\": \"Accepter\",\n },\n vpc_peering_connection_id=peer_vpc_peering_connection.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var peer = new Aws.Provider(\"peer\", new Aws.ProviderArgs\n {\n Region = \"us-west-2\",\n });\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var peerVpc = new Aws.Ec2.Vpc(\"peerVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var peerCallerIdentity = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n // Requester's side of the connection.\n var peerVpcPeeringConnection = new Aws.Ec2.VpcPeeringConnection(\"peerVpcPeeringConnection\", new Aws.Ec2.VpcPeeringConnectionArgs\n {\n AutoAccept = false,\n PeerOwnerId = peerCallerIdentity.Apply(peerCallerIdentity =\u003e peerCallerIdentity.AccountId),\n PeerRegion = \"us-west-2\",\n PeerVpcId = peerVpc.Id,\n Tags = \n {\n { \"Side\", \"Requester\" },\n },\n VpcId = main.Id,\n });\n // Accepter's side of the connection.\n var peerVpcPeeringConnectionAccepter = new Aws.Ec2.VpcPeeringConnectionAccepter(\"peerVpcPeeringConnectionAccepter\", new Aws.Ec2.VpcPeeringConnectionAccepterArgs\n {\n AutoAccept = true,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n VpcPeeringConnectionId = peerVpcPeeringConnection.Id,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "acceptStatus": { "type": "string", "description": "The status of the VPC Peering Connection request.\n" }, "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterAccepter:VpcPeeringConnectionAccepterAccepter", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the accepter VPC.\n" }, "autoAccept": { "type": "boolean", "description": "Whether or not to accept the peering request. Defaults to `false`.\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the owner of the requester VPC.\n" }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC.\n" }, "peerVpcId": { "type": "string", "description": "The ID of the requester VPC.\n" }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterRequester:VpcPeeringConnectionAccepterRequester", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the requester VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the accepter VPC.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The VPC Peering Connection ID to manage.\n" } }, "required": [ "acceptStatus", "accepter", "peerOwnerId", "peerRegion", "peerVpcId", "requester", "vpcId", "vpcPeeringConnectionId" ], "inputProperties": { "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterAccepter:VpcPeeringConnectionAccepterAccepter", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the accepter VPC.\n" }, "autoAccept": { "type": "boolean", "description": "Whether or not to accept the peering request. Defaults to `false`.\n" }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterRequester:VpcPeeringConnectionAccepterRequester", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the requester VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The VPC Peering Connection ID to manage.\n" } }, "requiredInputs": [ "vpcPeeringConnectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcPeeringConnectionAccepter resources.\n", "properties": { "acceptStatus": { "type": "string", "description": "The status of the VPC Peering Connection request.\n" }, "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterAccepter:VpcPeeringConnectionAccepterAccepter", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the accepter VPC.\n" }, "autoAccept": { "type": "boolean", "description": "Whether or not to accept the peering request. Defaults to `false`.\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the owner of the requester VPC.\n" }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC.\n" }, "peerVpcId": { "type": "string", "description": "The ID of the requester VPC.\n" }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterRequester:VpcPeeringConnectionAccepterRequester", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the requester VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The ID of the accepter VPC.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The VPC Peering Connection ID to manage.\n" } }, "type": "object" } }, "aws:ec2/vpnConnection:VpnConnection": { "description": "Manages an EC2 VPN connection. These objects can be connected to customer gateways, and allow you to establish tunnels between your network and Amazon.\n\n\u003e **Note:** All arguments including `tunnel1_preshared_key` and `tunnel2_preshared_key` will be stored in the raw state as plain-text.\n\n\u003e **Note:** The CIDR blocks in the arguments `tunnel1_inside_cidr` and `tunnel2_inside_cidr` must have a prefix of /30 and be a part of a specific range.\n[Read more about this in the AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_VpnTunnelOptionsSpecification.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### EC2 Transit Gateway\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleTransitGateway = new aws.ec2transitgateway.TransitGateway(\"example\", {});\nconst exampleCustomerGateway = new aws.ec2.CustomerGateway(\"example\", {\n bgpAsn: 65000,\n ipAddress: \"172.0.0.1\",\n type: \"ipsec.1\",\n});\nconst exampleVpnConnection = new aws.ec2.VpnConnection(\"example\", {\n customerGatewayId: exampleCustomerGateway.id,\n transitGatewayId: exampleTransitGateway.id,\n type: exampleCustomerGateway.type,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_transit_gateway = aws.ec2transitgateway.TransitGateway(\"exampleTransitGateway\")\nexample_customer_gateway = aws.ec2.CustomerGateway(\"exampleCustomerGateway\",\n bgp_asn=65000,\n ip_address=\"172.0.0.1\",\n type=\"ipsec.1\")\nexample_vpn_connection = aws.ec2.VpnConnection(\"exampleVpnConnection\",\n customer_gateway_id=example_customer_gateway.id,\n transit_gateway_id=example_transit_gateway.id,\n type=example_customer_gateway.type)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"exampleTransitGateway\", new Aws.Ec2TransitGateway.TransitGatewayArgs\n {\n });\n var exampleCustomerGateway = new Aws.Ec2.CustomerGateway(\"exampleCustomerGateway\", new Aws.Ec2.CustomerGatewayArgs\n {\n BgpAsn = 65000,\n IpAddress = \"172.0.0.1\",\n Type = \"ipsec.1\",\n });\n var exampleVpnConnection = new Aws.Ec2.VpnConnection(\"exampleVpnConnection\", new Aws.Ec2.VpnConnectionArgs\n {\n CustomerGatewayId = exampleCustomerGateway.Id,\n TransitGatewayId = exampleTransitGateway.Id,\n Type = exampleCustomerGateway.Type,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"exampleTransitGateway\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCustomerGateway, err := ec2.NewCustomerGateway(ctx, \"exampleCustomerGateway\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.Int(65000),\n\t\t\tIpAddress: pulumi.String(\"172.0.0.1\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnConnection(ctx, \"exampleVpnConnection\", \u0026ec2.VpnConnectionArgs{\n\t\t\tCustomerGatewayId: exampleCustomerGateway.ID(),\n\t\t\tTransitGatewayId: exampleTransitGateway.ID(),\n\t\t\tType: exampleCustomerGateway.Type,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Virtual Private Gateway\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpc = new aws.ec2.Vpc(\"vpc\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst vpnGateway = new aws.ec2.VpnGateway(\"vpn_gateway\", {\n vpcId: vpc.id,\n});\nconst customerGateway = new aws.ec2.CustomerGateway(\"customer_gateway\", {\n bgpAsn: 65000,\n ipAddress: \"172.0.0.1\",\n type: \"ipsec.1\",\n});\nconst main = new aws.ec2.VpnConnection(\"main\", {\n customerGatewayId: customerGateway.id,\n staticRoutesOnly: true,\n type: \"ipsec.1\",\n vpnGatewayId: vpnGateway.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvpc = aws.ec2.Vpc(\"vpc\", cidr_block=\"10.0.0.0/16\")\nvpn_gateway = aws.ec2.VpnGateway(\"vpnGateway\", vpc_id=vpc.id)\ncustomer_gateway = aws.ec2.CustomerGateway(\"customerGateway\",\n bgp_asn=65000,\n ip_address=\"172.0.0.1\",\n type=\"ipsec.1\")\nmain = aws.ec2.VpnConnection(\"main\",\n customer_gateway_id=customer_gateway.id,\n static_routes_only=True,\n type=\"ipsec.1\",\n vpn_gateway_id=vpn_gateway.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var vpc = new Aws.Ec2.Vpc(\"vpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var vpnGateway = new Aws.Ec2.VpnGateway(\"vpnGateway\", new Aws.Ec2.VpnGatewayArgs\n {\n VpcId = vpc.Id,\n });\n var customerGateway = new Aws.Ec2.CustomerGateway(\"customerGateway\", new Aws.Ec2.CustomerGatewayArgs\n {\n BgpAsn = 65000,\n IpAddress = \"172.0.0.1\",\n Type = \"ipsec.1\",\n });\n var main = new Aws.Ec2.VpnConnection(\"main\", new Aws.Ec2.VpnConnectionArgs\n {\n CustomerGatewayId = customerGateway.Id,\n StaticRoutesOnly = true,\n Type = \"ipsec.1\",\n VpnGatewayId = vpnGateway.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tvpc, err := ec2.NewVpc(ctx, \"vpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpnGateway, err := ec2.NewVpnGateway(ctx, \"vpnGateway\", \u0026ec2.VpnGatewayArgs{\n\t\t\tVpcId: vpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcustomerGateway, err := ec2.NewCustomerGateway(ctx, \"customerGateway\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.Int(65000),\n\t\t\tIpAddress: pulumi.String(\"172.0.0.1\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnConnection(ctx, \"main\", \u0026ec2.VpnConnectionArgs{\n\t\t\tCustomerGatewayId: customerGateway.ID(),\n\t\t\tStaticRoutesOnly: pulumi.Bool(true),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t\tVpnGatewayId: vpnGateway.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPN Connection.\n" }, "customerGatewayConfiguration": { "type": "string", "description": "The configuration information for the VPN connection's customer gateway (in the native XML format).\n" }, "customerGatewayId": { "type": "string", "description": "The ID of the customer gateway.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpnConnectionRoute:VpnConnectionRoute" } }, "staticRoutesOnly": { "type": "boolean", "description": "Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don't support BGP.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "When associated with an EC2 Transit Gateway (`transit_gateway_id` argument), the attachment ID.\n" }, "transitGatewayId": { "type": "string", "description": "The ID of the EC2 Transit Gateway.\n" }, "tunnel1Address": { "type": "string", "description": "The public IP address of the first VPN tunnel.\n" }, "tunnel1BgpAsn": { "type": "string", "description": "The bgp asn number of the first VPN tunnel.\n" }, "tunnel1BgpHoldtime": { "type": "integer", "description": "The bgp holdtime of the first VPN tunnel.\n" }, "tunnel1CgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).\n" }, "tunnel1InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the first VPN tunnel.\n" }, "tunnel1PresharedKey": { "type": "string", "description": "The preshared key of the first VPN tunnel.\n" }, "tunnel1VgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).\n" }, "tunnel2Address": { "type": "string", "description": "The public IP address of the second VPN tunnel.\n" }, "tunnel2BgpAsn": { "type": "string", "description": "The bgp asn number of the second VPN tunnel.\n" }, "tunnel2BgpHoldtime": { "type": "integer", "description": "The bgp holdtime of the second VPN tunnel.\n" }, "tunnel2CgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).\n" }, "tunnel2InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the second VPN tunnel.\n" }, "tunnel2PresharedKey": { "type": "string", "description": "The preshared key of the second VPN tunnel.\n" }, "tunnel2VgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).\n" }, "type": { "type": "string", "description": "The type of VPN connection. The only type AWS supports at this time is \"ipsec.1\".\n" }, "vgwTelemetries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpnConnectionVgwTelemetry:VpnConnectionVgwTelemetry" } }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n" } }, "required": [ "arn", "customerGatewayConfiguration", "customerGatewayId", "routes", "staticRoutesOnly", "transitGatewayAttachmentId", "tunnel1Address", "tunnel1BgpAsn", "tunnel1BgpHoldtime", "tunnel1CgwInsideAddress", "tunnel1InsideCidr", "tunnel1PresharedKey", "tunnel1VgwInsideAddress", "tunnel2Address", "tunnel2BgpAsn", "tunnel2BgpHoldtime", "tunnel2CgwInsideAddress", "tunnel2InsideCidr", "tunnel2PresharedKey", "tunnel2VgwInsideAddress", "type", "vgwTelemetries" ], "inputProperties": { "customerGatewayId": { "type": "string", "description": "The ID of the customer gateway.\n" }, "staticRoutesOnly": { "type": "boolean", "description": "Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don't support BGP.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection.\n" }, "transitGatewayId": { "type": "string", "description": "The ID of the EC2 Transit Gateway.\n" }, "tunnel1InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the first VPN tunnel.\n" }, "tunnel1PresharedKey": { "type": "string", "description": "The preshared key of the first VPN tunnel.\n" }, "tunnel2InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the second VPN tunnel.\n" }, "tunnel2PresharedKey": { "type": "string", "description": "The preshared key of the second VPN tunnel.\n" }, "type": { "type": "string", "description": "The type of VPN connection. The only type AWS supports at this time is \"ipsec.1\".\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n" } }, "requiredInputs": [ "customerGatewayId", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpnConnection resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPN Connection.\n" }, "customerGatewayConfiguration": { "type": "string", "description": "The configuration information for the VPN connection's customer gateway (in the native XML format).\n" }, "customerGatewayId": { "type": "string", "description": "The ID of the customer gateway.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpnConnectionRoute:VpnConnectionRoute" } }, "staticRoutesOnly": { "type": "boolean", "description": "Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don't support BGP.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "When associated with an EC2 Transit Gateway (`transit_gateway_id` argument), the attachment ID.\n" }, "transitGatewayId": { "type": "string", "description": "The ID of the EC2 Transit Gateway.\n" }, "tunnel1Address": { "type": "string", "description": "The public IP address of the first VPN tunnel.\n" }, "tunnel1BgpAsn": { "type": "string", "description": "The bgp asn number of the first VPN tunnel.\n" }, "tunnel1BgpHoldtime": { "type": "integer", "description": "The bgp holdtime of the first VPN tunnel.\n" }, "tunnel1CgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).\n" }, "tunnel1InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the first VPN tunnel.\n" }, "tunnel1PresharedKey": { "type": "string", "description": "The preshared key of the first VPN tunnel.\n" }, "tunnel1VgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).\n" }, "tunnel2Address": { "type": "string", "description": "The public IP address of the second VPN tunnel.\n" }, "tunnel2BgpAsn": { "type": "string", "description": "The bgp asn number of the second VPN tunnel.\n" }, "tunnel2BgpHoldtime": { "type": "integer", "description": "The bgp holdtime of the second VPN tunnel.\n" }, "tunnel2CgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).\n" }, "tunnel2InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the second VPN tunnel.\n" }, "tunnel2PresharedKey": { "type": "string", "description": "The preshared key of the second VPN tunnel.\n" }, "tunnel2VgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).\n" }, "type": { "type": "string", "description": "The type of VPN connection. The only type AWS supports at this time is \"ipsec.1\".\n" }, "vgwTelemetries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpnConnectionVgwTelemetry:VpnConnectionVgwTelemetry" } }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n" } }, "type": "object" } }, "aws:ec2/vpnConnectionRoute:VpnConnectionRoute": { "description": "Provides a static route between a VPN connection and a customer gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpc = new aws.ec2.Vpc(\"vpc\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst vpnGateway = new aws.ec2.VpnGateway(\"vpn_gateway\", {\n vpcId: vpc.id,\n});\nconst customerGateway = new aws.ec2.CustomerGateway(\"customer_gateway\", {\n bgpAsn: 65000,\n ipAddress: \"172.0.0.1\",\n type: \"ipsec.1\",\n});\nconst main = new aws.ec2.VpnConnection(\"main\", {\n customerGatewayId: customerGateway.id,\n staticRoutesOnly: true,\n type: \"ipsec.1\",\n vpnGatewayId: vpnGateway.id,\n});\nconst office = new aws.ec2.VpnConnectionRoute(\"office\", {\n destinationCidrBlock: \"192.168.10.0/24\",\n vpnConnectionId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvpc = aws.ec2.Vpc(\"vpc\", cidr_block=\"10.0.0.0/16\")\nvpn_gateway = aws.ec2.VpnGateway(\"vpnGateway\", vpc_id=vpc.id)\ncustomer_gateway = aws.ec2.CustomerGateway(\"customerGateway\",\n bgp_asn=65000,\n ip_address=\"172.0.0.1\",\n type=\"ipsec.1\")\nmain = aws.ec2.VpnConnection(\"main\",\n customer_gateway_id=customer_gateway.id,\n static_routes_only=True,\n type=\"ipsec.1\",\n vpn_gateway_id=vpn_gateway.id)\noffice = aws.ec2.VpnConnectionRoute(\"office\",\n destination_cidr_block=\"192.168.10.0/24\",\n vpn_connection_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var vpc = new Aws.Ec2.Vpc(\"vpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var vpnGateway = new Aws.Ec2.VpnGateway(\"vpnGateway\", new Aws.Ec2.VpnGatewayArgs\n {\n VpcId = vpc.Id,\n });\n var customerGateway = new Aws.Ec2.CustomerGateway(\"customerGateway\", new Aws.Ec2.CustomerGatewayArgs\n {\n BgpAsn = 65000,\n IpAddress = \"172.0.0.1\",\n Type = \"ipsec.1\",\n });\n var main = new Aws.Ec2.VpnConnection(\"main\", new Aws.Ec2.VpnConnectionArgs\n {\n CustomerGatewayId = customerGateway.Id,\n StaticRoutesOnly = true,\n Type = \"ipsec.1\",\n VpnGatewayId = vpnGateway.Id,\n });\n var office = new Aws.Ec2.VpnConnectionRoute(\"office\", new Aws.Ec2.VpnConnectionRouteArgs\n {\n DestinationCidrBlock = \"192.168.10.0/24\",\n VpnConnectionId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tvpc, err := ec2.NewVpc(ctx, \"vpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpnGateway, err := ec2.NewVpnGateway(ctx, \"vpnGateway\", \u0026ec2.VpnGatewayArgs{\n\t\t\tVpcId: vpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcustomerGateway, err := ec2.NewCustomerGateway(ctx, \"customerGateway\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.Int(65000),\n\t\t\tIpAddress: pulumi.String(\"172.0.0.1\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := ec2.NewVpnConnection(ctx, \"main\", \u0026ec2.VpnConnectionArgs{\n\t\t\tCustomerGatewayId: customerGateway.ID(),\n\t\t\tStaticRoutesOnly: pulumi.Bool(true),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t\tVpnGatewayId: vpnGateway.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnConnectionRoute(ctx, \"office\", \u0026ec2.VpnConnectionRouteArgs{\n\t\t\tDestinationCidrBlock: pulumi.String(\"192.168.10.0/24\"),\n\t\t\tVpnConnectionId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "destinationCidrBlock": { "type": "string", "description": "The CIDR block associated with the local subnet of the customer network.\n" }, "vpnConnectionId": { "type": "string", "description": "The ID of the VPN connection.\n" } }, "required": [ "destinationCidrBlock", "vpnConnectionId" ], "inputProperties": { "destinationCidrBlock": { "type": "string", "description": "The CIDR block associated with the local subnet of the customer network.\n" }, "vpnConnectionId": { "type": "string", "description": "The ID of the VPN connection.\n" } }, "requiredInputs": [ "destinationCidrBlock", "vpnConnectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpnConnectionRoute resources.\n", "properties": { "destinationCidrBlock": { "type": "string", "description": "The CIDR block associated with the local subnet of the customer network.\n" }, "vpnConnectionId": { "type": "string", "description": "The ID of the VPN connection.\n" } }, "type": "object" } }, "aws:ec2/vpnGateway:VpnGateway": { "description": "Provides a resource to create a VPC VPN Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpnGw = new aws.ec2.VpnGateway(\"vpn_gw\", {\n tags: {\n Name: \"main\",\n },\n vpcId: aws_vpc_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvpn_gw = aws.ec2.VpnGateway(\"vpnGw\",\n tags={\n \"Name\": \"main\",\n },\n vpc_id=aws_vpc[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var vpnGw = new Aws.Ec2.VpnGateway(\"vpnGw\", new Aws.Ec2.VpnGatewayArgs\n {\n Tags = \n {\n { \"Name\", \"main\" },\n },\n VpcId = aws_vpc.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpnGateway(ctx, \"vpnGw\", \u0026ec2.VpnGatewayArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t\tVpcId: pulumi.String(aws_vpc.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "amazonSideAsn": { "type": "string", "description": "The Autonomous System Number (ASN) for the Amazon side of the gateway. If you don't specify an ASN, the virtual private gateway is created with the default ASN.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPN Gateway.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the virtual private gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "required": [ "amazonSideAsn", "arn", "vpcId" ], "inputProperties": { "amazonSideAsn": { "type": "string", "description": "The Autonomous System Number (ASN) for the Amazon side of the gateway. If you don't specify an ASN, the virtual private gateway is created with the default ASN.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the virtual private gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering VpnGateway resources.\n", "properties": { "amazonSideAsn": { "type": "string", "description": "The Autonomous System Number (ASN) for the Amazon side of the gateway. If you don't specify an ASN, the virtual private gateway is created with the default ASN.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPN Gateway.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the virtual private gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "type": "object" } }, "aws:ec2/vpnGatewayAttachment:VpnGatewayAttachment": { "description": "Provides a Virtual Private Gateway attachment resource, allowing for an existing\nhardware VPN gateway to be attached and/or detached from a VPC.\n\n\u003e **Note:** The `aws.ec2.VpnGateway`\nresource can also automatically attach the Virtual Private Gateway it creates\nto an existing VPC by setting the `vpc_id` attribute accordingly.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst network = new aws.ec2.Vpc(\"network\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst vpn = new aws.ec2.VpnGateway(\"vpn\", {\n tags: {\n Name: \"example-vpn-gateway\",\n },\n});\nconst vpnAttachment = new aws.ec2.VpnGatewayAttachment(\"vpn_attachment\", {\n vpcId: network.id,\n vpnGatewayId: vpn.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnetwork = aws.ec2.Vpc(\"network\", cidr_block=\"10.0.0.0/16\")\nvpn = aws.ec2.VpnGateway(\"vpn\", tags={\n \"Name\": \"example-vpn-gateway\",\n})\nvpn_attachment = aws.ec2.VpnGatewayAttachment(\"vpnAttachment\",\n vpc_id=network.id,\n vpn_gateway_id=vpn.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var network = new Aws.Ec2.Vpc(\"network\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var vpn = new Aws.Ec2.VpnGateway(\"vpn\", new Aws.Ec2.VpnGatewayArgs\n {\n Tags = \n {\n { \"Name\", \"example-vpn-gateway\" },\n },\n });\n var vpnAttachment = new Aws.Ec2.VpnGatewayAttachment(\"vpnAttachment\", new Aws.Ec2.VpnGatewayAttachmentArgs\n {\n VpcId = network.Id,\n VpnGatewayId = vpn.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnetwork, err := ec2.NewVpc(ctx, \"network\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpn, err := ec2.NewVpnGateway(ctx, \"vpn\", \u0026ec2.VpnGatewayArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"example-vpn-gateway\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnGatewayAttachment(ctx, \"vpnAttachment\", \u0026ec2.VpnGatewayAttachmentArgs{\n\t\t\tVpcId: network.ID(),\n\t\t\tVpnGatewayId: vpn.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nSee [Virtual Private Cloud](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Introduction.html)\nand [Virtual Private Gateway](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html) user\nguides for more information.\n{{% /example %}}\n{{% /examples %}}", "properties": { "vpcId": { "type": "string", "description": "The ID of the VPC.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n" } }, "required": [ "vpcId", "vpnGatewayId" ], "inputProperties": { "vpcId": { "type": "string", "description": "The ID of the VPC.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n" } }, "requiredInputs": [ "vpcId", "vpnGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpnGatewayAttachment resources.\n", "properties": { "vpcId": { "type": "string", "description": "The ID of the VPC.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n" } }, "type": "object" } }, "aws:ec2/vpnGatewayRoutePropagation:VpnGatewayRoutePropagation": { "description": "Requests automatic route propagation between a VPN gateway and a route table.\n\n\u003e **Note:** This resource should not be used with a route table that has\nthe `propagating_vgws` argument set. If that argument is set, any route\npropagation not explicitly listed in its value will be removed.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.VpnGatewayRoutePropagation(\"example\", {\n routeTableId: aws_route_table_example.id,\n vpnGatewayId: aws_vpn_gateway_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.VpnGatewayRoutePropagation(\"example\",\n route_table_id=aws_route_table[\"example\"][\"id\"],\n vpn_gateway_id=aws_vpn_gateway[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2.VpnGatewayRoutePropagation(\"example\", new Aws.Ec2.VpnGatewayRoutePropagationArgs\n {\n RouteTableId = aws_route_table.Example.Id,\n VpnGatewayId = aws_vpn_gateway.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2.NewVpnGatewayRoutePropagation(ctx, \"example\", \u0026ec2.VpnGatewayRoutePropagationArgs{\n\t\t\tRouteTableId: pulumi.String(aws_route_table.Example.Id),\n\t\t\tVpnGatewayId: pulumi.String(aws_vpn_gateway.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "routeTableId": { "type": "string", "description": "The id of the `aws.ec2.RouteTable` to propagate routes into.\n" }, "vpnGatewayId": { "type": "string", "description": "The id of the `aws.ec2.VpnGateway` to propagate routes from.\n" } }, "required": [ "routeTableId", "vpnGatewayId" ], "inputProperties": { "routeTableId": { "type": "string", "description": "The id of the `aws.ec2.RouteTable` to propagate routes into.\n" }, "vpnGatewayId": { "type": "string", "description": "The id of the `aws.ec2.VpnGateway` to propagate routes from.\n" } }, "requiredInputs": [ "routeTableId", "vpnGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpnGatewayRoutePropagation resources.\n", "properties": { "routeTableId": { "type": "string", "description": "The id of the `aws.ec2.RouteTable` to propagate routes into.\n" }, "vpnGatewayId": { "type": "string", "description": "The id of the `aws.ec2.VpnGateway` to propagate routes from.\n" } }, "type": "object" } }, "aws:ec2clientvpn/endpoint:Endpoint": { "description": "Provides an AWS Client VPN endpoint for OpenVPN clients. For more information on usage, please see the\n[AWS Client VPN Administrator's Guide](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2clientvpn.Endpoint(\"example\", {\n authenticationOptions: [{\n rootCertificateChainArn: aws_acm_certificate_root_cert.arn,\n type: \"certificate-authentication\",\n }],\n clientCidrBlock: \"10.0.0.0/16\",\n connectionLogOptions: {\n cloudwatchLogGroup: aws_cloudwatch_log_group_lg.name,\n cloudwatchLogStream: aws_cloudwatch_log_stream_ls.name,\n enabled: true,\n },\n description: \"clientvpn-example\",\n serverCertificateArn: aws_acm_certificate_cert.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2clientvpn.Endpoint(\"example\",\n authentication_options=[{\n \"rootCertificateChainArn\": aws_acm_certificate[\"root_cert\"][\"arn\"],\n \"type\": \"certificate-authentication\",\n }],\n client_cidr_block=\"10.0.0.0/16\",\n connection_log_options={\n \"cloudwatchLogGroup\": aws_cloudwatch_log_group[\"lg\"][\"name\"],\n \"cloudwatchLogStream\": aws_cloudwatch_log_stream[\"ls\"][\"name\"],\n \"enabled\": True,\n },\n description=\"clientvpn-example\",\n server_certificate_arn=aws_acm_certificate[\"cert\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2ClientVpn.Endpoint(\"example\", new Aws.Ec2ClientVpn.EndpointArgs\n {\n AuthenticationOptions = \n {\n new Aws.Ec2ClientVpn.Inputs.EndpointAuthenticationOptionArgs\n {\n RootCertificateChainArn = aws_acm_certificate.Root_cert.Arn,\n Type = \"certificate-authentication\",\n },\n },\n ClientCidrBlock = \"10.0.0.0/16\",\n ConnectionLogOptions = new Aws.Ec2ClientVpn.Inputs.EndpointConnectionLogOptionsArgs\n {\n CloudwatchLogGroup = aws_cloudwatch_log_group.Lg.Name,\n CloudwatchLogStream = aws_cloudwatch_log_stream.Ls.Name,\n Enabled = true,\n },\n Description = \"clientvpn-example\",\n ServerCertificateArn = aws_acm_certificate.Cert.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2clientvpn\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2clientvpn.NewEndpoint(ctx, \"example\", \u0026ec2clientvpn.EndpointArgs{\n\t\t\tAuthenticationOptions: ec2clientvpn.EndpointAuthenticationOptionArray{\n\t\t\t\t\u0026ec2clientvpn.EndpointAuthenticationOptionArgs{\n\t\t\t\t\tRootCertificateChainArn: pulumi.String(aws_acm_certificate.Root_cert.Arn),\n\t\t\t\t\tType: pulumi.String(\"certificate-authentication\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tClientCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tConnectionLogOptions: \u0026ec2clientvpn.EndpointConnectionLogOptionsArgs{\n\t\t\t\tCloudwatchLogGroup: pulumi.String(aws_cloudwatch_log_group.Lg.Name),\n\t\t\t\tCloudwatchLogStream: pulumi.String(aws_cloudwatch_log_stream.Ls.Name),\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"clientvpn-example\"),\n\t\t\tServerCertificateArn: pulumi.String(aws_acm_certificate.Cert.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Client VPN endpoint.\n" }, "authenticationOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2clientvpn/EndpointAuthenticationOption:EndpointAuthenticationOption" }, "description": "Information about the authentication method to be used to authenticate clients.\n" }, "clientCidrBlock": { "type": "string", "description": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.\n" }, "connectionLogOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointConnectionLogOptions:EndpointConnectionLogOptions", "description": "Information about the client connection logging options.\n" }, "description": { "type": "string", "description": "Name of the repository.\n" }, "dnsName": { "type": "string", "description": "The DNS name to be used by clients when establishing their VPN session.\n" }, "dnsServers": { "type": "array", "items": { "type": "string" }, "description": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the VPC that is to be associated with Client VPN endpoint is used as the DNS server.\n" }, "serverCertificateArn": { "type": "string", "description": "The ARN of the ACM server certificate.\n" }, "splitTunnel": { "type": "boolean", "description": "Indicates whether split-tunnel is enabled on VPN endpoint. Default value is `false`.\n" }, "status": { "type": "string", "description": "The current state of the Client VPN endpoint.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "transportProtocol": { "type": "string", "description": "The transport protocol to be used by the VPN session. Default value is `udp`.\n" } }, "required": [ "arn", "authenticationOptions", "clientCidrBlock", "connectionLogOptions", "dnsName", "serverCertificateArn", "status" ], "inputProperties": { "authenticationOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2clientvpn/EndpointAuthenticationOption:EndpointAuthenticationOption" }, "description": "Information about the authentication method to be used to authenticate clients.\n" }, "clientCidrBlock": { "type": "string", "description": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.\n" }, "connectionLogOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointConnectionLogOptions:EndpointConnectionLogOptions", "description": "Information about the client connection logging options.\n" }, "description": { "type": "string", "description": "Name of the repository.\n" }, "dnsServers": { "type": "array", "items": { "type": "string" }, "description": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the VPC that is to be associated with Client VPN endpoint is used as the DNS server.\n" }, "serverCertificateArn": { "type": "string", "description": "The ARN of the ACM server certificate.\n" }, "splitTunnel": { "type": "boolean", "description": "Indicates whether split-tunnel is enabled on VPN endpoint. Default value is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "transportProtocol": { "type": "string", "description": "The transport protocol to be used by the VPN session. Default value is `udp`.\n" } }, "requiredInputs": [ "authenticationOptions", "clientCidrBlock", "connectionLogOptions", "serverCertificateArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Endpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Client VPN endpoint.\n" }, "authenticationOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2clientvpn/EndpointAuthenticationOption:EndpointAuthenticationOption" }, "description": "Information about the authentication method to be used to authenticate clients.\n" }, "clientCidrBlock": { "type": "string", "description": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.\n" }, "connectionLogOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointConnectionLogOptions:EndpointConnectionLogOptions", "description": "Information about the client connection logging options.\n" }, "description": { "type": "string", "description": "Name of the repository.\n" }, "dnsName": { "type": "string", "description": "The DNS name to be used by clients when establishing their VPN session.\n" }, "dnsServers": { "type": "array", "items": { "type": "string" }, "description": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the VPC that is to be associated with Client VPN endpoint is used as the DNS server.\n" }, "serverCertificateArn": { "type": "string", "description": "The ARN of the ACM server certificate.\n" }, "splitTunnel": { "type": "boolean", "description": "Indicates whether split-tunnel is enabled on VPN endpoint. Default value is `false`.\n" }, "status": { "type": "string", "description": "The current state of the Client VPN endpoint.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "transportProtocol": { "type": "string", "description": "The transport protocol to be used by the VPN session. Default value is `udp`.\n" } }, "type": "object" } }, "aws:ec2clientvpn/networkAssociation:NetworkAssociation": { "description": "Provides network associations for AWS Client VPN endpoints. For more information on usage, please see the \n[AWS Client VPN Administrator's Guide](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2clientvpn.NetworkAssociation(\"example\", {\n clientVpnEndpointId: aws_ec2_client_vpn_endpoint_example.id,\n subnetId: aws_subnet_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2clientvpn.NetworkAssociation(\"example\",\n client_vpn_endpoint_id=aws_ec2_client_vpn_endpoint[\"example\"][\"id\"],\n subnet_id=aws_subnet[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2ClientVpn.NetworkAssociation(\"example\", new Aws.Ec2ClientVpn.NetworkAssociationArgs\n {\n ClientVpnEndpointId = aws_ec2_client_vpn_endpoint.Example.Id,\n SubnetId = aws_subnet.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2clientvpn\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2clientvpn.NewNetworkAssociation(ctx, \"example\", \u0026ec2clientvpn.NetworkAssociationArgs{\n\t\t\tClientVpnEndpointId: pulumi.String(aws_ec2_client_vpn_endpoint.Example.Id),\n\t\t\tSubnetId: pulumi.String(aws_subnet.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the security groups applied to the target network association.\n" }, "status": { "type": "string", "description": "The current state of the target network association.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to associate with the Client VPN endpoint.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the target network (subnet) is located.\n" } }, "required": [ "clientVpnEndpointId", "securityGroups", "status", "subnetId", "vpcId" ], "inputProperties": { "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to associate with the Client VPN endpoint.\n" } }, "requiredInputs": [ "clientVpnEndpointId", "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkAssociation resources.\n", "properties": { "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the security groups applied to the target network association.\n" }, "status": { "type": "string", "description": "The current state of the target network association.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to associate with the Client VPN endpoint.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the target network (subnet) is located.\n" } }, "type": "object" } }, "aws:ec2transitgateway/peeringAttachment:PeeringAttachment": { "description": "Manages an EC2 Transit Gateway Peering Attachment.\nFor examples of custom route table association and propagation, see the [EC2 Transit Gateway Networking Examples Guide](https://docs.aws.amazon.com/vpc/latest/tgw/TGW_Scenarios.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst local = new aws.Provider(\"local\", {region: \"us-east-1\"});\nconst peer = new aws.Provider(\"peer\", {region: \"us-west-2\"});\nconst peerRegion = aws.getRegion({});\nconst localTransitGateway = new aws.ec2transitgateway.TransitGateway(\"localTransitGateway\", {tags: {\n Name: \"Local TGW\",\n}});\nconst peerTransitGateway = new aws.ec2transitgateway.TransitGateway(\"peerTransitGateway\", {tags: {\n Name: \"Peer TGW\",\n}});\nconst example = new aws.ec2transitgateway.PeeringAttachment(\"example\", {\n peerAccountId: peerTransitGateway.ownerId,\n peerRegion: peerRegion.then(peerRegion =\u003e peerRegion.name),\n peerTransitGatewayId: peerTransitGateway.id,\n transitGatewayId: localTransitGateway.id,\n tags: {\n Name: \"TGW Peering Requestor\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\nlocal = pulumi.providers.Aws(\"local\", region=\"us-east-1\")\npeer = pulumi.providers.Aws(\"peer\", region=\"us-west-2\")\npeer_region = aws.get_region()\nlocal_transit_gateway = aws.ec2transitgateway.TransitGateway(\"localTransitGateway\", tags={\n \"Name\": \"Local TGW\",\n})\npeer_transit_gateway = aws.ec2transitgateway.TransitGateway(\"peerTransitGateway\", tags={\n \"Name\": \"Peer TGW\",\n})\nexample = aws.ec2transitgateway.PeeringAttachment(\"example\",\n peer_account_id=peer_transit_gateway.owner_id,\n peer_region=peer_region.name,\n peer_transit_gateway_id=peer_transit_gateway.id,\n transit_gateway_id=local_transit_gateway.id,\n tags={\n \"Name\": \"TGW Peering Requestor\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var local = new Aws.Provider(\"local\", new Aws.ProviderArgs\n {\n Region = \"us-east-1\",\n });\n var peer = new Aws.Provider(\"peer\", new Aws.ProviderArgs\n {\n Region = \"us-west-2\",\n });\n var peerRegion = Output.Create(Aws.GetRegion.InvokeAsync());\n var localTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"localTransitGateway\", new Aws.Ec2TransitGateway.TransitGatewayArgs\n {\n Tags = \n {\n { \"Name\", \"Local TGW\" },\n },\n });\n var peerTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"peerTransitGateway\", new Aws.Ec2TransitGateway.TransitGatewayArgs\n {\n Tags = \n {\n { \"Name\", \"Peer TGW\" },\n },\n });\n var example = new Aws.Ec2TransitGateway.PeeringAttachment(\"example\", new Aws.Ec2TransitGateway.PeeringAttachmentArgs\n {\n PeerAccountId = peerTransitGateway.OwnerId,\n PeerRegion = peerRegion.Apply(peerRegion =\u003e peerRegion.Name),\n PeerTransitGatewayId = peerTransitGateway.Id,\n TransitGatewayId = localTransitGateway.Id,\n Tags = \n {\n { \"Name\", \"TGW Peering Requestor\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "peerAccountId": { "type": "string", "description": "Account ID of EC2 Transit Gateway to peer with. Defaults to the account ID the current provider is currently connected to.\n" }, "peerRegion": { "type": "string", "description": "Region of EC2 Transit Gateway to peer with.\n" }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway to peer with.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "required": [ "peerAccountId", "peerRegion", "peerTransitGatewayId", "transitGatewayId" ], "inputProperties": { "peerAccountId": { "type": "string", "description": "Account ID of EC2 Transit Gateway to peer with. Defaults to the account ID the current provider is currently connected to.\n" }, "peerRegion": { "type": "string", "description": "Region of EC2 Transit Gateway to peer with.\n" }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway to peer with.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "requiredInputs": [ "peerRegion", "peerTransitGatewayId", "transitGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PeeringAttachment resources.\n", "properties": { "peerAccountId": { "type": "string", "description": "Account ID of EC2 Transit Gateway to peer with. Defaults to the account ID the current provider is currently connected to.\n" }, "peerRegion": { "type": "string", "description": "Region of EC2 Transit Gateway to peer with.\n" }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway to peer with.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "type": "object" } }, "aws:ec2transitgateway/route:Route": { "description": "Manages an EC2 Transit Gateway Route.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Standard usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.Route(\"example\", {\n destinationCidrBlock: \"0.0.0.0/0\",\n transitGatewayAttachmentId: aws_ec2_transit_gateway_vpc_attachment_example.id,\n transitGatewayRouteTableId: aws_ec2_transit_gateway_example.associationDefaultRouteTableId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.Route(\"example\",\n destination_cidr_block=\"0.0.0.0/0\",\n transit_gateway_attachment_id=aws_ec2_transit_gateway_vpc_attachment[\"example\"][\"id\"],\n transit_gateway_route_table_id=aws_ec2_transit_gateway[\"example\"][\"association_default_route_table_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2TransitGateway.Route(\"example\", new Aws.Ec2TransitGateway.RouteArgs\n {\n DestinationCidrBlock = \"0.0.0.0/0\",\n TransitGatewayAttachmentId = aws_ec2_transit_gateway_vpc_attachment.Example.Id,\n TransitGatewayRouteTableId = aws_ec2_transit_gateway.Example.Association_default_route_table_id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2transitgateway.NewRoute(ctx, \"example\", \u0026ec2transitgateway.RouteArgs{\n\t\t\tDestinationCidrBlock: pulumi.String(\"0.0.0.0/0\"),\n\t\t\tTransitGatewayAttachmentId: pulumi.String(aws_ec2_transit_gateway_vpc_attachment.Example.Id),\n\t\t\tTransitGatewayRouteTableId: pulumi.String(aws_ec2_transit_gateway.Example.Association_default_route_table_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Blackhole route\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.Route(\"example\", {\n blackhole: true,\n destinationCidrBlock: \"0.0.0.0/0\",\n transitGatewayRouteTableId: aws_ec2_transit_gateway_example.associationDefaultRouteTableId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.Route(\"example\",\n blackhole=True,\n destination_cidr_block=\"0.0.0.0/0\",\n transit_gateway_route_table_id=aws_ec2_transit_gateway[\"example\"][\"association_default_route_table_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2TransitGateway.Route(\"example\", new Aws.Ec2TransitGateway.RouteArgs\n {\n Blackhole = true,\n DestinationCidrBlock = \"0.0.0.0/0\",\n TransitGatewayRouteTableId = aws_ec2_transit_gateway.Example.Association_default_route_table_id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2transitgateway.NewRoute(ctx, \"example\", \u0026ec2transitgateway.RouteArgs{\n\t\t\tBlackhole: pulumi.Bool(true),\n\t\t\tDestinationCidrBlock: pulumi.String(\"0.0.0.0/0\"),\n\t\t\tTransitGatewayRouteTableId: pulumi.String(aws_ec2_transit_gateway.Example.Association_default_route_table_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "blackhole": { "type": "boolean", "description": "Indicates whether to drop traffic that matches this route (default to `false`).\n" }, "destinationCidrBlock": { "type": "string", "description": "IPv4 CIDR range used for destination matches. Routing decisions are based on the most specific match.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment (required if `blackhole` is set to false).\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "required": [ "destinationCidrBlock", "transitGatewayRouteTableId" ], "inputProperties": { "blackhole": { "type": "boolean", "description": "Indicates whether to drop traffic that matches this route (default to `false`).\n" }, "destinationCidrBlock": { "type": "string", "description": "IPv4 CIDR range used for destination matches. Routing decisions are based on the most specific match.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment (required if `blackhole` is set to false).\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "requiredInputs": [ "destinationCidrBlock", "transitGatewayRouteTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Route resources.\n", "properties": { "blackhole": { "type": "boolean", "description": "Indicates whether to drop traffic that matches this route (default to `false`).\n" }, "destinationCidrBlock": { "type": "string", "description": "IPv4 CIDR range used for destination matches. Routing decisions are based on the most specific match.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment (required if `blackhole` is set to false).\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "type": "object" } }, "aws:ec2transitgateway/routeTable:RouteTable": { "description": "Manages an EC2 Transit Gateway Route Table.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.RouteTable(\"example\", {\n transitGatewayId: aws_ec2_transit_gateway_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.RouteTable(\"example\", transit_gateway_id=aws_ec2_transit_gateway[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2TransitGateway.RouteTable(\"example\", new Aws.Ec2TransitGateway.RouteTableArgs\n {\n TransitGatewayId = aws_ec2_transit_gateway.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2transitgateway.NewRouteTable(ctx, \"example\", \u0026ec2transitgateway.RouteTableArgs{\n\t\t\tTransitGatewayId: pulumi.String(aws_ec2_transit_gateway.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "defaultAssociationRouteTable": { "type": "boolean", "description": "Boolean whether this is the default association route table for the EC2 Transit Gateway.\n" }, "defaultPropagationRouteTable": { "type": "boolean", "description": "Boolean whether this is the default propagation route table for the EC2 Transit Gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Route Table.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "required": [ "defaultAssociationRouteTable", "defaultPropagationRouteTable", "transitGatewayId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Route Table.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "requiredInputs": [ "transitGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteTable resources.\n", "properties": { "defaultAssociationRouteTable": { "type": "boolean", "description": "Boolean whether this is the default association route table for the EC2 Transit Gateway.\n" }, "defaultPropagationRouteTable": { "type": "boolean", "description": "Boolean whether this is the default propagation route table for the EC2 Transit Gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Route Table.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "type": "object" } }, "aws:ec2transitgateway/routeTableAssociation:RouteTableAssociation": { "description": "Manages an EC2 Transit Gateway Route Table association.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.RouteTableAssociation(\"example\", {\n transitGatewayAttachmentId: aws_ec2_transit_gateway_vpc_attachment_example.id,\n transitGatewayRouteTableId: aws_ec2_transit_gateway_route_table_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.RouteTableAssociation(\"example\",\n transit_gateway_attachment_id=aws_ec2_transit_gateway_vpc_attachment[\"example\"][\"id\"],\n transit_gateway_route_table_id=aws_ec2_transit_gateway_route_table[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2TransitGateway.RouteTableAssociation(\"example\", new Aws.Ec2TransitGateway.RouteTableAssociationArgs\n {\n TransitGatewayAttachmentId = aws_ec2_transit_gateway_vpc_attachment.Example.Id,\n TransitGatewayRouteTableId = aws_ec2_transit_gateway_route_table.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2transitgateway.NewRouteTableAssociation(ctx, \"example\", \u0026ec2transitgateway.RouteTableAssociationArgs{\n\t\t\tTransitGatewayAttachmentId: pulumi.String(aws_ec2_transit_gateway_vpc_attachment.Example.Id),\n\t\t\tTransitGatewayRouteTableId: pulumi.String(aws_ec2_transit_gateway_route_table.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "resourceId": { "type": "string", "description": "Identifier of the resource\n" }, "resourceType": { "type": "string", "description": "Type of the resource\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "required": [ "resourceId", "resourceType", "transitGatewayAttachmentId", "transitGatewayRouteTableId" ], "inputProperties": { "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "requiredInputs": [ "transitGatewayAttachmentId", "transitGatewayRouteTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteTableAssociation resources.\n", "properties": { "resourceId": { "type": "string", "description": "Identifier of the resource\n" }, "resourceType": { "type": "string", "description": "Type of the resource\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "type": "object" } }, "aws:ec2transitgateway/routeTablePropagation:RouteTablePropagation": { "description": "Manages an EC2 Transit Gateway Route Table propagation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.RouteTablePropagation(\"example\", {\n transitGatewayAttachmentId: aws_ec2_transit_gateway_vpc_attachment_example.id,\n transitGatewayRouteTableId: aws_ec2_transit_gateway_route_table_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.RouteTablePropagation(\"example\",\n transit_gateway_attachment_id=aws_ec2_transit_gateway_vpc_attachment[\"example\"][\"id\"],\n transit_gateway_route_table_id=aws_ec2_transit_gateway_route_table[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2TransitGateway.RouteTablePropagation(\"example\", new Aws.Ec2TransitGateway.RouteTablePropagationArgs\n {\n TransitGatewayAttachmentId = aws_ec2_transit_gateway_vpc_attachment.Example.Id,\n TransitGatewayRouteTableId = aws_ec2_transit_gateway_route_table.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2transitgateway.NewRouteTablePropagation(ctx, \"example\", \u0026ec2transitgateway.RouteTablePropagationArgs{\n\t\t\tTransitGatewayAttachmentId: pulumi.String(aws_ec2_transit_gateway_vpc_attachment.Example.Id),\n\t\t\tTransitGatewayRouteTableId: pulumi.String(aws_ec2_transit_gateway_route_table.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "resourceId": { "type": "string", "description": "Identifier of the resource\n" }, "resourceType": { "type": "string", "description": "Type of the resource\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "required": [ "resourceId", "resourceType", "transitGatewayAttachmentId", "transitGatewayRouteTableId" ], "inputProperties": { "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "requiredInputs": [ "transitGatewayAttachmentId", "transitGatewayRouteTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteTablePropagation resources.\n", "properties": { "resourceId": { "type": "string", "description": "Identifier of the resource\n" }, "resourceType": { "type": "string", "description": "Type of the resource\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "type": "object" } }, "aws:ec2transitgateway/transitGateway:TransitGateway": { "description": "Manages an EC2 Transit Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.TransitGateway(\"example\", {\n description: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.TransitGateway(\"example\", description=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2TransitGateway.TransitGateway(\"example\", new Aws.Ec2TransitGateway.TransitGatewayArgs\n {\n Description = \"example\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2transitgateway.NewTransitGateway(ctx, \"example\", \u0026ec2transitgateway.TransitGatewayArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "amazonSideAsn": { "type": "integer", "description": "Private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is `64512` to `65534` for 16-bit ASNs and `4200000000` to `4294967294` for 32-bit ASNs. Default value: `64512`.\n" }, "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "EC2 Transit Gateway Amazon Resource Name (ARN)\n" }, "associationDefaultRouteTableId": { "type": "string", "description": "Identifier of the default association route table\n" }, "autoAcceptSharedAttachments": { "type": "string", "description": "Whether resource attachment requests are automatically accepted. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "defaultRouteTableAssociation": { "type": "string", "description": "Whether resource attachments are automatically associated with the default association route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "defaultRouteTablePropagation": { "type": "string", "description": "Whether resource attachments automatically propagate routes to the default propagation route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "description": { "type": "string", "description": "Description of the EC2 Transit Gateway.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "ownerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 Transit Gateway\n" }, "propagationDefaultRouteTableId": { "type": "string", "description": "Identifier of the default propagation route table\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway.\n" }, "vpnEcmpSupport": { "type": "string", "description": "Whether VPN Equal Cost Multipath Protocol support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" } }, "required": [ "arn", "associationDefaultRouteTableId", "ownerId", "propagationDefaultRouteTableId" ], "inputProperties": { "amazonSideAsn": { "type": "integer", "description": "Private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is `64512` to `65534` for 16-bit ASNs and `4200000000` to `4294967294` for 32-bit ASNs. Default value: `64512`.\n" }, "autoAcceptSharedAttachments": { "type": "string", "description": "Whether resource attachment requests are automatically accepted. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "defaultRouteTableAssociation": { "type": "string", "description": "Whether resource attachments are automatically associated with the default association route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "defaultRouteTablePropagation": { "type": "string", "description": "Whether resource attachments automatically propagate routes to the default propagation route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "description": { "type": "string", "description": "Description of the EC2 Transit Gateway.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway.\n" }, "vpnEcmpSupport": { "type": "string", "description": "Whether VPN Equal Cost Multipath Protocol support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TransitGateway resources.\n", "properties": { "amazonSideAsn": { "type": "integer", "description": "Private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is `64512` to `65534` for 16-bit ASNs and `4200000000` to `4294967294` for 32-bit ASNs. Default value: `64512`.\n" }, "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "EC2 Transit Gateway Amazon Resource Name (ARN)\n" }, "associationDefaultRouteTableId": { "type": "string", "description": "Identifier of the default association route table\n" }, "autoAcceptSharedAttachments": { "type": "string", "description": "Whether resource attachment requests are automatically accepted. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "defaultRouteTableAssociation": { "type": "string", "description": "Whether resource attachments are automatically associated with the default association route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "defaultRouteTablePropagation": { "type": "string", "description": "Whether resource attachments automatically propagate routes to the default propagation route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "description": { "type": "string", "description": "Description of the EC2 Transit Gateway.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "ownerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 Transit Gateway\n" }, "propagationDefaultRouteTableId": { "type": "string", "description": "Identifier of the default propagation route table\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway.\n" }, "vpnEcmpSupport": { "type": "string", "description": "Whether VPN Equal Cost Multipath Protocol support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" } }, "type": "object" } }, "aws:ec2transitgateway/vpcAttachment:VpcAttachment": { "description": "Manages an EC2 Transit Gateway VPC Attachment. For examples of custom route table association and propagation, see the EC2 Transit Gateway Networking Examples Guide.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.VpcAttachment(\"example\", {\n subnetIds: [aws_subnet_example.id],\n transitGatewayId: aws_ec2_transit_gateway_example.id,\n vpcId: aws_vpc_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.VpcAttachment(\"example\",\n subnet_ids=[aws_subnet[\"example\"][\"id\"]],\n transit_gateway_id=aws_ec2_transit_gateway[\"example\"][\"id\"],\n vpc_id=aws_vpc[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2TransitGateway.VpcAttachment(\"example\", new Aws.Ec2TransitGateway.VpcAttachmentArgs\n {\n SubnetIds = \n {\n aws_subnet.Example.Id,\n },\n TransitGatewayId = aws_ec2_transit_gateway.Example.Id,\n VpcId = aws_vpc.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2transitgateway.NewVpcAttachment(ctx, \"example\", \u0026ec2transitgateway.VpcAttachmentArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_subnet.Example.Id),\n\t\t\t},\n\t\t\tTransitGatewayId: pulumi.String(aws_ec2_transit_gateway.Example.Id),\n\t\t\tVpcId: pulumi.String(aws_vpc.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nA full example of how to create a Transit Gateway in one AWS account, share it with a second AWS account, and attach a VPC in the second account to the Transit Gateway via the `aws.ec2transitgateway.VpcAttachment` and `aws.ec2transitgateway.VpcAttachmentAccepter` resources can be found in [the `./examples/transit-gateway-cross-account-vpc-attachment` directory within the Github Repository](https://github.com/providers/provider-aws/tree/master/examples/transit-gateway-cross-account-vpc-attachment).\n{{% /example %}}\n{{% /examples %}}", "properties": { "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment.\n" }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" }, "vpcOwnerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 VPC.\n" } }, "required": [ "subnetIds", "transitGatewayId", "vpcId", "vpcOwnerId" ], "inputProperties": { "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment.\n" }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" } }, "requiredInputs": [ "subnetIds", "transitGatewayId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcAttachment resources.\n", "properties": { "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment.\n" }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" }, "vpcOwnerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 VPC.\n" } }, "type": "object" } }, "aws:ec2transitgateway/vpcAttachmentAccepter:VpcAttachmentAccepter": { "description": "Manages the accepter's side of an EC2 Transit Gateway VPC Attachment.\n\nWhen a cross-account (requester's AWS account differs from the accepter's AWS account) EC2 Transit Gateway VPC Attachment\nis created, an EC2 Transit Gateway VPC Attachment resource is automatically created in the accepter's account.\nThe requester can use the `aws.ec2transitgateway.VpcAttachment` resource to manage its side of the connection\nand the accepter can use the `aws.ec2transitgateway.VpcAttachmentAccepter` resource to \"adopt\" its side of the\nconnection into management.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.VpcAttachmentAccepter(\"example\", {\n tags: {\n Name: \"Example cross-account attachment\",\n },\n transitGatewayAttachmentId: aws_ec2_transit_gateway_vpc_attachment_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.VpcAttachmentAccepter(\"example\",\n tags={\n \"Name\": \"Example cross-account attachment\",\n },\n transit_gateway_attachment_id=aws_ec2_transit_gateway_vpc_attachment[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ec2TransitGateway.VpcAttachmentAccepter(\"example\", new Aws.Ec2TransitGateway.VpcAttachmentAccepterArgs\n {\n Tags = \n {\n { \"Name\", \"Example cross-account attachment\" },\n },\n TransitGatewayAttachmentId = aws_ec2_transit_gateway_vpc_attachment.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ec2transitgateway.NewVpcAttachmentAccepter(ctx, \"example\", \u0026ec2transitgateway.VpcAttachmentAccepterArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"Example cross-account attachment\"),\n\t\t\t},\n\t\t\tTransitGatewayAttachmentId: pulumi.String(aws_ec2_transit_gateway_vpc_attachment.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nA full example of how to how to create a Transit Gateway in one AWS account, share it with a second AWS account, and attach a VPC in the second account to the Transit Gateway via the `aws.ec2transitgateway.VpcAttachment` and `aws.ec2transitgateway.VpcAttachmentAccepter` resources can be found in [the `./examples/transit-gateway-cross-account-vpc-attachment` directory within the Github Repository](https://github.com/providers/provider-aws/tree/master/examples/transit-gateway-cross-account-vpc-attachment).\n{{% /example %}}\n{{% /examples %}}", "properties": { "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`.\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled. Valid values: `disable`, `enable`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Attachment to manage.\n" }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" }, "vpcOwnerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 VPC.\n" } }, "required": [ "dnsSupport", "ipv6Support", "subnetIds", "transitGatewayAttachmentId", "transitGatewayId", "vpcId", "vpcOwnerId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Attachment to manage.\n" }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. Default value: `true`.\n" } }, "requiredInputs": [ "transitGatewayAttachmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcAttachmentAccepter resources.\n", "properties": { "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`.\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled. Valid values: `disable`, `enable`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Attachment to manage.\n" }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" }, "vpcOwnerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 VPC.\n" } }, "type": "object" } }, "aws:ecr/lifecyclePolicy:LifecyclePolicy": { "description": "Manages an ECR repository lifecycle policy.\n\n\u003e **NOTE:** Only one `aws.ecr.LifecyclePolicy` resource can be used with the same ECR repository. To apply multiple rules, they must be combined in the `policy` JSON.\n\n\u003e **NOTE:** The AWS ECR API seems to reorder rules based on `rulePriority`. If you define multiple rules that are not sorted in ascending `rulePriority` order in the this provider code, the resource will be flagged for recreation every deployment.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Policy on untagged image\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ecr.Repository(\"foo\", {});\nconst foopolicy = new aws.ecr.LifecyclePolicy(\"foopolicy\", {\n policy: `{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n`,\n repository: foo.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ecr.Repository(\"foo\")\nfoopolicy = aws.ecr.LifecyclePolicy(\"foopolicy\",\n policy=\"\"\"{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n\n\"\"\",\n repository=foo.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ecr.Repository(\"foo\", new Aws.Ecr.RepositoryArgs\n {\n });\n var foopolicy = new Aws.Ecr.LifecyclePolicy(\"foopolicy\", new Aws.Ecr.LifecyclePolicyArgs\n {\n Policy = @\"{\n \"\"rules\"\": [\n {\n \"\"rulePriority\"\": 1,\n \"\"description\"\": \"\"Expire images older than 14 days\"\",\n \"\"selection\"\": {\n \"\"tagStatus\"\": \"\"untagged\"\",\n \"\"countType\"\": \"\"sinceImagePushed\"\",\n \"\"countUnit\"\": \"\"days\"\",\n \"\"countNumber\"\": 14\n },\n \"\"action\"\": {\n \"\"type\"\": \"\"expire\"\"\n }\n }\n ]\n}\n\n\",\n Repository = foo.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ecr.NewRepository(ctx, \"foo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecr.NewLifecyclePolicy(ctx, \"foopolicy\", \u0026ecr.LifecyclePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"rules\\\": [\\n\", \" {\\n\", \" \\\"rulePriority\\\": 1,\\n\", \" \\\"description\\\": \\\"Expire images older than 14 days\\\",\\n\", \" \\\"selection\\\": {\\n\", \" \\\"tagStatus\\\": \\\"untagged\\\",\\n\", \" \\\"countType\\\": \\\"sinceImagePushed\\\",\\n\", \" \\\"countUnit\\\": \\\"days\\\",\\n\", \" \\\"countNumber\\\": 14\\n\", \" },\\n\", \" \\\"action\\\": {\\n\", \" \\\"type\\\": \\\"expire\\\"\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRepository: foo.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Policy on tagged image\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ecr.Repository(\"foo\", {});\nconst foopolicy = new aws.ecr.LifecyclePolicy(\"foopolicy\", {\n policy: `{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Keep last 30 images\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"v\"],\n \"countType\": \"imageCountMoreThan\",\n \"countNumber\": 30\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n`,\n repository: foo.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ecr.Repository(\"foo\")\nfoopolicy = aws.ecr.LifecyclePolicy(\"foopolicy\",\n policy=\"\"\"{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Keep last 30 images\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"v\"],\n \"countType\": \"imageCountMoreThan\",\n \"countNumber\": 30\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n\n\"\"\",\n repository=foo.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ecr.Repository(\"foo\", new Aws.Ecr.RepositoryArgs\n {\n });\n var foopolicy = new Aws.Ecr.LifecyclePolicy(\"foopolicy\", new Aws.Ecr.LifecyclePolicyArgs\n {\n Policy = @\"{\n \"\"rules\"\": [\n {\n \"\"rulePriority\"\": 1,\n \"\"description\"\": \"\"Keep last 30 images\"\",\n \"\"selection\"\": {\n \"\"tagStatus\"\": \"\"tagged\"\",\n \"\"tagPrefixList\"\": [\"\"v\"\"],\n \"\"countType\"\": \"\"imageCountMoreThan\"\",\n \"\"countNumber\"\": 30\n },\n \"\"action\"\": {\n \"\"type\"\": \"\"expire\"\"\n }\n }\n ]\n}\n\n\",\n Repository = foo.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ecr.NewRepository(ctx, \"foo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecr.NewLifecyclePolicy(ctx, \"foopolicy\", \u0026ecr.LifecyclePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"rules\\\": [\\n\", \" {\\n\", \" \\\"rulePriority\\\": 1,\\n\", \" \\\"description\\\": \\\"Keep last 30 images\\\",\\n\", \" \\\"selection\\\": {\\n\", \" \\\"tagStatus\\\": \\\"tagged\\\",\\n\", \" \\\"tagPrefixList\\\": [\\\"v\\\"],\\n\", \" \\\"countType\\\": \\\"imageCountMoreThan\\\",\\n\", \" \\\"countNumber\\\": 30\\n\", \" },\\n\", \" \\\"action\\\": {\\n\", \" \\\"type\\\": \\\"expire\\\"\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRepository: foo.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string. See more details about [Policy Parameters](http://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html#lifecycle_policy_parameters) in the official AWS docs.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n" } }, "required": [ "policy", "registryId", "repository" ], "inputProperties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ecr/lifecyclePolicyDocument:LifecyclePolicyDocument" } ], "description": "The policy document. This is a JSON formatted string. See more details about [Policy Parameters](http://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html#lifecycle_policy_parameters) in the official AWS docs.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n" } }, "requiredInputs": [ "policy", "repository" ], "stateInputs": { "description": "Input properties used for looking up and filtering LifecyclePolicy resources.\n", "properties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ecr/lifecyclePolicyDocument:LifecyclePolicyDocument" } ], "description": "The policy document. This is a JSON formatted string. See more details about [Policy Parameters](http://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html#lifecycle_policy_parameters) in the official AWS docs.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n" } }, "type": "object" } }, "aws:ecr/repository:Repository": { "description": "Provides an Elastic Container Registry Repository.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ecr.Repository(\"foo\", {\n imageScanningConfiguration: {\n scanOnPush: true,\n },\n imageTagMutability: \"MUTABLE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ecr.Repository(\"foo\",\n image_scanning_configuration={\n \"scanOnPush\": True,\n },\n image_tag_mutability=\"MUTABLE\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ecr.Repository(\"foo\", new Aws.Ecr.RepositoryArgs\n {\n ImageScanningConfiguration = new Aws.Ecr.Inputs.RepositoryImageScanningConfigurationArgs\n {\n ScanOnPush = true,\n },\n ImageTagMutability = \"MUTABLE\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ecr.NewRepository(ctx, \"foo\", \u0026ecr.RepositoryArgs{\n\t\t\tImageScanningConfiguration: \u0026ecr.RepositoryImageScanningConfigurationArgs{\n\t\t\t\tScanOnPush: pulumi.Bool(true),\n\t\t\t},\n\t\t\tImageTagMutability: pulumi.String(\"MUTABLE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Full ARN of the repository.\n" }, "imageScanningConfiguration": { "$ref": "#/types/aws:ecr/RepositoryImageScanningConfiguration:RepositoryImageScanningConfiguration", "description": "Configuration block that defines image scanning configuration for the repository. By default, image scanning must be manually triggered. See the [ECR User Guide](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html) for more information about image scanning.\n" }, "imageTagMutability": { "type": "string", "description": "The tag mutability setting for the repository. Must be one of: `MUTABLE` or `IMMUTABLE`. Defaults to `MUTABLE`.\n" }, "name": { "type": "string", "description": "Name of the repository.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repositoryUrl": { "type": "string", "description": "The URL of the repository (in the form `aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "name", "registryId", "repositoryUrl" ], "inputProperties": { "imageScanningConfiguration": { "$ref": "#/types/aws:ecr/RepositoryImageScanningConfiguration:RepositoryImageScanningConfiguration", "description": "Configuration block that defines image scanning configuration for the repository. By default, image scanning must be manually triggered. See the [ECR User Guide](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html) for more information about image scanning.\n" }, "imageTagMutability": { "type": "string", "description": "The tag mutability setting for the repository. Must be one of: `MUTABLE` or `IMMUTABLE`. Defaults to `MUTABLE`.\n" }, "name": { "type": "string", "description": "Name of the repository.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Repository resources.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the repository.\n" }, "imageScanningConfiguration": { "$ref": "#/types/aws:ecr/RepositoryImageScanningConfiguration:RepositoryImageScanningConfiguration", "description": "Configuration block that defines image scanning configuration for the repository. By default, image scanning must be manually triggered. See the [ECR User Guide](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html) for more information about image scanning.\n" }, "imageTagMutability": { "type": "string", "description": "The tag mutability setting for the repository. Must be one of: `MUTABLE` or `IMMUTABLE`. Defaults to `MUTABLE`.\n" }, "name": { "type": "string", "description": "Name of the repository.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repositoryUrl": { "type": "string", "description": "The URL of the repository (in the form `aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:ecr/repositoryPolicy:RepositoryPolicy": { "description": "Provides an Elastic Container Registry Repository Policy.\n\nNote that currently only one policy may be applied to a repository.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ecr.Repository(\"foo\", {});\nconst foopolicy = new aws.ecr.RepositoryPolicy(\"foopolicy\", {\n policy: `{\n \"Version\": \"2008-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"new policy\",\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Action\": [\n \"ecr:GetDownloadUrlForLayer\",\n \"ecr:BatchGetImage\",\n \"ecr:BatchCheckLayerAvailability\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:UploadLayerPart\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:DescribeRepositories\",\n \"ecr:GetRepositoryPolicy\",\n \"ecr:ListImages\",\n \"ecr:DeleteRepository\",\n \"ecr:BatchDeleteImage\",\n \"ecr:SetRepositoryPolicy\",\n \"ecr:DeleteRepositoryPolicy\"\n ]\n }\n ]\n}\n`,\n repository: foo.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ecr.Repository(\"foo\")\nfoopolicy = aws.ecr.RepositoryPolicy(\"foopolicy\",\n policy=\"\"\"{\n \"Version\": \"2008-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"new policy\",\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Action\": [\n \"ecr:GetDownloadUrlForLayer\",\n \"ecr:BatchGetImage\",\n \"ecr:BatchCheckLayerAvailability\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:UploadLayerPart\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:DescribeRepositories\",\n \"ecr:GetRepositoryPolicy\",\n \"ecr:ListImages\",\n \"ecr:DeleteRepository\",\n \"ecr:BatchDeleteImage\",\n \"ecr:SetRepositoryPolicy\",\n \"ecr:DeleteRepositoryPolicy\"\n ]\n }\n ]\n}\n\n\"\"\",\n repository=foo.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ecr.Repository(\"foo\", new Aws.Ecr.RepositoryArgs\n {\n });\n var foopolicy = new Aws.Ecr.RepositoryPolicy(\"foopolicy\", new Aws.Ecr.RepositoryPolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2008-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Sid\"\": \"\"new policy\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Action\"\": [\n \"\"ecr:GetDownloadUrlForLayer\"\",\n \"\"ecr:BatchGetImage\"\",\n \"\"ecr:BatchCheckLayerAvailability\"\",\n \"\"ecr:PutImage\"\",\n \"\"ecr:InitiateLayerUpload\"\",\n \"\"ecr:UploadLayerPart\"\",\n \"\"ecr:CompleteLayerUpload\"\",\n \"\"ecr:DescribeRepositories\"\",\n \"\"ecr:GetRepositoryPolicy\"\",\n \"\"ecr:ListImages\"\",\n \"\"ecr:DeleteRepository\"\",\n \"\"ecr:BatchDeleteImage\"\",\n \"\"ecr:SetRepositoryPolicy\"\",\n \"\"ecr:DeleteRepositoryPolicy\"\"\n ]\n }\n ]\n}\n\n\",\n Repository = foo.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ecr.NewRepository(ctx, \"foo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecr.NewRepositoryPolicy(ctx, \"foopolicy\", \u0026ecr.RepositoryPolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2008-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"new policy\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": \\\"*\\\",\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ecr:GetDownloadUrlForLayer\\\",\\n\", \" \\\"ecr:BatchGetImage\\\",\\n\", \" \\\"ecr:BatchCheckLayerAvailability\\\",\\n\", \" \\\"ecr:PutImage\\\",\\n\", \" \\\"ecr:InitiateLayerUpload\\\",\\n\", \" \\\"ecr:UploadLayerPart\\\",\\n\", \" \\\"ecr:CompleteLayerUpload\\\",\\n\", \" \\\"ecr:DescribeRepositories\\\",\\n\", \" \\\"ecr:GetRepositoryPolicy\\\",\\n\", \" \\\"ecr:ListImages\\\",\\n\", \" \\\"ecr:DeleteRepository\\\",\\n\", \" \\\"ecr:BatchDeleteImage\\\",\\n\", \" \\\"ecr:SetRepositoryPolicy\\\",\\n\", \" \\\"ecr:DeleteRepositoryPolicy\\\"\\n\", \" ]\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRepository: foo.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n" } }, "required": [ "policy", "registryId", "repository" ], "inputProperties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n" } }, "requiredInputs": [ "policy", "repository" ], "stateInputs": { "description": "Input properties used for looking up and filtering RepositoryPolicy resources.\n", "properties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n" } }, "type": "object" } }, "aws:ecs/capacityProvider:CapacityProvider": { "description": "Provides an ECS cluster capacity provider. More information can be found on the [ECS Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-capacity-providers.html).\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the capacity provider.\n" }, "autoScalingGroupProvider": { "$ref": "#/types/aws:ecs/CapacityProviderAutoScalingGroupProvider:CapacityProviderAutoScalingGroupProvider", "description": "Nested argument defining the provider for the ECS auto scaling group. Defined below.\n" }, "name": { "type": "string", "description": "The name of the capacity provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "required": [ "arn", "autoScalingGroupProvider", "name" ], "inputProperties": { "autoScalingGroupProvider": { "$ref": "#/types/aws:ecs/CapacityProviderAutoScalingGroupProvider:CapacityProviderAutoScalingGroupProvider", "description": "Nested argument defining the provider for the ECS auto scaling group. Defined below.\n" }, "name": { "type": "string", "description": "The name of the capacity provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "requiredInputs": [ "autoScalingGroupProvider" ], "stateInputs": { "description": "Input properties used for looking up and filtering CapacityProvider resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the capacity provider.\n" }, "autoScalingGroupProvider": { "$ref": "#/types/aws:ecs/CapacityProviderAutoScalingGroupProvider:CapacityProviderAutoScalingGroupProvider", "description": "Nested argument defining the provider for the ECS auto scaling group. Defined below.\n" }, "name": { "type": "string", "description": "The name of the capacity provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object" } }, "aws:ecs/cluster:Cluster": { "description": "Provides an ECS cluster.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ecs.Cluster(\"foo\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ecs.Cluster(\"foo\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ecs.Cluster(\"foo\", new Aws.Ecs.ClusterArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ecs.NewCluster(ctx, \"foo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the cluster\n" }, "capacityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of short names of one or more capacity providers to associate with the cluster. Valid values also include `FARGATE` and `FARGATE_SPOT`.\n" }, "defaultCapacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterDefaultCapacityProviderStrategy:ClusterDefaultCapacityProviderStrategy" }, "description": "The capacity provider strategy to use by default for the cluster. Can be one or more. Defined below.\n" }, "name": { "type": "string", "description": "The name of the cluster (up to 255 letters, numbers, hyphens, and underscores)\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterSetting:ClusterSetting" }, "description": "Configuration block(s) with cluster settings. For example, this can be used to enable CloudWatch Container Insights for a cluster. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "name", "settings" ], "inputProperties": { "capacityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of short names of one or more capacity providers to associate with the cluster. Valid values also include `FARGATE` and `FARGATE_SPOT`.\n" }, "defaultCapacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterDefaultCapacityProviderStrategy:ClusterDefaultCapacityProviderStrategy" }, "description": "The capacity provider strategy to use by default for the cluster. Can be one or more. Defined below.\n" }, "name": { "type": "string", "description": "The name of the cluster (up to 255 letters, numbers, hyphens, and underscores)\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterSetting:ClusterSetting" }, "description": "Configuration block(s) with cluster settings. For example, this can be used to enable CloudWatch Container Insights for a cluster. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the cluster\n" }, "capacityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of short names of one or more capacity providers to associate with the cluster. Valid values also include `FARGATE` and `FARGATE_SPOT`.\n" }, "defaultCapacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterDefaultCapacityProviderStrategy:ClusterDefaultCapacityProviderStrategy" }, "description": "The capacity provider strategy to use by default for the cluster. Can be one or more. Defined below.\n" }, "name": { "type": "string", "description": "The name of the cluster (up to 255 letters, numbers, hyphens, and underscores)\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterSetting:ClusterSetting" }, "description": "Configuration block(s) with cluster settings. For example, this can be used to enable CloudWatch Container Insights for a cluster. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:ecs/service:Service": { "description": "\u003e **Note:** To prevent a race condition during service deletion, make sure to set `depends_on` to the related `aws.iam.RolePolicy`; otherwise, the policy may be destroyed too soon and the ECS service will then get stuck in the `DRAINING` state.\n\nProvides an ECS service - effectively a task that is expected to run until an error occurs or a user terminates it (typically a webserver or a database).\n\nSee [ECS Services section in AWS developer guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Daemon Scheduling Strategy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.ecs.Service(\"bar\", {\n cluster: aws_ecs_cluster_foo.id,\n schedulingStrategy: \"DAEMON\",\n taskDefinition: aws_ecs_task_definition_bar.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.ecs.Service(\"bar\",\n cluster=aws_ecs_cluster[\"foo\"][\"id\"],\n scheduling_strategy=\"DAEMON\",\n task_definition=aws_ecs_task_definition[\"bar\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bar = new Aws.Ecs.Service(\"bar\", new Aws.Ecs.ServiceArgs\n {\n Cluster = aws_ecs_cluster.Foo.Id,\n SchedulingStrategy = \"DAEMON\",\n TaskDefinition = aws_ecs_task_definition.Bar.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ecs.NewService(ctx, \"bar\", \u0026ecs.ServiceArgs{\n\t\t\tCluster: pulumi.String(aws_ecs_cluster.Foo.Id),\n\t\t\tSchedulingStrategy: pulumi.String(\"DAEMON\"),\n\t\t\tTaskDefinition: pulumi.String(aws_ecs_task_definition.Bar.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### External Deployment Controller\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {\n cluster: aws_ecs_cluster_example.id,\n deploymentController: {\n type: \"EXTERNAL\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\",\n cluster=aws_ecs_cluster[\"example\"][\"id\"],\n deployment_controller={\n \"type\": \"EXTERNAL\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ecs.Service(\"example\", new Aws.Ecs.ServiceArgs\n {\n Cluster = aws_ecs_cluster.Example.Id,\n DeploymentController = new Aws.Ecs.Inputs.ServiceDeploymentControllerArgs\n {\n Type = \"EXTERNAL\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tCluster: pulumi.String(aws_ecs_cluster.Example.Id),\n\t\t\tDeploymentController: \u0026ecs.ServiceDeploymentControllerArgs{\n\t\t\t\tType: pulumi.String(\"EXTERNAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceCapacityProviderStrategy:ServiceCapacityProviderStrategy" }, "description": "The capacity provider strategy to use for the service. Can be one or more. Defined below.\n" }, "cluster": { "type": "string", "description": "ARN of an ECS cluster\n" }, "deploymentController": { "$ref": "#/types/aws:ecs/ServiceDeploymentController:ServiceDeploymentController", "description": "Configuration block containing deployment controller configuration. Defined below.\n" }, "deploymentMaximumPercent": { "type": "integer", "description": "The upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment. Not valid when using the `DAEMON` scheduling strategy.\n" }, "deploymentMinimumHealthyPercent": { "type": "integer", "description": "The lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment.\n" }, "desiredCount": { "type": "integer", "description": "The number of instances of the task definition to place and keep running. Defaults to 0. Do not specify if using the `DAEMON` scheduling strategy.\n" }, "enableEcsManagedTags": { "type": "boolean", "description": "Specifies whether to enable Amazon ECS managed tags for the tasks within the service.\n" }, "forceNewDeployment": { "type": "boolean", "description": "Enable to force a new task deployment of the service. This can be used to update tasks to use a newer Docker image with same image/tag combination (e.g. `myimage:latest`), roll Fargate tasks onto a newer platform version, or immediately deploy `ordered_placement_strategy` and `placement_constraints` updates.\n" }, "healthCheckGracePeriodSeconds": { "type": "integer", "description": "Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown, up to 2147483647. Only valid for services configured to use load balancers.\n" }, "iamRole": { "type": "string", "description": "ARN of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is required if you are using a load balancer with your service, but only if your task definition does not use the `awsvpc` network mode. If using `awsvpc` network mode, do not specify this role. If your account has already created the Amazon ECS service-linked role, that role is used by default for your service unless you specify a role here.\n" }, "launchType": { "type": "string", "description": "The launch type on which to run your service. The valid values are `EC2` and `FARGATE`. Defaults to `EC2`.\n" }, "loadBalancers": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceLoadBalancer:ServiceLoadBalancer" }, "description": "A load balancer block. Load balancers documented below.\n" }, "name": { "type": "string", "description": "The name of the service (up to 255 letters, numbers, hyphens, and underscores)\n" }, "networkConfiguration": { "$ref": "#/types/aws:ecs/ServiceNetworkConfiguration:ServiceNetworkConfiguration", "description": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes.\n" }, "orderedPlacementStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceOrderedPlacementStrategy:ServiceOrderedPlacementStrategy" }, "description": "Service level strategy rules that are taken into consideration during task placement. List from top to bottom in order of precedence. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. The maximum number of `ordered_placement_strategy` blocks is `5`. Defined below.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServicePlacementConstraint:ServicePlacementConstraint" }, "description": "rules that are taken into consideration during task placement. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. Maximum number of `placement_constraints` is `10`. Defined below.\n" }, "platformVersion": { "type": "string", "description": "The platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n" }, "propagateTags": { "type": "string", "description": "Specifies whether to propagate the tags from the task definition or the service to the tasks. The valid values are `SERVICE` and `TASK_DEFINITION`.\n" }, "schedulingStrategy": { "type": "string", "description": "The scheduling strategy to use for the service. The valid values are `REPLICA` and `DAEMON`. Defaults to `REPLICA`. Note that [*Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy*](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html).\n" }, "serviceRegistries": { "$ref": "#/types/aws:ecs/ServiceServiceRegistries:ServiceServiceRegistries", "description": "The service discovery registries for the service. The maximum number of `service_registries` blocks is `1`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "taskDefinition": { "type": "string", "description": "The family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service. Required unless using the `EXTERNAL` deployment controller. If a revision is not specified, the latest `ACTIVE` revision is used.\n" }, "waitForSteadyState": { "type": "boolean" } }, "required": [ "cluster", "iamRole", "launchType", "name", "platformVersion" ], "inputProperties": { "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceCapacityProviderStrategy:ServiceCapacityProviderStrategy" }, "description": "The capacity provider strategy to use for the service. Can be one or more. Defined below.\n" }, "cluster": { "type": "string", "description": "ARN of an ECS cluster\n" }, "deploymentController": { "$ref": "#/types/aws:ecs/ServiceDeploymentController:ServiceDeploymentController", "description": "Configuration block containing deployment controller configuration. Defined below.\n" }, "deploymentMaximumPercent": { "type": "integer", "description": "The upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment. Not valid when using the `DAEMON` scheduling strategy.\n" }, "deploymentMinimumHealthyPercent": { "type": "integer", "description": "The lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment.\n" }, "desiredCount": { "type": "integer", "description": "The number of instances of the task definition to place and keep running. Defaults to 0. Do not specify if using the `DAEMON` scheduling strategy.\n" }, "enableEcsManagedTags": { "type": "boolean", "description": "Specifies whether to enable Amazon ECS managed tags for the tasks within the service.\n" }, "forceNewDeployment": { "type": "boolean", "description": "Enable to force a new task deployment of the service. This can be used to update tasks to use a newer Docker image with same image/tag combination (e.g. `myimage:latest`), roll Fargate tasks onto a newer platform version, or immediately deploy `ordered_placement_strategy` and `placement_constraints` updates.\n" }, "healthCheckGracePeriodSeconds": { "type": "integer", "description": "Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown, up to 2147483647. Only valid for services configured to use load balancers.\n" }, "iamRole": { "type": "string", "description": "ARN of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is required if you are using a load balancer with your service, but only if your task definition does not use the `awsvpc` network mode. If using `awsvpc` network mode, do not specify this role. If your account has already created the Amazon ECS service-linked role, that role is used by default for your service unless you specify a role here.\n" }, "launchType": { "type": "string", "description": "The launch type on which to run your service. The valid values are `EC2` and `FARGATE`. Defaults to `EC2`.\n" }, "loadBalancers": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceLoadBalancer:ServiceLoadBalancer" }, "description": "A load balancer block. Load balancers documented below.\n" }, "name": { "type": "string", "description": "The name of the service (up to 255 letters, numbers, hyphens, and underscores)\n" }, "networkConfiguration": { "$ref": "#/types/aws:ecs/ServiceNetworkConfiguration:ServiceNetworkConfiguration", "description": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes.\n" }, "orderedPlacementStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceOrderedPlacementStrategy:ServiceOrderedPlacementStrategy" }, "description": "Service level strategy rules that are taken into consideration during task placement. List from top to bottom in order of precedence. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. The maximum number of `ordered_placement_strategy` blocks is `5`. Defined below.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServicePlacementConstraint:ServicePlacementConstraint" }, "description": "rules that are taken into consideration during task placement. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. Maximum number of `placement_constraints` is `10`. Defined below.\n" }, "platformVersion": { "type": "string", "description": "The platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n" }, "propagateTags": { "type": "string", "description": "Specifies whether to propagate the tags from the task definition or the service to the tasks. The valid values are `SERVICE` and `TASK_DEFINITION`.\n" }, "schedulingStrategy": { "type": "string", "description": "The scheduling strategy to use for the service. The valid values are `REPLICA` and `DAEMON`. Defaults to `REPLICA`. Note that [*Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy*](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html).\n" }, "serviceRegistries": { "$ref": "#/types/aws:ecs/ServiceServiceRegistries:ServiceServiceRegistries", "description": "The service discovery registries for the service. The maximum number of `service_registries` blocks is `1`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "taskDefinition": { "type": "string", "description": "The family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service. Required unless using the `EXTERNAL` deployment controller. If a revision is not specified, the latest `ACTIVE` revision is used.\n" }, "waitForSteadyState": { "type": "boolean" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Service resources.\n", "properties": { "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceCapacityProviderStrategy:ServiceCapacityProviderStrategy" }, "description": "The capacity provider strategy to use for the service. Can be one or more. Defined below.\n" }, "cluster": { "type": "string", "description": "ARN of an ECS cluster\n" }, "deploymentController": { "$ref": "#/types/aws:ecs/ServiceDeploymentController:ServiceDeploymentController", "description": "Configuration block containing deployment controller configuration. Defined below.\n" }, "deploymentMaximumPercent": { "type": "integer", "description": "The upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment. Not valid when using the `DAEMON` scheduling strategy.\n" }, "deploymentMinimumHealthyPercent": { "type": "integer", "description": "The lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment.\n" }, "desiredCount": { "type": "integer", "description": "The number of instances of the task definition to place and keep running. Defaults to 0. Do not specify if using the `DAEMON` scheduling strategy.\n" }, "enableEcsManagedTags": { "type": "boolean", "description": "Specifies whether to enable Amazon ECS managed tags for the tasks within the service.\n" }, "forceNewDeployment": { "type": "boolean", "description": "Enable to force a new task deployment of the service. This can be used to update tasks to use a newer Docker image with same image/tag combination (e.g. `myimage:latest`), roll Fargate tasks onto a newer platform version, or immediately deploy `ordered_placement_strategy` and `placement_constraints` updates.\n" }, "healthCheckGracePeriodSeconds": { "type": "integer", "description": "Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown, up to 2147483647. Only valid for services configured to use load balancers.\n" }, "iamRole": { "type": "string", "description": "ARN of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is required if you are using a load balancer with your service, but only if your task definition does not use the `awsvpc` network mode. If using `awsvpc` network mode, do not specify this role. If your account has already created the Amazon ECS service-linked role, that role is used by default for your service unless you specify a role here.\n" }, "launchType": { "type": "string", "description": "The launch type on which to run your service. The valid values are `EC2` and `FARGATE`. Defaults to `EC2`.\n" }, "loadBalancers": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceLoadBalancer:ServiceLoadBalancer" }, "description": "A load balancer block. Load balancers documented below.\n" }, "name": { "type": "string", "description": "The name of the service (up to 255 letters, numbers, hyphens, and underscores)\n" }, "networkConfiguration": { "$ref": "#/types/aws:ecs/ServiceNetworkConfiguration:ServiceNetworkConfiguration", "description": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes.\n" }, "orderedPlacementStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceOrderedPlacementStrategy:ServiceOrderedPlacementStrategy" }, "description": "Service level strategy rules that are taken into consideration during task placement. List from top to bottom in order of precedence. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. The maximum number of `ordered_placement_strategy` blocks is `5`. Defined below.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServicePlacementConstraint:ServicePlacementConstraint" }, "description": "rules that are taken into consideration during task placement. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. Maximum number of `placement_constraints` is `10`. Defined below.\n" }, "platformVersion": { "type": "string", "description": "The platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n" }, "propagateTags": { "type": "string", "description": "Specifies whether to propagate the tags from the task definition or the service to the tasks. The valid values are `SERVICE` and `TASK_DEFINITION`.\n" }, "schedulingStrategy": { "type": "string", "description": "The scheduling strategy to use for the service. The valid values are `REPLICA` and `DAEMON`. Defaults to `REPLICA`. Note that [*Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy*](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html).\n" }, "serviceRegistries": { "$ref": "#/types/aws:ecs/ServiceServiceRegistries:ServiceServiceRegistries", "description": "The service discovery registries for the service. The maximum number of `service_registries` blocks is `1`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "taskDefinition": { "type": "string", "description": "The family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service. Required unless using the `EXTERNAL` deployment controller. If a revision is not specified, the latest `ACTIVE` revision is used.\n" }, "waitForSteadyState": { "type": "boolean" } }, "type": "object" } }, "aws:ecs/taskDefinition:TaskDefinition": { "description": "Manages a revision of an ECS task definition to be used in `aws.ecs.Service`.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the Task Definition (including both `family` and `revision`).\n" }, "containerDefinitions": { "type": "string", "description": "A list of valid [container definitions]\n(http://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) provided as a\nsingle valid JSON document. Please note that you should only provide values that are part of the container\ndefinition document. For a detailed description of what parameters are available, see the [Task Definition Parameters]\n(https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) section from the\nofficial [Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide).\n" }, "cpu": { "type": "string", "description": "The number of cpu units used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n" }, "executionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.\n" }, "family": { "type": "string", "description": "A unique name for your task definition.\n" }, "inferenceAccelerators": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator" }, "description": "Configuration block(s) with Inference Accelerators settings. Detailed below.\n" }, "ipcMode": { "type": "string", "description": "The IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none`.\n" }, "memory": { "type": "string", "description": "The amount (in MiB) of memory used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n" }, "networkMode": { "type": "string", "description": "The Docker networking mode to use for the containers in the task. The valid values are `none`, `bridge`, `awsvpc`, and `host`.\n" }, "pidMode": { "type": "string", "description": "The process namespace to use for the containers in the task. The valid values are `host` and `task`.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint" }, "description": "A set of placement constraints rules that are taken into consideration during task placement. Maximum number of `placement_constraints` is `10`.\n" }, "proxyConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration", "description": "The proxy configuration details for the App Mesh proxy.\n" }, "requiresCompatibilities": { "type": "array", "items": { "type": "string" }, "description": "A set of launch types required by the task. The valid values are `EC2` and `FARGATE`.\n" }, "revision": { "type": "integer", "description": "The revision of the task in a particular family.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "taskRoleArn": { "type": "string", "description": "The ARN of IAM role that allows your Amazon ECS container task to make calls to other AWS services.\n" }, "volumes": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume" }, "description": "A set of volume blocks that containers in your task may use.\n" } }, "required": [ "arn", "containerDefinitions", "family", "networkMode", "revision" ], "inputProperties": { "containerDefinitions": { "type": "string", "description": "A list of valid [container definitions]\n(http://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) provided as a\nsingle valid JSON document. Please note that you should only provide values that are part of the container\ndefinition document. For a detailed description of what parameters are available, see the [Task Definition Parameters]\n(https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) section from the\nofficial [Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide).\n" }, "cpu": { "type": "string", "description": "The number of cpu units used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n" }, "executionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.\n" }, "family": { "type": "string", "description": "A unique name for your task definition.\n" }, "inferenceAccelerators": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator" }, "description": "Configuration block(s) with Inference Accelerators settings. Detailed below.\n" }, "ipcMode": { "type": "string", "description": "The IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none`.\n" }, "memory": { "type": "string", "description": "The amount (in MiB) of memory used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n" }, "networkMode": { "type": "string", "description": "The Docker networking mode to use for the containers in the task. The valid values are `none`, `bridge`, `awsvpc`, and `host`.\n" }, "pidMode": { "type": "string", "description": "The process namespace to use for the containers in the task. The valid values are `host` and `task`.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint" }, "description": "A set of placement constraints rules that are taken into consideration during task placement. Maximum number of `placement_constraints` is `10`.\n" }, "proxyConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration", "description": "The proxy configuration details for the App Mesh proxy.\n" }, "requiresCompatibilities": { "type": "array", "items": { "type": "string" }, "description": "A set of launch types required by the task. The valid values are `EC2` and `FARGATE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "taskRoleArn": { "type": "string", "description": "The ARN of IAM role that allows your Amazon ECS container task to make calls to other AWS services.\n" }, "volumes": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume" }, "description": "A set of volume blocks that containers in your task may use.\n" } }, "requiredInputs": [ "containerDefinitions", "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering TaskDefinition resources.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the Task Definition (including both `family` and `revision`).\n" }, "containerDefinitions": { "type": "string", "description": "A list of valid [container definitions]\n(http://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) provided as a\nsingle valid JSON document. Please note that you should only provide values that are part of the container\ndefinition document. For a detailed description of what parameters are available, see the [Task Definition Parameters]\n(https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) section from the\nofficial [Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide).\n" }, "cpu": { "type": "string", "description": "The number of cpu units used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n" }, "executionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.\n" }, "family": { "type": "string", "description": "A unique name for your task definition.\n" }, "inferenceAccelerators": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator" }, "description": "Configuration block(s) with Inference Accelerators settings. Detailed below.\n" }, "ipcMode": { "type": "string", "description": "The IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none`.\n" }, "memory": { "type": "string", "description": "The amount (in MiB) of memory used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n" }, "networkMode": { "type": "string", "description": "The Docker networking mode to use for the containers in the task. The valid values are `none`, `bridge`, `awsvpc`, and `host`.\n" }, "pidMode": { "type": "string", "description": "The process namespace to use for the containers in the task. The valid values are `host` and `task`.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint" }, "description": "A set of placement constraints rules that are taken into consideration during task placement. Maximum number of `placement_constraints` is `10`.\n" }, "proxyConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration", "description": "The proxy configuration details for the App Mesh proxy.\n" }, "requiresCompatibilities": { "type": "array", "items": { "type": "string" }, "description": "A set of launch types required by the task. The valid values are `EC2` and `FARGATE`.\n" }, "revision": { "type": "integer", "description": "The revision of the task in a particular family.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "taskRoleArn": { "type": "string", "description": "The ARN of IAM role that allows your Amazon ECS container task to make calls to other AWS services.\n" }, "volumes": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume" }, "description": "A set of volume blocks that containers in your task may use.\n" } }, "type": "object" } }, "aws:efs/accessPoint:AccessPoint": { "description": "Provides an Elastic File System (EFS) access point.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.efs.AccessPoint(\"test\", {\n fileSystemId: aws_efs_file_system_foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.efs.AccessPoint(\"test\", file_system_id=aws_efs_file_system[\"foo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.Efs.AccessPoint(\"test\", new Aws.Efs.AccessPointArgs\n {\n FileSystemId = aws_efs_file_system.Foo.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = efs.NewAccessPoint(ctx, \"test\", \u0026efs.AccessPointArgs{\n\t\t\tFileSystemId: pulumi.String(aws_efs_file_system.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the access point.\n" }, "fileSystemArn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the file system for which the access point is intended.\n" }, "ownerId": { "type": "string" }, "posixUser": { "$ref": "#/types/aws:efs/AccessPointPosixUser:AccessPointPosixUser", "description": "The operating system user and group applied to all file system requests made using the access point. See Posix User below.\n" }, "rootDirectory": { "$ref": "#/types/aws:efs/AccessPointRootDirectory:AccessPointRootDirectory", "description": "Specifies the directory on the Amazon EFS file system that the access point provides access to. See Root Directory below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" } }, "required": [ "arn", "fileSystemArn", "fileSystemId", "ownerId", "rootDirectory" ], "inputProperties": { "fileSystemId": { "type": "string", "description": "The ID of the file system for which the access point is intended.\n" }, "posixUser": { "$ref": "#/types/aws:efs/AccessPointPosixUser:AccessPointPosixUser", "description": "The operating system user and group applied to all file system requests made using the access point. See Posix User below.\n" }, "rootDirectory": { "$ref": "#/types/aws:efs/AccessPointRootDirectory:AccessPointRootDirectory", "description": "Specifies the directory on the Amazon EFS file system that the access point provides access to. See Root Directory below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" } }, "requiredInputs": [ "fileSystemId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessPoint resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the access point.\n" }, "fileSystemArn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the file system for which the access point is intended.\n" }, "ownerId": { "type": "string" }, "posixUser": { "$ref": "#/types/aws:efs/AccessPointPosixUser:AccessPointPosixUser", "description": "The operating system user and group applied to all file system requests made using the access point. See Posix User below.\n" }, "rootDirectory": { "$ref": "#/types/aws:efs/AccessPointRootDirectory:AccessPointRootDirectory", "description": "Specifies the directory on the Amazon EFS file system that the access point provides access to. See Root Directory below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" } }, "type": "object" } }, "aws:efs/fileSystem:FileSystem": { "description": "Provides an Elastic File System (EFS) File System resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### EFS File System w/ tags\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.efs.FileSystem(\"foo\", {\n tags: {\n Name: \"MyProduct\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.efs.FileSystem(\"foo\", tags={\n \"Name\": \"MyProduct\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Efs.FileSystem(\"foo\", new Aws.Efs.FileSystemArgs\n {\n Tags = \n {\n { \"Name\", \"MyProduct\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = efs.NewFileSystem(ctx, \"foo\", \u0026efs.FileSystemArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"MyProduct\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Using lifecycle policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooWithLifecylePolicy = new aws.efs.FileSystem(\"foo_with_lifecyle_policy\", {\n lifecyclePolicy: {\n transitionToIa: \"AFTER_30_DAYS\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_with_lifecyle_policy = aws.efs.FileSystem(\"fooWithLifecylePolicy\", lifecycle_policy={\n \"transitionToIa\": \"AFTER_30_DAYS\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooWithLifecylePolicy = new Aws.Efs.FileSystem(\"fooWithLifecylePolicy\", new Aws.Efs.FileSystemArgs\n {\n LifecyclePolicy = new Aws.Efs.Inputs.FileSystemLifecyclePolicyArgs\n {\n TransitionToIa = \"AFTER_30_DAYS\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = efs.NewFileSystem(ctx, \"fooWithLifecylePolicy\", \u0026efs.FileSystemArgs{\n\t\t\tLifecyclePolicy: \u0026efs.FileSystemLifecyclePolicyArgs{\n\t\t\t\tTransitionToIa: pulumi.String(\"AFTER_30_DAYS\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "creationToken": { "type": "string", "description": "A unique name (a maximum of 64 characters are allowed)\nused as reference when creating the Elastic File System to ensure idempotent file\nsystem creation. By default generated by this provider. See [Elastic File System]\n(http://docs.aws.amazon.com/efs/latest/ug/) user guide for more information.\n" }, "dnsName": { "type": "string", "description": "The DNS name for the filesystem per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n" }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true.\n" }, "lifecyclePolicy": { "$ref": "#/types/aws:efs/FileSystemLifecyclePolicy:FileSystemLifecyclePolicy", "description": "A file system [lifecycle policy](https://docs.aws.amazon.com/efs/latest/ug/API_LifecyclePolicy.html) object (documented below).\n" }, "performanceMode": { "type": "string", "description": "The file system performance mode. Can be either `\"generalPurpose\"` or `\"maxIO\"` (Default: `\"generalPurpose\"`).\n" }, "provisionedThroughputInMibps": { "type": "number", "description": "The throughput, measured in MiB/s, that you want to provision for the file system. Only applicable with `throughput_mode` set to `provisioned`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system.\n" }, "throughputMode": { "type": "string", "description": "Throughput mode for the file system. Defaults to `bursting`. Valid values: `bursting`, `provisioned`. When using `provisioned`, also set `provisioned_throughput_in_mibps`.\n" } }, "required": [ "arn", "creationToken", "dnsName", "encrypted", "kmsKeyId", "performanceMode" ], "inputProperties": { "creationToken": { "type": "string", "description": "A unique name (a maximum of 64 characters are allowed)\nused as reference when creating the Elastic File System to ensure idempotent file\nsystem creation. By default generated by this provider. See [Elastic File System]\n(http://docs.aws.amazon.com/efs/latest/ug/) user guide for more information.\n" }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true.\n" }, "lifecyclePolicy": { "$ref": "#/types/aws:efs/FileSystemLifecyclePolicy:FileSystemLifecyclePolicy", "description": "A file system [lifecycle policy](https://docs.aws.amazon.com/efs/latest/ug/API_LifecyclePolicy.html) object (documented below).\n" }, "performanceMode": { "type": "string", "description": "The file system performance mode. Can be either `\"generalPurpose\"` or `\"maxIO\"` (Default: `\"generalPurpose\"`).\n" }, "provisionedThroughputInMibps": { "type": "number", "description": "The throughput, measured in MiB/s, that you want to provision for the file system. Only applicable with `throughput_mode` set to `provisioned`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system.\n" }, "throughputMode": { "type": "string", "description": "Throughput mode for the file system. Defaults to `bursting`. Valid values: `bursting`, `provisioned`. When using `provisioned`, also set `provisioned_throughput_in_mibps`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering FileSystem resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "creationToken": { "type": "string", "description": "A unique name (a maximum of 64 characters are allowed)\nused as reference when creating the Elastic File System to ensure idempotent file\nsystem creation. By default generated by this provider. See [Elastic File System]\n(http://docs.aws.amazon.com/efs/latest/ug/) user guide for more information.\n" }, "dnsName": { "type": "string", "description": "The DNS name for the filesystem per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n" }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true.\n" }, "lifecyclePolicy": { "$ref": "#/types/aws:efs/FileSystemLifecyclePolicy:FileSystemLifecyclePolicy", "description": "A file system [lifecycle policy](https://docs.aws.amazon.com/efs/latest/ug/API_LifecyclePolicy.html) object (documented below).\n" }, "performanceMode": { "type": "string", "description": "The file system performance mode. Can be either `\"generalPurpose\"` or `\"maxIO\"` (Default: `\"generalPurpose\"`).\n" }, "provisionedThroughputInMibps": { "type": "number", "description": "The throughput, measured in MiB/s, that you want to provision for the file system. Only applicable with `throughput_mode` set to `provisioned`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system.\n" }, "throughputMode": { "type": "string", "description": "Throughput mode for the file system. Defaults to `bursting`. Valid values: `bursting`, `provisioned`. When using `provisioned`, also set `provisioned_throughput_in_mibps`.\n" } }, "type": "object" } }, "aws:efs/fileSystemPolicy:FileSystemPolicy": { "description": "Provides an Elastic File System (EFS) File System Policy resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fs = new aws.efs.FileSystem(\"fs\", {});\nconst policy = new aws.efs.FileSystemPolicy(\"policy\", {\n fileSystemId: fs.id,\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Id\": \"ExamplePolicy01\",\n \"Statement\": [\n {\n \"Sid\": \"ExampleSatement01\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Resource\": \"${aws_efs_file_system_test.arn}\",\n \"Action\": [\n \"elasticfilesystem:ClientMount\",\n \"elasticfilesystem:ClientWrite\"\n ],\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"true\"\n }\n }\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfs = aws.efs.FileSystem(\"fs\")\npolicy = aws.efs.FileSystemPolicy(\"policy\",\n file_system_id=fs.id,\n policy=f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Id\": \"ExamplePolicy01\",\n \"Statement\": [\n {{\n \"Sid\": \"ExampleSatement01\",\n \"Effect\": \"Allow\",\n \"Principal\": {{\n \"AWS\": \"*\"\n }},\n \"Resource\": \"{aws_efs_file_system[\"test\"][\"arn\"]}\",\n \"Action\": [\n \"elasticfilesystem:ClientMount\",\n \"elasticfilesystem:ClientWrite\"\n ],\n \"Condition\": {{\n \"Bool\": {{\n \"aws:SecureTransport\": \"true\"\n }}\n }}\n }}\n ]\n}}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fs = new Aws.Efs.FileSystem(\"fs\", new Aws.Efs.FileSystemArgs\n {\n });\n var policy = new Aws.Efs.FileSystemPolicy(\"policy\", new Aws.Efs.FileSystemPolicyArgs\n {\n FileSystemId = fs.Id,\n Policy = @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Id\"\": \"\"ExamplePolicy01\"\",\n \"\"Statement\"\": [\n {{\n \"\"Sid\"\": \"\"ExampleSatement01\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {{\n \"\"AWS\"\": \"\"*\"\"\n }},\n \"\"Resource\"\": \"\"{aws_efs_file_system.Test.Arn}\"\",\n \"\"Action\"\": [\n \"\"elasticfilesystem:ClientMount\"\",\n \"\"elasticfilesystem:ClientWrite\"\"\n ],\n \"\"Condition\"\": {{\n \"\"Bool\"\": {{\n \"\"aws:SecureTransport\"\": \"\"true\"\"\n }}\n }}\n }}\n ]\n}}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfs, err := efs.NewFileSystem(ctx, \"fs\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = efs.NewFileSystemPolicy(ctx, \"policy\", \u0026efs.FileSystemPolicyArgs{\n\t\t\tFileSystemId: fs.ID(),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Id\\\": \\\"ExamplePolicy01\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"ExampleSatement01\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"AWS\\\": \\\"*\\\"\\n\", \" },\\n\", \" \\\"Resource\\\": \\\"\", aws_efs_file_system.Test.Arn, \"\\\",\\n\", \" \\\"Action\\\": [\\n\", \" \\\"elasticfilesystem:ClientMount\\\",\\n\", \" \\\"elasticfilesystem:ClientWrite\\\"\\n\", \" ],\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"Bool\\\": {\\n\", \" \\\"aws:SecureTransport\\\": \\\"true\\\"\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "fileSystemId": { "type": "string", "description": "The ID of the EFS file system.\n" }, "policy": { "type": "string", "description": "The JSON formatted file system policy for the EFS file system. see [Docs](https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies) for more info.\n" } }, "required": [ "fileSystemId", "policy" ], "inputProperties": { "fileSystemId": { "type": "string", "description": "The ID of the EFS file system.\n" }, "policy": { "type": "string", "description": "The JSON formatted file system policy for the EFS file system. see [Docs](https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies) for more info.\n" } }, "requiredInputs": [ "fileSystemId", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering FileSystemPolicy resources.\n", "properties": { "fileSystemId": { "type": "string", "description": "The ID of the EFS file system.\n" }, "policy": { "type": "string", "description": "The JSON formatted file system policy for the EFS file system. see [Docs](https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies) for more info.\n" } }, "type": "object" } }, "aws:efs/mountTarget:MountTarget": { "description": "Provides an Elastic File System (EFS) mount target.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.Vpc(\"foo\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst alphaSubnet = new aws.ec2.Subnet(\"alpha\", {\n availabilityZone: \"us-west-2a\",\n cidrBlock: \"10.0.1.0/24\",\n vpcId: foo.id,\n});\nconst alphaMountTarget = new aws.efs.MountTarget(\"alpha\", {\n fileSystemId: aws_efs_file_system_foo.id,\n subnetId: alphaSubnet.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.Vpc(\"foo\", cidr_block=\"10.0.0.0/16\")\nalpha_subnet = aws.ec2.Subnet(\"alphaSubnet\",\n availability_zone=\"us-west-2a\",\n cidr_block=\"10.0.1.0/24\",\n vpc_id=foo.id)\nalpha_mount_target = aws.efs.MountTarget(\"alphaMountTarget\",\n file_system_id=aws_efs_file_system[\"foo\"][\"id\"],\n subnet_id=alpha_subnet.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ec2.Vpc(\"foo\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var alphaSubnet = new Aws.Ec2.Subnet(\"alphaSubnet\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = \"10.0.1.0/24\",\n VpcId = foo.Id,\n });\n var alphaMountTarget = new Aws.Efs.MountTarget(\"alphaMountTarget\", new Aws.Efs.MountTargetArgs\n {\n FileSystemId = aws_efs_file_system.Foo.Id,\n SubnetId = alphaSubnet.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.NewVpc(ctx, \"foo\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\talphaSubnet, err := ec2.NewSubnet(ctx, \"alphaSubnet\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\tVpcId: foo.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = efs.NewMountTarget(ctx, \"alphaMountTarget\", \u0026efs.MountTargetArgs{\n\t\t\tFileSystemId: pulumi.String(aws_efs_file_system.Foo.Id),\n\t\t\tSubnetId: alphaSubnet.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "availabilityZoneId": { "type": "string", "description": "The unique and consistent identifier of the Availability Zone (AZ) that the mount target resides in.\n" }, "availabilityZoneName": { "type": "string", "description": "The name of the Availability Zone (AZ) that the mount target resides in.\n" }, "dnsName": { "type": "string", "description": "The DNS name for the EFS file system.\n" }, "fileSystemArn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the file system for which the mount target is intended.\n" }, "ipAddress": { "type": "string", "description": "The address (within the address range of the specified subnet) at\nwhich the file system may be mounted via the mount target.\n" }, "mountTargetDnsName": { "type": "string", "description": "The DNS name for the given subnet/AZ per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface that Amazon EFS created when it created the mount target.\n" }, "ownerId": { "type": "string", "description": "AWS account ID that owns the resource.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of up to 5 VPC security group IDs (that must\nbe for the same VPC as subnet specified) in effect for the mount target.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to add the mount target in.\n" } }, "required": [ "availabilityZoneId", "availabilityZoneName", "dnsName", "fileSystemArn", "fileSystemId", "ipAddress", "mountTargetDnsName", "networkInterfaceId", "ownerId", "securityGroups", "subnetId" ], "inputProperties": { "fileSystemId": { "type": "string", "description": "The ID of the file system for which the mount target is intended.\n" }, "ipAddress": { "type": "string", "description": "The address (within the address range of the specified subnet) at\nwhich the file system may be mounted via the mount target.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of up to 5 VPC security group IDs (that must\nbe for the same VPC as subnet specified) in effect for the mount target.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to add the mount target in.\n" } }, "requiredInputs": [ "fileSystemId", "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MountTarget resources.\n", "properties": { "availabilityZoneId": { "type": "string", "description": "The unique and consistent identifier of the Availability Zone (AZ) that the mount target resides in.\n" }, "availabilityZoneName": { "type": "string", "description": "The name of the Availability Zone (AZ) that the mount target resides in.\n" }, "dnsName": { "type": "string", "description": "The DNS name for the EFS file system.\n" }, "fileSystemArn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the file system for which the mount target is intended.\n" }, "ipAddress": { "type": "string", "description": "The address (within the address range of the specified subnet) at\nwhich the file system may be mounted via the mount target.\n" }, "mountTargetDnsName": { "type": "string", "description": "The DNS name for the given subnet/AZ per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface that Amazon EFS created when it created the mount target.\n" }, "ownerId": { "type": "string", "description": "AWS account ID that owns the resource.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of up to 5 VPC security group IDs (that must\nbe for the same VPC as subnet specified) in effect for the mount target.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to add the mount target in.\n" } }, "type": "object" } }, "aws:eks/cluster:Cluster": { "description": "Manages an EKS Cluster.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Example IAM Role for EKS Cluster\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"eks.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n`,\n});\nconst example_AmazonEKSClusterPolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n role: example.name,\n});\nconst example_AmazonEKSServicePolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSServicePolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSServicePolicy\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"eks.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n\n\"\"\")\nexample__amazon_eks_cluster_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n role=example.name)\nexample__amazon_eks_service_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSServicePolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSServicePolicy\",\n role=example.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Iam.Role(\"example\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"eks.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"sts:AssumeRole\"\"\n }\n ]\n}\n\n\",\n });\n var example_AmazonEKSClusterPolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n Role = example.Name,\n });\n var example_AmazonEKSServicePolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSServicePolicy\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSServicePolicy\",\n Role = example.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"eks.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSClusterPolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSServicePolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSServicePolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Enabling Control Plane Logging\n\n[EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) can be enabled via the `enabled_cluster_log_types` argument. To manage the CloudWatch Log Group retention period, the `aws.cloudwatch.LogGroup` resource can be used.\n\n\u003e The below configuration uses [`dependsOn`](https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson) to prevent ordering issues with EKS automatically creating the log group first and a variable for naming consistency. Other ordering and naming methodologies may be more appropriate for your environment.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst clusterName = config.get(\"clusterName\") || \"example\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {\n retentionInDays: 7,\n});\nconst exampleCluster = new aws.eks.Cluster(\"example\", {\n enabledClusterLogTypes: [\n \"api\",\n \"audit\",\n ],\n}, { dependsOn: [exampleLogGroup] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ncluster_name = config.get(\"clusterName\")\nif cluster_name is None:\n cluster_name = \"example\"\nexample_cluster = aws.eks.Cluster(\"exampleCluster\", enabled_cluster_log_types=[\n \"api\",\n \"audit\",\n])\nexample_log_group = aws.cloudwatch.LogGroup(\"exampleLogGroup\", retention_in_days=7)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var clusterName = config.Get(\"clusterName\") ?? \"example\";\n var exampleCluster = new Aws.Eks.Cluster(\"exampleCluster\", new Aws.Eks.ClusterArgs\n {\n EnabledClusterLogTypes = \n {\n \"api\",\n \"audit\",\n },\n });\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"exampleLogGroup\", new Aws.CloudWatch.LogGroupArgs\n {\n RetentionInDays = 7,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = eks.NewCluster(ctx, \"exampleCluster\", \u0026eks.ClusterArgs{\n\t\t\tEnabledClusterLogTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api\"),\n\t\t\t\tpulumi.String(\"audit\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogGroup(ctx, \"exampleLogGroup\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tRetentionInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the cluster.\n" }, "certificateAuthority": { "$ref": "#/types/aws:eks/ClusterCertificateAuthority:ClusterCertificateAuthority", "description": "Nested attribute containing `certificate-authority-data` for your cluster.\n" }, "createdAt": { "type": "string" }, "enabledClusterLogTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of the desired control plane logging to enable. For more information, see [Amazon EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html)\n" }, "encryptionConfig": { "$ref": "#/types/aws:eks/ClusterEncryptionConfig:ClusterEncryptionConfig", "description": "Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below.\n" }, "endpoint": { "type": "string", "description": "The endpoint for your Kubernetes API server.\n" }, "identities": { "type": "array", "items": { "$ref": "#/types/aws:eks/ClusterIdentity:ClusterIdentity" }, "description": "Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019.\n" }, "name": { "type": "string", "description": "Name of the cluster.\n" }, "platformVersion": { "type": "string", "description": "The platform version for the cluster.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding [`dependsOn`](https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson) if using the `aws.iam.RolePolicy` resource) or `aws.iam.RolePolicyAttachment` resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.\n" }, "status": { "type": "string", "description": "The status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "version": { "type": "string", "description": "Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.\n" }, "vpcConfig": { "$ref": "#/types/aws:eks/ClusterVpcConfig:ClusterVpcConfig", "description": "Nested argument for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. Configuration detailed below.\n" } }, "required": [ "arn", "certificateAuthority", "createdAt", "endpoint", "identities", "name", "platformVersion", "roleArn", "status", "version", "vpcConfig" ], "inputProperties": { "enabledClusterLogTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of the desired control plane logging to enable. For more information, see [Amazon EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html)\n" }, "encryptionConfig": { "$ref": "#/types/aws:eks/ClusterEncryptionConfig:ClusterEncryptionConfig", "description": "Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the cluster.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding [`dependsOn`](https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson) if using the `aws.iam.RolePolicy` resource) or `aws.iam.RolePolicyAttachment` resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "version": { "type": "string", "description": "Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.\n" }, "vpcConfig": { "$ref": "#/types/aws:eks/ClusterVpcConfig:ClusterVpcConfig", "description": "Nested argument for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. Configuration detailed below.\n" } }, "requiredInputs": [ "roleArn", "vpcConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the cluster.\n" }, "certificateAuthority": { "$ref": "#/types/aws:eks/ClusterCertificateAuthority:ClusterCertificateAuthority", "description": "Nested attribute containing `certificate-authority-data` for your cluster.\n" }, "createdAt": { "type": "string" }, "enabledClusterLogTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of the desired control plane logging to enable. For more information, see [Amazon EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html)\n" }, "encryptionConfig": { "$ref": "#/types/aws:eks/ClusterEncryptionConfig:ClusterEncryptionConfig", "description": "Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below.\n" }, "endpoint": { "type": "string", "description": "The endpoint for your Kubernetes API server.\n" }, "identities": { "type": "array", "items": { "$ref": "#/types/aws:eks/ClusterIdentity:ClusterIdentity" }, "description": "Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019.\n" }, "name": { "type": "string", "description": "Name of the cluster.\n" }, "platformVersion": { "type": "string", "description": "The platform version for the cluster.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding [`dependsOn`](https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson) if using the `aws.iam.RolePolicy` resource) or `aws.iam.RolePolicyAttachment` resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.\n" }, "status": { "type": "string", "description": "The status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "version": { "type": "string", "description": "Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.\n" }, "vpcConfig": { "$ref": "#/types/aws:eks/ClusterVpcConfig:ClusterVpcConfig", "description": "Nested argument for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. Configuration detailed below.\n" } }, "type": "object" } }, "aws:eks/fargateProfile:FargateProfile": { "description": "Manages an EKS Fargate Profile.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Example IAM Role for EKS Fargate Profile\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {assumeRolePolicy: JSON.stringify({\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Principal: {\n Service: \"eks-fargate-pods.amazonaws.com\",\n },\n }],\n Version: \"2012-10-17\",\n})});\nconst example_AmazonEKSFargatePodExecutionRolePolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\", assume_role_policy=json.dumps({\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"eks-fargate-pods.amazonaws.com\",\n },\n }],\n \"Version\": \"2012-10-17\",\n}))\nexample__amazon_eks_fargate_pod_execution_role_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Iam.Role(\"example\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n { \"Statement\", new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n { \"Action\", \"sts:AssumeRole\" },\n { \"Effect\", \"Allow\" },\n { \"Principal\", new Dictionary\u003cstring, object?\u003e\n {\n { \"Service\", \"eks-fargate-pods.amazonaws.com\" },\n } },\n },\n }\n },\n { \"Version\", \"2012-10-17\" },\n }),\n });\n var example_AmazonEKSFargatePodExecutionRolePolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n Role = example.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"eks-fargate-pods.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSFargatePodExecutionRolePolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS Fargate Profile.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "fargateProfileName": { "type": "string", "description": "Name of the EKS Fargate Profile.\n" }, "podExecutionRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Fargate Profile.\n" }, "selectors": { "type": "array", "items": { "$ref": "#/types/aws:eks/FargateProfileSelector:FargateProfileSelector" }, "description": "Configuration block(s) for selecting Kubernetes Pods to execute with this EKS Fargate Profile. Detailed below.\n" }, "status": { "type": "string", "description": "Status of the EKS Fargate Profile.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of private EC2 Subnets to associate with the EKS Fargate Profile. These subnets must have the following resource tag: `kubernetes.io/cluster/CLUSTER_NAME` (where `CLUSTER_NAME` is replaced with the name of the EKS Cluster).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "required": [ "arn", "clusterName", "fargateProfileName", "podExecutionRoleArn", "selectors", "status" ], "inputProperties": { "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "fargateProfileName": { "type": "string", "description": "Name of the EKS Fargate Profile.\n" }, "podExecutionRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Fargate Profile.\n" }, "selectors": { "type": "array", "items": { "$ref": "#/types/aws:eks/FargateProfileSelector:FargateProfileSelector" }, "description": "Configuration block(s) for selecting Kubernetes Pods to execute with this EKS Fargate Profile. Detailed below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of private EC2 Subnets to associate with the EKS Fargate Profile. These subnets must have the following resource tag: `kubernetes.io/cluster/CLUSTER_NAME` (where `CLUSTER_NAME` is replaced with the name of the EKS Cluster).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "requiredInputs": [ "clusterName", "podExecutionRoleArn", "selectors" ], "stateInputs": { "description": "Input properties used for looking up and filtering FargateProfile resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS Fargate Profile.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "fargateProfileName": { "type": "string", "description": "Name of the EKS Fargate Profile.\n" }, "podExecutionRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Fargate Profile.\n" }, "selectors": { "type": "array", "items": { "$ref": "#/types/aws:eks/FargateProfileSelector:FargateProfileSelector" }, "description": "Configuration block(s) for selecting Kubernetes Pods to execute with this EKS Fargate Profile. Detailed below.\n" }, "status": { "type": "string", "description": "Status of the EKS Fargate Profile.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of private EC2 Subnets to associate with the EKS Fargate Profile. These subnets must have the following resource tag: `kubernetes.io/cluster/CLUSTER_NAME` (where `CLUSTER_NAME` is replaced with the name of the EKS Cluster).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object" } }, "aws:eks/nodeGroup:NodeGroup": { "description": "Manages an EKS Node Group, which can provision and optionally update an Auto Scaling Group of Kubernetes worker nodes compatible with EKS. Additional documentation about this functionality can be found in the [EKS User Guide](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Example IAM Role for EKS Node Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {assumeRolePolicy: JSON.stringify({\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n Version: \"2012-10-17\",\n})});\nconst example_AmazonEKSWorkerNodePolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n role: example.name,\n});\nconst example_AmazonEKSCNIPolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSCNIPolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n role: example.name,\n});\nconst example_AmazonEC2ContainerRegistryReadOnly = new aws.iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\", assume_role_policy=json.dumps({\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n \"Version\": \"2012-10-17\",\n}))\nexample__amazon_eks_worker_node_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n role=example.name)\nexample__amazon_ekscni_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSCNIPolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n role=example.name)\nexample__amazon_ec2_container_registry_read_only = aws.iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Iam.Role(\"example\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n { \"Statement\", new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n { \"Action\", \"sts:AssumeRole\" },\n { \"Effect\", \"Allow\" },\n { \"Principal\", new Dictionary\u003cstring, object?\u003e\n {\n { \"Service\", \"ec2.amazonaws.com\" },\n } },\n },\n }\n },\n { \"Version\", \"2012-10-17\" },\n }),\n });\n var example_AmazonEKSWorkerNodePolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n Role = example.Name,\n });\n var example_AmazonEKSCNIPolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSCNIPolicy\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n Role = example.Name,\n });\n var example_AmazonEC2ContainerRegistryReadOnly = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n Role = example.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSWorkerNodePolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSCNIPolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEC2ContainerRegistryReadOnly\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "amiType": { "type": "string", "description": "Type of Amazon Machine Image (AMI) associated with the EKS Node Group. Defaults to `AL2_x86_64`. Valid values: `AL2_x86_64`, `AL2_x86_64_GPU`. This provider will only perform drift detection if a configuration value is provided.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS Node Group.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "diskSize": { "type": "integer", "description": "Disk size in GiB for worker nodes. Defaults to `20`. This provider will only perform drift detection if a configuration value is provided.\n" }, "forceUpdateVersion": { "type": "boolean", "description": "Force version update if existing pods are unable to be drained due to a pod disruption budget issue.\n" }, "instanceTypes": { "type": "string", "description": "Set of instance types associated with the EKS Node Group. Defaults to `[\"t3.medium\"]`. This provider will only perform drift detection if a configuration value is provided. Currently, the EKS API only accepts a single value in the set.\n" }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.\n" }, "nodeGroupName": { "type": "string", "description": "Name of the EKS Node Group.\n" }, "nodeRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.\n" }, "releaseVersion": { "type": "string", "description": "AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.\n" }, "remoteAccess": { "$ref": "#/types/aws:eks/NodeGroupRemoteAccess:NodeGroupRemoteAccess", "description": "Configuration block with remote access settings. Detailed below.\n" }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:eks/NodeGroupResource:NodeGroupResource" }, "description": "List of objects containing information about underlying resources.\n" }, "scalingConfig": { "$ref": "#/types/aws:eks/NodeGroupScalingConfig:NodeGroupScalingConfig", "description": "Configuration block with scaling settings. Detailed below.\n" }, "status": { "type": "string", "description": "Status of the EKS Node Group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: `kubernetes.io/cluster/CLUSTER_NAME` (where `CLUSTER_NAME` is replaced with the name of the EKS Cluster).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" }, "version": { "type": "string", "description": "Kubernetes version. Defaults to EKS Cluster Kubernetes version. This provider will only perform drift detection if a configuration value is provided.\n" } }, "required": [ "amiType", "arn", "clusterName", "diskSize", "instanceTypes", "nodeGroupName", "nodeRoleArn", "releaseVersion", "resources", "scalingConfig", "status", "subnetIds", "version" ], "inputProperties": { "amiType": { "type": "string", "description": "Type of Amazon Machine Image (AMI) associated with the EKS Node Group. Defaults to `AL2_x86_64`. Valid values: `AL2_x86_64`, `AL2_x86_64_GPU`. This provider will only perform drift detection if a configuration value is provided.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "diskSize": { "type": "integer", "description": "Disk size in GiB for worker nodes. Defaults to `20`. This provider will only perform drift detection if a configuration value is provided.\n" }, "forceUpdateVersion": { "type": "boolean", "description": "Force version update if existing pods are unable to be drained due to a pod disruption budget issue.\n" }, "instanceTypes": { "type": "string", "description": "Set of instance types associated with the EKS Node Group. Defaults to `[\"t3.medium\"]`. This provider will only perform drift detection if a configuration value is provided. Currently, the EKS API only accepts a single value in the set.\n" }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.\n" }, "nodeGroupName": { "type": "string", "description": "Name of the EKS Node Group.\n" }, "nodeRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.\n" }, "releaseVersion": { "type": "string", "description": "AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.\n" }, "remoteAccess": { "$ref": "#/types/aws:eks/NodeGroupRemoteAccess:NodeGroupRemoteAccess", "description": "Configuration block with remote access settings. Detailed below.\n" }, "scalingConfig": { "$ref": "#/types/aws:eks/NodeGroupScalingConfig:NodeGroupScalingConfig", "description": "Configuration block with scaling settings. Detailed below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: `kubernetes.io/cluster/CLUSTER_NAME` (where `CLUSTER_NAME` is replaced with the name of the EKS Cluster).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" }, "version": { "type": "string", "description": "Kubernetes version. Defaults to EKS Cluster Kubernetes version. This provider will only perform drift detection if a configuration value is provided.\n" } }, "requiredInputs": [ "clusterName", "nodeRoleArn", "scalingConfig", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering NodeGroup resources.\n", "properties": { "amiType": { "type": "string", "description": "Type of Amazon Machine Image (AMI) associated with the EKS Node Group. Defaults to `AL2_x86_64`. Valid values: `AL2_x86_64`, `AL2_x86_64_GPU`. This provider will only perform drift detection if a configuration value is provided.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS Node Group.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "diskSize": { "type": "integer", "description": "Disk size in GiB for worker nodes. Defaults to `20`. This provider will only perform drift detection if a configuration value is provided.\n" }, "forceUpdateVersion": { "type": "boolean", "description": "Force version update if existing pods are unable to be drained due to a pod disruption budget issue.\n" }, "instanceTypes": { "type": "string", "description": "Set of instance types associated with the EKS Node Group. Defaults to `[\"t3.medium\"]`. This provider will only perform drift detection if a configuration value is provided. Currently, the EKS API only accepts a single value in the set.\n" }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.\n" }, "nodeGroupName": { "type": "string", "description": "Name of the EKS Node Group.\n" }, "nodeRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.\n" }, "releaseVersion": { "type": "string", "description": "AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.\n" }, "remoteAccess": { "$ref": "#/types/aws:eks/NodeGroupRemoteAccess:NodeGroupRemoteAccess", "description": "Configuration block with remote access settings. Detailed below.\n" }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:eks/NodeGroupResource:NodeGroupResource" }, "description": "List of objects containing information about underlying resources.\n" }, "scalingConfig": { "$ref": "#/types/aws:eks/NodeGroupScalingConfig:NodeGroupScalingConfig", "description": "Configuration block with scaling settings. Detailed below.\n" }, "status": { "type": "string", "description": "Status of the EKS Node Group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: `kubernetes.io/cluster/CLUSTER_NAME` (where `CLUSTER_NAME` is replaced with the name of the EKS Cluster).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" }, "version": { "type": "string", "description": "Kubernetes version. Defaults to EKS Cluster Kubernetes version. This provider will only perform drift detection if a configuration value is provided.\n" } }, "type": "object" } }, "aws:elasticache/cluster:Cluster": { "description": "Provides an ElastiCache Cluster resource, which manages a Memcached cluster or Redis instance.\nFor working with Redis (Cluster Mode Enabled) replication groups, see the\n`aws.elasticache.ReplicationGroup` resource.\n\n\u003e **Note:** When you change an attribute, such as `node_type`, by default\nit is applied in the next maintenance window. Because of this, this provider may report\na difference in its planning phase because the actual modification has not yet taken\nplace. You can use the `apply_immediately` flag to instruct the service to apply the\nchange immediately. Using `apply_immediately` can result in a brief downtime as the server reboots.\nSee the AWS Docs on [Modifying an ElastiCache Cache Cluster](https://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/Clusters.Modify.html) for more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Memcached Cluster\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticache.Cluster(\"example\", {\n engine: \"memcached\",\n nodeType: \"cache.m4.large\",\n numCacheNodes: 2,\n parameterGroupName: \"default.memcached1.4\",\n port: 11211,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticache.Cluster(\"example\",\n engine=\"memcached\",\n node_type=\"cache.m4.large\",\n num_cache_nodes=2,\n parameter_group_name=\"default.memcached1.4\",\n port=11211)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ElastiCache.Cluster(\"example\", new Aws.ElastiCache.ClusterArgs\n {\n Engine = \"memcached\",\n NodeType = \"cache.m4.large\",\n NumCacheNodes = 2,\n ParameterGroupName = \"default.memcached1.4\",\n Port = 11211,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elasticache.NewCluster(ctx, \"example\", \u0026elasticache.ClusterArgs{\n\t\t\tEngine: pulumi.String(\"memcached\"),\n\t\t\tNodeType: pulumi.String(\"cache.m4.large\"),\n\t\t\tNumCacheNodes: pulumi.Int(2),\n\t\t\tParameterGroupName: pulumi.String(\"default.memcached1.4\"),\n\t\t\tPort: pulumi.Int(11211),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Redis Instance\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticache.Cluster(\"example\", {\n engine: \"redis\",\n engineVersion: \"3.2.10\",\n nodeType: \"cache.m4.large\",\n numCacheNodes: 1,\n parameterGroupName: \"default.redis3.2\",\n port: 6379,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticache.Cluster(\"example\",\n engine=\"redis\",\n engine_version=\"3.2.10\",\n node_type=\"cache.m4.large\",\n num_cache_nodes=1,\n parameter_group_name=\"default.redis3.2\",\n port=6379)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ElastiCache.Cluster(\"example\", new Aws.ElastiCache.ClusterArgs\n {\n Engine = \"redis\",\n EngineVersion = \"3.2.10\",\n NodeType = \"cache.m4.large\",\n NumCacheNodes = 1,\n ParameterGroupName = \"default.redis3.2\",\n Port = 6379,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elasticache.NewCluster(ctx, \"example\", \u0026elasticache.ClusterArgs{\n\t\t\tEngine: pulumi.String(\"redis\"),\n\t\t\tEngineVersion: pulumi.String(\"3.2.10\"),\n\t\t\tNodeType: pulumi.String(\"cache.m4.large\"),\n\t\t\tNumCacheNodes: pulumi.Int(1),\n\t\t\tParameterGroupName: pulumi.String(\"default.redis3.2\"),\n\t\t\tPort: pulumi.Int(6379),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Redis Cluster Mode Disabled Read Replica Instance\n\nThese inherit their settings from the replication group.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst replica = new aws.elasticache.Cluster(\"replica\", {\n replicationGroupId: aws_elasticache_replication_group_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreplica = aws.elasticache.Cluster(\"replica\", replication_group_id=aws_elasticache_replication_group[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var replica = new Aws.ElastiCache.Cluster(\"replica\", new Aws.ElastiCache.ClusterArgs\n {\n ReplicationGroupId = aws_elasticache_replication_group.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elasticache.NewCluster(ctx, \"replica\", \u0026elasticache.ClusterArgs{\n\t\t\tReplicationGroupId: pulumi.String(aws_elasticache_replication_group.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`. See [Amazon ElastiCache Documentation for more information.](https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheCluster.html)\n(Available since v0.6.0)\n" }, "arn": { "type": "string" }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the cache cluster. If you want to create cache nodes in multi-az, use `preferred_availability_zones` instead. Default: System chosen Availability Zone.\n" }, "azMode": { "type": "string", "description": "Specifies whether the nodes in this Memcached node group are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region. Valid values for this parameter are `single-az` or `cross-az`, default is `single-az`. If you want to choose `cross-az`, `num_cache_nodes` must be greater than `1`\n" }, "cacheNodes": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ClusterCacheNode:ClusterCacheNode" }, "description": "List of node objects including `id`, `address`, `port` and `availability_zone`.\nReferenceable e.g. as `${aws_elasticache_cluster.bar.cache_nodes.0.address}`\n" }, "clusterAddress": { "type": "string", "description": "(Memcached only) The DNS name of the cache cluster without the port appended.\n" }, "clusterId": { "type": "string", "description": "Group identifier. ElastiCache converts\nthis name to lowercase\n" }, "configurationEndpoint": { "type": "string", "description": "(Memcached only) The configuration endpoint to allow host discovery.\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for this cache cluster.\nValid values for this parameter are `memcached` or `redis`\n" }, "engineVersion": { "type": "string", "description": "Version number of the cache engine to be used.\nSee [Describe Cache Engine Versions](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-engine-versions.html)\nin the AWS Documentation center for supported versions\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC).\nThe minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes. See\n[Available Cache Node Types](https://aws.amazon.com/elasticache/details#Available_Cache_Node_Types) for\nsupported node types\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send ElastiCache notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "numCacheNodes": { "type": "integer", "description": "The initial number of cache nodes that the\ncache cluster will have. For Redis, this value must be 1. For Memcache, this\nvalue must be between 1 and 20. If this number is reduced on subsequent runs,\nthe highest numbered nodes will be removed.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate\nwith this cache cluster\n" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcache the default is 11211, and for Redis the default port is 6379. Cannot be provided with `replication_group_id`.\n" }, "preferredAvailabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of the Availability Zones in which cache nodes are created. If you are creating your cluster in an Amazon VPC you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group. The number of Availability Zones listed must equal the value of `num_cache_nodes`. If you want all the nodes in the same Availability Zone, use `availability_zone` instead, or repeat the Availability Zone multiple times in the list. Default: System chosen Availability Zones. Detecting drift of existing node availability zone is not currently supported. Updating this argument by itself to migrate existing node availability zones is not currently supported and will show a perpetual difference.\n" }, "replicationGroupId": { "type": "string", "description": "The ID of the replication group to which this cluster should belong. If this parameter is specified, the cluster is added to the specified replication group as a read replica; otherwise, the cluster is a standalone primary that is not part of any replication group.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated\nwith the cache cluster\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "List of security group\nnames to associate with this cache cluster\n" }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "A single-element string list containing an\nAmazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3.\nExample: `arn:aws:s3:::my_bucket/snapshot1.rdb`\n" }, "snapshotName": { "type": "string", "description": "The name of a snapshot from which to restore data into the new node group. Changing the `snapshot_name` forces a new resource.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which ElastiCache will\nretain automatic cache cluster snapshots before deleting them. For example, if you set\nSnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days\nbefore being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off.\nPlease note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro or cache.t2.* cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which ElastiCache will\nbegin taking a daily snapshot of your cache cluster. Example: 05:00-09:00\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used\nfor the cache cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" } }, "required": [ "applyImmediately", "arn", "availabilityZone", "azMode", "cacheNodes", "clusterAddress", "clusterId", "configurationEndpoint", "engine", "engineVersion", "maintenanceWindow", "nodeType", "numCacheNodes", "parameterGroupName", "port", "replicationGroupId", "securityGroupIds", "securityGroupNames", "snapshotWindow", "subnetGroupName" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`. See [Amazon ElastiCache Documentation for more information.](https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheCluster.html)\n(Available since v0.6.0)\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the cache cluster. If you want to create cache nodes in multi-az, use `preferred_availability_zones` instead. Default: System chosen Availability Zone.\n" }, "azMode": { "type": "string", "description": "Specifies whether the nodes in this Memcached node group are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region. Valid values for this parameter are `single-az` or `cross-az`, default is `single-az`. If you want to choose `cross-az`, `num_cache_nodes` must be greater than `1`\n" }, "clusterId": { "type": "string", "description": "Group identifier. ElastiCache converts\nthis name to lowercase\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for this cache cluster.\nValid values for this parameter are `memcached` or `redis`\n" }, "engineVersion": { "type": "string", "description": "Version number of the cache engine to be used.\nSee [Describe Cache Engine Versions](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-engine-versions.html)\nin the AWS Documentation center for supported versions\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC).\nThe minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes. See\n[Available Cache Node Types](https://aws.amazon.com/elasticache/details#Available_Cache_Node_Types) for\nsupported node types\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send ElastiCache notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "numCacheNodes": { "type": "integer", "description": "The initial number of cache nodes that the\ncache cluster will have. For Redis, this value must be 1. For Memcache, this\nvalue must be between 1 and 20. If this number is reduced on subsequent runs,\nthe highest numbered nodes will be removed.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate\nwith this cache cluster\n" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcache the default is 11211, and for Redis the default port is 6379. Cannot be provided with `replication_group_id`.\n" }, "preferredAvailabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of the Availability Zones in which cache nodes are created. If you are creating your cluster in an Amazon VPC you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group. The number of Availability Zones listed must equal the value of `num_cache_nodes`. If you want all the nodes in the same Availability Zone, use `availability_zone` instead, or repeat the Availability Zone multiple times in the list. Default: System chosen Availability Zones. Detecting drift of existing node availability zone is not currently supported. Updating this argument by itself to migrate existing node availability zones is not currently supported and will show a perpetual difference.\n" }, "replicationGroupId": { "type": "string", "description": "The ID of the replication group to which this cluster should belong. If this parameter is specified, the cluster is added to the specified replication group as a read replica; otherwise, the cluster is a standalone primary that is not part of any replication group.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated\nwith the cache cluster\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "List of security group\nnames to associate with this cache cluster\n" }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "A single-element string list containing an\nAmazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3.\nExample: `arn:aws:s3:::my_bucket/snapshot1.rdb`\n" }, "snapshotName": { "type": "string", "description": "The name of a snapshot from which to restore data into the new node group. Changing the `snapshot_name` forces a new resource.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which ElastiCache will\nretain automatic cache cluster snapshots before deleting them. For example, if you set\nSnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days\nbefore being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off.\nPlease note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro or cache.t2.* cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which ElastiCache will\nbegin taking a daily snapshot of your cache cluster. Example: 05:00-09:00\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used\nfor the cache cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`. See [Amazon ElastiCache Documentation for more information.](https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheCluster.html)\n(Available since v0.6.0)\n" }, "arn": { "type": "string" }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the cache cluster. If you want to create cache nodes in multi-az, use `preferred_availability_zones` instead. Default: System chosen Availability Zone.\n" }, "azMode": { "type": "string", "description": "Specifies whether the nodes in this Memcached node group are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region. Valid values for this parameter are `single-az` or `cross-az`, default is `single-az`. If you want to choose `cross-az`, `num_cache_nodes` must be greater than `1`\n" }, "cacheNodes": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ClusterCacheNode:ClusterCacheNode" }, "description": "List of node objects including `id`, `address`, `port` and `availability_zone`.\nReferenceable e.g. as `${aws_elasticache_cluster.bar.cache_nodes.0.address}`\n" }, "clusterAddress": { "type": "string", "description": "(Memcached only) The DNS name of the cache cluster without the port appended.\n" }, "clusterId": { "type": "string", "description": "Group identifier. ElastiCache converts\nthis name to lowercase\n" }, "configurationEndpoint": { "type": "string", "description": "(Memcached only) The configuration endpoint to allow host discovery.\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for this cache cluster.\nValid values for this parameter are `memcached` or `redis`\n" }, "engineVersion": { "type": "string", "description": "Version number of the cache engine to be used.\nSee [Describe Cache Engine Versions](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-engine-versions.html)\nin the AWS Documentation center for supported versions\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC).\nThe minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes. See\n[Available Cache Node Types](https://aws.amazon.com/elasticache/details#Available_Cache_Node_Types) for\nsupported node types\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send ElastiCache notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "numCacheNodes": { "type": "integer", "description": "The initial number of cache nodes that the\ncache cluster will have. For Redis, this value must be 1. For Memcache, this\nvalue must be between 1 and 20. If this number is reduced on subsequent runs,\nthe highest numbered nodes will be removed.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate\nwith this cache cluster\n" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcache the default is 11211, and for Redis the default port is 6379. Cannot be provided with `replication_group_id`.\n" }, "preferredAvailabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of the Availability Zones in which cache nodes are created. If you are creating your cluster in an Amazon VPC you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group. The number of Availability Zones listed must equal the value of `num_cache_nodes`. If you want all the nodes in the same Availability Zone, use `availability_zone` instead, or repeat the Availability Zone multiple times in the list. Default: System chosen Availability Zones. Detecting drift of existing node availability zone is not currently supported. Updating this argument by itself to migrate existing node availability zones is not currently supported and will show a perpetual difference.\n" }, "replicationGroupId": { "type": "string", "description": "The ID of the replication group to which this cluster should belong. If this parameter is specified, the cluster is added to the specified replication group as a read replica; otherwise, the cluster is a standalone primary that is not part of any replication group.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated\nwith the cache cluster\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "List of security group\nnames to associate with this cache cluster\n" }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "A single-element string list containing an\nAmazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3.\nExample: `arn:aws:s3:::my_bucket/snapshot1.rdb`\n" }, "snapshotName": { "type": "string", "description": "The name of a snapshot from which to restore data into the new node group. Changing the `snapshot_name` forces a new resource.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which ElastiCache will\nretain automatic cache cluster snapshots before deleting them. For example, if you set\nSnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days\nbefore being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off.\nPlease note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro or cache.t2.* cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which ElastiCache will\nbegin taking a daily snapshot of your cache cluster. Example: 05:00-09:00\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used\nfor the cache cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" } }, "type": "object" } }, "aws:elasticache/parameterGroup:ParameterGroup": { "description": "Provides an ElastiCache parameter group resource.\n\n\u003e **NOTE:** Attempting to remove the `reserved-memory` parameter when `family` is set to `redis2.6` or `redis2.8` may show a perpetual difference in this provider due to an Elasticache API limitation. Leave that parameter configured with any value to workaround the issue.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultParameterGroup = new aws.elasticache.ParameterGroup(\"default\", {\n family: \"redis2.8\",\n parameters: [\n {\n name: \"activerehashing\",\n value: \"yes\",\n },\n {\n name: \"min-slaves-to-write\",\n value: \"2\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.elasticache.ParameterGroup(\"default\",\n family=\"redis2.8\",\n parameters=[\n {\n \"name\": \"activerehashing\",\n \"value\": \"yes\",\n },\n {\n \"name\": \"min-slaves-to-write\",\n \"value\": \"2\",\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.ElastiCache.ParameterGroup(\"default\", new Aws.ElastiCache.ParameterGroupArgs\n {\n Family = \"redis2.8\",\n Parameters = \n {\n new Aws.ElastiCache.Inputs.ParameterGroupParameterArgs\n {\n Name = \"activerehashing\",\n Value = \"yes\",\n },\n new Aws.ElastiCache.Inputs.ParameterGroupParameterArgs\n {\n Name = \"min-slaves-to-write\",\n Value = \"2\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elasticache.NewParameterGroup(ctx, \"default\", \u0026elasticache.ParameterGroupArgs{\n\t\t\tFamily: pulumi.String(\"redis2.8\"),\n\t\t\tParameters: elasticache.ParameterGroupParameterArray{\n\t\t\t\t\u0026elasticache.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"activerehashing\"),\n\t\t\t\t\tValue: pulumi.String(\"yes\"),\n\t\t\t\t},\n\t\t\t\t\u0026elasticache.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"min-slaves-to-write\"),\n\t\t\t\t\tValue: pulumi.String(\"2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "The description of the ElastiCache parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the ElastiCache parameter group.\n" }, "name": { "type": "string", "description": "The name of the ElastiCache parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of ElastiCache parameters to apply.\n" } }, "required": [ "description", "family", "name" ], "inputProperties": { "description": { "type": "string", "description": "The description of the ElastiCache parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the ElastiCache parameter group.\n" }, "name": { "type": "string", "description": "The name of the ElastiCache parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of ElastiCache parameters to apply.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "description": { "type": "string", "description": "The description of the ElastiCache parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the ElastiCache parameter group.\n" }, "name": { "type": "string", "description": "The name of the ElastiCache parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of ElastiCache parameters to apply.\n" } }, "type": "object" } }, "aws:elasticache/replicationGroup:ReplicationGroup": { "description": "Provides an ElastiCache Replication Group resource.\nFor working with Memcached or single primary Redis instances (Cluster Mode Disabled), see the\n`aws.elasticache.Cluster` resource.\n\n\u003e **Note:** When you change an attribute, such as `engine_version`, by\ndefault the ElastiCache API applies it in the next maintenance window. Because\nof this, this provider may report a difference in its planning phase because the\nactual modification has not yet taken place. You can use the\n`apply_immediately` flag to instruct the service to apply the change\nimmediately. Using `apply_immediately` can result in a brief downtime as\nservers reboots.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Redis Cluster Mode Enabled\n\nTo create two shards with a primary and a single read replica each:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst baz = new aws.elasticache.ReplicationGroup(\"baz\", {\n automaticFailoverEnabled: true,\n clusterMode: {\n numNodeGroups: 2,\n replicasPerNodeGroup: 1,\n },\n nodeType: \"cache.t2.small\",\n parameterGroupName: \"default.redis3.2.cluster.on\",\n port: 6379,\n replicationGroupDescription: \"test description\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbaz = aws.elasticache.ReplicationGroup(\"baz\",\n automatic_failover_enabled=True,\n cluster_mode={\n \"numNodeGroups\": 2,\n \"replicasPerNodeGroup\": 1,\n },\n node_type=\"cache.t2.small\",\n parameter_group_name=\"default.redis3.2.cluster.on\",\n port=6379,\n replication_group_description=\"test description\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var baz = new Aws.ElastiCache.ReplicationGroup(\"baz\", new Aws.ElastiCache.ReplicationGroupArgs\n {\n AutomaticFailoverEnabled = true,\n ClusterMode = new Aws.ElastiCache.Inputs.ReplicationGroupClusterModeArgs\n {\n NumNodeGroups = 2,\n ReplicasPerNodeGroup = 1,\n },\n NodeType = \"cache.t2.small\",\n ParameterGroupName = \"default.redis3.2.cluster.on\",\n Port = 6379,\n ReplicationGroupDescription = \"test description\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elasticache.NewReplicationGroup(ctx, \"baz\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tAutomaticFailoverEnabled: pulumi.Bool(true),\n\t\t\tClusterMode: \u0026elasticache.ReplicationGroupClusterModeArgs{\n\t\t\t\tNumNodeGroups: pulumi.Int(2),\n\t\t\t\tReplicasPerNodeGroup: pulumi.Int(1),\n\t\t\t},\n\t\t\tNodeType: pulumi.String(\"cache.t2.small\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.redis3.2.cluster.on\"),\n\t\t\tPort: pulumi.Int(6379),\n\t\t\tReplicationGroupDescription: pulumi.String(\"test description\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n\u003e **Note:** We currently do not support passing a `primary_cluster_id` in order to create the Replication Group.\n\n\u003e **Note:** Automatic Failover is unavailable for Redis versions earlier than 2.8.6,\nand unavailable on T1 node types. For T2 node types, it is only available on Redis version 3.2.4 or later with cluster mode enabled. See the [High Availability Using Replication Groups](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Replication.html) guide\nfor full details on using Replication Groups.\n{{% /example %}}\n{{% /examples %}}", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption at rest.\n" }, "authToken": { "type": "string", "description": "The password used to access a password protected server. Can be specified only if `transit_encryption_enabled = true`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Specifies whether a minor engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window. Defaults to `true`.\n" }, "automaticFailoverEnabled": { "type": "boolean", "description": "Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails. If true, Multi-AZ is enabled for this replication group. If false, Multi-AZ is disabled for this replication group. Must be enabled for Redis (cluster mode enabled) replication groups. Defaults to `false`.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 availability zones in which the replication group's cache clusters will be created. The order of the availability zones in the list is not important.\n" }, "clusterMode": { "$ref": "#/types/aws:elasticache/ReplicationGroupClusterMode:ReplicationGroupClusterMode", "description": "Create a native redis cluster. `automatic_failover_enabled` must be set to true. Cluster Mode documented below. Only 1 `cluster_mode` block is allowed.\n" }, "configurationEndpointAddress": { "type": "string", "description": "The address of the replication group configuration endpoint when cluster mode is enabled.\n" }, "engine": { "type": "string", "description": "The name of the cache engine to be used for the clusters in this replication group. e.g. `redis`\n" }, "engineVersion": { "type": "string", "description": "The version number of the cache engine to be used for the cache clusters in this replication group.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true`.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC).\nThe minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`\n" }, "memberClusters": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of all the nodes that are part of this replication group.\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes in the node group.\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send ElastiCache notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "numberCacheClusters": { "type": "integer", "description": "The number of cache clusters (primary and replicas) this replication group will have. If Multi-AZ is enabled, the value of this parameter must be at least 2. Updates will occur before other modifications.\n" }, "parameterGroupName": { "type": "string", "description": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcache the default is 11211, and for Redis the default port is 6379.\n" }, "primaryEndpointAddress": { "type": "string", "description": "(Redis only) The address of the endpoint for the primary node in the replication group, if the cluster mode is disabled.\n" }, "replicationGroupDescription": { "type": "string", "description": "A user-created description for the replication group.\n" }, "replicationGroupId": { "type": "string", "description": "The replication group identifier. This parameter is stored as a lowercase string.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more Amazon VPC security groups associated with this replication group. Use this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of cache security group names to associate with this replication group.\n" }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "A single-element string list containing an\nAmazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3.\nExample: `arn:aws:s3:::my_bucket/snapshot1.rdb`\n" }, "snapshotName": { "type": "string", "description": "The name of a snapshot from which to restore data into the new node group. Changing the `snapshot_name` forces a new resource.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which ElastiCache will\nretain automatic cache cluster snapshots before deleting them. For example, if you set\nSnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days\nbefore being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off.\nPlease note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro or cache.t2.* cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which ElastiCache will\nbegin taking a daily snapshot of your cache cluster. The minimum snapshot window is a 60 minute period. Example: `05:00-09:00`\n" }, "subnetGroupName": { "type": "string", "description": "The name of the cache subnet group to be used for the replication group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" }, "transitEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption in transit.\n" } }, "required": [ "applyImmediately", "clusterMode", "configurationEndpointAddress", "engineVersion", "maintenanceWindow", "memberClusters", "nodeType", "numberCacheClusters", "parameterGroupName", "primaryEndpointAddress", "replicationGroupDescription", "replicationGroupId", "securityGroupIds", "securityGroupNames", "snapshotWindow", "subnetGroupName" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption at rest.\n" }, "authToken": { "type": "string", "description": "The password used to access a password protected server. Can be specified only if `transit_encryption_enabled = true`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Specifies whether a minor engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window. Defaults to `true`.\n" }, "automaticFailoverEnabled": { "type": "boolean", "description": "Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails. If true, Multi-AZ is enabled for this replication group. If false, Multi-AZ is disabled for this replication group. Must be enabled for Redis (cluster mode enabled) replication groups. Defaults to `false`.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 availability zones in which the replication group's cache clusters will be created. The order of the availability zones in the list is not important.\n" }, "clusterMode": { "$ref": "#/types/aws:elasticache/ReplicationGroupClusterMode:ReplicationGroupClusterMode", "description": "Create a native redis cluster. `automatic_failover_enabled` must be set to true. Cluster Mode documented below. Only 1 `cluster_mode` block is allowed.\n" }, "engine": { "type": "string", "description": "The name of the cache engine to be used for the clusters in this replication group. e.g. `redis`\n" }, "engineVersion": { "type": "string", "description": "The version number of the cache engine to be used for the cache clusters in this replication group.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true`.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC).\nThe minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes in the node group.\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send ElastiCache notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "numberCacheClusters": { "type": "integer", "description": "The number of cache clusters (primary and replicas) this replication group will have. If Multi-AZ is enabled, the value of this parameter must be at least 2. Updates will occur before other modifications.\n" }, "parameterGroupName": { "type": "string", "description": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcache the default is 11211, and for Redis the default port is 6379.\n" }, "replicationGroupDescription": { "type": "string", "description": "A user-created description for the replication group.\n" }, "replicationGroupId": { "type": "string", "description": "The replication group identifier. This parameter is stored as a lowercase string.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more Amazon VPC security groups associated with this replication group. Use this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of cache security group names to associate with this replication group.\n" }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "A single-element string list containing an\nAmazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3.\nExample: `arn:aws:s3:::my_bucket/snapshot1.rdb`\n" }, "snapshotName": { "type": "string", "description": "The name of a snapshot from which to restore data into the new node group. Changing the `snapshot_name` forces a new resource.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which ElastiCache will\nretain automatic cache cluster snapshots before deleting them. For example, if you set\nSnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days\nbefore being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off.\nPlease note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro or cache.t2.* cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which ElastiCache will\nbegin taking a daily snapshot of your cache cluster. The minimum snapshot window is a 60 minute period. Example: `05:00-09:00`\n" }, "subnetGroupName": { "type": "string", "description": "The name of the cache subnet group to be used for the replication group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" }, "transitEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption in transit.\n" } }, "requiredInputs": [ "replicationGroupDescription" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationGroup resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption at rest.\n" }, "authToken": { "type": "string", "description": "The password used to access a password protected server. Can be specified only if `transit_encryption_enabled = true`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Specifies whether a minor engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window. Defaults to `true`.\n" }, "automaticFailoverEnabled": { "type": "boolean", "description": "Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails. If true, Multi-AZ is enabled for this replication group. If false, Multi-AZ is disabled for this replication group. Must be enabled for Redis (cluster mode enabled) replication groups. Defaults to `false`.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 availability zones in which the replication group's cache clusters will be created. The order of the availability zones in the list is not important.\n" }, "clusterMode": { "$ref": "#/types/aws:elasticache/ReplicationGroupClusterMode:ReplicationGroupClusterMode", "description": "Create a native redis cluster. `automatic_failover_enabled` must be set to true. Cluster Mode documented below. Only 1 `cluster_mode` block is allowed.\n" }, "configurationEndpointAddress": { "type": "string", "description": "The address of the replication group configuration endpoint when cluster mode is enabled.\n" }, "engine": { "type": "string", "description": "The name of the cache engine to be used for the clusters in this replication group. e.g. `redis`\n" }, "engineVersion": { "type": "string", "description": "The version number of the cache engine to be used for the cache clusters in this replication group.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true`.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC).\nThe minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`\n" }, "memberClusters": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of all the nodes that are part of this replication group.\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes in the node group.\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send ElastiCache notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "numberCacheClusters": { "type": "integer", "description": "The number of cache clusters (primary and replicas) this replication group will have. If Multi-AZ is enabled, the value of this parameter must be at least 2. Updates will occur before other modifications.\n" }, "parameterGroupName": { "type": "string", "description": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcache the default is 11211, and for Redis the default port is 6379.\n" }, "primaryEndpointAddress": { "type": "string", "description": "(Redis only) The address of the endpoint for the primary node in the replication group, if the cluster mode is disabled.\n" }, "replicationGroupDescription": { "type": "string", "description": "A user-created description for the replication group.\n" }, "replicationGroupId": { "type": "string", "description": "The replication group identifier. This parameter is stored as a lowercase string.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more Amazon VPC security groups associated with this replication group. Use this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of cache security group names to associate with this replication group.\n" }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "A single-element string list containing an\nAmazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3.\nExample: `arn:aws:s3:::my_bucket/snapshot1.rdb`\n" }, "snapshotName": { "type": "string", "description": "The name of a snapshot from which to restore data into the new node group. Changing the `snapshot_name` forces a new resource.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which ElastiCache will\nretain automatic cache cluster snapshots before deleting them. For example, if you set\nSnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days\nbefore being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off.\nPlease note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro or cache.t2.* cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which ElastiCache will\nbegin taking a daily snapshot of your cache cluster. The minimum snapshot window is a 60 minute period. Example: `05:00-09:00`\n" }, "subnetGroupName": { "type": "string", "description": "The name of the cache subnet group to be used for the replication group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" }, "transitEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption in transit.\n" } }, "type": "object" } }, "aws:elasticache/securityGroup:SecurityGroup": { "description": "Provides an ElastiCache Security Group to control access to one or more cache\nclusters.\n\n\u003e **NOTE:** ElastiCache Security Groups are for use only when working with an\nElastiCache cluster **outside** of a VPC. If you are using a VPC, see the\nElastiCache Subnet Group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst barEc2SecurityGroup = new aws.ec2.SecurityGroup(\"bar\", {});\nconst barSecurityGroup = new aws.elasticache.SecurityGroup(\"bar\", {\n securityGroupNames: [barEc2SecurityGroup.name],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar_security_group = aws.ec2.SecurityGroup(\"barSecurityGroup\")\nbar_elasticache_security_group_security_group = aws.elasticache.SecurityGroup(\"barElasticache/securityGroupSecurityGroup\", security_group_names=[bar_security_group.name])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var barSecurityGroup = new Aws.Ec2.SecurityGroup(\"barSecurityGroup\", new Aws.Ec2.SecurityGroupArgs\n {\n });\n var barElasticache_securityGroupSecurityGroup = new Aws.ElastiCache.SecurityGroup(\"barElasticache/securityGroupSecurityGroup\", new Aws.ElastiCache.SecurityGroupArgs\n {\n SecurityGroupNames = \n {\n barSecurityGroup.Name,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbarSecurityGroup, err := ec2.NewSecurityGroup(ctx, \"barSecurityGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticache.NewSecurityGroup(ctx, \"barElasticache/securityGroupSecurityGroup\", \u0026elasticache.SecurityGroupArgs{\n\t\t\tSecurityGroupNames: pulumi.StringArray{\n\t\t\t\tbarSecurityGroup.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "description for the cache security group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "Name for the cache security group. This value is stored as a lowercase string.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 security group names to be\nauthorized for ingress to the cache security group\n" } }, "required": [ "description", "name", "securityGroupNames" ], "inputProperties": { "description": { "type": "string", "description": "description for the cache security group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "Name for the cache security group. This value is stored as a lowercase string.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 security group names to be\nauthorized for ingress to the cache security group\n" } }, "requiredInputs": [ "securityGroupNames" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityGroup resources.\n", "properties": { "description": { "type": "string", "description": "description for the cache security group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "Name for the cache security group. This value is stored as a lowercase string.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 security group names to be\nauthorized for ingress to the cache security group\n" } }, "type": "object" } }, "aws:elasticache/subnetGroup:SubnetGroup": { "description": "Provides an ElastiCache Subnet Group resource.\n\n\u003e **NOTE:** ElastiCache Subnet Groups are only for use when working with an\nElastiCache cluster **inside** of a VPC. If you are on EC2 Classic, see the\nElastiCache Security Group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooVpc = new aws.ec2.Vpc(\"foo\", {\n cidrBlock: \"10.0.0.0/16\",\n tags: {\n Name: \"tf-test\",\n },\n});\nconst fooSubnet = new aws.ec2.Subnet(\"foo\", {\n availabilityZone: \"us-west-2a\",\n cidrBlock: \"10.0.0.0/24\",\n tags: {\n Name: \"tf-test\",\n },\n vpcId: fooVpc.id,\n});\nconst bar = new aws.elasticache.SubnetGroup(\"bar\", {\n subnetIds: [fooSubnet.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_vpc = aws.ec2.Vpc(\"fooVpc\",\n cidr_block=\"10.0.0.0/16\",\n tags={\n \"Name\": \"tf-test\",\n })\nfoo_subnet = aws.ec2.Subnet(\"fooSubnet\",\n availability_zone=\"us-west-2a\",\n cidr_block=\"10.0.0.0/24\",\n tags={\n \"Name\": \"tf-test\",\n },\n vpc_id=foo_vpc.id)\nbar = aws.elasticache.SubnetGroup(\"bar\", subnet_ids=[foo_subnet.id])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooVpc = new Aws.Ec2.Vpc(\"fooVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n Tags = \n {\n { \"Name\", \"tf-test\" },\n },\n });\n var fooSubnet = new Aws.Ec2.Subnet(\"fooSubnet\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = \"10.0.0.0/24\",\n Tags = \n {\n { \"Name\", \"tf-test\" },\n },\n VpcId = fooVpc.Id,\n });\n var bar = new Aws.ElastiCache.SubnetGroup(\"bar\", new Aws.ElastiCache.SubnetGroupArgs\n {\n SubnetIds = \n {\n fooSubnet.Id,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooVpc, err := ec2.NewVpc(ctx, \"fooVpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"tf-test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooSubnet, err := ec2.NewSubnet(ctx, \"fooSubnet\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/24\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"tf-test\"),\n\t\t\t},\n\t\t\tVpcId: fooVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticache.NewSubnetGroup(ctx, \"bar\", \u0026elasticache.SubnetGroupArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tfooSubnet.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "Description for the cache subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "Name for the cache subnet group. Elasticache converts this name to lowercase.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Subnet IDs for the cache subnet group\n" } }, "required": [ "description", "name", "subnetIds" ], "inputProperties": { "description": { "type": "string", "description": "Description for the cache subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "Name for the cache subnet group. Elasticache converts this name to lowercase.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Subnet IDs for the cache subnet group\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "description": { "type": "string", "description": "Description for the cache subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "Name for the cache subnet group. Elasticache converts this name to lowercase.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Subnet IDs for the cache subnet group\n" } }, "type": "object" } }, "aws:elasticbeanstalk/application:Application": { "description": "Provides an Elastic Beanstalk Application Resource. Elastic Beanstalk allows\nyou to deploy and manage applications in the AWS cloud without worrying about\nthe infrastructure that runs those applications.\n\nThis resource creates an application that has one configuration template named\n`default`, and no application versions\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tftest = new aws.elasticbeanstalk.Application(\"tftest\", {\n appversionLifecycle: {\n deleteSourceFromS3: true,\n maxCount: 128,\n serviceRole: aws_iam_role_beanstalk_service.arn,\n },\n description: \"tf-test-desc\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntftest = aws.elasticbeanstalk.Application(\"tftest\",\n appversion_lifecycle={\n \"deleteSourceFromS3\": True,\n \"maxCount\": 128,\n \"service_role\": aws_iam_role[\"beanstalk_service\"][\"arn\"],\n },\n description=\"tf-test-desc\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var tftest = new Aws.ElasticBeanstalk.Application(\"tftest\", new Aws.ElasticBeanstalk.ApplicationArgs\n {\n AppversionLifecycle = new Aws.ElasticBeanstalk.Inputs.ApplicationAppversionLifecycleArgs\n {\n DeleteSourceFromS3 = true,\n MaxCount = 128,\n ServiceRole = aws_iam_role.Beanstalk_service.Arn,\n },\n Description = \"tf-test-desc\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elasticbeanstalk.NewApplication(ctx, \"tftest\", \u0026elasticbeanstalk.ApplicationArgs{\n\t\t\tAppversionLifecycle: \u0026elasticbeanstalk.ApplicationAppversionLifecycleArgs{\n\t\t\t\tDeleteSourceFromS3: pulumi.Bool(true),\n\t\t\t\tMaxCount: pulumi.Int(128),\n\t\t\t\tServiceRole: pulumi.String(aws_iam_role.Beanstalk_service.Arn),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"tf-test-desc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "appversionLifecycle": { "$ref": "#/types/aws:elasticbeanstalk/ApplicationAppversionLifecycle:ApplicationAppversionLifecycle" }, "arn": { "type": "string", "description": "The ARN assigned by AWS for this Elastic Beanstalk Application.\n" }, "description": { "type": "string", "description": "Short description of the application\n" }, "name": { "type": "string", "description": "The name of the application, must be unique within your account\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "appversionLifecycle": { "$ref": "#/types/aws:elasticbeanstalk/ApplicationAppversionLifecycle:ApplicationAppversionLifecycle" }, "description": { "type": "string", "description": "Short description of the application\n" }, "name": { "type": "string", "description": "The name of the application, must be unique within your account\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "appversionLifecycle": { "$ref": "#/types/aws:elasticbeanstalk/ApplicationAppversionLifecycle:ApplicationAppversionLifecycle" }, "arn": { "type": "string", "description": "The ARN assigned by AWS for this Elastic Beanstalk Application.\n" }, "description": { "type": "string", "description": "Short description of the application\n" }, "name": { "type": "string", "description": "The name of the application, must be unique within your account\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application.\n" } }, "type": "object" } }, "aws:elasticbeanstalk/applicationVersion:ApplicationVersion": { "description": "Provides an Elastic Beanstalk Application Version Resource. Elastic Beanstalk allows\nyou to deploy and manage applications in the AWS cloud without worrying about\nthe infrastructure that runs those applications.\n\nThis resource creates a Beanstalk Application Version that can be deployed to a Beanstalk\nEnvironment.\n\n\u003e **NOTE on Application Version Resource:** When using the Application Version resource with multiple \nElastic Beanstalk Environments it is possible that an error may be returned\nwhen attempting to delete an Application Version while it is still in use by a different environment.\nTo work around this you can either create each environment in a separate AWS account or create your `aws.elasticbeanstalk.ApplicationVersion` resources with a unique names in your Elastic Beanstalk Application. For example \u0026lt;revision\u0026gt;-\u0026lt;environment\u0026gt;.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultBucket = new aws.s3.Bucket(\"default\", {});\nconst defaultBucketObject = new aws.s3.BucketObject(\"default\", {\n bucket: defaultBucket.id,\n key: \"beanstalk/go-v1.zip\",\n source: new pulumi.asset.FileAsset(\"go-v1.zip\"),\n});\nconst defaultApplication = new aws.elasticbeanstalk.Application(\"default\", {\n description: \"tf-test-desc\",\n});\nconst defaultApplicationVersion = new aws.elasticbeanstalk.ApplicationVersion(\"default\", {\n application: \"tf-test-name\",\n bucket: defaultBucket.id,\n description: \"application version\",\n key: defaultBucketObject.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_bucket = aws.s3.Bucket(\"defaultBucket\")\ndefault_bucket_object = aws.s3.BucketObject(\"defaultBucketObject\",\n bucket=default_bucket.id,\n key=\"beanstalk/go-v1.zip\",\n source=pulumi.FileAsset(\"go-v1.zip\"))\ndefault_application = aws.elasticbeanstalk.Application(\"defaultApplication\", description=\"tf-test-desc\")\ndefault_application_version = aws.elasticbeanstalk.ApplicationVersion(\"defaultApplicationVersion\",\n application=\"tf-test-name\",\n bucket=default_bucket.id,\n description=\"application version\",\n key=default_bucket_object.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var defaultBucket = new Aws.S3.Bucket(\"defaultBucket\", new Aws.S3.BucketArgs\n {\n });\n var defaultBucketObject = new Aws.S3.BucketObject(\"defaultBucketObject\", new Aws.S3.BucketObjectArgs\n {\n Bucket = defaultBucket.Id,\n Key = \"beanstalk/go-v1.zip\",\n Source = new FileAsset(\"go-v1.zip\"),\n });\n var defaultApplication = new Aws.ElasticBeanstalk.Application(\"defaultApplication\", new Aws.ElasticBeanstalk.ApplicationArgs\n {\n Description = \"tf-test-desc\",\n });\n var defaultApplicationVersion = new Aws.ElasticBeanstalk.ApplicationVersion(\"defaultApplicationVersion\", new Aws.ElasticBeanstalk.ApplicationVersionArgs\n {\n Application = \"tf-test-name\",\n Bucket = defaultBucket.Id,\n Description = \"application version\",\n Key = defaultBucketObject.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultBucket, err := s3.NewBucket(ctx, \"defaultBucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultBucketObject, err := s3.NewBucketObject(ctx, \"defaultBucketObject\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: defaultBucket.ID(),\n\t\t\tKey: pulumi.String(\"beanstalk/go-v1.zip\"),\n\t\t\tSource: pulumi.NewFileAsset(\"go-v1.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticbeanstalk.NewApplication(ctx, \"defaultApplication\", \u0026elasticbeanstalk.ApplicationArgs{\n\t\t\tDescription: pulumi.String(\"tf-test-desc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticbeanstalk.NewApplicationVersion(ctx, \"defaultApplicationVersion\", \u0026elasticbeanstalk.ApplicationVersionArgs{\n\t\t\tApplication: pulumi.String(\"tf-test-name\"),\n\t\t\tBucket: defaultBucket.ID(),\n\t\t\tDescription: pulumi.String(\"application version\"),\n\t\t\tKey: defaultBucketObject.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "application": { "type": "string", "description": "Name of the Beanstalk Application the version is associated with.\n" }, "arn": { "type": "string", "description": "The ARN assigned by AWS for this Elastic Beanstalk Application.\n" }, "bucket": { "type": "string", "description": "S3 bucket that contains the Application Version source bundle.\n" }, "description": { "type": "string", "description": "Short description of the Application Version.\n" }, "forceDelete": { "type": "boolean", "description": "On delete, force an Application Version to be deleted when it may be in use\nby multiple Elastic Beanstalk Environments.\n" }, "key": { "type": "string", "description": "S3 object that is the Application Version source bundle.\n" }, "name": { "type": "string", "description": "A unique name for the this Application Version.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application Version.\n" } }, "required": [ "application", "arn", "bucket", "key", "name" ], "inputProperties": { "application": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/application:Application" } ], "description": "Name of the Beanstalk Application the version is associated with.\n" }, "bucket": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/bucket:Bucket" } ], "description": "S3 bucket that contains the Application Version source bundle.\n" }, "description": { "type": "string", "description": "Short description of the Application Version.\n" }, "forceDelete": { "type": "boolean", "description": "On delete, force an Application Version to be deleted when it may be in use\nby multiple Elastic Beanstalk Environments.\n" }, "key": { "type": "string", "description": "S3 object that is the Application Version source bundle.\n" }, "name": { "type": "string", "description": "A unique name for the this Application Version.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application Version.\n" } }, "requiredInputs": [ "application", "bucket", "key" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApplicationVersion resources.\n", "properties": { "application": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/application:Application" } ], "description": "Name of the Beanstalk Application the version is associated with.\n" }, "arn": { "type": "string", "description": "The ARN assigned by AWS for this Elastic Beanstalk Application.\n" }, "bucket": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/bucket:Bucket" } ], "description": "S3 bucket that contains the Application Version source bundle.\n" }, "description": { "type": "string", "description": "Short description of the Application Version.\n" }, "forceDelete": { "type": "boolean", "description": "On delete, force an Application Version to be deleted when it may be in use\nby multiple Elastic Beanstalk Environments.\n" }, "key": { "type": "string", "description": "S3 object that is the Application Version source bundle.\n" }, "name": { "type": "string", "description": "A unique name for the this Application Version.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application Version.\n" } }, "type": "object" } }, "aws:elasticbeanstalk/configurationTemplate:ConfigurationTemplate": { "description": "Provides an Elastic Beanstalk Configuration Template, which are associated with\na specific application and are used to deploy different versions of the\napplication with the same configuration settings.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tftest = new aws.elasticbeanstalk.Application(\"tftest\", {\n description: \"tf-test-desc\",\n});\nconst tfTemplate = new aws.elasticbeanstalk.ConfigurationTemplate(\"tf_template\", {\n application: tftest.name,\n solutionStackName: \"64bit Amazon Linux 2015.09 v2.0.8 running Go 1.4\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntftest = aws.elasticbeanstalk.Application(\"tftest\", description=\"tf-test-desc\")\ntf_template = aws.elasticbeanstalk.ConfigurationTemplate(\"tfTemplate\",\n application=tftest.name,\n solution_stack_name=\"64bit Amazon Linux 2015.09 v2.0.8 running Go 1.4\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var tftest = new Aws.ElasticBeanstalk.Application(\"tftest\", new Aws.ElasticBeanstalk.ApplicationArgs\n {\n Description = \"tf-test-desc\",\n });\n var tfTemplate = new Aws.ElasticBeanstalk.ConfigurationTemplate(\"tfTemplate\", new Aws.ElasticBeanstalk.ConfigurationTemplateArgs\n {\n Application = tftest.Name,\n SolutionStackName = \"64bit Amazon Linux 2015.09 v2.0.8 running Go 1.4\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttftest, err := elasticbeanstalk.NewApplication(ctx, \"tftest\", \u0026elasticbeanstalk.ApplicationArgs{\n\t\t\tDescription: pulumi.String(\"tf-test-desc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticbeanstalk.NewConfigurationTemplate(ctx, \"tfTemplate\", \u0026elasticbeanstalk.ConfigurationTemplateArgs{\n\t\t\tApplication: tftest.Name,\n\t\t\tSolutionStackName: pulumi.String(\"64bit Amazon Linux 2015.09 v2.0.8 running Go 1.4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Option Settings\n\nThe `setting` field supports the following format:\n\n* `namespace` - unique namespace identifying the option's associated AWS resource\n* `name` - name of the configuration option\n* `value` - value for the configuration option\n* `resource` - (Optional) resource name for [scheduled action](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-autoscalingscheduledaction)\n", "properties": { "application": { "type": "string", "description": "name of the application to associate with this configuration template\n" }, "description": { "type": "string", "description": "Short description of the Template\n" }, "environmentId": { "type": "string", "description": "The ID of the environment used with this configuration template\n" }, "name": { "type": "string", "description": "A unique name for this Template.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/ConfigurationTemplateSetting:ConfigurationTemplateSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your Template\noff of. Example stacks can be found in the [Amazon API documentation](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html)\n" } }, "required": [ "application", "name", "settings" ], "inputProperties": { "application": { "type": "string", "description": "name of the application to associate with this configuration template\n" }, "description": { "type": "string", "description": "Short description of the Template\n" }, "environmentId": { "type": "string", "description": "The ID of the environment used with this configuration template\n" }, "name": { "type": "string", "description": "A unique name for this Template.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/ConfigurationTemplateSetting:ConfigurationTemplateSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your Template\noff of. Example stacks can be found in the [Amazon API documentation](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html)\n" } }, "requiredInputs": [ "application" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationTemplate resources.\n", "properties": { "application": { "type": "string", "description": "name of the application to associate with this configuration template\n" }, "description": { "type": "string", "description": "Short description of the Template\n" }, "environmentId": { "type": "string", "description": "The ID of the environment used with this configuration template\n" }, "name": { "type": "string", "description": "A unique name for this Template.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/ConfigurationTemplateSetting:ConfigurationTemplateSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your Template\noff of. Example stacks can be found in the [Amazon API documentation](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html)\n" } }, "type": "object" } }, "aws:elasticbeanstalk/environment:Environment": { "description": "Provides an Elastic Beanstalk Environment Resource. Elastic Beanstalk allows\nyou to deploy and manage applications in the AWS cloud without worrying about\nthe infrastructure that runs those applications.\n\nEnvironments are often things such as `development`, `integration`, or\n`production`.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tftest = new aws.elasticbeanstalk.Application(\"tftest\", {\n description: \"tf-test-desc\",\n});\nconst tfenvtest = new aws.elasticbeanstalk.Environment(\"tfenvtest\", {\n application: tftest.name,\n solutionStackName: \"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntftest = aws.elasticbeanstalk.Application(\"tftest\", description=\"tf-test-desc\")\ntfenvtest = aws.elasticbeanstalk.Environment(\"tfenvtest\",\n application=tftest.name,\n solution_stack_name=\"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var tftest = new Aws.ElasticBeanstalk.Application(\"tftest\", new Aws.ElasticBeanstalk.ApplicationArgs\n {\n Description = \"tf-test-desc\",\n });\n var tfenvtest = new Aws.ElasticBeanstalk.Environment(\"tfenvtest\", new Aws.ElasticBeanstalk.EnvironmentArgs\n {\n Application = tftest.Name,\n SolutionStackName = \"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttftest, err := elasticbeanstalk.NewApplication(ctx, \"tftest\", \u0026elasticbeanstalk.ApplicationArgs{\n\t\t\tDescription: pulumi.String(\"tf-test-desc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticbeanstalk.NewEnvironment(ctx, \"tfenvtest\", \u0026elasticbeanstalk.EnvironmentArgs{\n\t\t\tApplication: tftest.Name,\n\t\t\tSolutionStackName: pulumi.String(\"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Option Settings\n\nSome options can be stack-specific, check [AWS Docs](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html)\nfor supported options and examples.\n\nThe `setting` and `all_settings` mappings support the following format:\n\n* `namespace` - unique namespace identifying the option's associated AWS resource\n* `name` - name of the configuration option\n* `value` - value for the configuration option\n* `resource` - (Optional) resource name for [scheduled action](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-autoscalingscheduledaction)\n\n### Example With Options\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tftest = new aws.elasticbeanstalk.Application(\"tftest\", {\n description: \"tf-test-desc\",\n});\nconst tfenvtest = new aws.elasticbeanstalk.Environment(\"tfenvtest\", {\n application: tftest.name,\n settings: [\n {\n name: \"VPCId\",\n namespace: \"aws:ec2:vpc\",\n value: \"vpc-xxxxxxxx\",\n },\n {\n name: \"Subnets\",\n namespace: \"aws:ec2:vpc\",\n value: \"subnet-xxxxxxxx\",\n },\n ],\n solutionStackName: \"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntftest = aws.elasticbeanstalk.Application(\"tftest\", description=\"tf-test-desc\")\ntfenvtest = aws.elasticbeanstalk.Environment(\"tfenvtest\",\n application=tftest.name,\n settings=[\n {\n \"name\": \"VPCId\",\n \"namespace\": \"aws:ec2:vpc\",\n \"value\": \"vpc-xxxxxxxx\",\n },\n {\n \"name\": \"Subnets\",\n \"namespace\": \"aws:ec2:vpc\",\n \"value\": \"subnet-xxxxxxxx\",\n },\n ],\n solution_stack_name=\"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var tftest = new Aws.ElasticBeanstalk.Application(\"tftest\", new Aws.ElasticBeanstalk.ApplicationArgs\n {\n Description = \"tf-test-desc\",\n });\n var tfenvtest = new Aws.ElasticBeanstalk.Environment(\"tfenvtest\", new Aws.ElasticBeanstalk.EnvironmentArgs\n {\n Application = tftest.Name,\n Settings = \n {\n new Aws.ElasticBeanstalk.Inputs.EnvironmentSettingArgs\n {\n Name = \"VPCId\",\n Namespace = \"aws:ec2:vpc\",\n Value = \"vpc-xxxxxxxx\",\n },\n new Aws.ElasticBeanstalk.Inputs.EnvironmentSettingArgs\n {\n Name = \"Subnets\",\n Namespace = \"aws:ec2:vpc\",\n Value = \"subnet-xxxxxxxx\",\n },\n },\n SolutionStackName = \"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttftest, err := elasticbeanstalk.NewApplication(ctx, \"tftest\", \u0026elasticbeanstalk.ApplicationArgs{\n\t\t\tDescription: pulumi.String(\"tf-test-desc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticbeanstalk.NewEnvironment(ctx, \"tfenvtest\", \u0026elasticbeanstalk.EnvironmentArgs{\n\t\t\tApplication: tftest.Name,\n\t\t\tSettings: elasticbeanstalk.EnvironmentSettingArray{\n\t\t\t\t\u0026elasticbeanstalk.EnvironmentSettingArgs{\n\t\t\t\t\tName: pulumi.String(\"VPCId\"),\n\t\t\t\t\tNamespace: pulumi.String(\"aws:ec2:vpc\"),\n\t\t\t\t\tValue: pulumi.String(\"vpc-xxxxxxxx\"),\n\t\t\t\t},\n\t\t\t\t\u0026elasticbeanstalk.EnvironmentSettingArgs{\n\t\t\t\t\tName: pulumi.String(\"Subnets\"),\n\t\t\t\t\tNamespace: pulumi.String(\"aws:ec2:vpc\"),\n\t\t\t\t\tValue: pulumi.String(\"subnet-xxxxxxxx\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSolutionStackName: pulumi.String(\"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "allSettings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/EnvironmentAllSetting:EnvironmentAllSetting" }, "description": "List of all option settings configured in this Environment. These\nare a combination of default settings and their overrides from `setting` in\nthe configuration.\n" }, "application": { "type": "string", "description": "Name of the application that contains the version\nto be deployed\n" }, "arn": { "type": "string" }, "autoscalingGroups": { "type": "array", "items": { "type": "string" }, "description": "The autoscaling groups used by this Environment.\n" }, "cname": { "type": "string", "description": "Fully qualified DNS name for this Environment.\n" }, "cnamePrefix": { "type": "string", "description": "Prefix to use for the fully qualified DNS name of\nthe Environment.\n" }, "description": { "type": "string", "description": "Short description of the Environment\n" }, "endpointUrl": { "type": "string", "description": "The URL to the Load Balancer for this Environment\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "Instances used by this Environment.\n" }, "launchConfigurations": { "type": "array", "items": { "type": "string" }, "description": "Launch configurations in use by this Environment.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "Elastic load balancers in use by this Environment.\n" }, "name": { "type": "string", "description": "A unique name for this Environment. This name is used\nin the application URL\n" }, "platformArn": { "type": "string", "description": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Elastic Beanstalk [Platform](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk-environment.html#cfn-beanstalk-environment-platformarn)\nto use in deployment\n" }, "pollInterval": { "type": "string", "description": "The time between polling the AWS API to\ncheck if changes have been applied. Use this to adjust the rate of API calls\nfor any `create` or `update` action. Minimum `10s`, maximum `180s`. Omit this to\nuse the default behavior, which is an exponential backoff\n" }, "queues": { "type": "array", "items": { "type": "string" }, "description": "SQS queues in use by this Environment.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/EnvironmentSetting:EnvironmentSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your environment\noff of. Example stacks can be found in the [Amazon API documentation](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A set of tags to apply to the Environment.\n" }, "templateName": { "type": "string", "description": "The name of the Elastic Beanstalk Configuration\ntemplate to use in deployment\n" }, "tier": { "type": "string", "description": "Elastic Beanstalk Environment tier. Valid values are `Worker`\nor `WebServer`. If tier is left blank `WebServer` will be used.\n" }, "triggers": { "type": "array", "items": { "type": "string" }, "description": "Autoscaling triggers in use by this Environment.\n" }, "version": { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/applicationVersion:ApplicationVersion", "description": "The name of the Elastic Beanstalk Application Version\nto use in deployment.\n" }, "waitForReadyTimeout": { "type": "string", "description": "The maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that this provider should\nwait for an Elastic Beanstalk Environment to be in a ready state before timing\nout.\n" } }, "required": [ "allSettings", "application", "arn", "autoscalingGroups", "cname", "cnamePrefix", "endpointUrl", "instances", "launchConfigurations", "loadBalancers", "name", "platformArn", "queues", "solutionStackName", "triggers", "version" ], "inputProperties": { "application": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/application:Application" } ], "description": "Name of the application that contains the version\nto be deployed\n" }, "cnamePrefix": { "type": "string", "description": "Prefix to use for the fully qualified DNS name of\nthe Environment.\n" }, "description": { "type": "string", "description": "Short description of the Environment\n" }, "name": { "type": "string", "description": "A unique name for this Environment. This name is used\nin the application URL\n" }, "platformArn": { "type": "string", "description": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Elastic Beanstalk [Platform](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk-environment.html#cfn-beanstalk-environment-platformarn)\nto use in deployment\n" }, "pollInterval": { "type": "string", "description": "The time between polling the AWS API to\ncheck if changes have been applied. Use this to adjust the rate of API calls\nfor any `create` or `update` action. Minimum `10s`, maximum `180s`. Omit this to\nuse the default behavior, which is an exponential backoff\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/EnvironmentSetting:EnvironmentSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your environment\noff of. Example stacks can be found in the [Amazon API documentation](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A set of tags to apply to the Environment.\n" }, "templateName": { "type": "string", "description": "The name of the Elastic Beanstalk Configuration\ntemplate to use in deployment\n" }, "tier": { "type": "string", "description": "Elastic Beanstalk Environment tier. Valid values are `Worker`\nor `WebServer`. If tier is left blank `WebServer` will be used.\n" }, "version": { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/applicationVersion:ApplicationVersion", "description": "The name of the Elastic Beanstalk Application Version\nto use in deployment.\n" }, "waitForReadyTimeout": { "type": "string", "description": "The maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that this provider should\nwait for an Elastic Beanstalk Environment to be in a ready state before timing\nout.\n" } }, "requiredInputs": [ "application" ], "stateInputs": { "description": "Input properties used for looking up and filtering Environment resources.\n", "properties": { "allSettings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/EnvironmentAllSetting:EnvironmentAllSetting" }, "description": "List of all option settings configured in this Environment. These\nare a combination of default settings and their overrides from `setting` in\nthe configuration.\n" }, "application": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/application:Application" } ], "description": "Name of the application that contains the version\nto be deployed\n" }, "arn": { "type": "string" }, "autoscalingGroups": { "type": "array", "items": { "type": "string" }, "description": "The autoscaling groups used by this Environment.\n" }, "cname": { "type": "string", "description": "Fully qualified DNS name for this Environment.\n" }, "cnamePrefix": { "type": "string", "description": "Prefix to use for the fully qualified DNS name of\nthe Environment.\n" }, "description": { "type": "string", "description": "Short description of the Environment\n" }, "endpointUrl": { "type": "string", "description": "The URL to the Load Balancer for this Environment\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "Instances used by this Environment.\n" }, "launchConfigurations": { "type": "array", "items": { "type": "string" }, "description": "Launch configurations in use by this Environment.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "Elastic load balancers in use by this Environment.\n" }, "name": { "type": "string", "description": "A unique name for this Environment. This name is used\nin the application URL\n" }, "platformArn": { "type": "string", "description": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Elastic Beanstalk [Platform](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk-environment.html#cfn-beanstalk-environment-platformarn)\nto use in deployment\n" }, "pollInterval": { "type": "string", "description": "The time between polling the AWS API to\ncheck if changes have been applied. Use this to adjust the rate of API calls\nfor any `create` or `update` action. Minimum `10s`, maximum `180s`. Omit this to\nuse the default behavior, which is an exponential backoff\n" }, "queues": { "type": "array", "items": { "type": "string" }, "description": "SQS queues in use by this Environment.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/EnvironmentSetting:EnvironmentSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your environment\noff of. Example stacks can be found in the [Amazon API documentation](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A set of tags to apply to the Environment.\n" }, "templateName": { "type": "string", "description": "The name of the Elastic Beanstalk Configuration\ntemplate to use in deployment\n" }, "tier": { "type": "string", "description": "Elastic Beanstalk Environment tier. Valid values are `Worker`\nor `WebServer`. If tier is left blank `WebServer` will be used.\n" }, "triggers": { "type": "array", "items": { "type": "string" }, "description": "Autoscaling triggers in use by this Environment.\n" }, "version": { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/applicationVersion:ApplicationVersion", "description": "The name of the Elastic Beanstalk Application Version\nto use in deployment.\n" }, "waitForReadyTimeout": { "type": "string", "description": "The maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that this provider should\nwait for an Elastic Beanstalk Environment to be in a ready state before timing\nout.\n" } }, "type": "object" } }, "aws:elasticloadbalancing/appCookieStickinessPolicy:AppCookieStickinessPolicy": { "description": "Provides an application cookie stickiness policy, which allows an ELB to wed its sticky cookie's expiration to a cookie generated by your application.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\nconst foo = new aws.elb.AppCookieStickinessPolicy(\"foo\", {\n cookieName: \"MyAppCookie\",\n lbPort: 80,\n loadBalancer: lb.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 80,\n \"lbProtocol\": \"http\",\n }])\nfoo = aws.elb.AppCookieStickinessPolicy(\"foo\",\n cookie_name=\"MyAppCookie\",\n lb_port=80,\n load_balancer=lb.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n var foo = new Aws.Elb.AppCookieStickinessPolicy(\"foo\", new Aws.Elb.AppCookieStickinessPolicyArgs\n {\n CookieName = \"MyAppCookie\",\n LbPort = 80,\n LoadBalancer = lb.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewAppCookieStickinessPolicy(ctx, \"foo\", \u0026elb.AppCookieStickinessPolicyArgs{\n\t\t\tCookieName: pulumi.String(\"MyAppCookie\"),\n\t\t\tLbPort: pulumi.Int(80),\n\t\t\tLoadBalancer: lb.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "cookieName": { "type": "string", "description": "The application cookie whose lifetime the ELB's cookie should follow.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The name of load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "required": [ "cookieName", "lbPort", "loadBalancer", "name" ], "inputProperties": { "cookieName": { "type": "string", "description": "The application cookie whose lifetime the ELB's cookie should follow.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The name of load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "requiredInputs": [ "cookieName", "lbPort", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering AppCookieStickinessPolicy resources.\n", "properties": { "cookieName": { "type": "string", "description": "The application cookie whose lifetime the ELB's cookie should follow.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The name of load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancing.AppCookieStickinessPolicy has been deprecated in favor of aws.elb.AppCookieStickinessPolicy" }, "aws:elasticloadbalancing/attachment:Attachment": { "description": "Attaches an EC2 instance to an Elastic Load Balancer (ELB). For attaching resources with Application Load Balancer (ALB) or Network Load Balancer (NLB), see the `aws.lb.TargetGroupAttachment` resource.\n\n\u003e **NOTE on ELB Instances and ELB Attachments:** This provider currently provides\nboth a standalone ELB Attachment resource (describing an instance attached to\nan ELB), and an Elastic Load Balancer resource with\n`instances` defined in-line. At this time you cannot use an ELB with in-line\ninstances in conjunction with an ELB Attachment resource. Doing so will cause a\nconflict and will overwrite attachments.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new load balancer attachment\nconst baz = new aws.elb.Attachment(\"baz\", {\n elb: aws_elb_bar.id,\n instance: aws_instance_foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new load balancer attachment\nbaz = aws.elb.Attachment(\"baz\",\n elb=aws_elb[\"bar\"][\"id\"],\n instance=aws_instance[\"foo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new load balancer attachment\n var baz = new Aws.Elb.Attachment(\"baz\", new Aws.Elb.AttachmentArgs\n {\n Elb = aws_elb.Bar.Id,\n Instance = aws_instance.Foo.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elb.NewAttachment(ctx, \"baz\", \u0026elb.AttachmentArgs{\n\t\t\tElb: pulumi.String(aws_elb.Bar.Id),\n\t\t\tInstance: pulumi.String(aws_instance.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "elb": { "type": "string", "description": "The name of the ELB.\n" }, "instance": { "type": "string", "description": "Instance ID to place in the ELB pool.\n" } }, "required": [ "elb", "instance" ], "inputProperties": { "elb": { "type": "string", "description": "The name of the ELB.\n" }, "instance": { "type": "string", "description": "Instance ID to place in the ELB pool.\n" } }, "requiredInputs": [ "elb", "instance" ], "stateInputs": { "description": "Input properties used for looking up and filtering Attachment resources.\n", "properties": { "elb": { "type": "string", "description": "The name of the ELB.\n" }, "instance": { "type": "string", "description": "Instance ID to place in the ELB pool.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancing.Attachment has been deprecated in favor of aws.elb.Attachment" }, "aws:elasticloadbalancing/listenerPolicy:ListenerPolicy": { "description": "Attaches a load balancer policy to an ELB Listener.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Custom Policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ssl = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [\n {\n name: \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"Protocol-TLSv1.2\",\n value: \"true\",\n },\n ],\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n});\nconst wu_tang_listener_policies_443 = new aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\", {\n loadBalancerName: wu_tang.name,\n loadBalancerPort: 443,\n policyNames: [wu_tang_ssl.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ssl = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[\n {\n \"name\": \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"Protocol-TLSv1.2\",\n \"value\": \"true\",\n },\n ],\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\")\nwu_tang_listener_policies_443 = aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\",\n load_balancer_name=wu_tang.name,\n load_balancer_port=443,\n policy_names=[wu_tang_ssl.policy_name])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n var wu_tang_ssl = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.2\",\n Value = \"true\",\n },\n },\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n });\n var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy(\"wu-tang-listener-policies-443\", new Aws.Elb.ListenerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n LoadBalancerPort = 443,\n PolicyNames = \n {\n wu_tang_ssl.PolicyName,\n },\n });\n }\n\n}\n```\n\nThis example shows how to customize the TLS settings of an HTTPS listener.\n\n{{% /example %}}\n{{% example %}}\n### AWS Predefined Security Policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ssl_tls_1_1 = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"Reference-Security-Policy\",\n value: \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }],\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n});\nconst wu_tang_listener_policies_443 = new aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\", {\n loadBalancerName: wu_tang.name,\n loadBalancerPort: 443,\n policyNames: [wu_tang_ssl_tls_1_1.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ssl_tls_1_1 = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"Reference-Security-Policy\",\n \"value\": \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }],\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\")\nwu_tang_listener_policies_443 = aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\",\n load_balancer_name=wu_tang.name,\n load_balancer_port=443,\n policy_names=[wu_tang_ssl_tls_1_1.policy_name])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n var wu_tang_ssl_tls_1_1 = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Reference-Security-Policy\",\n Value = \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n },\n },\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n });\n var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy(\"wu-tang-listener-policies-443\", new Aws.Elb.ListenerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n LoadBalancerPort = 443,\n PolicyNames = \n {\n wu_tang_ssl_tls_1_1.PolicyName,\n },\n });\n }\n\n}\n```\n\nThis example shows how to add a [Predefined Security Policy for ELBs](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html)\n{{% /example %}}\n{{% /examples %}}", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "loadBalancerPort": { "type": "integer", "description": "The load balancer listener port to apply the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "required": [ "loadBalancerName", "loadBalancerPort" ], "inputProperties": { "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "loadBalancerPort": { "type": "integer", "description": "The load balancer listener port to apply the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "requiredInputs": [ "loadBalancerName", "loadBalancerPort" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerPolicy resources.\n", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "loadBalancerPort": { "type": "integer", "description": "The load balancer listener port to apply the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancing.ListenerPolicy has been deprecated in favor of aws.elb.ListenerPolicy" }, "aws:elasticloadbalancing/loadBalancer:LoadBalancer": { "description": "Provides an Elastic Load Balancer resource, also known as a \"Classic\nLoad Balancer\" after the release of\n`Application/Network Load Balancers`.\n\n\u003e **NOTE on ELB Instances and ELB Attachments:** This provider currently\nprovides both a standalone ELB Attachment resource\n(describing an instance attached to an ELB), and an ELB resource with\n`instances` defined in-line. At this time you cannot use an ELB with in-line\ninstances in conjunction with a ELB Attachment resources. Doing so will cause a\nconflict and will overwrite attachments.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new load balancer\nconst bar = new aws.elb.LoadBalancer(\"bar\", {\n accessLogs: {\n bucket: \"foo\",\n bucketPrefix: \"bar\",\n interval: 60,\n },\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n connectionDraining: true,\n connectionDrainingTimeout: 400,\n crossZoneLoadBalancing: true,\n healthCheck: {\n healthyThreshold: 2,\n interval: 30,\n target: \"HTTP:8000/\",\n timeout: 3,\n unhealthyThreshold: 2,\n },\n idleTimeout: 400,\n instances: [aws_instance_foo.id],\n listeners: [\n {\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n },\n {\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n ],\n tags: {\n Name: \"foobar-elb\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new load balancer\nbar = aws.elb.LoadBalancer(\"bar\",\n access_logs={\n \"bucket\": \"foo\",\n \"bucket_prefix\": \"bar\",\n \"interval\": 60,\n },\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n connection_draining=True,\n connection_draining_timeout=400,\n cross_zone_load_balancing=True,\n health_check={\n \"healthyThreshold\": 2,\n \"interval\": 30,\n \"target\": \"HTTP:8000/\",\n \"timeout\": 3,\n \"unhealthyThreshold\": 2,\n },\n idle_timeout=400,\n instances=[aws_instance[\"foo\"][\"id\"]],\n listeners=[\n {\n \"instance_port\": 8000,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 80,\n \"lbProtocol\": \"http\",\n },\n {\n \"instance_port\": 8000,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n ],\n tags={\n \"Name\": \"foobar-elb\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new load balancer\n var bar = new Aws.Elb.LoadBalancer(\"bar\", new Aws.Elb.LoadBalancerArgs\n {\n AccessLogs = new Aws.Elb.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = \"foo\",\n BucketPrefix = \"bar\",\n Interval = 60,\n },\n AvailabilityZones = \n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n ConnectionDraining = true,\n ConnectionDrainingTimeout = 400,\n CrossZoneLoadBalancing = true,\n HealthCheck = new Aws.Elb.Inputs.LoadBalancerHealthCheckArgs\n {\n HealthyThreshold = 2,\n Interval = 30,\n Target = \"HTTP:8000/\",\n Timeout = 3,\n UnhealthyThreshold = 2,\n },\n IdleTimeout = 400,\n Instances = \n {\n aws_instance.Foo.Id,\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n },\n Tags = \n {\n { \"Name\", \"foobar-elb\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Note on ECDSA Key Algorithm\n\nIf the ARN of the `ssl_certificate_id` that is pointed to references a\ncertificate that was signed by an ECDSA key, note that ELB only supports the\nP256 and P384 curves. Using a certificate signed by a key using a different\ncurve could produce the error `ERR_SSL_VERSION_OR_CIPHER_MISMATCH` in your\nbrowser.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the ELB\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The AZ's to serve traffic in.\n" }, "connectionDraining": { "type": "boolean", "description": "Boolean to enable connection draining. Default: `false`\n" }, "connectionDrainingTimeout": { "type": "integer", "description": "The time in seconds to allow for connections to drain. Default: `300`\n" }, "crossZoneLoadBalancing": { "type": "boolean", "description": "Enable cross-zone load balancing. Default: `true`\n" }, "dnsName": { "type": "string", "description": "The DNS name of the ELB\n" }, "healthCheck": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerHealthCheck:LoadBalancerHealthCheck", "description": "A health_check block. Health Check documented below.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Default: `60`\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "A list of instance ids to place in the ELB pool.\n" }, "internal": { "type": "boolean", "description": "If true, ELB will be an internal ELB.\n" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerListener:LoadBalancerListener" }, "description": "A list of listener blocks. Listeners documented below.\n" }, "name": { "type": "string", "description": "The name of the ELB. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the ELB.\nOnly valid if creating an ELB within a VPC\n" }, "sourceSecurityGroup": { "type": "string", "description": "The name of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Use this for Classic or Default VPC only.\n" }, "sourceSecurityGroupId": { "type": "string", "description": "The ID of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Only available on ELBs launched in a VPC.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the ELB.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the ELB (to be used in a Route 53 Alias record)\n" } }, "required": [ "arn", "availabilityZones", "dnsName", "healthCheck", "instances", "internal", "listeners", "name", "securityGroups", "sourceSecurityGroup", "sourceSecurityGroupId", "subnets", "zoneId" ], "inputProperties": { "accessLogs": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The AZ's to serve traffic in.\n" }, "connectionDraining": { "type": "boolean", "description": "Boolean to enable connection draining. Default: `false`\n" }, "connectionDrainingTimeout": { "type": "integer", "description": "The time in seconds to allow for connections to drain. Default: `300`\n" }, "crossZoneLoadBalancing": { "type": "boolean", "description": "Enable cross-zone load balancing. Default: `true`\n" }, "healthCheck": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerHealthCheck:LoadBalancerHealthCheck", "description": "A health_check block. Health Check documented below.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Default: `60`\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "A list of instance ids to place in the ELB pool.\n" }, "internal": { "type": "boolean", "description": "If true, ELB will be an internal ELB.\n" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerListener:LoadBalancerListener" }, "description": "A list of listener blocks. Listeners documented below.\n" }, "name": { "type": "string", "description": "The name of the ELB. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the ELB.\nOnly valid if creating an ELB within a VPC\n" }, "sourceSecurityGroup": { "type": "string", "description": "The name of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Use this for Classic or Default VPC only.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the ELB.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "listeners" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancer resources.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the ELB\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The AZ's to serve traffic in.\n" }, "connectionDraining": { "type": "boolean", "description": "Boolean to enable connection draining. Default: `false`\n" }, "connectionDrainingTimeout": { "type": "integer", "description": "The time in seconds to allow for connections to drain. Default: `300`\n" }, "crossZoneLoadBalancing": { "type": "boolean", "description": "Enable cross-zone load balancing. Default: `true`\n" }, "dnsName": { "type": "string", "description": "The DNS name of the ELB\n" }, "healthCheck": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerHealthCheck:LoadBalancerHealthCheck", "description": "A health_check block. Health Check documented below.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Default: `60`\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "A list of instance ids to place in the ELB pool.\n" }, "internal": { "type": "boolean", "description": "If true, ELB will be an internal ELB.\n" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerListener:LoadBalancerListener" }, "description": "A list of listener blocks. Listeners documented below.\n" }, "name": { "type": "string", "description": "The name of the ELB. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the ELB.\nOnly valid if creating an ELB within a VPC\n" }, "sourceSecurityGroup": { "type": "string", "description": "The name of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Use this for Classic or Default VPC only.\n" }, "sourceSecurityGroupId": { "type": "string", "description": "The ID of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Only available on ELBs launched in a VPC.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the ELB.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the ELB (to be used in a Route 53 Alias record)\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancing.LoadBalancer has been deprecated in favor of aws.elb.LoadBalancer" }, "aws:elasticloadbalancing/loadBalancerBackendServerPolicy:LoadBalancerBackendServerPolicy": { "description": "Attaches a load balancer policy to an ELB backend server.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as fs from \"fs\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ca_pubkey_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"PublicKey\",\n value: fs.readFileSync(\"wu-tang-pubkey\", \"utf-8\"),\n }],\n policyName: \"wu-tang-ca-pubkey-policy\",\n policyTypeName: \"PublicKeyPolicyType\",\n});\nconst wu_tang_root_ca_backend_auth_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"PublicKeyPolicyName\",\n value: aws_load_balancer_policy_wu_tang_root_ca_pubkey_policy.policyName,\n }],\n policyName: \"wu-tang-root-ca-backend-auth-policy\",\n policyTypeName: \"BackendServerAuthenticationPolicyType\",\n});\nconst wu_tang_backend_auth_policies_443 = new aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", {\n instancePort: 443,\n loadBalancerName: wu_tang.name,\n policyNames: [wu_tang_root_ca_backend_auth_policy.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ca_pubkey_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"PublicKey\",\n \"value\": (lambda path: open(path).read())(\"wu-tang-pubkey\"),\n }],\n policy_name=\"wu-tang-ca-pubkey-policy\",\n policy_type_name=\"PublicKeyPolicyType\")\nwu_tang_root_ca_backend_auth_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"PublicKeyPolicyName\",\n \"value\": aws_load_balancer_policy[\"wu-tang-root-ca-pubkey-policy\"][\"policy_name\"],\n }],\n policy_name=\"wu-tang-root-ca-backend-auth-policy\",\n policy_type_name=\"BackendServerAuthenticationPolicyType\")\nwu_tang_backend_auth_policies_443 = aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\",\n instance_port=443,\n load_balancer_name=wu_tang.name,\n policy_names=[wu_tang_root_ca_backend_auth_policy.policy_name])\n```\n```csharp\nusing System.IO;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n var wu_tang_ca_pubkey_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKey\",\n Value = File.ReadAllText(\"wu-tang-pubkey\"),\n },\n },\n PolicyName = \"wu-tang-ca-pubkey-policy\",\n PolicyTypeName = \"PublicKeyPolicyType\",\n });\n var wu_tang_root_ca_backend_auth_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKeyPolicyName\",\n Value = aws_load_balancer_policy.Wu_tang_root_ca_pubkey_policy.Policy_name,\n },\n },\n PolicyName = \"wu-tang-root-ca-backend-auth-policy\",\n PolicyTypeName = \"BackendServerAuthenticationPolicyType\",\n });\n var wu_tang_backend_auth_policies_443 = new Aws.Elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", new Aws.Elb.LoadBalancerBackendServerPolicyArgs\n {\n InstancePort = 443,\n LoadBalancerName = wu_tang.Name,\n PolicyNames = \n {\n wu_tang_root_ca_backend_auth_policy.PolicyName,\n },\n });\n }\n\n}\n```\n\nWhere the file `pubkey` in the current directory contains only the _public key_ of the certificate.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing Pulumi;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n\nThis example shows how to enable backend authentication for an ELB as well as customize the TLS settings.\n{{% /example %}}\n{{% /examples %}}", "properties": { "instancePort": { "type": "integer", "description": "The instance port to apply the policy to.\n" }, "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "required": [ "instancePort", "loadBalancerName" ], "inputProperties": { "instancePort": { "type": "integer", "description": "The instance port to apply the policy to.\n" }, "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "requiredInputs": [ "instancePort", "loadBalancerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancerBackendServerPolicy resources.\n", "properties": { "instancePort": { "type": "integer", "description": "The instance port to apply the policy to.\n" }, "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancing.LoadBalancerBackendServerPolicy has been deprecated in favor of aws.elb.LoadBalancerBackendServerPolicy" }, "aws:elasticloadbalancing/loadBalancerCookieStickinessPolicy:LoadBalancerCookieStickinessPolicy": { "description": "Provides a load balancer cookie stickiness policy, which allows an ELB to control the sticky session lifetime of the browser.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\nconst foo = new aws.elb.LoadBalancerCookieStickinessPolicy(\"foo\", {\n cookieExpirationPeriod: 600,\n lbPort: 80,\n loadBalancer: lb.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 80,\n \"lbProtocol\": \"http\",\n }])\nfoo = aws.elb.LoadBalancerCookieStickinessPolicy(\"foo\",\n cookie_expiration_period=600,\n lb_port=80,\n load_balancer=lb.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n var foo = new Aws.Elb.LoadBalancerCookieStickinessPolicy(\"foo\", new Aws.Elb.LoadBalancerCookieStickinessPolicyArgs\n {\n CookieExpirationPeriod = 600,\n LbPort = 80,\n LoadBalancer = lb.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerCookieStickinessPolicy(ctx, \"foo\", \u0026elb.LoadBalancerCookieStickinessPolicyArgs{\n\t\t\tCookieExpirationPeriod: pulumi.Int(600),\n\t\t\tLbPort: pulumi.Int(80),\n\t\t\tLoadBalancer: lb.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "cookieExpirationPeriod": { "type": "integer", "description": "The time period after which\nthe session cookie should be considered stale, expressed in seconds.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "required": [ "lbPort", "loadBalancer", "name" ], "inputProperties": { "cookieExpirationPeriod": { "type": "integer", "description": "The time period after which\nthe session cookie should be considered stale, expressed in seconds.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "requiredInputs": [ "lbPort", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancerCookieStickinessPolicy resources.\n", "properties": { "cookieExpirationPeriod": { "type": "integer", "description": "The time period after which\nthe session cookie should be considered stale, expressed in seconds.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancing.LoadBalancerCookieStickinessPolicy has been deprecated in favor of aws.elb.LoadBalancerCookieStickinessPolicy" }, "aws:elasticloadbalancing/loadBalancerPolicy:LoadBalancerPolicy": { "description": "Provides a load balancer policy, which can be attached to an ELB listener or backend server.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as fs from \"fs\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ca_pubkey_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"PublicKey\",\n value: fs.readFileSync(\"wu-tang-pubkey\", \"utf-8\"),\n }],\n policyName: \"wu-tang-ca-pubkey-policy\",\n policyTypeName: \"PublicKeyPolicyType\",\n});\nconst wu_tang_root_ca_backend_auth_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"PublicKeyPolicyName\",\n value: aws_load_balancer_policy_wu_tang_root_ca_pubkey_policy.policyName,\n }],\n policyName: \"wu-tang-root-ca-backend-auth-policy\",\n policyTypeName: \"BackendServerAuthenticationPolicyType\",\n});\nconst wu_tang_ssl = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [\n {\n name: \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"Protocol-TLSv1.2\",\n value: \"true\",\n },\n ],\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n});\nconst wu_tang_ssl_tls_1_1 = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"Reference-Security-Policy\",\n value: \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }],\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n});\nconst wu_tang_backend_auth_policies_443 = new aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", {\n instancePort: 443,\n loadBalancerName: wu_tang.name,\n policyNames: [wu_tang_root_ca_backend_auth_policy.policyName],\n});\nconst wu_tang_listener_policies_443 = new aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\", {\n loadBalancerName: wu_tang.name,\n loadBalancerPort: 443,\n policyNames: [wu_tang_ssl.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ca_pubkey_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"PublicKey\",\n \"value\": (lambda path: open(path).read())(\"wu-tang-pubkey\"),\n }],\n policy_name=\"wu-tang-ca-pubkey-policy\",\n policy_type_name=\"PublicKeyPolicyType\")\nwu_tang_root_ca_backend_auth_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"PublicKeyPolicyName\",\n \"value\": aws_load_balancer_policy[\"wu-tang-root-ca-pubkey-policy\"][\"policy_name\"],\n }],\n policy_name=\"wu-tang-root-ca-backend-auth-policy\",\n policy_type_name=\"BackendServerAuthenticationPolicyType\")\nwu_tang_ssl = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[\n {\n \"name\": \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"Protocol-TLSv1.2\",\n \"value\": \"true\",\n },\n ],\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\")\nwu_tang_ssl_tls_1_1 = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"Reference-Security-Policy\",\n \"value\": \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }],\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\")\nwu_tang_backend_auth_policies_443 = aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\",\n instance_port=443,\n load_balancer_name=wu_tang.name,\n policy_names=[wu_tang_root_ca_backend_auth_policy.policy_name])\nwu_tang_listener_policies_443 = aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\",\n load_balancer_name=wu_tang.name,\n load_balancer_port=443,\n policy_names=[wu_tang_ssl.policy_name])\n```\n```csharp\nusing System.IO;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n var wu_tang_ca_pubkey_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKey\",\n Value = File.ReadAllText(\"wu-tang-pubkey\"),\n },\n },\n PolicyName = \"wu-tang-ca-pubkey-policy\",\n PolicyTypeName = \"PublicKeyPolicyType\",\n });\n var wu_tang_root_ca_backend_auth_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKeyPolicyName\",\n Value = aws_load_balancer_policy.Wu_tang_root_ca_pubkey_policy.Policy_name,\n },\n },\n PolicyName = \"wu-tang-root-ca-backend-auth-policy\",\n PolicyTypeName = \"BackendServerAuthenticationPolicyType\",\n });\n var wu_tang_ssl = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.2\",\n Value = \"true\",\n },\n },\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n });\n var wu_tang_ssl_tls_1_1 = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Reference-Security-Policy\",\n Value = \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n },\n },\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n });\n var wu_tang_backend_auth_policies_443 = new Aws.Elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", new Aws.Elb.LoadBalancerBackendServerPolicyArgs\n {\n InstancePort = 443,\n LoadBalancerName = wu_tang.Name,\n PolicyNames = \n {\n wu_tang_root_ca_backend_auth_policy.PolicyName,\n },\n });\n var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy(\"wu-tang-listener-policies-443\", new Aws.Elb.ListenerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n LoadBalancerPort = 443,\n PolicyNames = \n {\n wu_tang_ssl.PolicyName,\n },\n });\n }\n\n}\n```\n\nWhere the file `pubkey` in the current directory contains only the _public key_ of the certificate.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing Pulumi;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n\nThis example shows how to enable backend authentication for an ELB as well as customize the TLS settings.\n{{% /example %}}\n{{% /examples %}}", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer on which the policy is defined.\n" }, "policyAttributes": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute" }, "description": "Policy attribute to apply to the policy.\n" }, "policyName": { "type": "string", "description": "The name of the load balancer policy.\n" }, "policyTypeName": { "type": "string", "description": "The policy type.\n" } }, "required": [ "loadBalancerName", "policyName", "policyTypeName" ], "inputProperties": { "loadBalancerName": { "type": "string", "description": "The load balancer on which the policy is defined.\n" }, "policyAttributes": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute" }, "description": "Policy attribute to apply to the policy.\n" }, "policyName": { "type": "string", "description": "The name of the load balancer policy.\n" }, "policyTypeName": { "type": "string", "description": "The policy type.\n" } }, "requiredInputs": [ "loadBalancerName", "policyName", "policyTypeName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancerPolicy resources.\n", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer on which the policy is defined.\n" }, "policyAttributes": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancing/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute" }, "description": "Policy attribute to apply to the policy.\n" }, "policyName": { "type": "string", "description": "The name of the load balancer policy.\n" }, "policyTypeName": { "type": "string", "description": "The policy type.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancing.LoadBalancerPolicy has been deprecated in favor of aws.elb.LoadBalancerPolicy" }, "aws:elasticloadbalancing/sslNegotiationPolicy:SslNegotiationPolicy": { "description": "Provides a load balancer SSL negotiation policy, which allows an ELB to control the ciphers and protocols that are supported during SSL negotiations between a client and a load balancer.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"https\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::123456789012:server-certificate/certName\",\n }],\n});\nconst foo = new aws.elb.SslNegotiationPolicy(\"foo\", {\n attributes: [\n {\n name: \"Protocol-TLSv1\",\n value: \"false\",\n },\n {\n name: \"Protocol-TLSv1.1\",\n value: \"false\",\n },\n {\n name: \"Protocol-TLSv1.2\",\n value: \"true\",\n },\n {\n name: \"Server-Defined-Cipher-Order\",\n value: \"true\",\n },\n {\n name: \"ECDHE-RSA-AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"EDH-RSA-DES-CBC3-SHA\",\n value: \"false\",\n },\n ],\n lbPort: 443,\n loadBalancer: lb.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instanceProtocol\": \"https\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::123456789012:server-certificate/certName\",\n }])\nfoo = aws.elb.SslNegotiationPolicy(\"foo\",\n attributes=[\n {\n \"name\": \"Protocol-TLSv1\",\n \"value\": \"false\",\n },\n {\n \"name\": \"Protocol-TLSv1.1\",\n \"value\": \"false\",\n },\n {\n \"name\": \"Protocol-TLSv1.2\",\n \"value\": \"true\",\n },\n {\n \"name\": \"Server-Defined-Cipher-Order\",\n \"value\": \"true\",\n },\n {\n \"name\": \"ECDHE-RSA-AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"EDH-RSA-DES-CBC3-SHA\",\n \"value\": \"false\",\n },\n ],\n lb_port=443,\n load_balancer=lb.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"https\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n },\n });\n var foo = new Aws.Elb.SslNegotiationPolicy(\"foo\", new Aws.Elb.SslNegotiationPolicyArgs\n {\n Attributes = \n {\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1\",\n Value = \"false\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.1\",\n Value = \"false\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.2\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Server-Defined-Cipher-Order\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"ECDHE-RSA-AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"EDH-RSA-DES-CBC3-SHA\",\n Value = \"false\",\n },\n },\n LbPort = 443,\n LoadBalancer = lb.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tLbPort: pulumi.Int(443),\n\t\t\t\t\tLbProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tSslCertificateId: pulumi.String(\"arn:aws:iam::123456789012:server-certificate/certName\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewSslNegotiationPolicy(ctx, \"foo\", \u0026elb.SslNegotiationPolicyArgs{\n\t\t\tAttributes: elb.SslNegotiationPolicyAttributeArray{\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1\"),\n\t\t\t\t\tValue: pulumi.String(\"false\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1.1\"),\n\t\t\t\t\tValue: pulumi.String(\"false\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1.2\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Server-Defined-Cipher-Order\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"ECDHE-RSA-AES128-GCM-SHA256\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"AES128-GCM-SHA256\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"EDH-RSA-DES-CBC3-SHA\"),\n\t\t\t\t\tValue: pulumi.String(\"false\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLbPort: pulumi.Int(443),\n\t\t\tLoadBalancer: lb.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancing/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute" }, "description": "An SSL Negotiation policy attribute. Each has two properties:\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the attribute\n" } }, "required": [ "lbPort", "loadBalancer", "name" ], "inputProperties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancing/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute" }, "description": "An SSL Negotiation policy attribute. Each has two properties:\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the attribute\n" } }, "requiredInputs": [ "lbPort", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering SslNegotiationPolicy resources.\n", "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancing/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute" }, "description": "An SSL Negotiation policy attribute. Each has two properties:\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the attribute\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancing.SslNegotiationPolicy has been deprecated in favor of aws.elb.SslNegotiationPolicy" }, "aws:elasticloadbalancingv2/listener:Listener": { "description": "Provides a Load Balancer Listener resource.\n\n\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Forward Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"443\",\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Redirect Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [{\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n type: \"redirect\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[{\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n \"type\": \"redirect\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n Type = \"redirect\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tRedirect: \u0026lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Fixed-response Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [{\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n type: \"fixed-response\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[{\n \"fixedResponse\": {\n \"content_type\": \"text/plain\",\n \"messageBody\": \"Fixed response content\",\n \"status_code\": \"200\",\n },\n \"type\": \"fixed-response\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n Type = \"fixed-response\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Authenticate-cognito Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [\n {\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n type: \"authenticate-cognito\",\n },\n {\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n },\n ],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[\n {\n \"authenticateCognito\": {\n \"userPoolArn\": pool.arn,\n \"userPoolClientId\": client.id,\n \"userPoolDomain\": domain.domain,\n },\n \"type\": \"authenticate-cognito\",\n },\n {\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n },\n ],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n });\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\", new Aws.Cognito.UserPoolDomainArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n Type = \"authenticate-cognito\",\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Authenticate-oidc Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [\n {\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n type: \"authenticate-oidc\",\n },\n {\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n },\n ],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[\n {\n \"authenticateOidc\": {\n \"authorizationEndpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"tokenEndpoint\": \"https://example.com/token_endpoint\",\n \"userInfoEndpoint\": \"https://example.com/user_info_endpoint\",\n },\n \"type\": \"authenticate-oidc\",\n },\n {\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n },\n ],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n Type = \"authenticate-oidc\",\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "required": [ "arn", "defaultActions", "loadBalancerArn", "port", "sslPolicy" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "requiredInputs": [ "defaultActions", "loadBalancerArn", "port" ], "stateInputs": { "description": "Input properties used for looking up and filtering Listener resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancingv2.Listener has been deprecated in favor of aws.lb.Listener" }, "aws:elasticloadbalancingv2/listenerCertificate:ListenerCertificate": { "description": "Provides a Load Balancer Listener Certificate resource.\n\nThis resource is for additional certificates and does not replace the default certificate on the listener.\n\n\u003e **Note:** `aws.alb.ListenerCertificate` is known as `aws.lb.ListenerCertificate`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCertificate = new aws.acm.Certificate(\"example\", {});\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst exampleListenerCertificate = new aws.lb.ListenerCertificate(\"example\", {\n certificateArn: exampleCertificate.arn,\n listenerArn: frontEndListener.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_certificate = aws.acm.Certificate(\"exampleCertificate\")\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\")\nexample_listener_certificate = aws.lb.ListenerCertificate(\"exampleListenerCertificate\",\n certificate_arn=example_certificate.arn,\n listener_arn=front_end_listener.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleCertificate = new Aws.Acm.Certificate(\"exampleCertificate\", new Aws.Acm.CertificateArgs\n {\n });\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n });\n var exampleListenerCertificate = new Aws.LB.ListenerCertificate(\"exampleListenerCertificate\", new Aws.LB.ListenerCertificateArgs\n {\n CertificateArn = exampleCertificate.Arn,\n ListenerArn = frontEndListener.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCertificate, err := acm.NewCertificate(ctx, \"exampleCertificate\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"frontEndListener\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerCertificate(ctx, \"exampleListenerCertificate\", \u0026lb.ListenerCertificateArgs{\n\t\t\tCertificateArn: exampleCertificate.Arn,\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "required": [ "certificateArn", "listenerArn" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "requiredInputs": [ "certificateArn", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerCertificate resources.\n", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancingv2.ListenerCertificate has been deprecated in favor of aws.lb.ListenerCertificate" }, "aws:elasticloadbalancingv2/listenerRule:ListenerRule": { "description": "Provides a Load Balancer Listener Rule resource.\n\n\u003e **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst static = new aws.lb.ListenerRule(\"static\", {\n actions: [{\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n }],\n conditions: [\n {\n pathPattern: {\n values: [\"/static/*\"],\n },\n },\n {\n hostHeader: {\n values: [\"example.com\"],\n },\n },\n ],\n listenerArn: frontEndListener.arn,\n priority: 100,\n});\nconst hostBasedRouting = new aws.lb.ListenerRule(\"host_based_routing\", {\n actions: [{\n forward: {\n stickiness: {\n duration: 600,\n enabled: true,\n },\n targetGroups: [\n {\n arn: aws_lb_target_group_main.arn,\n weight: 80,\n },\n {\n arn: aws_lb_target_group_canary.arn,\n weight: 20,\n },\n ],\n },\n type: \"forward\",\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n priority: 99,\n});\nconst hostBasedWeightedRouting = new aws.lb.ListenerRule(\"host_based_weighted_routing\", {\n actions: [{\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mydomain.io\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n priority: 99,\n});\nconst redirectHttpToHttps = new aws.lb.ListenerRule(\"redirect_http_to_https\", {\n actions: [{\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n type: \"redirect\",\n }],\n conditions: [{\n httpHeader: {\n httpHeaderName: \"X-Forwarded-For\",\n values: [\"192.168.1.*\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n});\nconst healthCheck = new aws.lb.ListenerRule(\"health_check\", {\n actions: [{\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"HEALTHY\",\n statusCode: \"200\",\n },\n type: \"fixed-response\",\n }],\n conditions: [{\n queryStrings: [\n {\n key: \"health\",\n value: \"check\",\n },\n {\n value: \"bar\",\n },\n ],\n }],\n listenerArn: frontEndListener.arn,\n});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst admin = new aws.lb.ListenerRule(\"admin\", {\n actions: [\n {\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n type: \"authenticate-oidc\",\n },\n {\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n },\n ],\n listenerArn: frontEndListener.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\")\nstatic = aws.lb.ListenerRule(\"static\",\n actions=[{\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n }],\n conditions=[\n {\n \"pathPattern\": {\n \"values\": [\"/static/*\"],\n },\n },\n {\n \"hostHeader\": {\n \"values\": [\"example.com\"],\n },\n },\n ],\n listener_arn=front_end_listener.arn,\n priority=100)\nhost_based_routing = aws.lb.ListenerRule(\"hostBasedRouting\",\n actions=[{\n \"forward\": {\n \"stickiness\": {\n \"duration\": 600,\n \"enabled\": True,\n },\n \"targetGroup\": [\n {\n \"arn\": aws_lb_target_group[\"main\"][\"arn\"],\n \"weight\": 80,\n },\n {\n \"arn\": aws_lb_target_group[\"canary\"][\"arn\"],\n \"weight\": 20,\n },\n ],\n },\n \"type\": \"forward\",\n }],\n conditions=[{\n \"hostHeader\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }],\n listener_arn=front_end_listener.arn,\n priority=99)\nhost_based_weighted_routing = aws.lb.ListenerRule(\"hostBasedWeightedRouting\",\n actions=[{\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n }],\n conditions=[{\n \"hostHeader\": {\n \"values\": [\"my-service.*.mydomain.io\"],\n },\n }],\n listener_arn=front_end_listener.arn,\n priority=99)\nredirect_http_to_https = aws.lb.ListenerRule(\"redirectHttpToHttps\",\n actions=[{\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n \"type\": \"redirect\",\n }],\n conditions=[{\n \"httpHeader\": {\n \"httpHeaderName\": \"X-Forwarded-For\",\n \"values\": [\"192.168.1.*\"],\n },\n }],\n listener_arn=front_end_listener.arn)\nhealth_check = aws.lb.ListenerRule(\"healthCheck\",\n actions=[{\n \"fixedResponse\": {\n \"content_type\": \"text/plain\",\n \"messageBody\": \"HEALTHY\",\n \"status_code\": \"200\",\n },\n \"type\": \"fixed-response\",\n }],\n conditions=[{\n \"queryString\": [\n {\n \"key\": \"health\",\n \"value\": \"check\",\n },\n {\n \"value\": \"bar\",\n },\n ],\n }],\n listener_arn=front_end_listener.arn)\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nadmin = aws.lb.ListenerRule(\"admin\",\n actions=[\n {\n \"authenticateOidc\": {\n \"authorizationEndpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"tokenEndpoint\": \"https://example.com/token_endpoint\",\n \"userInfoEndpoint\": \"https://example.com/user_info_endpoint\",\n },\n \"type\": \"authenticate-oidc\",\n },\n {\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n },\n ],\n listener_arn=front_end_listener.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n });\n var @static = new Aws.LB.ListenerRule(\"static\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs\n {\n Values = \n {\n \"/static/*\",\n },\n },\n },\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"example.com\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 100,\n });\n var hostBasedRouting = new Aws.LB.ListenerRule(\"hostBasedRouting\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs\n {\n Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs\n {\n Duration = 600,\n Enabled = true,\n },\n TargetGroup = \n {\n \n {\n { \"arn\", aws_lb_target_group.Main.Arn },\n { \"weight\", 80 },\n },\n \n {\n { \"arn\", aws_lb_target_group.Canary.Arn },\n { \"weight\", 20 },\n },\n },\n },\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n });\n var hostBasedWeightedRouting = new Aws.LB.ListenerRule(\"hostBasedWeightedRouting\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"my-service.*.mydomain.io\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n });\n var redirectHttpToHttps = new Aws.LB.ListenerRule(\"redirectHttpToHttps\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n Type = \"redirect\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs\n {\n HttpHeaderName = \"X-Forwarded-For\",\n Values = \n {\n \"192.168.1.*\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n var healthCheck = new Aws.LB.ListenerRule(\"healthCheck\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"HEALTHY\",\n StatusCode = \"200\",\n },\n Type = \"fixed-response\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n QueryString = \n {\n \n {\n { \"key\", \"health\" },\n { \"value\", \"check\" },\n },\n \n {\n { \"value\", \"bar\" },\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n });\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\", new Aws.Cognito.UserPoolDomainArgs\n {\n });\n var admin = new Aws.LB.ListenerRule(\"admin\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n Type = \"authenticate-oidc\",\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"frontEndListener\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"static\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tPathPattern: \u0026lb.ListenerRuleConditionPathPatternArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"/static/*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"hostBasedRouting\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tForward: \u0026lb.ListenerRuleActionForwardArgs{\n\t\t\t\t\t\tStickiness: \u0026lb.ListenerRuleActionForwardStickinessArgs{\n\t\t\t\t\t\t\tDuration: pulumi.Int(600),\n\t\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTargetGroup: pulumi.MapArray{\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"arn\": pulumi.String(aws_lb_target_group.Main.Arn),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(80),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"arn\": pulumi.String(aws_lb_target_group.Canary.Arn),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(20),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"hostBasedWeightedRouting\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mydomain.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"redirectHttpToHttps\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tRedirect: \u0026lb.ListenerRuleActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHttpHeader: \u0026lb.ListenerRuleConditionHttpHeaderArgs{\n\t\t\t\t\t\tHttpHeaderName: pulumi.String(\"X-Forwarded-For\"),\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"192.168.1.*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"healthCheck\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerRuleActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"HEALTHY\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tQueryString: pulumi.Array{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"health\"),\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"check\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"bar\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"admin\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerRuleActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "required": [ "actions", "arn", "conditions", "listenerArn", "priority" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "requiredInputs": [ "actions", "conditions", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerRule resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancingv2.ListenerRule has been deprecated in favor of aws.lb.ListenerRule" }, "aws:elasticloadbalancingv2/loadBalancer:LoadBalancer": { "description": "Provides a Load Balancer resource.\n\n\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Application Load Balancer\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n accessLogs: {\n bucket: aws_s3_bucket_lb_logs.bucket,\n enabled: true,\n prefix: \"test-lb\",\n },\n enableDeletionProtection: true,\n internal: false,\n loadBalancerType: \"application\",\n securityGroups: [aws_security_group_lb_sg.id],\n subnets: [aws_subnet_public.map(v =\u003e v.id)],\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n access_logs={\n \"bucket\": aws_s3_bucket[\"lb_logs\"][\"bucket\"],\n \"enabled\": True,\n \"prefix\": \"test-lb\",\n },\n enable_deletion_protection=True,\n internal=False,\n load_balancer_type=\"application\",\n security_groups=[aws_security_group[\"lb_sg\"][\"id\"]],\n subnets=[[__item[\"id\"] for __item in aws_subnet[\"public\"]]],\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.LB.LoadBalancer(\"test\", new Aws.LB.LoadBalancerArgs\n {\n AccessLogs = new Aws.LB.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = aws_s3_bucket.Lb_logs.Bucket,\n Enabled = true,\n Prefix = \"test-lb\",\n },\n EnableDeletionProtection = true,\n Internal = false,\n LoadBalancerType = \"application\",\n SecurityGroups = \n {\n aws_security_group.Lb_sg.Id,\n },\n Subnets = \n {\n aws_subnet.Public.Select(__item =\u003e __item.Id).ToList(),\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Network Load Balancer\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n enableDeletionProtection: true,\n internal: false,\n loadBalancerType: \"network\",\n subnets: [aws_subnet_public.map(v =\u003e v.id)],\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n enable_deletion_protection=True,\n internal=False,\n load_balancer_type=\"network\",\n subnets=[[__item[\"id\"] for __item in aws_subnet[\"public\"]]],\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.LB.LoadBalancer(\"test\", new Aws.LB.LoadBalancerArgs\n {\n EnableDeletionProtection = true,\n Internal = false,\n LoadBalancerType = \"network\",\n Subnets = \n {\n aws_subnet.Public.Select(__item =\u003e __item.Id).ToList(),\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Specifying Elastic IPs\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n loadBalancerType: \"network\",\n subnetMappings: [\n {\n allocationId: aws_eip_example1.id,\n subnetId: aws_subnet_example1.id,\n },\n {\n allocationId: aws_eip_example2.id,\n subnetId: aws_subnet_example2.id,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n load_balancer_type=\"network\",\n subnet_mappings=[\n {\n \"allocation_id\": aws_eip[\"example1\"][\"id\"],\n \"subnet_id\": aws_subnet[\"example1\"][\"id\"],\n },\n {\n \"allocation_id\": aws_eip[\"example2\"][\"id\"],\n \"subnet_id\": aws_subnet[\"example2\"][\"id\"],\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.LB.LoadBalancer(\"example\", new Aws.LB.LoadBalancerArgs\n {\n LoadBalancerType = \"network\",\n SubnetMappings = \n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n AllocationId = aws_eip.Example1.Id,\n SubnetId = aws_subnet.Example1.Id,\n },\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n AllocationId = aws_eip.Example2.Id,\n SubnetId = aws_subnet.Example2.Id,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tAllocationId: pulumi.String(aws_eip.Example1.Id),\n\t\t\t\t\tSubnetId: pulumi.String(aws_subnet.Example1.Id),\n\t\t\t\t},\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tAllocationId: pulumi.String(aws_eip.Example2.Id),\n\t\t\t\t\tSubnetId: pulumi.String(aws_subnet.Example2.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessLogs": { "$ref": "#/types/aws:elasticloadbalancingv2/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the load balancer.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "required": [ "arn", "arnSuffix", "dnsName", "internal", "ipAddressType", "name", "securityGroups", "subnetMappings", "subnets", "vpcId", "zoneId" ], "inputProperties": { "accessLogs": { "$ref": "#/types/aws:elasticloadbalancingv2/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancer resources.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elasticloadbalancingv2/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the load balancer.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancingv2.LoadBalancer has been deprecated in favor of aws.lb.LoadBalancer" }, "aws:elasticloadbalancingv2/targetGroup:TargetGroup": { "description": "Provides a Target Group resource for use with Load Balancer resources.\n\n\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Instance Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst test = new aws.lb.TargetGroup(\"test\", {\n port: 80,\n protocol: \"HTTP\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\ntest = aws.lb.TargetGroup(\"test\",\n port=80,\n protocol=\"HTTP\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var test = new Aws.LB.TargetGroup(\"test\", new Aws.LB.TargetGroupArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### IP Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst ip_example = new aws.lb.TargetGroup(\"ip-example\", {\n port: 80,\n protocol: \"HTTP\",\n targetType: \"ip\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nip_example = aws.lb.TargetGroup(\"ip-example\",\n port=80,\n protocol=\"HTTP\",\n target_type=\"ip\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var ip_example = new Aws.LB.TargetGroup(\"ip-example\", new Aws.LB.TargetGroupArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n TargetType = \"ip\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"ip-example\", \u0026lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tTargetType: pulumi.String(\"ip\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Lambda Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda_example = new aws.lb.TargetGroup(\"lambda-example\", {\n targetType: \"lambda\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_example = aws.lb.TargetGroup(\"lambda-example\", target_type=\"lambda\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lambda_example = new Aws.LB.TargetGroup(\"lambda-example\", new Aws.LB.TargetGroupArgs\n {\n TargetType = \"lambda\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewTargetGroup(ctx, \"lambda-example\", \u0026lb.TargetGroupArgs{\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Target Group (matches `id`)\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:elasticloadbalancingv2/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:elasticloadbalancingv2/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "required": [ "arn", "arnSuffix", "healthCheck", "loadBalancingAlgorithmType", "name", "stickiness" ], "inputProperties": { "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:elasticloadbalancingv2/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:elasticloadbalancingv2/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Target Group (matches `id`)\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:elasticloadbalancingv2/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:elasticloadbalancingv2/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancingv2.TargetGroup has been deprecated in favor of aws.lb.TargetGroup" }, "aws:elasticloadbalancingv2/targetGroupAttachment:TargetGroupAttachment": { "description": "Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the `aws.elb.Attachment` resource.\n\n\u003e **Note:** `aws.alb.TargetGroupAttachment` is known as `aws.lb.TargetGroupAttachment`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {});\nconst testInstance = new aws.ec2.Instance(\"test\", {});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n port: 80,\n targetGroupArn: testTargetGroup.arn,\n targetId: testInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"testTargetGroup\")\ntest_instance = aws.ec2.Instance(\"testInstance\")\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"testTargetGroupAttachment\",\n port=80,\n target_group_arn=test_target_group.arn,\n target_id=test_instance.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testTargetGroup = new Aws.LB.TargetGroup(\"testTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var testInstance = new Aws.Ec2.Instance(\"testInstance\", new Aws.Ec2.InstanceArgs\n {\n });\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"testTargetGroupAttachment\", new Aws.LB.TargetGroupAttachmentArgs\n {\n Port = 80,\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testInstance.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"testTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := ec2.NewInstance(ctx, \"testInstance\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"testTargetGroupAttachment\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testInstance.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Usage with lambda\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {\n targetType: \"lambda\",\n});\nconst testFunction = new aws.lambda.Function(\"test\", {});\nconst withLb = new aws.lambda.Permission(\"with_lb\", {\n action: \"lambda:InvokeFunction\",\n function: testFunction.arn,\n principal: \"elasticloadbalancing.amazonaws.com\",\n sourceArn: testTargetGroup.arn,\n});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: testTargetGroup.arn,\n targetId: testFunction.arn,\n}, { dependsOn: [withLb] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"testTargetGroup\", target_type=\"lambda\")\ntest_function = aws.lambda_.Function(\"testFunction\")\nwith_lb = aws.lambda_.Permission(\"withLb\",\n action=\"lambda:InvokeFunction\",\n function=test_function.arn,\n principal=\"elasticloadbalancing.amazonaws.com\",\n source_arn=test_target_group.arn)\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"testTargetGroupAttachment\",\n target_group_arn=test_target_group.arn,\n target_id=test_function.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testTargetGroup = new Aws.LB.TargetGroup(\"testTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n TargetType = \"lambda\",\n });\n var testFunction = new Aws.Lambda.Function(\"testFunction\", new Aws.Lambda.FunctionArgs\n {\n });\n var withLb = new Aws.Lambda.Permission(\"withLb\", new Aws.Lambda.PermissionArgs\n {\n Action = \"lambda:InvokeFunction\",\n Function = testFunction.Arn,\n Principal = \"elasticloadbalancing.amazonaws.com\",\n SourceArn = testTargetGroup.Arn,\n });\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"testTargetGroupAttachment\", new Aws.LB.TargetGroupAttachmentArgs\n {\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testFunction.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"testTargetGroup\", \u0026lb.TargetGroupArgs{\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestFunction, err := lambda.NewFunction(ctx, \"testFunction\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"withLb\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testFunction.Arn,\n\t\t\tPrincipal: pulumi.String(\"elasticloadbalancing.amazonaws.com\"),\n\t\t\tSourceArn: testTargetGroup.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"testTargetGroupAttachment\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testFunction.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "required": [ "targetGroupArn", "targetId" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "requiredInputs": [ "targetGroupArn", "targetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroupAttachment resources.\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "type": "object" }, "deprecationMessage": "aws.elasticloadbalancingv2.TargetGroupAttachment has been deprecated in favor of aws.lb.TargetGroupAttachment" }, "aws:elasticsearch/domain:Domain": { "description": "Manages an AWS Elasticsearch Domain.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticsearch.Domain(\"example\", {\n clusterConfig: {\n instanceType: \"r4.large.elasticsearch\",\n },\n elasticsearchVersion: \"1.5\",\n snapshotOptions: {\n automatedSnapshotStartHour: 23,\n },\n tags: {\n Domain: \"TestDomain\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticsearch.Domain(\"example\",\n cluster_config={\n \"cluster_config\": \"r4.large.elasticsearch\",\n },\n elasticsearch_version=\"1.5\",\n snapshot_options={\n \"snapshot_options\": 23,\n },\n tags={\n \"Domain\": \"TestDomain\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ElasticSearch.Domain(\"example\", new Aws.ElasticSearch.DomainArgs\n {\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n ClusterConfig = \"r4.large.elasticsearch\",\n },\n ElasticsearchVersion = \"1.5\",\n SnapshotOptions = new Aws.ElasticSearch.Inputs.DomainSnapshotOptionsArgs\n {\n SnapshotOptions = 23,\n },\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\n\t\t\t\tClusterConfig: pulumi.String(\"r4.large.elasticsearch\"),\n\t\t\t},\n\t\t\tElasticsearchVersion: pulumi.String(\"1.5\"),\n\t\t\tSnapshotOptions: \u0026elasticsearch.DomainSnapshotOptionsArgs{\n\t\t\t\tSnapshotOptions: pulumi.Float64(23),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Domain\": pulumi.String(\"TestDomain\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Access Policy\n\n\u003e See also: `aws.elasticsearch.DomainPolicy` resource\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst domain = config.get(\"domain\") || \"tf-test\";\n\nconst currentRegion = pulumi.output(aws.getRegion({ async: true }));\nconst currentCallerIdentity = pulumi.output(aws.getCallerIdentity({ async: true }));\nconst example = new aws.elasticsearch.Domain(\"example\", {\n accessPolicies: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:${currentRegion.name!}:${currentCallerIdentity.accountId}:domain/${domain}/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\ncurrent_region = aws.get_region()\ncurrent_caller_identity = aws.get_caller_identity()\nexample = aws.elasticsearch.Domain(\"example\", access_policies=f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:{current_region.name}:{current_caller_identity.account_id}:domain/{domain}/*\",\n \"Condition\": {{\n \"IpAddress\": {{\"aws:SourceIp\": [\"66.193.100.22/32\"]}}\n }}\n }}\n ]\n}}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var currentRegion = Output.Create(Aws.GetRegion.InvokeAsync());\n var currentCallerIdentity = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n var example = new Aws.ElasticSearch.Domain(\"example\", new Aws.ElasticSearch.DomainArgs\n {\n AccessPolicies = Output.Tuple(currentRegion, currentCallerIdentity).Apply(values =\u003e\n {\n var currentRegion = values.Item1;\n var currentCallerIdentity = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": \"\"es:*\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"arn:aws:es:{currentRegion.Name}:{currentCallerIdentity.AccountId}:domain/{domain}/*\"\",\n \"\"Condition\"\": {{\n \"\"IpAddress\"\": {{\"\"aws:SourceIp\"\": [\"\"66.193.100.22/32\"\"]}}\n }}\n }}\n ]\n}}\n\n\";\n }),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrentRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tAccessPolicies: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"es:*\\\",\\n\", \" \\\"Principal\\\": \\\"*\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:es:\", currentRegion.Name, \":\", currentCallerIdentity.AccountId, \":domain/\", domain, \"/*\\\",\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"IpAddress\\\": {\\\"aws:SourceIp\\\": [\\\"66.193.100.22/32\\\"]}\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Log Publishing to CloudWatch Logs\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {});\nconst exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"example\", {\n policyDocument: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"es.amazonaws.com\"\n },\n \"Action\": [\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\"\n ],\n \"Resource\": \"arn:aws:logs:*\"\n }\n ]\n}\n`,\n policyName: \"example\",\n});\nconst exampleDomain = new aws.elasticsearch.Domain(\"example\", {\n logPublishingOptions: [{\n cloudwatchLogGroupArn: exampleLogGroup.arn,\n logType: \"INDEX_SLOW_LOGS\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"exampleLogGroup\")\nexample_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"exampleLogResourcePolicy\",\n policy_document=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"es.amazonaws.com\"\n },\n \"Action\": [\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\"\n ],\n \"Resource\": \"arn:aws:logs:*\"\n }\n ]\n}\n\n\"\"\",\n policy_name=\"example\")\nexample_domain = aws.elasticsearch.Domain(\"exampleDomain\", log_publishing_options=[{\n \"cloudwatch_log_group_arn\": example_log_group.arn,\n \"logType\": \"INDEX_SLOW_LOGS\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"exampleLogGroup\", new Aws.CloudWatch.LogGroupArgs\n {\n });\n var exampleLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"exampleLogResourcePolicy\", new Aws.CloudWatch.LogResourcePolicyArgs\n {\n PolicyDocument = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"es.amazonaws.com\"\"\n },\n \"\"Action\"\": [\n \"\"logs:PutLogEvents\"\",\n \"\"logs:PutLogEventsBatch\"\",\n \"\"logs:CreateLogStream\"\"\n ],\n \"\"Resource\"\": \"\"arn:aws:logs:*\"\"\n }\n ]\n}\n\n\",\n PolicyName = \"example\",\n });\n var exampleDomain = new Aws.ElasticSearch.Domain(\"exampleDomain\", new Aws.ElasticSearch.DomainArgs\n {\n LogPublishingOptions = \n {\n new Aws.ElasticSearch.Inputs.DomainLogPublishingOptionArgs\n {\n CloudwatchLogGroupArn = exampleLogGroup.Arn,\n LogType = \"INDEX_SLOW_LOGS\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"exampleLogGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"exampleLogResourcePolicy\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyDocument: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"es.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": [\\n\", \" \\\"logs:PutLogEvents\\\",\\n\", \" \\\"logs:PutLogEventsBatch\\\",\\n\", \" \\\"logs:CreateLogStream\\\"\\n\", \" ],\\n\", \" \\\"Resource\\\": \\\"arn:aws:logs:*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tPolicyName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomain(ctx, \"exampleDomain\", \u0026elasticsearch.DomainArgs{\n\t\t\tLogPublishingOptions: elasticsearch.DomainLogPublishingOptionArray{\n\t\t\t\t\u0026elasticsearch.DomainLogPublishingOptionArgs{\n\t\t\t\t\tCloudwatchLogGroupArn: exampleLogGroup.Arn,\n\t\t\t\t\tLogType: pulumi.String(\"INDEX_SLOW_LOGS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### VPC based ES\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst vpc = config.require(\"vpc\");\nconst domain = config.get(\"domain\") || \"tf-test\";\n\nconst selectedVpc = pulumi.output(aws.ec2.getVpc({\n tags: {\n Name: vpc,\n },\n}, { async: true }));\nconst selectedSubnetIds = selectedVpc.apply(selectedVpc =\u003e aws.ec2.getSubnetIds({\n tags: {\n Tier: \"private\",\n },\n vpcId: selectedVpc.id!,\n}, { async: true }));\nconst currentRegion = pulumi.output(aws.getRegion({ async: true }));\nconst currentCallerIdentity = pulumi.output(aws.getCallerIdentity({ async: true }));\nconst esSecurityGroup = new aws.ec2.SecurityGroup(\"es\", {\n description: \"Managed by Pulumi\",\n ingress: [{\n cidrBlocks: [selectedVpc.cidrBlock!],\n fromPort: 443,\n protocol: \"tcp\",\n toPort: 443,\n }],\n vpcId: selectedVpc.id!,\n});\nconst esServiceLinkedRole = new aws.iam.ServiceLinkedRole(\"es\", {\n awsServiceName: \"es.amazonaws.com\",\n});\nconst esDomain = new aws.elasticsearch.Domain(\"es\", {\n accessPolicies: pulumi.interpolate`{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:${currentRegion.name!}:${currentCallerIdentity.accountId}:domain/${domain}/*\"\n\t\t}\n\t]\n}\n`,\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n clusterConfig: {\n instanceType: \"m4.large.elasticsearch\",\n },\n elasticsearchVersion: \"6.3\",\n snapshotOptions: {\n automatedSnapshotStartHour: 23,\n },\n tags: {\n Domain: \"TestDomain\",\n },\n vpcOptions: {\n securityGroupIds: [esSecurityGroup.id],\n subnetIds: [\n selectedSubnetIds.apply(selectedSubnetIds =\u003e selectedSubnetIds.ids[0]),\n selectedSubnetIds.apply(selectedSubnetIds =\u003e selectedSubnetIds.ids[1]),\n ],\n },\n}, { dependsOn: [esServiceLinkedRole] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nvpc = config.require_object(\"vpc\")\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\nselected_vpc = aws.ec2.get_vpc(tags={\n \"Name\": vpc,\n})\nselected_subnet_ids = aws.ec2.get_subnet_ids(tags={\n \"Tier\": \"private\",\n },\n vpc_id=selected_vpc.id)\ncurrent_region = aws.get_region()\ncurrent_caller_identity = aws.get_caller_identity()\nes_security_group = aws.ec2.SecurityGroup(\"esSecurityGroup\",\n description=\"Managed by Pulumi\",\n ingress=[{\n \"cidr_blocks\": [selected_vpc.cidr_block],\n \"from_port\": 443,\n \"protocol\": \"tcp\",\n \"to_port\": 443,\n }],\n vpc_id=selected_vpc.id)\nes_service_linked_role = aws.iam.ServiceLinkedRole(\"esServiceLinkedRole\", aws_service_name=\"es.amazonaws.com\")\nes_domain = aws.elasticsearch.Domain(\"esDomain\",\n access_policies=f\"\"\"{{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:{current_region.name}:{current_caller_identity.account_id}:domain/{domain}/*\"\n\t\t}}\n\t]\n}}\n\n\"\"\",\n advanced_options={\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n cluster_config={\n \"cluster_config\": \"m4.large.elasticsearch\",\n },\n elasticsearch_version=\"6.3\",\n snapshot_options={\n \"snapshot_options\": 23,\n },\n tags={\n \"Domain\": \"TestDomain\",\n },\n vpc_options={\n \"security_group_ids\": [es_security_group.id],\n \"subnet_ids\": [\n selected_subnet_ids.ids[0],\n selected_subnet_ids.ids[1],\n ],\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var vpc = config.RequireObject\u003cdynamic\u003e(\"vpc\");\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var selectedVpc = Output.Create(Aws.Ec2.GetVpc.InvokeAsync(new Aws.Ec2.GetVpcArgs\n {\n Tags = \n {\n { \"Name\", vpc },\n },\n }));\n var selectedSubnetIds = selectedVpc.Apply(selectedVpc =\u003e Output.Create(Aws.Ec2.GetSubnetIds.InvokeAsync(new Aws.Ec2.GetSubnetIdsArgs\n {\n Tags = \n {\n { \"Tier\", \"private\" },\n },\n VpcId = selectedVpc.Id,\n })));\n var currentRegion = Output.Create(Aws.GetRegion.InvokeAsync());\n var currentCallerIdentity = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n var esSecurityGroup = new Aws.Ec2.SecurityGroup(\"esSecurityGroup\", new Aws.Ec2.SecurityGroupArgs\n {\n Description = \"Managed by Pulumi\",\n Ingress = \n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n CidrBlocks = \n {\n selectedVpc.Apply(selectedVpc =\u003e selectedVpc.CidrBlock),\n },\n FromPort = 443,\n Protocol = \"tcp\",\n ToPort = 443,\n },\n },\n VpcId = selectedVpc.Apply(selectedVpc =\u003e selectedVpc.Id),\n });\n var esServiceLinkedRole = new Aws.Iam.ServiceLinkedRole(\"esServiceLinkedRole\", new Aws.Iam.ServiceLinkedRoleArgs\n {\n AwsServiceName = \"es.amazonaws.com\",\n });\n var esDomain = new Aws.ElasticSearch.Domain(\"esDomain\", new Aws.ElasticSearch.DomainArgs\n {\n AccessPolicies = Output.Tuple(currentRegion, currentCallerIdentity).Apply(values =\u003e\n {\n var currentRegion = values.Item1;\n var currentCallerIdentity = values.Item2;\n return @$\"{{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{{\n\t\t\t\"\"Action\"\": \"\"es:*\"\",\n\t\t\t\"\"Principal\"\": \"\"*\"\",\n\t\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\t\"\"Resource\"\": \"\"arn:aws:es:{currentRegion.Name}:{currentCallerIdentity.AccountId}:domain/{domain}/*\"\"\n\t\t}}\n\t]\n}}\n\n\";\n }),\n AdvancedOptions = \n {\n { \"rest.action.multi.allow_explicit_index\", \"true\" },\n },\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n ClusterConfig = \"m4.large.elasticsearch\",\n },\n ElasticsearchVersion = \"6.3\",\n SnapshotOptions = new Aws.ElasticSearch.Inputs.DomainSnapshotOptionsArgs\n {\n SnapshotOptions = 23,\n },\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n VpcOptions = new Aws.ElasticSearch.Inputs.DomainVpcOptionsArgs\n {\n SecurityGroupIds = \n {\n esSecurityGroup.Id,\n },\n SubnetIds = \n {\n selectedSubnetIds.Apply(selectedSubnetIds =\u003e selectedSubnetIds.Ids[0]),\n selectedSubnetIds.Apply(selectedSubnetIds =\u003e selectedSubnetIds.Ids[1]),\n },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessPolicies": { "type": "string", "description": "IAM policy document specifying the access policies for the domain\n" }, "advancedOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options.\nNote that the values for these configuration options must be strings (wrapped in quotes) or they\nmay be wrong and cause a perpetual diff, causing this provider to want to recreate your Elasticsearch\ndomain on every apply.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the domain.\n" }, "clusterConfig": { "$ref": "#/types/aws:elasticsearch/DomainClusterConfig:DomainClusterConfig", "description": "Cluster configuration of the domain, see below.\n" }, "cognitoOptions": { "$ref": "#/types/aws:elasticsearch/DomainCognitoOptions:DomainCognitoOptions" }, "domainEndpointOptions": { "$ref": "#/types/aws:elasticsearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions", "description": "Domain endpoint HTTP(S) related options. See below.\n" }, "domainId": { "type": "string", "description": "Unique identifier for the domain.\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" }, "ebsOptions": { "$ref": "#/types/aws:elasticsearch/DomainEbsOptions:DomainEbsOptions", "description": "EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/elasticsearch-service/pricing/). See below.\n" }, "elasticsearchVersion": { "type": "string", "description": "The version of Elasticsearch to deploy. Defaults to `1.5`\n" }, "encryptAtRest": { "$ref": "#/types/aws:elasticsearch/DomainEncryptAtRest:DomainEncryptAtRest", "description": "Encrypt at rest options. Only available for [certain instance types](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-supported-instance-types.html). See below.\n" }, "endpoint": { "type": "string", "description": "Domain-specific endpoint used to submit index, search, and data upload requests.\n" }, "kibanaEndpoint": { "type": "string", "description": "Domain-specific endpoint for kibana without https scheme.\n* `vpc_options.0.availability_zones` - If the domain was created inside a VPC, the names of the availability zones the configured `subnet_ids` were created inside.\n* `vpc_options.0.vpc_id` - If the domain was created inside a VPC, the ID of the VPC.\n" }, "logPublishingOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/DomainLogPublishingOption:DomainLogPublishingOption" }, "description": "Options for publishing slow logs to CloudWatch Logs.\n" }, "nodeToNodeEncryption": { "$ref": "#/types/aws:elasticsearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption", "description": "Node-to-node encryption options. See below.\n" }, "snapshotOptions": { "$ref": "#/types/aws:elasticsearch/DomainSnapshotOptions:DomainSnapshotOptions", "description": "Snapshot related options, see below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" }, "vpcOptions": { "$ref": "#/types/aws:elasticsearch/DomainVpcOptions:DomainVpcOptions", "description": "VPC related options, see below. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html#es-vpc-limitations)).\n" } }, "required": [ "accessPolicies", "advancedOptions", "arn", "clusterConfig", "domainEndpointOptions", "domainId", "domainName", "ebsOptions", "encryptAtRest", "endpoint", "kibanaEndpoint", "nodeToNodeEncryption" ], "inputProperties": { "accessPolicies": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "IAM policy document specifying the access policies for the domain\n" }, "advancedOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options.\nNote that the values for these configuration options must be strings (wrapped in quotes) or they\nmay be wrong and cause a perpetual diff, causing this provider to want to recreate your Elasticsearch\ndomain on every apply.\n" }, "clusterConfig": { "$ref": "#/types/aws:elasticsearch/DomainClusterConfig:DomainClusterConfig", "description": "Cluster configuration of the domain, see below.\n" }, "cognitoOptions": { "$ref": "#/types/aws:elasticsearch/DomainCognitoOptions:DomainCognitoOptions" }, "domainEndpointOptions": { "$ref": "#/types/aws:elasticsearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions", "description": "Domain endpoint HTTP(S) related options. See below.\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" }, "ebsOptions": { "$ref": "#/types/aws:elasticsearch/DomainEbsOptions:DomainEbsOptions", "description": "EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/elasticsearch-service/pricing/). See below.\n" }, "elasticsearchVersion": { "type": "string", "description": "The version of Elasticsearch to deploy. Defaults to `1.5`\n" }, "encryptAtRest": { "$ref": "#/types/aws:elasticsearch/DomainEncryptAtRest:DomainEncryptAtRest", "description": "Encrypt at rest options. Only available for [certain instance types](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-supported-instance-types.html). See below.\n" }, "logPublishingOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/DomainLogPublishingOption:DomainLogPublishingOption" }, "description": "Options for publishing slow logs to CloudWatch Logs.\n" }, "nodeToNodeEncryption": { "$ref": "#/types/aws:elasticsearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption", "description": "Node-to-node encryption options. See below.\n" }, "snapshotOptions": { "$ref": "#/types/aws:elasticsearch/DomainSnapshotOptions:DomainSnapshotOptions", "description": "Snapshot related options, see below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" }, "vpcOptions": { "$ref": "#/types/aws:elasticsearch/DomainVpcOptions:DomainVpcOptions", "description": "VPC related options, see below. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html#es-vpc-limitations)).\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "accessPolicies": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "IAM policy document specifying the access policies for the domain\n" }, "advancedOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options.\nNote that the values for these configuration options must be strings (wrapped in quotes) or they\nmay be wrong and cause a perpetual diff, causing this provider to want to recreate your Elasticsearch\ndomain on every apply.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the domain.\n" }, "clusterConfig": { "$ref": "#/types/aws:elasticsearch/DomainClusterConfig:DomainClusterConfig", "description": "Cluster configuration of the domain, see below.\n" }, "cognitoOptions": { "$ref": "#/types/aws:elasticsearch/DomainCognitoOptions:DomainCognitoOptions" }, "domainEndpointOptions": { "$ref": "#/types/aws:elasticsearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions", "description": "Domain endpoint HTTP(S) related options. See below.\n" }, "domainId": { "type": "string", "description": "Unique identifier for the domain.\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" }, "ebsOptions": { "$ref": "#/types/aws:elasticsearch/DomainEbsOptions:DomainEbsOptions", "description": "EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/elasticsearch-service/pricing/). See below.\n" }, "elasticsearchVersion": { "type": "string", "description": "The version of Elasticsearch to deploy. Defaults to `1.5`\n" }, "encryptAtRest": { "$ref": "#/types/aws:elasticsearch/DomainEncryptAtRest:DomainEncryptAtRest", "description": "Encrypt at rest options. Only available for [certain instance types](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-supported-instance-types.html). See below.\n" }, "endpoint": { "type": "string", "description": "Domain-specific endpoint used to submit index, search, and data upload requests.\n" }, "kibanaEndpoint": { "type": "string", "description": "Domain-specific endpoint for kibana without https scheme.\n* `vpc_options.0.availability_zones` - If the domain was created inside a VPC, the names of the availability zones the configured `subnet_ids` were created inside.\n* `vpc_options.0.vpc_id` - If the domain was created inside a VPC, the ID of the VPC.\n" }, "logPublishingOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/DomainLogPublishingOption:DomainLogPublishingOption" }, "description": "Options for publishing slow logs to CloudWatch Logs.\n" }, "nodeToNodeEncryption": { "$ref": "#/types/aws:elasticsearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption", "description": "Node-to-node encryption options. See below.\n" }, "snapshotOptions": { "$ref": "#/types/aws:elasticsearch/DomainSnapshotOptions:DomainSnapshotOptions", "description": "Snapshot related options, see below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" }, "vpcOptions": { "$ref": "#/types/aws:elasticsearch/DomainVpcOptions:DomainVpcOptions", "description": "VPC related options, see below. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html#es-vpc-limitations)).\n" } }, "type": "object" } }, "aws:elasticsearch/domainPolicy:DomainPolicy": { "description": "Allows setting policy to an Elasticsearch domain while referencing domain attributes (e.g. ARN)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticsearch.Domain(\"example\", {\n elasticsearchVersion: \"2.3\",\n});\nconst main = new aws.elasticsearch.DomainPolicy(\"main\", {\n accessPolicies: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": \"127.0.0.1/32\"}\n },\n \"Resource\": \"${example.arn}/*\"\n }\n ]\n}\n`,\n domainName: example.domainName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticsearch.Domain(\"example\", elasticsearch_version=\"2.3\")\nmain = aws.elasticsearch.DomainPolicy(\"main\",\n access_policies=example.arn.apply(lambda arn: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Condition\": {{\n \"IpAddress\": {{\"aws:SourceIp\": \"127.0.0.1/32\"}}\n }},\n \"Resource\": \"{arn}/*\"\n }}\n ]\n}}\n\n\"\"\"),\n domain_name=example.domain_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ElasticSearch.Domain(\"example\", new Aws.ElasticSearch.DomainArgs\n {\n ElasticsearchVersion = \"2.3\",\n });\n var main = new Aws.ElasticSearch.DomainPolicy(\"main\", new Aws.ElasticSearch.DomainPolicyArgs\n {\n AccessPolicies = example.Arn.Apply(arn =\u003e @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": \"\"es:*\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Condition\"\": {{\n \"\"IpAddress\"\": {{\"\"aws:SourceIp\"\": \"\"127.0.0.1/32\"\"}}\n }},\n \"\"Resource\"\": \"\"{arn}/*\"\"\n }}\n ]\n}}\n\n\"),\n DomainName = example.DomainName,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tElasticsearchVersion: pulumi.String(\"2.3\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomainPolicy(ctx, \"main\", \u0026elasticsearch.DomainPolicyArgs{\n\t\t\tAccessPolicies: example.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"es:*\\\",\\n\", \" \\\"Principal\\\": \\\"*\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"IpAddress\\\": {\\\"aws:SourceIp\\\": \\\"127.0.0.1/32\\\"}\\n\", \" },\\n\", \" \\\"Resource\\\": \\\"\", arn, \"/*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDomainName: example.DomainName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessPolicies": { "type": "string", "description": "IAM policy document specifying the access policies for the domain\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" } }, "required": [ "accessPolicies", "domainName" ], "inputProperties": { "accessPolicies": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "IAM policy document specifying the access policies for the domain\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" } }, "requiredInputs": [ "accessPolicies", "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainPolicy resources.\n", "properties": { "accessPolicies": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "IAM policy document specifying the access policies for the domain\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" } }, "type": "object" } }, "aws:elastictranscoder/pipeline:Pipeline": { "description": "Provides an Elastic Transcoder pipeline resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.elastictranscoder.Pipeline(\"bar\", {\n contentConfig: {\n bucket: aws_s3_bucket_content_bucket.bucket,\n storageClass: \"Standard\",\n },\n inputBucket: aws_s3_bucket_input_bucket.bucket,\n role: aws_iam_role_test_role.arn,\n thumbnailConfig: {\n bucket: aws_s3_bucket_thumb_bucket.bucket,\n storageClass: \"Standard\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.elastictranscoder.Pipeline(\"bar\",\n content_config={\n \"bucket\": aws_s3_bucket[\"content_bucket\"][\"bucket\"],\n \"storage_class\": \"Standard\",\n },\n input_bucket=aws_s3_bucket[\"input_bucket\"][\"bucket\"],\n role=aws_iam_role[\"test_role\"][\"arn\"],\n thumbnail_config={\n \"bucket\": aws_s3_bucket[\"thumb_bucket\"][\"bucket\"],\n \"storage_class\": \"Standard\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bar = new Aws.ElasticTranscoder.Pipeline(\"bar\", new Aws.ElasticTranscoder.PipelineArgs\n {\n ContentConfig = new Aws.ElasticTranscoder.Inputs.PipelineContentConfigArgs\n {\n Bucket = aws_s3_bucket.Content_bucket.Bucket,\n StorageClass = \"Standard\",\n },\n InputBucket = aws_s3_bucket.Input_bucket.Bucket,\n Role = aws_iam_role.Test_role.Arn,\n ThumbnailConfig = new Aws.ElasticTranscoder.Inputs.PipelineThumbnailConfigArgs\n {\n Bucket = aws_s3_bucket.Thumb_bucket.Bucket,\n StorageClass = \"Standard\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elastictranscoder\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elastictranscoder.NewPipeline(ctx, \"bar\", \u0026elastictranscoder.PipelineArgs{\n\t\t\tContentConfig: \u0026elastictranscoder.PipelineContentConfigArgs{\n\t\t\t\tBucket: pulumi.String(aws_s3_bucket.Content_bucket.Bucket),\n\t\t\t\tStorageClass: pulumi.String(\"Standard\"),\n\t\t\t},\n\t\t\tInputBucket: pulumi.String(aws_s3_bucket.Input_bucket.Bucket),\n\t\t\tRole: pulumi.String(aws_iam_role.Test_role.Arn),\n\t\t\tThumbnailConfig: \u0026elastictranscoder.PipelineThumbnailConfigArgs{\n\t\t\t\tBucket: pulumi.String(aws_s3_bucket.Thumb_bucket.Bucket),\n\t\t\t\tStorageClass: pulumi.String(\"Standard\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string" }, "awsKmsKeyArn": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that you want to use with this pipeline.\n" }, "contentConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfig:PipelineContentConfig", "description": "The ContentConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save transcoded files and playlists. (documented below)\n" }, "contentConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfigPermission:PipelineContentConfigPermission" }, "description": "The permissions for the `content_config` object. (documented below)\n" }, "inputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you saved the media files that you want to transcode and the graphics that you want to use as watermarks.\n" }, "name": { "type": "string", "description": "The name of the pipeline. Maximum 40 characters\n" }, "notifications": { "$ref": "#/types/aws:elastictranscoder/PipelineNotifications:PipelineNotifications", "description": "The Amazon Simple Notification Service (Amazon SNS) topic that you want to notify to report job status. (documented below)\n" }, "outputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you want Elastic Transcoder to save the transcoded files.\n" }, "role": { "type": "string", "description": "The IAM Amazon Resource Name (ARN) for the role that you want Elastic Transcoder to use to transcode jobs for this pipeline.\n" }, "thumbnailConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfig:PipelineThumbnailConfig", "description": "The ThumbnailConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save thumbnail files. (documented below)\n" }, "thumbnailConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfigPermission:PipelineThumbnailConfigPermission" }, "description": "The permissions for the `thumbnail_config` object. (documented below)\n" } }, "required": [ "arn", "contentConfig", "inputBucket", "name", "outputBucket", "role", "thumbnailConfig" ], "inputProperties": { "awsKmsKeyArn": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that you want to use with this pipeline.\n" }, "contentConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfig:PipelineContentConfig", "description": "The ContentConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save transcoded files and playlists. (documented below)\n" }, "contentConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfigPermission:PipelineContentConfigPermission" }, "description": "The permissions for the `content_config` object. (documented below)\n" }, "inputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you saved the media files that you want to transcode and the graphics that you want to use as watermarks.\n" }, "name": { "type": "string", "description": "The name of the pipeline. Maximum 40 characters\n" }, "notifications": { "$ref": "#/types/aws:elastictranscoder/PipelineNotifications:PipelineNotifications", "description": "The Amazon Simple Notification Service (Amazon SNS) topic that you want to notify to report job status. (documented below)\n" }, "outputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you want Elastic Transcoder to save the transcoded files.\n" }, "role": { "type": "string", "description": "The IAM Amazon Resource Name (ARN) for the role that you want Elastic Transcoder to use to transcode jobs for this pipeline.\n" }, "thumbnailConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfig:PipelineThumbnailConfig", "description": "The ThumbnailConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save thumbnail files. (documented below)\n" }, "thumbnailConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfigPermission:PipelineThumbnailConfigPermission" }, "description": "The permissions for the `thumbnail_config` object. (documented below)\n" } }, "requiredInputs": [ "inputBucket", "role" ], "stateInputs": { "description": "Input properties used for looking up and filtering Pipeline resources.\n", "properties": { "arn": { "type": "string" }, "awsKmsKeyArn": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that you want to use with this pipeline.\n" }, "contentConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfig:PipelineContentConfig", "description": "The ContentConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save transcoded files and playlists. (documented below)\n" }, "contentConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfigPermission:PipelineContentConfigPermission" }, "description": "The permissions for the `content_config` object. (documented below)\n" }, "inputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you saved the media files that you want to transcode and the graphics that you want to use as watermarks.\n" }, "name": { "type": "string", "description": "The name of the pipeline. Maximum 40 characters\n" }, "notifications": { "$ref": "#/types/aws:elastictranscoder/PipelineNotifications:PipelineNotifications", "description": "The Amazon Simple Notification Service (Amazon SNS) topic that you want to notify to report job status. (documented below)\n" }, "outputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you want Elastic Transcoder to save the transcoded files.\n" }, "role": { "type": "string", "description": "The IAM Amazon Resource Name (ARN) for the role that you want Elastic Transcoder to use to transcode jobs for this pipeline.\n" }, "thumbnailConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfig:PipelineThumbnailConfig", "description": "The ThumbnailConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save thumbnail files. (documented below)\n" }, "thumbnailConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfigPermission:PipelineThumbnailConfigPermission" }, "description": "The permissions for the `thumbnail_config` object. (documented below)\n" } }, "type": "object" } }, "aws:elastictranscoder/preset:Preset": { "description": "Provides an Elastic Transcoder preset resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.elastictranscoder.Preset(\"bar\", {\n audio: {\n audioPackingMode: \"SingleTrack\",\n bitRate: \"96\",\n channels: \"2\",\n codec: \"AAC\",\n sampleRate: \"44100\",\n },\n audioCodecOptions: {\n profile: \"AAC-LC\",\n },\n container: \"mp4\",\n description: \"Sample Preset\",\n thumbnails: {\n format: \"png\",\n interval: \"120\",\n maxHeight: \"auto\",\n maxWidth: \"auto\",\n paddingPolicy: \"Pad\",\n sizingPolicy: \"Fit\",\n },\n video: {\n bitRate: \"1600\",\n codec: \"H.264\",\n displayAspectRatio: \"16:9\",\n fixedGop: \"false\",\n frameRate: \"auto\",\n keyframesMaxDist: \"240\",\n maxFrameRate: \"60\",\n maxHeight: \"auto\",\n maxWidth: \"auto\",\n paddingPolicy: \"Pad\",\n sizingPolicy: \"Fit\",\n },\n videoCodecOptions: {\n ColorSpaceConversionMode: \"None\",\n InterlacedMode: \"Progressive\",\n Level: \"2.2\",\n MaxReferenceFrames: 3,\n Profile: \"main\",\n },\n videoWatermarks: [{\n horizontalAlign: \"Right\",\n horizontalOffset: \"10px\",\n id: \"Test\",\n maxHeight: \"20%\",\n maxWidth: \"20%\",\n opacity: \"55.5\",\n sizingPolicy: \"ShrinkToFit\",\n target: \"Content\",\n verticalAlign: \"Bottom\",\n verticalOffset: \"10px\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.elastictranscoder.Preset(\"bar\",\n audio={\n \"audioPackingMode\": \"SingleTrack\",\n \"bitRate\": 96,\n \"channels\": 2,\n \"codec\": \"AAC\",\n \"sampleRate\": 44100,\n },\n audio_codec_options={\n \"profile\": \"AAC-LC\",\n },\n container=\"mp4\",\n description=\"Sample Preset\",\n thumbnails={\n \"format\": \"png\",\n \"interval\": 120,\n \"maxHeight\": \"auto\",\n \"maxWidth\": \"auto\",\n \"paddingPolicy\": \"Pad\",\n \"sizingPolicy\": \"Fit\",\n },\n video={\n \"bitRate\": \"1600\",\n \"codec\": \"H.264\",\n \"displayAspectRatio\": \"16:9\",\n \"fixedGop\": \"false\",\n \"frameRate\": \"auto\",\n \"keyframesMaxDist\": 240,\n \"maxFrameRate\": \"60\",\n \"maxHeight\": \"auto\",\n \"maxWidth\": \"auto\",\n \"paddingPolicy\": \"Pad\",\n \"sizingPolicy\": \"Fit\",\n },\n video_codec_options={\n \"ColorSpaceConversionMode\": \"None\",\n \"InterlacedMode\": \"Progressive\",\n \"Level\": \"2.2\",\n \"MaxReferenceFrames\": 3,\n \"Profile\": \"main\",\n },\n video_watermarks=[{\n \"horizontalAlign\": \"Right\",\n \"horizontalOffset\": \"10px\",\n \"id\": \"Test\",\n \"maxHeight\": \"20%\",\n \"maxWidth\": \"20%\",\n \"opacity\": \"55.5\",\n \"sizingPolicy\": \"ShrinkToFit\",\n \"target\": \"Content\",\n \"verticalAlign\": \"Bottom\",\n \"verticalOffset\": \"10px\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bar = new Aws.ElasticTranscoder.Preset(\"bar\", new Aws.ElasticTranscoder.PresetArgs\n {\n Audio = new Aws.ElasticTranscoder.Inputs.PresetAudioArgs\n {\n AudioPackingMode = \"SingleTrack\",\n BitRate = \"96\",\n Channels = \"2\",\n Codec = \"AAC\",\n SampleRate = \"44100\",\n },\n AudioCodecOptions = new Aws.ElasticTranscoder.Inputs.PresetAudioCodecOptionsArgs\n {\n Profile = \"AAC-LC\",\n },\n Container = \"mp4\",\n Description = \"Sample Preset\",\n Thumbnails = new Aws.ElasticTranscoder.Inputs.PresetThumbnailsArgs\n {\n Format = \"png\",\n Interval = \"120\",\n MaxHeight = \"auto\",\n MaxWidth = \"auto\",\n PaddingPolicy = \"Pad\",\n SizingPolicy = \"Fit\",\n },\n Video = new Aws.ElasticTranscoder.Inputs.PresetVideoArgs\n {\n BitRate = \"1600\",\n Codec = \"H.264\",\n DisplayAspectRatio = \"16:9\",\n FixedGop = \"false\",\n FrameRate = \"auto\",\n KeyframesMaxDist = \"240\",\n MaxFrameRate = \"60\",\n MaxHeight = \"auto\",\n MaxWidth = \"auto\",\n PaddingPolicy = \"Pad\",\n SizingPolicy = \"Fit\",\n },\n VideoCodecOptions = \n {\n { \"ColorSpaceConversionMode\", \"None\" },\n { \"InterlacedMode\", \"Progressive\" },\n { \"Level\", \"2.2\" },\n { \"MaxReferenceFrames\", \"3\" },\n { \"Profile\", \"main\" },\n },\n VideoWatermarks = \n {\n new Aws.ElasticTranscoder.Inputs.PresetVideoWatermarkArgs\n {\n HorizontalAlign = \"Right\",\n HorizontalOffset = \"10px\",\n Id = \"Test\",\n MaxHeight = \"20%\",\n MaxWidth = \"20%\",\n Opacity = \"55.5\",\n SizingPolicy = \"ShrinkToFit\",\n Target = \"Content\",\n VerticalAlign = \"Bottom\",\n VerticalOffset = \"10px\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elastictranscoder\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elastictranscoder.NewPreset(ctx, \"bar\", \u0026elastictranscoder.PresetArgs{\n\t\t\tAudio: \u0026elastictranscoder.PresetAudioArgs{\n\t\t\t\tAudioPackingMode: pulumi.String(\"SingleTrack\"),\n\t\t\t\tBitRate: pulumi.String(\"96\"),\n\t\t\t\tChannels: pulumi.String(\"2\"),\n\t\t\t\tCodec: pulumi.String(\"AAC\"),\n\t\t\t\tSampleRate: pulumi.String(\"44100\"),\n\t\t\t},\n\t\t\tAudioCodecOptions: \u0026elastictranscoder.PresetAudioCodecOptionsArgs{\n\t\t\t\tProfile: pulumi.String(\"AAC-LC\"),\n\t\t\t},\n\t\t\tContainer: pulumi.String(\"mp4\"),\n\t\t\tDescription: pulumi.String(\"Sample Preset\"),\n\t\t\tThumbnails: \u0026elastictranscoder.PresetThumbnailsArgs{\n\t\t\t\tFormat: pulumi.String(\"png\"),\n\t\t\t\tInterval: pulumi.String(\"120\"),\n\t\t\t\tMaxHeight: pulumi.String(\"auto\"),\n\t\t\t\tMaxWidth: pulumi.String(\"auto\"),\n\t\t\t\tPaddingPolicy: pulumi.String(\"Pad\"),\n\t\t\t\tSizingPolicy: pulumi.String(\"Fit\"),\n\t\t\t},\n\t\t\tVideo: \u0026elastictranscoder.PresetVideoArgs{\n\t\t\t\tBitRate: pulumi.String(\"1600\"),\n\t\t\t\tCodec: pulumi.String(\"H.264\"),\n\t\t\t\tDisplayAspectRatio: pulumi.String(\"16:9\"),\n\t\t\t\tFixedGop: pulumi.String(\"false\"),\n\t\t\t\tFrameRate: pulumi.String(\"auto\"),\n\t\t\t\tKeyframesMaxDist: pulumi.String(\"240\"),\n\t\t\t\tMaxFrameRate: pulumi.String(\"60\"),\n\t\t\t\tMaxHeight: pulumi.String(\"auto\"),\n\t\t\t\tMaxWidth: pulumi.String(\"auto\"),\n\t\t\t\tPaddingPolicy: pulumi.String(\"Pad\"),\n\t\t\t\tSizingPolicy: pulumi.String(\"Fit\"),\n\t\t\t},\n\t\t\tVideoCodecOptions: pulumi.Map{\n\t\t\t\t\"ColorSpaceConversionMode\": pulumi.String(\"None\"),\n\t\t\t\t\"InterlacedMode\": pulumi.String(\"Progressive\"),\n\t\t\t\t\"Level\": pulumi.String(\"2.2\"),\n\t\t\t\t\"MaxReferenceFrames\": pulumi.String(\"3\"),\n\t\t\t\t\"Profile\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t\tVideoWatermarks: elastictranscoder.PresetVideoWatermarkArray{\n\t\t\t\t\u0026elastictranscoder.PresetVideoWatermarkArgs{\n\t\t\t\t\tHorizontalAlign: pulumi.String(\"Right\"),\n\t\t\t\t\tHorizontalOffset: pulumi.String(\"10px\"),\n\t\t\t\t\tId: pulumi.String(\"Test\"),\n\t\t\t\t\tMaxHeight: pulumi.String(fmt.Sprintf(\"%v%v\", \"20\", \"%\")),\n\t\t\t\t\tMaxWidth: pulumi.String(fmt.Sprintf(\"%v%v\", \"20\", \"%\")),\n\t\t\t\t\tOpacity: pulumi.String(\"55.5\"),\n\t\t\t\t\tSizingPolicy: pulumi.String(\"ShrinkToFit\"),\n\t\t\t\t\tTarget: pulumi.String(\"Content\"),\n\t\t\t\t\tVerticalAlign: pulumi.String(\"Bottom\"),\n\t\t\t\t\tVerticalOffset: pulumi.String(\"10px\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string" }, "audio": { "$ref": "#/types/aws:elastictranscoder/PresetAudio:PresetAudio", "description": "Audio parameters object (documented below).\n" }, "audioCodecOptions": { "$ref": "#/types/aws:elastictranscoder/PresetAudioCodecOptions:PresetAudioCodecOptions", "description": "Codec options for the audio parameters (documented below)\n" }, "container": { "type": "string", "description": "The container type for the output file. Valid values are `flac`, `flv`, `fmp4`, `gif`, `mp3`, `mp4`, `mpg`, `mxf`, `oga`, `ogg`, `ts`, and `webm`.\n" }, "description": { "type": "string", "description": "A description of the preset (maximum 255 characters)\n" }, "name": { "type": "string", "description": "The name of the preset. (maximum 40 characters)\n" }, "thumbnails": { "$ref": "#/types/aws:elastictranscoder/PresetThumbnails:PresetThumbnails", "description": "Thumbnail parameters object (documented below)\n" }, "type": { "type": "string" }, "video": { "$ref": "#/types/aws:elastictranscoder/PresetVideo:PresetVideo", "description": "Video parameters object (documented below)\n" }, "videoCodecOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Codec options for the video parameters\n" }, "videoWatermarks": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PresetVideoWatermark:PresetVideoWatermark" }, "description": "Watermark parameters for the video parameters (documented below)\n" } }, "required": [ "arn", "container", "name", "type" ], "inputProperties": { "audio": { "$ref": "#/types/aws:elastictranscoder/PresetAudio:PresetAudio", "description": "Audio parameters object (documented below).\n" }, "audioCodecOptions": { "$ref": "#/types/aws:elastictranscoder/PresetAudioCodecOptions:PresetAudioCodecOptions", "description": "Codec options for the audio parameters (documented below)\n" }, "container": { "type": "string", "description": "The container type for the output file. Valid values are `flac`, `flv`, `fmp4`, `gif`, `mp3`, `mp4`, `mpg`, `mxf`, `oga`, `ogg`, `ts`, and `webm`.\n" }, "description": { "type": "string", "description": "A description of the preset (maximum 255 characters)\n" }, "name": { "type": "string", "description": "The name of the preset. (maximum 40 characters)\n" }, "thumbnails": { "$ref": "#/types/aws:elastictranscoder/PresetThumbnails:PresetThumbnails", "description": "Thumbnail parameters object (documented below)\n" }, "type": { "type": "string" }, "video": { "$ref": "#/types/aws:elastictranscoder/PresetVideo:PresetVideo", "description": "Video parameters object (documented below)\n" }, "videoCodecOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Codec options for the video parameters\n" }, "videoWatermarks": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PresetVideoWatermark:PresetVideoWatermark" }, "description": "Watermark parameters for the video parameters (documented below)\n" } }, "requiredInputs": [ "container" ], "stateInputs": { "description": "Input properties used for looking up and filtering Preset resources.\n", "properties": { "arn": { "type": "string" }, "audio": { "$ref": "#/types/aws:elastictranscoder/PresetAudio:PresetAudio", "description": "Audio parameters object (documented below).\n" }, "audioCodecOptions": { "$ref": "#/types/aws:elastictranscoder/PresetAudioCodecOptions:PresetAudioCodecOptions", "description": "Codec options for the audio parameters (documented below)\n" }, "container": { "type": "string", "description": "The container type for the output file. Valid values are `flac`, `flv`, `fmp4`, `gif`, `mp3`, `mp4`, `mpg`, `mxf`, `oga`, `ogg`, `ts`, and `webm`.\n" }, "description": { "type": "string", "description": "A description of the preset (maximum 255 characters)\n" }, "name": { "type": "string", "description": "The name of the preset. (maximum 40 characters)\n" }, "thumbnails": { "$ref": "#/types/aws:elastictranscoder/PresetThumbnails:PresetThumbnails", "description": "Thumbnail parameters object (documented below)\n" }, "type": { "type": "string" }, "video": { "$ref": "#/types/aws:elastictranscoder/PresetVideo:PresetVideo", "description": "Video parameters object (documented below)\n" }, "videoCodecOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Codec options for the video parameters\n" }, "videoWatermarks": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PresetVideoWatermark:PresetVideoWatermark" }, "description": "Watermark parameters for the video parameters (documented below)\n" } }, "type": "object" } }, "aws:elb/appCookieStickinessPolicy:AppCookieStickinessPolicy": { "description": "Provides an application cookie stickiness policy, which allows an ELB to wed its sticky cookie's expiration to a cookie generated by your application.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\nconst foo = new aws.elb.AppCookieStickinessPolicy(\"foo\", {\n cookieName: \"MyAppCookie\",\n lbPort: 80,\n loadBalancer: lb.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 80,\n \"lbProtocol\": \"http\",\n }])\nfoo = aws.elb.AppCookieStickinessPolicy(\"foo\",\n cookie_name=\"MyAppCookie\",\n lb_port=80,\n load_balancer=lb.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n var foo = new Aws.Elb.AppCookieStickinessPolicy(\"foo\", new Aws.Elb.AppCookieStickinessPolicyArgs\n {\n CookieName = \"MyAppCookie\",\n LbPort = 80,\n LoadBalancer = lb.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewAppCookieStickinessPolicy(ctx, \"foo\", \u0026elb.AppCookieStickinessPolicyArgs{\n\t\t\tCookieName: pulumi.String(\"MyAppCookie\"),\n\t\t\tLbPort: pulumi.Int(80),\n\t\t\tLoadBalancer: lb.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "cookieName": { "type": "string", "description": "The application cookie whose lifetime the ELB's cookie should follow.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The name of load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "required": [ "cookieName", "lbPort", "loadBalancer", "name" ], "inputProperties": { "cookieName": { "type": "string", "description": "The application cookie whose lifetime the ELB's cookie should follow.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The name of load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "requiredInputs": [ "cookieName", "lbPort", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering AppCookieStickinessPolicy resources.\n", "properties": { "cookieName": { "type": "string", "description": "The application cookie whose lifetime the ELB's cookie should follow.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The name of load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/appCookieStickinessPolicy:AppCookieStickinessPolicy" } ] }, "aws:elb/attachment:Attachment": { "description": "Attaches an EC2 instance to an Elastic Load Balancer (ELB). For attaching resources with Application Load Balancer (ALB) or Network Load Balancer (NLB), see the `aws.lb.TargetGroupAttachment` resource.\n\n\u003e **NOTE on ELB Instances and ELB Attachments:** This provider currently provides\nboth a standalone ELB Attachment resource (describing an instance attached to\nan ELB), and an Elastic Load Balancer resource with\n`instances` defined in-line. At this time you cannot use an ELB with in-line\ninstances in conjunction with an ELB Attachment resource. Doing so will cause a\nconflict and will overwrite attachments.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new load balancer attachment\nconst baz = new aws.elb.Attachment(\"baz\", {\n elb: aws_elb_bar.id,\n instance: aws_instance_foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new load balancer attachment\nbaz = aws.elb.Attachment(\"baz\",\n elb=aws_elb[\"bar\"][\"id\"],\n instance=aws_instance[\"foo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new load balancer attachment\n var baz = new Aws.Elb.Attachment(\"baz\", new Aws.Elb.AttachmentArgs\n {\n Elb = aws_elb.Bar.Id,\n Instance = aws_instance.Foo.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = elb.NewAttachment(ctx, \"baz\", \u0026elb.AttachmentArgs{\n\t\t\tElb: pulumi.String(aws_elb.Bar.Id),\n\t\t\tInstance: pulumi.String(aws_instance.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "elb": { "type": "string", "description": "The name of the ELB.\n" }, "instance": { "type": "string", "description": "Instance ID to place in the ELB pool.\n" } }, "required": [ "elb", "instance" ], "inputProperties": { "elb": { "type": "string", "description": "The name of the ELB.\n" }, "instance": { "type": "string", "description": "Instance ID to place in the ELB pool.\n" } }, "requiredInputs": [ "elb", "instance" ], "stateInputs": { "description": "Input properties used for looking up and filtering Attachment resources.\n", "properties": { "elb": { "type": "string", "description": "The name of the ELB.\n" }, "instance": { "type": "string", "description": "Instance ID to place in the ELB pool.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/attachment:Attachment" } ] }, "aws:elb/listenerPolicy:ListenerPolicy": { "description": "Attaches a load balancer policy to an ELB Listener.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Custom Policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ssl = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [\n {\n name: \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"Protocol-TLSv1.2\",\n value: \"true\",\n },\n ],\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n});\nconst wu_tang_listener_policies_443 = new aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\", {\n loadBalancerName: wu_tang.name,\n loadBalancerPort: 443,\n policyNames: [wu_tang_ssl.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ssl = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[\n {\n \"name\": \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"Protocol-TLSv1.2\",\n \"value\": \"true\",\n },\n ],\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\")\nwu_tang_listener_policies_443 = aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\",\n load_balancer_name=wu_tang.name,\n load_balancer_port=443,\n policy_names=[wu_tang_ssl.policy_name])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n var wu_tang_ssl = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.2\",\n Value = \"true\",\n },\n },\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n });\n var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy(\"wu-tang-listener-policies-443\", new Aws.Elb.ListenerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n LoadBalancerPort = 443,\n PolicyNames = \n {\n wu_tang_ssl.PolicyName,\n },\n });\n }\n\n}\n```\n\nThis example shows how to customize the TLS settings of an HTTPS listener.\n\n{{% /example %}}\n{{% example %}}\n### AWS Predefined Security Policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ssl_tls_1_1 = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"Reference-Security-Policy\",\n value: \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }],\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n});\nconst wu_tang_listener_policies_443 = new aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\", {\n loadBalancerName: wu_tang.name,\n loadBalancerPort: 443,\n policyNames: [wu_tang_ssl_tls_1_1.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ssl_tls_1_1 = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"Reference-Security-Policy\",\n \"value\": \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }],\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\")\nwu_tang_listener_policies_443 = aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\",\n load_balancer_name=wu_tang.name,\n load_balancer_port=443,\n policy_names=[wu_tang_ssl_tls_1_1.policy_name])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n var wu_tang_ssl_tls_1_1 = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Reference-Security-Policy\",\n Value = \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n },\n },\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n });\n var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy(\"wu-tang-listener-policies-443\", new Aws.Elb.ListenerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n LoadBalancerPort = 443,\n PolicyNames = \n {\n wu_tang_ssl_tls_1_1.PolicyName,\n },\n });\n }\n\n}\n```\n\nThis example shows how to add a [Predefined Security Policy for ELBs](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html)\n{{% /example %}}\n{{% /examples %}}", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "loadBalancerPort": { "type": "integer", "description": "The load balancer listener port to apply the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "required": [ "loadBalancerName", "loadBalancerPort" ], "inputProperties": { "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "loadBalancerPort": { "type": "integer", "description": "The load balancer listener port to apply the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "requiredInputs": [ "loadBalancerName", "loadBalancerPort" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerPolicy resources.\n", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "loadBalancerPort": { "type": "integer", "description": "The load balancer listener port to apply the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/listenerPolicy:ListenerPolicy" } ] }, "aws:elb/loadBalancer:LoadBalancer": { "description": "Provides an Elastic Load Balancer resource, also known as a \"Classic\nLoad Balancer\" after the release of\n`Application/Network Load Balancers`.\n\n\u003e **NOTE on ELB Instances and ELB Attachments:** This provider currently\nprovides both a standalone ELB Attachment resource\n(describing an instance attached to an ELB), and an ELB resource with\n`instances` defined in-line. At this time you cannot use an ELB with in-line\ninstances in conjunction with a ELB Attachment resources. Doing so will cause a\nconflict and will overwrite attachments.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new load balancer\nconst bar = new aws.elb.LoadBalancer(\"bar\", {\n accessLogs: {\n bucket: \"foo\",\n bucketPrefix: \"bar\",\n interval: 60,\n },\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n connectionDraining: true,\n connectionDrainingTimeout: 400,\n crossZoneLoadBalancing: true,\n healthCheck: {\n healthyThreshold: 2,\n interval: 30,\n target: \"HTTP:8000/\",\n timeout: 3,\n unhealthyThreshold: 2,\n },\n idleTimeout: 400,\n instances: [aws_instance_foo.id],\n listeners: [\n {\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n },\n {\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n ],\n tags: {\n Name: \"foobar-elb\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new load balancer\nbar = aws.elb.LoadBalancer(\"bar\",\n access_logs={\n \"bucket\": \"foo\",\n \"bucket_prefix\": \"bar\",\n \"interval\": 60,\n },\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n connection_draining=True,\n connection_draining_timeout=400,\n cross_zone_load_balancing=True,\n health_check={\n \"healthyThreshold\": 2,\n \"interval\": 30,\n \"target\": \"HTTP:8000/\",\n \"timeout\": 3,\n \"unhealthyThreshold\": 2,\n },\n idle_timeout=400,\n instances=[aws_instance[\"foo\"][\"id\"]],\n listeners=[\n {\n \"instance_port\": 8000,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 80,\n \"lbProtocol\": \"http\",\n },\n {\n \"instance_port\": 8000,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n ],\n tags={\n \"Name\": \"foobar-elb\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new load balancer\n var bar = new Aws.Elb.LoadBalancer(\"bar\", new Aws.Elb.LoadBalancerArgs\n {\n AccessLogs = new Aws.Elb.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = \"foo\",\n BucketPrefix = \"bar\",\n Interval = 60,\n },\n AvailabilityZones = \n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n ConnectionDraining = true,\n ConnectionDrainingTimeout = 400,\n CrossZoneLoadBalancing = true,\n HealthCheck = new Aws.Elb.Inputs.LoadBalancerHealthCheckArgs\n {\n HealthyThreshold = 2,\n Interval = 30,\n Target = \"HTTP:8000/\",\n Timeout = 3,\n UnhealthyThreshold = 2,\n },\n IdleTimeout = 400,\n Instances = \n {\n aws_instance.Foo.Id,\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n },\n Tags = \n {\n { \"Name\", \"foobar-elb\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Note on ECDSA Key Algorithm\n\nIf the ARN of the `ssl_certificate_id` that is pointed to references a\ncertificate that was signed by an ECDSA key, note that ELB only supports the\nP256 and P384 curves. Using a certificate signed by a key using a different\ncurve could produce the error `ERR_SSL_VERSION_OR_CIPHER_MISMATCH` in your\nbrowser.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the ELB\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The AZ's to serve traffic in.\n" }, "connectionDraining": { "type": "boolean", "description": "Boolean to enable connection draining. Default: `false`\n" }, "connectionDrainingTimeout": { "type": "integer", "description": "The time in seconds to allow for connections to drain. Default: `300`\n" }, "crossZoneLoadBalancing": { "type": "boolean", "description": "Enable cross-zone load balancing. Default: `true`\n" }, "dnsName": { "type": "string", "description": "The DNS name of the ELB\n" }, "healthCheck": { "$ref": "#/types/aws:elb/LoadBalancerHealthCheck:LoadBalancerHealthCheck", "description": "A health_check block. Health Check documented below.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Default: `60`\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "A list of instance ids to place in the ELB pool.\n" }, "internal": { "type": "boolean", "description": "If true, ELB will be an internal ELB.\n" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerListener:LoadBalancerListener" }, "description": "A list of listener blocks. Listeners documented below.\n" }, "name": { "type": "string", "description": "The name of the ELB. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the ELB.\nOnly valid if creating an ELB within a VPC\n" }, "sourceSecurityGroup": { "type": "string", "description": "The name of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Use this for Classic or Default VPC only.\n" }, "sourceSecurityGroupId": { "type": "string", "description": "The ID of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Only available on ELBs launched in a VPC.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the ELB.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the ELB (to be used in a Route 53 Alias record)\n" } }, "required": [ "arn", "availabilityZones", "dnsName", "healthCheck", "instances", "internal", "listeners", "name", "securityGroups", "sourceSecurityGroup", "sourceSecurityGroupId", "subnets", "zoneId" ], "inputProperties": { "accessLogs": { "$ref": "#/types/aws:elb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The AZ's to serve traffic in.\n" }, "connectionDraining": { "type": "boolean", "description": "Boolean to enable connection draining. Default: `false`\n" }, "connectionDrainingTimeout": { "type": "integer", "description": "The time in seconds to allow for connections to drain. Default: `300`\n" }, "crossZoneLoadBalancing": { "type": "boolean", "description": "Enable cross-zone load balancing. Default: `true`\n" }, "healthCheck": { "$ref": "#/types/aws:elb/LoadBalancerHealthCheck:LoadBalancerHealthCheck", "description": "A health_check block. Health Check documented below.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Default: `60`\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "A list of instance ids to place in the ELB pool.\n" }, "internal": { "type": "boolean", "description": "If true, ELB will be an internal ELB.\n" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerListener:LoadBalancerListener" }, "description": "A list of listener blocks. Listeners documented below.\n" }, "name": { "type": "string", "description": "The name of the ELB. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the ELB.\nOnly valid if creating an ELB within a VPC\n" }, "sourceSecurityGroup": { "type": "string", "description": "The name of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Use this for Classic or Default VPC only.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the ELB.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "listeners" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancer resources.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the ELB\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The AZ's to serve traffic in.\n" }, "connectionDraining": { "type": "boolean", "description": "Boolean to enable connection draining. Default: `false`\n" }, "connectionDrainingTimeout": { "type": "integer", "description": "The time in seconds to allow for connections to drain. Default: `300`\n" }, "crossZoneLoadBalancing": { "type": "boolean", "description": "Enable cross-zone load balancing. Default: `true`\n" }, "dnsName": { "type": "string", "description": "The DNS name of the ELB\n" }, "healthCheck": { "$ref": "#/types/aws:elb/LoadBalancerHealthCheck:LoadBalancerHealthCheck", "description": "A health_check block. Health Check documented below.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Default: `60`\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "A list of instance ids to place in the ELB pool.\n" }, "internal": { "type": "boolean", "description": "If true, ELB will be an internal ELB.\n" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerListener:LoadBalancerListener" }, "description": "A list of listener blocks. Listeners documented below.\n" }, "name": { "type": "string", "description": "The name of the ELB. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the ELB.\nOnly valid if creating an ELB within a VPC\n" }, "sourceSecurityGroup": { "type": "string", "description": "The name of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Use this for Classic or Default VPC only.\n" }, "sourceSecurityGroupId": { "type": "string", "description": "The ID of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Only available on ELBs launched in a VPC.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the ELB.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the ELB (to be used in a Route 53 Alias record)\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/loadBalancer:LoadBalancer" } ] }, "aws:elb/loadBalancerBackendServerPolicy:LoadBalancerBackendServerPolicy": { "description": "Attaches a load balancer policy to an ELB backend server.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as fs from \"fs\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ca_pubkey_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"PublicKey\",\n value: fs.readFileSync(\"wu-tang-pubkey\", \"utf-8\"),\n }],\n policyName: \"wu-tang-ca-pubkey-policy\",\n policyTypeName: \"PublicKeyPolicyType\",\n});\nconst wu_tang_root_ca_backend_auth_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"PublicKeyPolicyName\",\n value: aws_load_balancer_policy_wu_tang_root_ca_pubkey_policy.policyName,\n }],\n policyName: \"wu-tang-root-ca-backend-auth-policy\",\n policyTypeName: \"BackendServerAuthenticationPolicyType\",\n});\nconst wu_tang_backend_auth_policies_443 = new aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", {\n instancePort: 443,\n loadBalancerName: wu_tang.name,\n policyNames: [wu_tang_root_ca_backend_auth_policy.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ca_pubkey_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"PublicKey\",\n \"value\": (lambda path: open(path).read())(\"wu-tang-pubkey\"),\n }],\n policy_name=\"wu-tang-ca-pubkey-policy\",\n policy_type_name=\"PublicKeyPolicyType\")\nwu_tang_root_ca_backend_auth_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"PublicKeyPolicyName\",\n \"value\": aws_load_balancer_policy[\"wu-tang-root-ca-pubkey-policy\"][\"policy_name\"],\n }],\n policy_name=\"wu-tang-root-ca-backend-auth-policy\",\n policy_type_name=\"BackendServerAuthenticationPolicyType\")\nwu_tang_backend_auth_policies_443 = aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\",\n instance_port=443,\n load_balancer_name=wu_tang.name,\n policy_names=[wu_tang_root_ca_backend_auth_policy.policy_name])\n```\n```csharp\nusing System.IO;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n var wu_tang_ca_pubkey_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKey\",\n Value = File.ReadAllText(\"wu-tang-pubkey\"),\n },\n },\n PolicyName = \"wu-tang-ca-pubkey-policy\",\n PolicyTypeName = \"PublicKeyPolicyType\",\n });\n var wu_tang_root_ca_backend_auth_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKeyPolicyName\",\n Value = aws_load_balancer_policy.Wu_tang_root_ca_pubkey_policy.Policy_name,\n },\n },\n PolicyName = \"wu-tang-root-ca-backend-auth-policy\",\n PolicyTypeName = \"BackendServerAuthenticationPolicyType\",\n });\n var wu_tang_backend_auth_policies_443 = new Aws.Elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", new Aws.Elb.LoadBalancerBackendServerPolicyArgs\n {\n InstancePort = 443,\n LoadBalancerName = wu_tang.Name,\n PolicyNames = \n {\n wu_tang_root_ca_backend_auth_policy.PolicyName,\n },\n });\n }\n\n}\n```\n\nWhere the file `pubkey` in the current directory contains only the _public key_ of the certificate.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing Pulumi;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n\nThis example shows how to enable backend authentication for an ELB as well as customize the TLS settings.\n{{% /example %}}\n{{% /examples %}}", "properties": { "instancePort": { "type": "integer", "description": "The instance port to apply the policy to.\n" }, "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "required": [ "instancePort", "loadBalancerName" ], "inputProperties": { "instancePort": { "type": "integer", "description": "The instance port to apply the policy to.\n" }, "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "requiredInputs": [ "instancePort", "loadBalancerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancerBackendServerPolicy resources.\n", "properties": { "instancePort": { "type": "integer", "description": "The instance port to apply the policy to.\n" }, "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/loadBalancerBackendServerPolicy:LoadBalancerBackendServerPolicy" } ] }, "aws:elb/loadBalancerCookieStickinessPolicy:LoadBalancerCookieStickinessPolicy": { "description": "Provides a load balancer cookie stickiness policy, which allows an ELB to control the sticky session lifetime of the browser.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\nconst foo = new aws.elb.LoadBalancerCookieStickinessPolicy(\"foo\", {\n cookieExpirationPeriod: 600,\n lbPort: 80,\n loadBalancer: lb.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 80,\n \"lbProtocol\": \"http\",\n }])\nfoo = aws.elb.LoadBalancerCookieStickinessPolicy(\"foo\",\n cookie_expiration_period=600,\n lb_port=80,\n load_balancer=lb.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n var foo = new Aws.Elb.LoadBalancerCookieStickinessPolicy(\"foo\", new Aws.Elb.LoadBalancerCookieStickinessPolicyArgs\n {\n CookieExpirationPeriod = 600,\n LbPort = 80,\n LoadBalancer = lb.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerCookieStickinessPolicy(ctx, \"foo\", \u0026elb.LoadBalancerCookieStickinessPolicyArgs{\n\t\t\tCookieExpirationPeriod: pulumi.Int(600),\n\t\t\tLbPort: pulumi.Int(80),\n\t\t\tLoadBalancer: lb.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "cookieExpirationPeriod": { "type": "integer", "description": "The time period after which\nthe session cookie should be considered stale, expressed in seconds.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "required": [ "lbPort", "loadBalancer", "name" ], "inputProperties": { "cookieExpirationPeriod": { "type": "integer", "description": "The time period after which\nthe session cookie should be considered stale, expressed in seconds.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "requiredInputs": [ "lbPort", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancerCookieStickinessPolicy resources.\n", "properties": { "cookieExpirationPeriod": { "type": "integer", "description": "The time period after which\nthe session cookie should be considered stale, expressed in seconds.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/loadBalancerCookieStickinessPolicy:LoadBalancerCookieStickinessPolicy" } ] }, "aws:elb/loadBalancerPolicy:LoadBalancerPolicy": { "description": "Provides a load balancer policy, which can be attached to an ELB listener or backend server.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as fs from \"fs\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ca_pubkey_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"PublicKey\",\n value: fs.readFileSync(\"wu-tang-pubkey\", \"utf-8\"),\n }],\n policyName: \"wu-tang-ca-pubkey-policy\",\n policyTypeName: \"PublicKeyPolicyType\",\n});\nconst wu_tang_root_ca_backend_auth_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"PublicKeyPolicyName\",\n value: aws_load_balancer_policy_wu_tang_root_ca_pubkey_policy.policyName,\n }],\n policyName: \"wu-tang-root-ca-backend-auth-policy\",\n policyTypeName: \"BackendServerAuthenticationPolicyType\",\n});\nconst wu_tang_ssl = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [\n {\n name: \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"Protocol-TLSv1.2\",\n value: \"true\",\n },\n ],\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n});\nconst wu_tang_ssl_tls_1_1 = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", {\n loadBalancerName: wu_tang.name,\n policyAttributes: [{\n name: \"Reference-Security-Policy\",\n value: \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }],\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n});\nconst wu_tang_backend_auth_policies_443 = new aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", {\n instancePort: 443,\n loadBalancerName: wu_tang.name,\n policyNames: [wu_tang_root_ca_backend_auth_policy.policyName],\n});\nconst wu_tang_listener_policies_443 = new aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\", {\n loadBalancerName: wu_tang.name,\n loadBalancerPort: 443,\n policyNames: [wu_tang_ssl.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ca_pubkey_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"PublicKey\",\n \"value\": (lambda path: open(path).read())(\"wu-tang-pubkey\"),\n }],\n policy_name=\"wu-tang-ca-pubkey-policy\",\n policy_type_name=\"PublicKeyPolicyType\")\nwu_tang_root_ca_backend_auth_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"PublicKeyPolicyName\",\n \"value\": aws_load_balancer_policy[\"wu-tang-root-ca-pubkey-policy\"][\"policy_name\"],\n }],\n policy_name=\"wu-tang-root-ca-backend-auth-policy\",\n policy_type_name=\"BackendServerAuthenticationPolicyType\")\nwu_tang_ssl = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[\n {\n \"name\": \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"Protocol-TLSv1.2\",\n \"value\": \"true\",\n },\n ],\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\")\nwu_tang_ssl_tls_1_1 = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\",\n load_balancer_name=wu_tang.name,\n policy_attributes=[{\n \"name\": \"Reference-Security-Policy\",\n \"value\": \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }],\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\")\nwu_tang_backend_auth_policies_443 = aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\",\n instance_port=443,\n load_balancer_name=wu_tang.name,\n policy_names=[wu_tang_root_ca_backend_auth_policy.policy_name])\nwu_tang_listener_policies_443 = aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\",\n load_balancer_name=wu_tang.name,\n load_balancer_port=443,\n policy_names=[wu_tang_ssl.policy_name])\n```\n```csharp\nusing System.IO;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n var wu_tang_ca_pubkey_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKey\",\n Value = File.ReadAllText(\"wu-tang-pubkey\"),\n },\n },\n PolicyName = \"wu-tang-ca-pubkey-policy\",\n PolicyTypeName = \"PublicKeyPolicyType\",\n });\n var wu_tang_root_ca_backend_auth_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKeyPolicyName\",\n Value = aws_load_balancer_policy.Wu_tang_root_ca_pubkey_policy.Policy_name,\n },\n },\n PolicyName = \"wu-tang-root-ca-backend-auth-policy\",\n PolicyTypeName = \"BackendServerAuthenticationPolicyType\",\n });\n var wu_tang_ssl = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.2\",\n Value = \"true\",\n },\n },\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n });\n var wu_tang_ssl_tls_1_1 = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", new Aws.Elb.LoadBalancerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n PolicyAttributes = \n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Reference-Security-Policy\",\n Value = \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n },\n },\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n });\n var wu_tang_backend_auth_policies_443 = new Aws.Elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", new Aws.Elb.LoadBalancerBackendServerPolicyArgs\n {\n InstancePort = 443,\n LoadBalancerName = wu_tang.Name,\n PolicyNames = \n {\n wu_tang_root_ca_backend_auth_policy.PolicyName,\n },\n });\n var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy(\"wu-tang-listener-policies-443\", new Aws.Elb.ListenerPolicyArgs\n {\n LoadBalancerName = wu_tang.Name,\n LoadBalancerPort = 443,\n PolicyNames = \n {\n wu_tang_ssl.PolicyName,\n },\n });\n }\n\n}\n```\n\nWhere the file `pubkey` in the current directory contains only the _public key_ of the certificate.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing Pulumi;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n\nThis example shows how to enable backend authentication for an ELB as well as customize the TLS settings.\n{{% /example %}}\n{{% /examples %}}", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer on which the policy is defined.\n" }, "policyAttributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute" }, "description": "Policy attribute to apply to the policy.\n" }, "policyName": { "type": "string", "description": "The name of the load balancer policy.\n" }, "policyTypeName": { "type": "string", "description": "The policy type.\n" } }, "required": [ "loadBalancerName", "policyName", "policyTypeName" ], "inputProperties": { "loadBalancerName": { "type": "string", "description": "The load balancer on which the policy is defined.\n" }, "policyAttributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute" }, "description": "Policy attribute to apply to the policy.\n" }, "policyName": { "type": "string", "description": "The name of the load balancer policy.\n" }, "policyTypeName": { "type": "string", "description": "The policy type.\n" } }, "requiredInputs": [ "loadBalancerName", "policyName", "policyTypeName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancerPolicy resources.\n", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer on which the policy is defined.\n" }, "policyAttributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute" }, "description": "Policy attribute to apply to the policy.\n" }, "policyName": { "type": "string", "description": "The name of the load balancer policy.\n" }, "policyTypeName": { "type": "string", "description": "The policy type.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/loadBalancerPolicy:LoadBalancerPolicy" } ] }, "aws:elb/sslNegotiationPolicy:SslNegotiationPolicy": { "description": "Provides a load balancer SSL negotiation policy, which allows an ELB to control the ciphers and protocols that are supported during SSL negotiations between a client and a load balancer.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"https\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::123456789012:server-certificate/certName\",\n }],\n});\nconst foo = new aws.elb.SslNegotiationPolicy(\"foo\", {\n attributes: [\n {\n name: \"Protocol-TLSv1\",\n value: \"false\",\n },\n {\n name: \"Protocol-TLSv1.1\",\n value: \"false\",\n },\n {\n name: \"Protocol-TLSv1.2\",\n value: \"true\",\n },\n {\n name: \"Server-Defined-Cipher-Order\",\n value: \"true\",\n },\n {\n name: \"ECDHE-RSA-AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"EDH-RSA-DES-CBC3-SHA\",\n value: \"false\",\n },\n ],\n lbPort: 443,\n loadBalancer: lb.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instanceProtocol\": \"https\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": \"arn:aws:iam::123456789012:server-certificate/certName\",\n }])\nfoo = aws.elb.SslNegotiationPolicy(\"foo\",\n attributes=[\n {\n \"name\": \"Protocol-TLSv1\",\n \"value\": \"false\",\n },\n {\n \"name\": \"Protocol-TLSv1.1\",\n \"value\": \"false\",\n },\n {\n \"name\": \"Protocol-TLSv1.2\",\n \"value\": \"true\",\n },\n {\n \"name\": \"Server-Defined-Cipher-Order\",\n \"value\": \"true\",\n },\n {\n \"name\": \"ECDHE-RSA-AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"EDH-RSA-DES-CBC3-SHA\",\n \"value\": \"false\",\n },\n ],\n lb_port=443,\n load_balancer=lb.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"https\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n },\n });\n var foo = new Aws.Elb.SslNegotiationPolicy(\"foo\", new Aws.Elb.SslNegotiationPolicyArgs\n {\n Attributes = \n {\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1\",\n Value = \"false\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.1\",\n Value = \"false\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.2\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Server-Defined-Cipher-Order\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"ECDHE-RSA-AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"EDH-RSA-DES-CBC3-SHA\",\n Value = \"false\",\n },\n },\n LbPort = 443,\n LoadBalancer = lb.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tLbPort: pulumi.Int(443),\n\t\t\t\t\tLbProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tSslCertificateId: pulumi.String(\"arn:aws:iam::123456789012:server-certificate/certName\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewSslNegotiationPolicy(ctx, \"foo\", \u0026elb.SslNegotiationPolicyArgs{\n\t\t\tAttributes: elb.SslNegotiationPolicyAttributeArray{\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1\"),\n\t\t\t\t\tValue: pulumi.String(\"false\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1.1\"),\n\t\t\t\t\tValue: pulumi.String(\"false\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1.2\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Server-Defined-Cipher-Order\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"ECDHE-RSA-AES128-GCM-SHA256\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"AES128-GCM-SHA256\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"EDH-RSA-DES-CBC3-SHA\"),\n\t\t\t\t\tValue: pulumi.String(\"false\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLbPort: pulumi.Int(443),\n\t\t\tLoadBalancer: lb.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute" }, "description": "An SSL Negotiation policy attribute. Each has two properties:\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the attribute\n" } }, "required": [ "lbPort", "loadBalancer", "name" ], "inputProperties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute" }, "description": "An SSL Negotiation policy attribute. Each has two properties:\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the attribute\n" } }, "requiredInputs": [ "lbPort", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering SslNegotiationPolicy resources.\n", "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute" }, "description": "An SSL Negotiation policy attribute. Each has two properties:\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the attribute\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/sslNegotiationPolicy:SslNegotiationPolicy" } ] }, "aws:emr/cluster:Cluster": { "description": "Provides an Elastic MapReduce Cluster, a web service that makes it easy to\nprocess large amounts of data efficiently. See [Amazon Elastic MapReduce Documentation](https://aws.amazon.com/documentation/elastic-mapreduce/)\nfor more information.\n\nTo configure [Instance Groups](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for [task nodes](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-task), see the `aws.emr.InstanceGroup` resource.\n\n\u003e Support for [Instance Fleets](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-fleets) will be made available in an upcoming release.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cluster = new aws.emr.Cluster(\"cluster\", {\n additionalInfo: `{\n \"instanceAwsClientConfiguration\": {\n \"proxyPort\": 8099,\n \"proxyHost\": \"myproxy.example.com\"\n }\n}\n`,\n applications: [\"Spark\"],\n bootstrapActions: [{\n args: [\n \"instance.isMaster=true\",\n \"echo running on master node\",\n ],\n name: \"runif\",\n path: \"s3://elasticmapreduce/bootstrap-actions/run-if\",\n }],\n configurationsJson: ` [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n },\n {\n \"Classification\": \"spark-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n`,\n coreInstanceGroup: {\n autoscalingPolicy: `{\n\"Constraints\": {\n \"MinCapacity\": 1,\n \"MaxCapacity\": 2\n},\n\"Rules\": [\n {\n \"Name\": \"ScaleOutMemoryPercentage\",\n \"Description\": \"Scale out if YARNMemoryAvailablePercentage is less than 15\",\n \"Action\": {\n \"SimpleScalingPolicyConfiguration\": {\n \"AdjustmentType\": \"CHANGE_IN_CAPACITY\",\n \"ScalingAdjustment\": 1,\n \"CoolDown\": 300\n }\n },\n \"Trigger\": {\n \"CloudWatchAlarmDefinition\": {\n \"ComparisonOperator\": \"LESS_THAN\",\n \"EvaluationPeriods\": 1,\n \"MetricName\": \"YARNMemoryAvailablePercentage\",\n \"Namespace\": \"AWS/ElasticMapReduce\",\n \"Period\": 300,\n \"Statistic\": \"AVERAGE\",\n \"Threshold\": 15.0,\n \"Unit\": \"PERCENT\"\n }\n }\n }\n]\n}\n`,\n bidPrice: \"0.30\",\n ebsConfigs: [{\n size: 40,\n type: \"gp2\",\n volumesPerInstance: 1,\n }],\n instanceCount: 1,\n instanceType: \"c4.large\",\n },\n ebsRootVolumeSize: 100,\n ec2Attributes: {\n emrManagedMasterSecurityGroup: aws_security_group_sg.id,\n emrManagedSlaveSecurityGroup: aws_security_group_sg.id,\n instanceProfile: aws_iam_instance_profile_emr_profile.arn,\n subnetId: aws_subnet_main.id,\n },\n keepJobFlowAliveWhenNoSteps: true,\n masterInstanceGroup: {\n instanceType: \"m4.large\",\n },\n releaseLabel: \"emr-4.6.0\",\n serviceRole: aws_iam_role_iam_emr_service_role.arn,\n tags: {\n env: \"env\",\n role: \"rolename\",\n },\n terminationProtection: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster = aws.emr.Cluster(\"cluster\",\n additional_info=\"\"\"{\n \"instanceAwsClientConfiguration\": {\n \"proxyPort\": 8099,\n \"proxyHost\": \"myproxy.example.com\"\n }\n}\n\n\"\"\",\n applications=[\"Spark\"],\n bootstrap_actions=[{\n \"args\": [\n \"instance.isMaster=true\",\n \"echo running on master node\",\n ],\n \"name\": \"runif\",\n \"path\": \"s3://elasticmapreduce/bootstrap-actions/run-if\",\n }],\n configurations_json=\"\"\" [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n },\n {\n \"Classification\": \"spark-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n\n\"\"\",\n core_instance_group={\n \"autoscaling_policy\": \"\"\"{\n\"Constraints\": {\n \"MinCapacity\": 1,\n \"MaxCapacity\": 2\n},\n\"Rules\": [\n {\n \"Name\": \"ScaleOutMemoryPercentage\",\n \"Description\": \"Scale out if YARNMemoryAvailablePercentage is less than 15\",\n \"Action\": {\n \"SimpleScalingPolicyConfiguration\": {\n \"AdjustmentType\": \"CHANGE_IN_CAPACITY\",\n \"ScalingAdjustment\": 1,\n \"CoolDown\": 300\n }\n },\n \"Trigger\": {\n \"CloudWatchAlarmDefinition\": {\n \"ComparisonOperator\": \"LESS_THAN\",\n \"EvaluationPeriods\": 1,\n \"MetricName\": \"YARNMemoryAvailablePercentage\",\n \"Namespace\": \"AWS/ElasticMapReduce\",\n \"Period\": 300,\n \"Statistic\": \"AVERAGE\",\n \"Threshold\": 15.0,\n \"Unit\": \"PERCENT\"\n }\n }\n }\n]\n}\n\n\"\"\",\n \"bid_price\": \"0.30\",\n \"ebsConfig\": [{\n \"size\": \"40\",\n \"type\": \"gp2\",\n \"volumesPerInstance\": 1,\n }],\n \"instance_count\": 1,\n \"instance_type\": \"c4.large\",\n },\n ebs_root_volume_size=100,\n ec2_attributes={\n \"emrManagedMasterSecurityGroup\": aws_security_group[\"sg\"][\"id\"],\n \"emrManagedSlaveSecurityGroup\": aws_security_group[\"sg\"][\"id\"],\n \"instanceProfile\": aws_iam_instance_profile[\"emr_profile\"][\"arn\"],\n \"subnet_id\": aws_subnet[\"main\"][\"id\"],\n },\n keep_job_flow_alive_when_no_steps=True,\n master_instance_group={\n \"instance_type\": \"m4.large\",\n },\n release_label=\"emr-4.6.0\",\n service_role=aws_iam_role[\"iam_emr_service_role\"][\"arn\"],\n tags={\n \"env\": \"env\",\n \"role\": \"rolename\",\n },\n termination_protection=False)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var cluster = new Aws.Emr.Cluster(\"cluster\", new Aws.Emr.ClusterArgs\n {\n AdditionalInfo = @\"{\n \"\"instanceAwsClientConfiguration\"\": {\n \"\"proxyPort\"\": 8099,\n \"\"proxyHost\"\": \"\"myproxy.example.com\"\"\n }\n}\n\n\",\n Applications = \n {\n \"Spark\",\n },\n BootstrapActions = \n {\n new Aws.Emr.Inputs.ClusterBootstrapActionArgs\n {\n Args = \n {\n \"instance.isMaster=true\",\n \"echo running on master node\",\n },\n Name = \"runif\",\n Path = \"s3://elasticmapreduce/bootstrap-actions/run-if\",\n },\n },\n ConfigurationsJson = @\" [\n {\n \"\"Classification\"\": \"\"hadoop-env\"\",\n \"\"Configurations\"\": [\n {\n \"\"Classification\"\": \"\"export\"\",\n \"\"Properties\"\": {\n \"\"JAVA_HOME\"\": \"\"/usr/lib/jvm/java-1.8.0\"\"\n }\n }\n ],\n \"\"Properties\"\": {}\n },\n {\n \"\"Classification\"\": \"\"spark-env\"\",\n \"\"Configurations\"\": [\n {\n \"\"Classification\"\": \"\"export\"\",\n \"\"Properties\"\": {\n \"\"JAVA_HOME\"\": \"\"/usr/lib/jvm/java-1.8.0\"\"\n }\n }\n ],\n \"\"Properties\"\": {}\n }\n ]\n\n\",\n CoreInstanceGroup = new Aws.Emr.Inputs.ClusterCoreInstanceGroupArgs\n {\n AutoscalingPolicy = @\"{\n\"\"Constraints\"\": {\n \"\"MinCapacity\"\": 1,\n \"\"MaxCapacity\"\": 2\n},\n\"\"Rules\"\": [\n {\n \"\"Name\"\": \"\"ScaleOutMemoryPercentage\"\",\n \"\"Description\"\": \"\"Scale out if YARNMemoryAvailablePercentage is less than 15\"\",\n \"\"Action\"\": {\n \"\"SimpleScalingPolicyConfiguration\"\": {\n \"\"AdjustmentType\"\": \"\"CHANGE_IN_CAPACITY\"\",\n \"\"ScalingAdjustment\"\": 1,\n \"\"CoolDown\"\": 300\n }\n },\n \"\"Trigger\"\": {\n \"\"CloudWatchAlarmDefinition\"\": {\n \"\"ComparisonOperator\"\": \"\"LESS_THAN\"\",\n \"\"EvaluationPeriods\"\": 1,\n \"\"MetricName\"\": \"\"YARNMemoryAvailablePercentage\"\",\n \"\"Namespace\"\": \"\"AWS/ElasticMapReduce\"\",\n \"\"Period\"\": 300,\n \"\"Statistic\"\": \"\"AVERAGE\"\",\n \"\"Threshold\"\": 15.0,\n \"\"Unit\"\": \"\"PERCENT\"\"\n }\n }\n }\n]\n}\n\n\",\n BidPrice = \"0.30\",\n EbsConfig = \n {\n \n {\n { \"size\", \"40\" },\n { \"type\", \"gp2\" },\n { \"volumesPerInstance\", 1 },\n },\n },\n InstanceCount = 1,\n InstanceType = \"c4.large\",\n },\n EbsRootVolumeSize = 100,\n Ec2Attributes = new Aws.Emr.Inputs.ClusterEc2AttributesArgs\n {\n EmrManagedMasterSecurityGroup = aws_security_group.Sg.Id,\n EmrManagedSlaveSecurityGroup = aws_security_group.Sg.Id,\n InstanceProfile = aws_iam_instance_profile.Emr_profile.Arn,\n SubnetId = aws_subnet.Main.Id,\n },\n KeepJobFlowAliveWhenNoSteps = true,\n MasterInstanceGroup = new Aws.Emr.Inputs.ClusterMasterInstanceGroupArgs\n {\n InstanceType = \"m4.large\",\n },\n ReleaseLabel = \"emr-4.6.0\",\n ServiceRole = aws_iam_role.Iam_emr_service_role.Arn,\n Tags = \n {\n { \"env\", \"env\" },\n { \"role\", \"rolename\" },\n },\n TerminationProtection = false,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = emr.NewCluster(ctx, \"cluster\", \u0026emr.ClusterArgs{\n\t\t\tAdditionalInfo: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"instanceAwsClientConfiguration\\\": {\\n\", \" \\\"proxyPort\\\": 8099,\\n\", \" \\\"proxyHost\\\": \\\"myproxy.example.com\\\"\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t\tApplications: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Spark\"),\n\t\t\t},\n\t\t\tBootstrapActions: emr.ClusterBootstrapActionArray{\n\t\t\t\t\u0026emr.ClusterBootstrapActionArgs{\n\t\t\t\t\tArgs: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"instance.isMaster=true\"),\n\t\t\t\t\t\tpulumi.String(\"echo running on master node\"),\n\t\t\t\t\t},\n\t\t\t\t\tName: pulumi.String(\"runif\"),\n\t\t\t\t\tPath: pulumi.String(\"s3://elasticmapreduce/bootstrap-actions/run-if\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConfigurationsJson: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \" [\\n\", \" {\\n\", \" \\\"Classification\\\": \\\"hadoop-env\\\",\\n\", \" \\\"Configurations\\\": [\\n\", \" {\\n\", \" \\\"Classification\\\": \\\"export\\\",\\n\", \" \\\"Properties\\\": {\\n\", \" \\\"JAVA_HOME\\\": \\\"/usr/lib/jvm/java-1.8.0\\\"\\n\", \" }\\n\", \" }\\n\", \" ],\\n\", \" \\\"Properties\\\": {}\\n\", \" },\\n\", \" {\\n\", \" \\\"Classification\\\": \\\"spark-env\\\",\\n\", \" \\\"Configurations\\\": [\\n\", \" {\\n\", \" \\\"Classification\\\": \\\"export\\\",\\n\", \" \\\"Properties\\\": {\\n\", \" \\\"JAVA_HOME\\\": \\\"/usr/lib/jvm/java-1.8.0\\\"\\n\", \" }\\n\", \" }\\n\", \" ],\\n\", \" \\\"Properties\\\": {}\\n\", \" }\\n\", \" ]\\n\", \"\\n\")),\n\t\t\tCoreInstanceGroup: \u0026emr.ClusterCoreInstanceGroupArgs{\n\t\t\t\tAutoscalingPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \"\\\"Constraints\\\": {\\n\", \" \\\"MinCapacity\\\": 1,\\n\", \" \\\"MaxCapacity\\\": 2\\n\", \"},\\n\", \"\\\"Rules\\\": [\\n\", \" {\\n\", \" \\\"Name\\\": \\\"ScaleOutMemoryPercentage\\\",\\n\", \" \\\"Description\\\": \\\"Scale out if YARNMemoryAvailablePercentage is less than 15\\\",\\n\", \" \\\"Action\\\": {\\n\", \" \\\"SimpleScalingPolicyConfiguration\\\": {\\n\", \" \\\"AdjustmentType\\\": \\\"CHANGE_IN_CAPACITY\\\",\\n\", \" \\\"ScalingAdjustment\\\": 1,\\n\", \" \\\"CoolDown\\\": 300\\n\", \" }\\n\", \" },\\n\", \" \\\"Trigger\\\": {\\n\", \" \\\"CloudWatchAlarmDefinition\\\": {\\n\", \" \\\"ComparisonOperator\\\": \\\"LESS_THAN\\\",\\n\", \" \\\"EvaluationPeriods\\\": 1,\\n\", \" \\\"MetricName\\\": \\\"YARNMemoryAvailablePercentage\\\",\\n\", \" \\\"Namespace\\\": \\\"AWS/ElasticMapReduce\\\",\\n\", \" \\\"Period\\\": 300,\\n\", \" \\\"Statistic\\\": \\\"AVERAGE\\\",\\n\", \" \\\"Threshold\\\": 15.0,\\n\", \" \\\"Unit\\\": \\\"PERCENT\\\"\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \"]\\n\", \"}\\n\", \"\\n\")),\n\t\t\t\tBidPrice: pulumi.String(\"0.30\"),\n\t\t\t\tEbsConfig: pulumi.MapArray{\n\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\"size\": pulumi.String(\"40\"),\n\t\t\t\t\t\t\"type\": pulumi.String(\"gp2\"),\n\t\t\t\t\t\t\"volumesPerInstance\": pulumi.Float64(1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tInstanceCount: pulumi.Int(1),\n\t\t\t\tInstanceType: pulumi.String(\"c4.large\"),\n\t\t\t},\n\t\t\tEbsRootVolumeSize: pulumi.Int(100),\n\t\t\tEc2Attributes: \u0026emr.ClusterEc2AttributesArgs{\n\t\t\t\tEmrManagedMasterSecurityGroup: pulumi.String(aws_security_group.Sg.Id),\n\t\t\t\tEmrManagedSlaveSecurityGroup: pulumi.String(aws_security_group.Sg.Id),\n\t\t\t\tInstanceProfile: pulumi.String(aws_iam_instance_profile.Emr_profile.Arn),\n\t\t\t\tSubnetId: pulumi.String(aws_subnet.Main.Id),\n\t\t\t},\n\t\t\tKeepJobFlowAliveWhenNoSteps: pulumi.Bool(true),\n\t\t\tMasterInstanceGroup: \u0026emr.ClusterMasterInstanceGroupArgs{\n\t\t\t\tInstanceType: pulumi.String(\"m4.large\"),\n\t\t\t},\n\t\t\tReleaseLabel: pulumi.String(\"emr-4.6.0\"),\n\t\t\tServiceRole: pulumi.String(aws_iam_role.Iam_emr_service_role.Arn),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"env\": pulumi.String(\"env\"),\n\t\t\t\t\"role\": pulumi.String(\"rolename\"),\n\t\t\t},\n\t\t\tTerminationProtection: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nThe `aws.emr.Cluster` resource typically requires two IAM roles, one for the EMR Cluster\nto use as a service, and another to place on your Cluster Instances to interact\nwith AWS from those instances. The suggested role policy template for the EMR service is `AmazonElasticMapReduceRole`,\nand `AmazonElasticMapReduceforEC2Role` for the EC2 profile. See the [Getting\nStarted](https://docs.aws.amazon.com/ElasticMapReduce/latest/ManagementGuide/emr-gs-launch-sample-cluster.html)\nguide for more information on these IAM roles. There is also a fully-bootable\nexample this provider configuration at the bottom of this page.\n{{% /example %}}\n{{% example %}}\n### Multiple Node Master Instance Group\n\nAvailable in EMR version 5.23.0 and later, an EMR Cluster can be launched with three master nodes for high availability. Additional information about this functionality and its requirements can be found in the [EMR Management Guide](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-ha.html).\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Map public IP on launch must be enabled for public (Internet accessible) subnets\nconst exampleSubnet = new aws.ec2.Subnet(\"example\", {\n mapPublicIpOnLaunch: true,\n});\nconst exampleCluster = new aws.emr.Cluster(\"example\", {\n // core_instance_group must be configured\n coreInstanceGroup: {},\n ec2Attributes: {\n subnetId: exampleSubnet.id,\n },\n masterInstanceGroup: {\n // Master instance count must be set to 3\n instanceCount: 3,\n },\n // EMR version must be 5.23.0 or later\n releaseLabel: \"emr-5.24.1\",\n // Termination protection is automatically enabled for multiple masters\n // To destroy the cluster, this must be configured to false and applied first\n terminationProtection: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Map public IP on launch must be enabled for public (Internet accessible) subnets\nexample_subnet = aws.ec2.Subnet(\"exampleSubnet\", map_public_ip_on_launch=True)\nexample_cluster = aws.emr.Cluster(\"exampleCluster\",\n core_instance_group={},\n ec2_attributes={\n \"subnet_id\": example_subnet.id,\n },\n master_instance_group={\n \"instance_count\": 3,\n },\n release_label=\"emr-5.24.1\",\n termination_protection=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Map public IP on launch must be enabled for public (Internet accessible) subnets\n var exampleSubnet = new Aws.Ec2.Subnet(\"exampleSubnet\", new Aws.Ec2.SubnetArgs\n {\n MapPublicIpOnLaunch = true,\n });\n var exampleCluster = new Aws.Emr.Cluster(\"exampleCluster\", new Aws.Emr.ClusterArgs\n {\n CoreInstanceGroup = ,\n Ec2Attributes = new Aws.Emr.Inputs.ClusterEc2AttributesArgs\n {\n SubnetId = exampleSubnet.Id,\n },\n MasterInstanceGroup = new Aws.Emr.Inputs.ClusterMasterInstanceGroupArgs\n {\n InstanceCount = 3,\n },\n ReleaseLabel = \"emr-5.24.1\",\n TerminationProtection = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleSubnet, err := ec2.NewSubnet(ctx, \"exampleSubnet\", \u0026ec2.SubnetArgs{\n\t\t\tMapPublicIpOnLaunch: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = emr.NewCluster(ctx, \"exampleCluster\", \u0026emr.ClusterArgs{\n\t\t\tCoreInstanceGroup: nil,\n\t\t\tEc2Attributes: \u0026emr.ClusterEc2AttributesArgs{\n\t\t\t\tSubnetId: exampleSubnet.ID(),\n\t\t\t},\n\t\t\tMasterInstanceGroup: \u0026emr.ClusterMasterInstanceGroupArgs{\n\t\t\t\tInstanceCount: pulumi.Int(3),\n\t\t\t},\n\t\t\tReleaseLabel: pulumi.String(\"emr-5.24.1\"),\n\t\t\tTerminationProtection: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "additionalInfo": { "type": "string", "description": "A JSON string for selecting additional features such as adding proxy information. Note: Currently there is no API to retrieve the value of this argument after EMR cluster creation from provider, therefore this provider cannot detect drift from the actual EMR cluster if its value is changed outside this provider.\n" }, "applications": { "type": "array", "items": { "type": "string" }, "description": "A list of applications for the cluster. Valid values are: `Flink`, `Hadoop`, `Hive`, `Mahout`, `Pig`, `Spark`, and `JupyterHub` (as of EMR 5.14.0). Case insensitive\n" }, "arn": { "type": "string" }, "autoscalingRole": { "type": "string", "description": "An IAM role for automatic scaling policies. The IAM role provides permissions that the automatic scaling feature requires to launch and terminate EC2 instances in an instance group.\n" }, "bootstrapActions": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterBootstrapAction:ClusterBootstrapAction" }, "description": "Ordered list of bootstrap actions that will be run before Hadoop is started on the cluster nodes. Defined below.\n" }, "clusterState": { "type": "string", "language": { "csharp": { "name": "State" } } }, "configurations": { "type": "string", "description": "List of configurations supplied for the EMR cluster you are creating\n" }, "configurationsJson": { "type": "string", "description": "A JSON string for supplying list of configurations for the EMR cluster.\n" }, "coreInstanceCount": { "type": "integer", "description": "Use the `core_instance_group` configuration block `instance_count` argument instead. Number of Amazon EC2 instances used to execute the job flow. EMR will use one node as the cluster's master node and use the remainder of the nodes (`core_instance_count`-1) as core nodes. Cannot be specified if `core_instance_group` or `instance_group` configuration blocks are set. Default `1`\n", "deprecationMessage": "use `core_instance_group` configuration block `instance_count` argument instead" }, "coreInstanceGroup": { "$ref": "#/types/aws:emr/ClusterCoreInstanceGroup:ClusterCoreInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [core node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-core). Cannot be specified if `core_instance_count` argument, `core_instance_type` argument, or `instance_group` configuration blocks are set. Detailed below.\n" }, "coreInstanceType": { "type": "string", "description": "Use the `core_instance_group` configuration block `instance_type` argument instead. The EC2 instance type of the slave nodes. Cannot be specified if `core_instance_group` or `instance_group` configuration blocks are set.\n", "deprecationMessage": "use `core_instance_group` configuration block `instance_type` argument instead" }, "customAmiId": { "type": "string", "description": "A custom Amazon Linux AMI for the cluster (instead of an EMR-owned AMI). Available in Amazon EMR version 5.7.0 and later.\n" }, "ebsRootVolumeSize": { "type": "integer", "description": "Size in GiB of the EBS root device volume of the Linux AMI that is used for each EC2 instance. Available in Amazon EMR version 4.x and later.\n" }, "ec2Attributes": { "$ref": "#/types/aws:emr/ClusterEc2Attributes:ClusterEc2Attributes", "description": "Attributes for the EC2 instances running the job flow. Defined below\n" }, "instanceGroups": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterInstanceGroup:ClusterInstanceGroup" }, "description": "Use the `master_instance_group` configuration block, `core_instance_group` configuration block and `aws.emr.InstanceGroup` resource(s) instead. A list of `instance_group` objects for each instance group in the cluster. Exactly one of `master_instance_type` and `instance_group` must be specified. If `instance_group` is set, then it must contain a configuration block for at least the `MASTER` instance group type (as well as any additional instance groups). Cannot be specified if `master_instance_group` or `core_instance_group` configuration blocks are set. Defined below\n", "deprecationMessage": "use `master_instance_group` configuration block, `core_instance_group` configuration block, and `aws_emr_instance_group` resource(s) instead" }, "keepJobFlowAliveWhenNoSteps": { "type": "boolean", "description": "Switch on/off run cluster with no steps or when all steps are complete (default is on)\n" }, "kerberosAttributes": { "$ref": "#/types/aws:emr/ClusterKerberosAttributes:ClusterKerberosAttributes", "description": "Kerberos configuration for the cluster. Defined below\n" }, "logUri": { "type": "string", "description": "S3 bucket to write the log files of the job flow. If a value is not provided, logs are not created\n" }, "masterInstanceGroup": { "$ref": "#/types/aws:emr/ClusterMasterInstanceGroup:ClusterMasterInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [master node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-master). Cannot be specified if `master_instance_type` argument or `instance_group` configuration blocks are set. Detailed below.\n" }, "masterInstanceType": { "type": "string", "description": "Use the `master_instance_group` configuration block `instance_type` argument instead. The EC2 instance type of the master node. Cannot be specified if `master_instance_group` or `instance_group` configuration blocks are set.\n", "deprecationMessage": "use `master_instance_group` configuration block `instance_type` argument instead" }, "masterPublicDns": { "type": "string", "description": "The public DNS name of the master EC2 instance.\n* `core_instance_group.0.id` - Core node type Instance Group ID, if using Instance Group for this node type.\n" }, "name": { "type": "string", "description": "The name of the step.\n" }, "releaseLabel": { "type": "string", "description": "The release label for the Amazon EMR release\n" }, "scaleDownBehavior": { "type": "string", "description": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an `instance group` is resized.\n" }, "securityConfiguration": { "type": "string", "description": "The security configuration name to attach to the EMR cluster. Only valid for EMR clusters with `release_label` 4.8.0 or greater\n" }, "serviceRole": { "type": "string", "description": "IAM role that will be assumed by the Amazon EMR service to access AWS resources\n" }, "stepConcurrencyLevel": { "type": "integer", "description": "The number of steps that can be executed concurrently. You can specify a maximum of 256 steps. Only valid for EMR clusters with `release_label` 5.28.0 or greater. (default is 1)\n" }, "steps": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterStep:ClusterStep" }, "description": "List of steps to run when creating the cluster. Defined below. It is highly recommended to utilize [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) if other steps are being managed outside of this provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "list of tags to apply to the EMR Cluster\n" }, "terminationProtection": { "type": "boolean", "description": "Switch on/off termination protection (default is `false`, except when using multiple master nodes). Before attempting to destroy the resource when termination protection is enabled, this configuration must be applied with its value set to `false`.\n" }, "visibleToAllUsers": { "type": "boolean", "description": "Whether the job flow is visible to all IAM users of the AWS account associated with the job flow. Default `true`\n" } }, "required": [ "arn", "clusterState", "coreInstanceCount", "coreInstanceGroup", "coreInstanceType", "instanceGroups", "keepJobFlowAliveWhenNoSteps", "masterInstanceGroup", "masterInstanceType", "masterPublicDns", "name", "releaseLabel", "scaleDownBehavior", "serviceRole", "steps", "terminationProtection" ], "inputProperties": { "additionalInfo": { "type": "string", "description": "A JSON string for selecting additional features such as adding proxy information. Note: Currently there is no API to retrieve the value of this argument after EMR cluster creation from provider, therefore this provider cannot detect drift from the actual EMR cluster if its value is changed outside this provider.\n" }, "applications": { "type": "array", "items": { "type": "string" }, "description": "A list of applications for the cluster. Valid values are: `Flink`, `Hadoop`, `Hive`, `Mahout`, `Pig`, `Spark`, and `JupyterHub` (as of EMR 5.14.0). Case insensitive\n" }, "autoscalingRole": { "type": "string", "description": "An IAM role for automatic scaling policies. The IAM role provides permissions that the automatic scaling feature requires to launch and terminate EC2 instances in an instance group.\n" }, "bootstrapActions": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterBootstrapAction:ClusterBootstrapAction" }, "description": "Ordered list of bootstrap actions that will be run before Hadoop is started on the cluster nodes. Defined below.\n" }, "configurations": { "type": "string", "description": "List of configurations supplied for the EMR cluster you are creating\n" }, "configurationsJson": { "type": "string", "description": "A JSON string for supplying list of configurations for the EMR cluster.\n" }, "coreInstanceCount": { "type": "integer", "description": "Use the `core_instance_group` configuration block `instance_count` argument instead. Number of Amazon EC2 instances used to execute the job flow. EMR will use one node as the cluster's master node and use the remainder of the nodes (`core_instance_count`-1) as core nodes. Cannot be specified if `core_instance_group` or `instance_group` configuration blocks are set. Default `1`\n", "deprecationMessage": "use `core_instance_group` configuration block `instance_count` argument instead" }, "coreInstanceGroup": { "$ref": "#/types/aws:emr/ClusterCoreInstanceGroup:ClusterCoreInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [core node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-core). Cannot be specified if `core_instance_count` argument, `core_instance_type` argument, or `instance_group` configuration blocks are set. Detailed below.\n" }, "coreInstanceType": { "type": "string", "description": "Use the `core_instance_group` configuration block `instance_type` argument instead. The EC2 instance type of the slave nodes. Cannot be specified if `core_instance_group` or `instance_group` configuration blocks are set.\n", "deprecationMessage": "use `core_instance_group` configuration block `instance_type` argument instead" }, "customAmiId": { "type": "string", "description": "A custom Amazon Linux AMI for the cluster (instead of an EMR-owned AMI). Available in Amazon EMR version 5.7.0 and later.\n" }, "ebsRootVolumeSize": { "type": "integer", "description": "Size in GiB of the EBS root device volume of the Linux AMI that is used for each EC2 instance. Available in Amazon EMR version 4.x and later.\n" }, "ec2Attributes": { "$ref": "#/types/aws:emr/ClusterEc2Attributes:ClusterEc2Attributes", "description": "Attributes for the EC2 instances running the job flow. Defined below\n" }, "instanceGroups": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterInstanceGroup:ClusterInstanceGroup" }, "description": "Use the `master_instance_group` configuration block, `core_instance_group` configuration block and `aws.emr.InstanceGroup` resource(s) instead. A list of `instance_group` objects for each instance group in the cluster. Exactly one of `master_instance_type` and `instance_group` must be specified. If `instance_group` is set, then it must contain a configuration block for at least the `MASTER` instance group type (as well as any additional instance groups). Cannot be specified if `master_instance_group` or `core_instance_group` configuration blocks are set. Defined below\n", "deprecationMessage": "use `master_instance_group` configuration block, `core_instance_group` configuration block, and `aws_emr_instance_group` resource(s) instead" }, "keepJobFlowAliveWhenNoSteps": { "type": "boolean", "description": "Switch on/off run cluster with no steps or when all steps are complete (default is on)\n" }, "kerberosAttributes": { "$ref": "#/types/aws:emr/ClusterKerberosAttributes:ClusterKerberosAttributes", "description": "Kerberos configuration for the cluster. Defined below\n" }, "logUri": { "type": "string", "description": "S3 bucket to write the log files of the job flow. If a value is not provided, logs are not created\n" }, "masterInstanceGroup": { "$ref": "#/types/aws:emr/ClusterMasterInstanceGroup:ClusterMasterInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [master node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-master). Cannot be specified if `master_instance_type` argument or `instance_group` configuration blocks are set. Detailed below.\n" }, "masterInstanceType": { "type": "string", "description": "Use the `master_instance_group` configuration block `instance_type` argument instead. The EC2 instance type of the master node. Cannot be specified if `master_instance_group` or `instance_group` configuration blocks are set.\n", "deprecationMessage": "use `master_instance_group` configuration block `instance_type` argument instead" }, "name": { "type": "string", "description": "The name of the step.\n" }, "releaseLabel": { "type": "string", "description": "The release label for the Amazon EMR release\n" }, "scaleDownBehavior": { "type": "string", "description": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an `instance group` is resized.\n" }, "securityConfiguration": { "type": "string", "description": "The security configuration name to attach to the EMR cluster. Only valid for EMR clusters with `release_label` 4.8.0 or greater\n" }, "serviceRole": { "type": "string", "description": "IAM role that will be assumed by the Amazon EMR service to access AWS resources\n" }, "stepConcurrencyLevel": { "type": "integer", "description": "The number of steps that can be executed concurrently. You can specify a maximum of 256 steps. Only valid for EMR clusters with `release_label` 5.28.0 or greater. (default is 1)\n" }, "steps": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterStep:ClusterStep" }, "description": "List of steps to run when creating the cluster. Defined below. It is highly recommended to utilize [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) if other steps are being managed outside of this provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "list of tags to apply to the EMR Cluster\n" }, "terminationProtection": { "type": "boolean", "description": "Switch on/off termination protection (default is `false`, except when using multiple master nodes). Before attempting to destroy the resource when termination protection is enabled, this configuration must be applied with its value set to `false`.\n" }, "visibleToAllUsers": { "type": "boolean", "description": "Whether the job flow is visible to all IAM users of the AWS account associated with the job flow. Default `true`\n" } }, "requiredInputs": [ "releaseLabel", "serviceRole" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "additionalInfo": { "type": "string", "description": "A JSON string for selecting additional features such as adding proxy information. Note: Currently there is no API to retrieve the value of this argument after EMR cluster creation from provider, therefore this provider cannot detect drift from the actual EMR cluster if its value is changed outside this provider.\n" }, "applications": { "type": "array", "items": { "type": "string" }, "description": "A list of applications for the cluster. Valid values are: `Flink`, `Hadoop`, `Hive`, `Mahout`, `Pig`, `Spark`, and `JupyterHub` (as of EMR 5.14.0). Case insensitive\n" }, "arn": { "type": "string" }, "autoscalingRole": { "type": "string", "description": "An IAM role for automatic scaling policies. The IAM role provides permissions that the automatic scaling feature requires to launch and terminate EC2 instances in an instance group.\n" }, "bootstrapActions": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterBootstrapAction:ClusterBootstrapAction" }, "description": "Ordered list of bootstrap actions that will be run before Hadoop is started on the cluster nodes. Defined below.\n" }, "clusterState": { "type": "string", "language": { "csharp": { "name": "State" } } }, "configurations": { "type": "string", "description": "List of configurations supplied for the EMR cluster you are creating\n" }, "configurationsJson": { "type": "string", "description": "A JSON string for supplying list of configurations for the EMR cluster.\n" }, "coreInstanceCount": { "type": "integer", "description": "Use the `core_instance_group` configuration block `instance_count` argument instead. Number of Amazon EC2 instances used to execute the job flow. EMR will use one node as the cluster's master node and use the remainder of the nodes (`core_instance_count`-1) as core nodes. Cannot be specified if `core_instance_group` or `instance_group` configuration blocks are set. Default `1`\n", "deprecationMessage": "use `core_instance_group` configuration block `instance_count` argument instead" }, "coreInstanceGroup": { "$ref": "#/types/aws:emr/ClusterCoreInstanceGroup:ClusterCoreInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [core node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-core). Cannot be specified if `core_instance_count` argument, `core_instance_type` argument, or `instance_group` configuration blocks are set. Detailed below.\n" }, "coreInstanceType": { "type": "string", "description": "Use the `core_instance_group` configuration block `instance_type` argument instead. The EC2 instance type of the slave nodes. Cannot be specified if `core_instance_group` or `instance_group` configuration blocks are set.\n", "deprecationMessage": "use `core_instance_group` configuration block `instance_type` argument instead" }, "customAmiId": { "type": "string", "description": "A custom Amazon Linux AMI for the cluster (instead of an EMR-owned AMI). Available in Amazon EMR version 5.7.0 and later.\n" }, "ebsRootVolumeSize": { "type": "integer", "description": "Size in GiB of the EBS root device volume of the Linux AMI that is used for each EC2 instance. Available in Amazon EMR version 4.x and later.\n" }, "ec2Attributes": { "$ref": "#/types/aws:emr/ClusterEc2Attributes:ClusterEc2Attributes", "description": "Attributes for the EC2 instances running the job flow. Defined below\n" }, "instanceGroups": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterInstanceGroup:ClusterInstanceGroup" }, "description": "Use the `master_instance_group` configuration block, `core_instance_group` configuration block and `aws.emr.InstanceGroup` resource(s) instead. A list of `instance_group` objects for each instance group in the cluster. Exactly one of `master_instance_type` and `instance_group` must be specified. If `instance_group` is set, then it must contain a configuration block for at least the `MASTER` instance group type (as well as any additional instance groups). Cannot be specified if `master_instance_group` or `core_instance_group` configuration blocks are set. Defined below\n", "deprecationMessage": "use `master_instance_group` configuration block, `core_instance_group` configuration block, and `aws_emr_instance_group` resource(s) instead" }, "keepJobFlowAliveWhenNoSteps": { "type": "boolean", "description": "Switch on/off run cluster with no steps or when all steps are complete (default is on)\n" }, "kerberosAttributes": { "$ref": "#/types/aws:emr/ClusterKerberosAttributes:ClusterKerberosAttributes", "description": "Kerberos configuration for the cluster. Defined below\n" }, "logUri": { "type": "string", "description": "S3 bucket to write the log files of the job flow. If a value is not provided, logs are not created\n" }, "masterInstanceGroup": { "$ref": "#/types/aws:emr/ClusterMasterInstanceGroup:ClusterMasterInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [master node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-master). Cannot be specified if `master_instance_type` argument or `instance_group` configuration blocks are set. Detailed below.\n" }, "masterInstanceType": { "type": "string", "description": "Use the `master_instance_group` configuration block `instance_type` argument instead. The EC2 instance type of the master node. Cannot be specified if `master_instance_group` or `instance_group` configuration blocks are set.\n", "deprecationMessage": "use `master_instance_group` configuration block `instance_type` argument instead" }, "masterPublicDns": { "type": "string", "description": "The public DNS name of the master EC2 instance.\n* `core_instance_group.0.id` - Core node type Instance Group ID, if using Instance Group for this node type.\n" }, "name": { "type": "string", "description": "The name of the step.\n" }, "releaseLabel": { "type": "string", "description": "The release label for the Amazon EMR release\n" }, "scaleDownBehavior": { "type": "string", "description": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an `instance group` is resized.\n" }, "securityConfiguration": { "type": "string", "description": "The security configuration name to attach to the EMR cluster. Only valid for EMR clusters with `release_label` 4.8.0 or greater\n" }, "serviceRole": { "type": "string", "description": "IAM role that will be assumed by the Amazon EMR service to access AWS resources\n" }, "stepConcurrencyLevel": { "type": "integer", "description": "The number of steps that can be executed concurrently. You can specify a maximum of 256 steps. Only valid for EMR clusters with `release_label` 5.28.0 or greater. (default is 1)\n" }, "steps": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterStep:ClusterStep" }, "description": "List of steps to run when creating the cluster. Defined below. It is highly recommended to utilize [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) if other steps are being managed outside of this provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "list of tags to apply to the EMR Cluster\n" }, "terminationProtection": { "type": "boolean", "description": "Switch on/off termination protection (default is `false`, except when using multiple master nodes). Before attempting to destroy the resource when termination protection is enabled, this configuration must be applied with its value set to `false`.\n" }, "visibleToAllUsers": { "type": "boolean", "description": "Whether the job flow is visible to all IAM users of the AWS account associated with the job flow. Default `true`\n" } }, "type": "object" } }, "aws:emr/instanceGroup:InstanceGroup": { "description": "Provides an Elastic MapReduce Cluster Instance Group configuration.\nSee [Amazon Elastic MapReduce Documentation](https://aws.amazon.com/documentation/emr/) for more information.\n\n\u003e **NOTE:** At this time, Instance Groups cannot be destroyed through the API nor\nweb interface. Instance Groups are destroyed when the EMR Cluster is destroyed.\nthis provider will resize any Instance Group to zero when destroying the resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst task = new aws.emr.InstanceGroup(\"task\", {\n clusterId: aws_emr_cluster_tf_test_cluster.id,\n instanceCount: 1,\n instanceType: \"m5.xlarge\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntask = aws.emr.InstanceGroup(\"task\",\n cluster_id=aws_emr_cluster[\"tf-test-cluster\"][\"id\"],\n instance_count=1,\n instance_type=\"m5.xlarge\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var task = new Aws.Emr.InstanceGroup(\"task\", new Aws.Emr.InstanceGroupArgs\n {\n ClusterId = aws_emr_cluster.Tf_test_cluster.Id,\n InstanceCount = 1,\n InstanceType = \"m5.xlarge\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = emr.NewInstanceGroup(ctx, \"task\", \u0026emr.InstanceGroupArgs{\n\t\t\tClusterId: pulumi.String(aws_emr_cluster.Tf - test - cluster.Id),\n\t\t\tInstanceCount: pulumi.Int(1),\n\t\t\tInstanceType: pulumi.String(\"m5.xlarge\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "autoscalingPolicy": { "type": "string", "description": "The autoscaling policy document. This is a JSON formatted string. See [EMR Auto Scaling](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-automatic-scaling.html)\n" }, "bidPrice": { "type": "string", "description": "If set, the bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n" }, "clusterId": { "type": "string", "description": "ID of the EMR Cluster to attach to. Changing this forces a new resource to be created.\n" }, "configurationsJson": { "type": "string", "description": "A JSON string for supplying list of configurations specific to the EMR instance group. Note that this can only be changed when using EMR release 5.21 or later.\n" }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceGroupEbsConfig:InstanceGroupEbsConfig" }, "description": "One or more `ebs_config` blocks as defined below. Changing this forces a new resource to be created.\n" }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether an Amazon EBS volume is EBS-optimized. Changing this forces a new resource to be created.\n" }, "instanceCount": { "type": "integer", "description": "target number of instances for the instance group. defaults to 0.\n" }, "instanceType": { "type": "string", "description": "The EC2 instance type for all instances in the instance group. Changing this forces a new resource to be created.\n" }, "name": { "type": "string", "description": "Human friendly name given to the instance group. Changing this forces a new resource to be created.\n" }, "runningInstanceCount": { "type": "integer" }, "status": { "type": "string" } }, "required": [ "clusterId", "ebsConfigs", "instanceType", "name", "runningInstanceCount", "status" ], "inputProperties": { "autoscalingPolicy": { "type": "string", "description": "The autoscaling policy document. This is a JSON formatted string. See [EMR Auto Scaling](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-automatic-scaling.html)\n" }, "bidPrice": { "type": "string", "description": "If set, the bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n" }, "clusterId": { "type": "string", "description": "ID of the EMR Cluster to attach to. Changing this forces a new resource to be created.\n" }, "configurationsJson": { "type": "string", "description": "A JSON string for supplying list of configurations specific to the EMR instance group. Note that this can only be changed when using EMR release 5.21 or later.\n" }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceGroupEbsConfig:InstanceGroupEbsConfig" }, "description": "One or more `ebs_config` blocks as defined below. Changing this forces a new resource to be created.\n" }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether an Amazon EBS volume is EBS-optimized. Changing this forces a new resource to be created.\n" }, "instanceCount": { "type": "integer", "description": "target number of instances for the instance group. defaults to 0.\n" }, "instanceType": { "type": "string", "description": "The EC2 instance type for all instances in the instance group. Changing this forces a new resource to be created.\n" }, "name": { "type": "string", "description": "Human friendly name given to the instance group. Changing this forces a new resource to be created.\n" } }, "requiredInputs": [ "clusterId", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstanceGroup resources.\n", "properties": { "autoscalingPolicy": { "type": "string", "description": "The autoscaling policy document. This is a JSON formatted string. See [EMR Auto Scaling](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-automatic-scaling.html)\n" }, "bidPrice": { "type": "string", "description": "If set, the bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n" }, "clusterId": { "type": "string", "description": "ID of the EMR Cluster to attach to. Changing this forces a new resource to be created.\n" }, "configurationsJson": { "type": "string", "description": "A JSON string for supplying list of configurations specific to the EMR instance group. Note that this can only be changed when using EMR release 5.21 or later.\n" }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceGroupEbsConfig:InstanceGroupEbsConfig" }, "description": "One or more `ebs_config` blocks as defined below. Changing this forces a new resource to be created.\n" }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether an Amazon EBS volume is EBS-optimized. Changing this forces a new resource to be created.\n" }, "instanceCount": { "type": "integer", "description": "target number of instances for the instance group. defaults to 0.\n" }, "instanceType": { "type": "string", "description": "The EC2 instance type for all instances in the instance group. Changing this forces a new resource to be created.\n" }, "name": { "type": "string", "description": "Human friendly name given to the instance group. Changing this forces a new resource to be created.\n" }, "runningInstanceCount": { "type": "integer" }, "status": { "type": "string" } }, "type": "object" } }, "aws:emr/securityConfiguration:SecurityConfiguration": { "description": "Provides a resource to manage AWS EMR Security Configurations\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.emr.SecurityConfiguration(\"foo\", {\n configuration: `{\n \"EncryptionConfiguration\": {\n \"AtRestEncryptionConfiguration\": {\n \"S3EncryptionConfiguration\": {\n \"EncryptionMode\": \"SSE-S3\"\n },\n \"LocalDiskEncryptionConfiguration\": {\n \"EncryptionKeyProviderType\": \"AwsKms\",\n \"AwsKmsKey\": \"arn:aws:kms:us-west-2:187416307283:alias/tf_emr_test_key\"\n }\n },\n \"EnableInTransitEncryption\": false,\n \"EnableAtRestEncryption\": true\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.emr.SecurityConfiguration(\"foo\", configuration=\"\"\"{\n \"EncryptionConfiguration\": {\n \"AtRestEncryptionConfiguration\": {\n \"S3EncryptionConfiguration\": {\n \"EncryptionMode\": \"SSE-S3\"\n },\n \"LocalDiskEncryptionConfiguration\": {\n \"EncryptionKeyProviderType\": \"AwsKms\",\n \"AwsKmsKey\": \"arn:aws:kms:us-west-2:187416307283:alias/tf_emr_test_key\"\n }\n },\n \"EnableInTransitEncryption\": false,\n \"EnableAtRestEncryption\": true\n }\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Emr.SecurityConfiguration(\"foo\", new Aws.Emr.SecurityConfigurationArgs\n {\n Configuration = @\"{\n \"\"EncryptionConfiguration\"\": {\n \"\"AtRestEncryptionConfiguration\"\": {\n \"\"S3EncryptionConfiguration\"\": {\n \"\"EncryptionMode\"\": \"\"SSE-S3\"\"\n },\n \"\"LocalDiskEncryptionConfiguration\"\": {\n \"\"EncryptionKeyProviderType\"\": \"\"AwsKms\"\",\n \"\"AwsKmsKey\"\": \"\"arn:aws:kms:us-west-2:187416307283:alias/tf_emr_test_key\"\"\n }\n },\n \"\"EnableInTransitEncryption\"\": false,\n \"\"EnableAtRestEncryption\"\": true\n }\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = emr.NewSecurityConfiguration(ctx, \"foo\", \u0026emr.SecurityConfigurationArgs{\n\t\t\tConfiguration: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"EncryptionConfiguration\\\": {\\n\", \" \\\"AtRestEncryptionConfiguration\\\": {\\n\", \" \\\"S3EncryptionConfiguration\\\": {\\n\", \" \\\"EncryptionMode\\\": \\\"SSE-S3\\\"\\n\", \" },\\n\", \" \\\"LocalDiskEncryptionConfiguration\\\": {\\n\", \" \\\"EncryptionKeyProviderType\\\": \\\"AwsKms\\\",\\n\", \" \\\"AwsKmsKey\\\": \\\"arn:aws:kms:us-west-2:187416307283:alias/tf_emr_test_key\\\"\\n\", \" }\\n\", \" },\\n\", \" \\\"EnableInTransitEncryption\\\": false,\\n\", \" \\\"EnableAtRestEncryption\\\": true\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "configuration": { "type": "string", "description": "A JSON formatted Security Configuration\n" }, "creationDate": { "type": "string", "description": "Date the Security Configuration was created\n" }, "name": { "type": "string", "description": "The name of the EMR Security Configuration. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" } }, "required": [ "configuration", "creationDate", "name" ], "inputProperties": { "configuration": { "type": "string", "description": "A JSON formatted Security Configuration\n" }, "name": { "type": "string", "description": "The name of the EMR Security Configuration. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" } }, "requiredInputs": [ "configuration" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityConfiguration resources.\n", "properties": { "configuration": { "type": "string", "description": "A JSON formatted Security Configuration\n" }, "creationDate": { "type": "string", "description": "Date the Security Configuration was created\n" }, "name": { "type": "string", "description": "The name of the EMR Security Configuration. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" } }, "type": "object" } }, "aws:fms/adminAccount:AdminAccount": { "description": "Provides a resource to associate/disassociate an AWS Firewall Manager administrator account. This operation must be performed in the `us-east-1` region.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fms.AdminAccount(\"example\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fms.AdminAccount(\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Fms.AdminAccount(\"example\", new Aws.Fms.AdminAccountArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/fms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = fms.NewAdminAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.\n" } }, "required": [ "accountId" ], "inputProperties": { "accountId": { "type": "string", "description": "The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AdminAccount resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.\n" } }, "type": "object" } }, "aws:fsx/lustreFileSystem:LustreFileSystem": { "description": "Manages a FSx Lustre File System. See the [FSx Lustre Guide](https://docs.aws.amazon.com/fsx/latest/LustreGuide/what-is.html) for more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fsx.LustreFileSystem(\"example\", {\n importPath: pulumi.interpolate`s3://${aws_s3_bucket_example.bucket}`,\n storageCapacity: 1200,\n subnetIds: aws_subnet_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.LustreFileSystem(\"example\",\n import_path=f\"s3://{aws_s3_bucket['example']['bucket']}\",\n storage_capacity=1200,\n subnet_ids=aws_subnet[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Fsx.LustreFileSystem(\"example\", new Aws.Fsx.LustreFileSystemArgs\n {\n ImportPath = $\"s3://{aws_s3_bucket.Example.Bucket}\",\n StorageCapacity = 1200,\n SubnetIds = aws_subnet.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = fsx.NewLustreFileSystem(ctx, \"example\", \u0026fsx.LustreFileSystemArgs{\n\t\t\tImportPath: pulumi.String(fmt.Sprintf(\"%v%v\", \"s3://\", aws_s3_bucket.Example.Bucket)),\n\t\t\tStorageCapacity: pulumi.Int(1200),\n\t\t\tSubnetIds: pulumi.String(aws_subnet.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "dnsName": { "type": "string", "description": "DNS name for the file system, e.g. `fs-12345678.fsx.us-west-2.amazonaws.com`\n" }, "exportPath": { "type": "string", "description": "S3 URI (with optional prefix) where the root of your Amazon FSx file system is exported. Can only be specified with `import_path` argument and the path must use the same Amazon S3 bucket as specified in `import_path`. Set equal to `import_path` to overwrite files on export. Defaults to `s3://{IMPORT BUCKET}/FSxLustre{CREATION TIMESTAMP}`.\n" }, "importPath": { "type": "string", "description": "S3 URI (with optional prefix) that you're using as the data repository for your FSx for Lustre file system. For example, `s3://example-bucket/optional-prefix/`.\n" }, "importedFileChunkSize": { "type": "integer", "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. Can only be specified with `import_path` argument. Defaults to `1024`. Minimum of `1` and maximum of `512000`.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Minimum of `1200`. Storage capacity is provisioned in increments of 3,600 GiB.\n" }, "subnetIds": { "type": "string", "description": "A list of IDs for the subnets that the file system will be accessible from. File systems currently support only one subnet. The file server is also launched in that subnet's Availability Zone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system.\n" }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "required": [ "arn", "dnsName", "exportPath", "importedFileChunkSize", "networkInterfaceIds", "ownerId", "storageCapacity", "subnetIds", "vpcId", "weeklyMaintenanceStartTime" ], "inputProperties": { "exportPath": { "type": "string", "description": "S3 URI (with optional prefix) where the root of your Amazon FSx file system is exported. Can only be specified with `import_path` argument and the path must use the same Amazon S3 bucket as specified in `import_path`. Set equal to `import_path` to overwrite files on export. Defaults to `s3://{IMPORT BUCKET}/FSxLustre{CREATION TIMESTAMP}`.\n" }, "importPath": { "type": "string", "description": "S3 URI (with optional prefix) that you're using as the data repository for your FSx for Lustre file system. For example, `s3://example-bucket/optional-prefix/`.\n" }, "importedFileChunkSize": { "type": "integer", "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. Can only be specified with `import_path` argument. Defaults to `1024`. Minimum of `1` and maximum of `512000`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Minimum of `1200`. Storage capacity is provisioned in increments of 3,600 GiB.\n" }, "subnetIds": { "type": "string", "description": "A list of IDs for the subnets that the file system will be accessible from. File systems currently support only one subnet. The file server is also launched in that subnet's Availability Zone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "requiredInputs": [ "storageCapacity", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering LustreFileSystem resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "dnsName": { "type": "string", "description": "DNS name for the file system, e.g. `fs-12345678.fsx.us-west-2.amazonaws.com`\n" }, "exportPath": { "type": "string", "description": "S3 URI (with optional prefix) where the root of your Amazon FSx file system is exported. Can only be specified with `import_path` argument and the path must use the same Amazon S3 bucket as specified in `import_path`. Set equal to `import_path` to overwrite files on export. Defaults to `s3://{IMPORT BUCKET}/FSxLustre{CREATION TIMESTAMP}`.\n" }, "importPath": { "type": "string", "description": "S3 URI (with optional prefix) that you're using as the data repository for your FSx for Lustre file system. For example, `s3://example-bucket/optional-prefix/`.\n" }, "importedFileChunkSize": { "type": "integer", "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. Can only be specified with `import_path` argument. Defaults to `1024`. Minimum of `1` and maximum of `512000`.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Minimum of `1200`. Storage capacity is provisioned in increments of 3,600 GiB.\n" }, "subnetIds": { "type": "string", "description": "A list of IDs for the subnets that the file system will be accessible from. File systems currently support only one subnet. The file server is also launched in that subnet's Availability Zone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system.\n" }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "type": "object" } }, "aws:fsx/windowsFileSystem:WindowsFileSystem": { "description": "Manages a FSx Windows File System. See the [FSx Windows Guide](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/what-is.html) for more information.\n\n\u003e **NOTE:** Either the `active_directory_id` argument or `self_managed_active_directory` configuration block must be specified.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Using AWS Directory Service\n\nAdditional information for using AWS Directory Service with Windows File Systems can be found in the [FSx Windows Guide](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/fsx-aws-managed-ad.html).\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fsx.WindowsFileSystem(\"example\", {\n activeDirectoryId: aws_directory_service_directory_example.id,\n kmsKeyId: aws_kms_key_example.arn,\n storageCapacity: 300,\n subnetIds: aws_subnet_example.id,\n throughputCapacity: 1024,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.WindowsFileSystem(\"example\",\n active_directory_id=aws_directory_service_directory[\"example\"][\"id\"],\n kms_key_id=aws_kms_key[\"example\"][\"arn\"],\n storage_capacity=300,\n subnet_ids=aws_subnet[\"example\"][\"id\"],\n throughput_capacity=1024)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Fsx.WindowsFileSystem(\"example\", new Aws.Fsx.WindowsFileSystemArgs\n {\n ActiveDirectoryId = aws_directory_service_directory.Example.Id,\n KmsKeyId = aws_kms_key.Example.Arn,\n StorageCapacity = 300,\n SubnetIds = aws_subnet.Example.Id,\n ThroughputCapacity = 1024,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = fsx.NewWindowsFileSystem(ctx, \"example\", \u0026fsx.WindowsFileSystemArgs{\n\t\t\tActiveDirectoryId: pulumi.String(aws_directory_service_directory.Example.Id),\n\t\t\tKmsKeyId: pulumi.String(aws_kms_key.Example.Arn),\n\t\t\tStorageCapacity: pulumi.Int(300),\n\t\t\tSubnetIds: pulumi.String(aws_subnet.Example.Id),\n\t\t\tThroughputCapacity: pulumi.Int(1024),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Using a Self-Managed Microsoft Active Directory\n\nAdditional information for using AWS Directory Service with Windows File Systems can be found in the [FSx Windows Guide](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html).\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fsx.WindowsFileSystem(\"example\", {\n kmsKeyId: aws_kms_key_example.arn,\n selfManagedActiveDirectory: {\n dnsIps: [\n \"10.0.0.111\",\n \"10.0.0.222\",\n ],\n domainName: \"corp.example.com\",\n password: \"avoid-plaintext-passwords\",\n username: \"Admin\",\n },\n storageCapacity: 300,\n subnetIds: aws_subnet_example.id,\n throughputCapacity: 1024,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.WindowsFileSystem(\"example\",\n kms_key_id=aws_kms_key[\"example\"][\"arn\"],\n self_managed_active_directory={\n \"dns_ips\": [\n \"10.0.0.111\",\n \"10.0.0.222\",\n ],\n \"domain_name\": \"corp.example.com\",\n \"password\": \"avoid-plaintext-passwords\",\n \"username\": \"Admin\",\n },\n storage_capacity=300,\n subnet_ids=aws_subnet[\"example\"][\"id\"],\n throughput_capacity=1024)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Fsx.WindowsFileSystem(\"example\", new Aws.Fsx.WindowsFileSystemArgs\n {\n KmsKeyId = aws_kms_key.Example.Arn,\n SelfManagedActiveDirectory = new Aws.Fsx.Inputs.WindowsFileSystemSelfManagedActiveDirectoryArgs\n {\n DnsIps = \n {\n \"10.0.0.111\",\n \"10.0.0.222\",\n },\n DomainName = \"corp.example.com\",\n Password = \"avoid-plaintext-passwords\",\n Username = \"Admin\",\n },\n StorageCapacity = 300,\n SubnetIds = aws_subnet.Example.Id,\n ThroughputCapacity = 1024,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = fsx.NewWindowsFileSystem(ctx, \"example\", \u0026fsx.WindowsFileSystemArgs{\n\t\t\tKmsKeyId: pulumi.String(aws_kms_key.Example.Arn),\n\t\t\tSelfManagedActiveDirectory: \u0026fsx.WindowsFileSystemSelfManagedActiveDirectoryArgs{\n\t\t\t\tDnsIps: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"10.0.0.111\"),\n\t\t\t\t\tpulumi.String(\"10.0.0.222\"),\n\t\t\t\t},\n\t\t\t\tDomainName: pulumi.String(\"corp.example.com\"),\n\t\t\t\tPassword: pulumi.String(\"avoid-plaintext-passwords\"),\n\t\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\t},\n\t\t\tStorageCapacity: pulumi.Int(300),\n\t\t\tSubnetIds: pulumi.String(aws_subnet.Example.Id),\n\t\t\tThroughputCapacity: pulumi.Int(1024),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "activeDirectoryId": { "type": "string", "description": "The ID for an existing Microsoft Active Directory instance that the file system should join when it's created. Cannot be specified with `self_managed_active_directory`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Minimum of `0` and maximum of `35`. Defaults to `7`. Set to `0` to disable.\n" }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags on the file system should be copied to backups. Defaults to `false`.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "The preferred time (in `HH:MM` format) to take daily automatic backups, in the UTC time zone.\n" }, "dnsName": { "type": "string", "description": "DNS name for the file system, e.g. `fs-12345678.corp.example.com` (domain name matching the Active Directory domain name)\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n" }, "selfManagedActiveDirectory": { "$ref": "#/types/aws:fsx/WindowsFileSystemSelfManagedActiveDirectory:WindowsFileSystemSelfManagedActiveDirectory", "description": "Configuration block that Amazon FSx uses to join the Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory. Cannot be specified with `active_directory_id`. Detailed below.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "storageCapacity": { "type": "integer", "description": "Storage capacity (GiB) of the file system. Minimum of 32 and maximum of 65536.\n" }, "subnetIds": { "type": "string", "description": "A list of IDs for the subnets that the file system will be accessible from. File systems support only one subnet. The file server is also launched in that subnet's Availability Zone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system.\n" }, "throughputCapacity": { "type": "integer", "description": "Throughput (megabytes per second) of the file system in power of 2 increments. Minimum of `8` and maximum of `2048`.\n" }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "required": [ "arn", "dailyAutomaticBackupStartTime", "dnsName", "kmsKeyId", "networkInterfaceIds", "ownerId", "storageCapacity", "subnetIds", "throughputCapacity", "vpcId", "weeklyMaintenanceStartTime" ], "inputProperties": { "activeDirectoryId": { "type": "string", "description": "The ID for an existing Microsoft Active Directory instance that the file system should join when it's created. Cannot be specified with `self_managed_active_directory`.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Minimum of `0` and maximum of `35`. Defaults to `7`. Set to `0` to disable.\n" }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags on the file system should be copied to backups. Defaults to `false`.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "The preferred time (in `HH:MM` format) to take daily automatic backups, in the UTC time zone.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n" }, "selfManagedActiveDirectory": { "$ref": "#/types/aws:fsx/WindowsFileSystemSelfManagedActiveDirectory:WindowsFileSystemSelfManagedActiveDirectory", "description": "Configuration block that Amazon FSx uses to join the Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory. Cannot be specified with `active_directory_id`. Detailed below.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "storageCapacity": { "type": "integer", "description": "Storage capacity (GiB) of the file system. Minimum of 32 and maximum of 65536.\n" }, "subnetIds": { "type": "string", "description": "A list of IDs for the subnets that the file system will be accessible from. File systems support only one subnet. The file server is also launched in that subnet's Availability Zone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system.\n" }, "throughputCapacity": { "type": "integer", "description": "Throughput (megabytes per second) of the file system in power of 2 increments. Minimum of `8` and maximum of `2048`.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "requiredInputs": [ "storageCapacity", "subnetIds", "throughputCapacity" ], "stateInputs": { "description": "Input properties used for looking up and filtering WindowsFileSystem resources.\n", "properties": { "activeDirectoryId": { "type": "string", "description": "The ID for an existing Microsoft Active Directory instance that the file system should join when it's created. Cannot be specified with `self_managed_active_directory`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Minimum of `0` and maximum of `35`. Defaults to `7`. Set to `0` to disable.\n" }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags on the file system should be copied to backups. Defaults to `false`.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "The preferred time (in `HH:MM` format) to take daily automatic backups, in the UTC time zone.\n" }, "dnsName": { "type": "string", "description": "DNS name for the file system, e.g. `fs-12345678.corp.example.com` (domain name matching the Active Directory domain name)\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n" }, "selfManagedActiveDirectory": { "$ref": "#/types/aws:fsx/WindowsFileSystemSelfManagedActiveDirectory:WindowsFileSystemSelfManagedActiveDirectory", "description": "Configuration block that Amazon FSx uses to join the Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory. Cannot be specified with `active_directory_id`. Detailed below.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "storageCapacity": { "type": "integer", "description": "Storage capacity (GiB) of the file system. Minimum of 32 and maximum of 65536.\n" }, "subnetIds": { "type": "string", "description": "A list of IDs for the subnets that the file system will be accessible from. File systems support only one subnet. The file server is also launched in that subnet's Availability Zone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system.\n" }, "throughputCapacity": { "type": "integer", "description": "Throughput (megabytes per second) of the file system in power of 2 increments. Minimum of `8` and maximum of `2048`.\n" }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "type": "object" } }, "aws:gamelift/alias:Alias": { "description": "Provides a Gamelift Alias resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.Alias(\"example\", {\n description: \"Example Description\",\n routingStrategy: {\n message: \"Example Message\",\n type: \"TERMINAL\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.Alias(\"example\",\n description=\"Example Description\",\n routing_strategy={\n \"message\": \"Example Message\",\n \"type\": \"TERMINAL\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.GameLift.Alias(\"example\", new Aws.GameLift.AliasArgs\n {\n Description = \"Example Description\",\n RoutingStrategy = new Aws.GameLift.Inputs.AliasRoutingStrategyArgs\n {\n Message = \"Example Message\",\n Type = \"TERMINAL\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = gamelift.NewAlias(ctx, \"example\", \u0026gamelift.AliasArgs{\n\t\t\tDescription: pulumi.String(\"Example Description\"),\n\t\t\tRoutingStrategy: \u0026gamelift.AliasRoutingStrategyArgs{\n\t\t\t\tMessage: pulumi.String(\"Example Message\"),\n\t\t\t\tType: pulumi.String(\"TERMINAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Alias ARN.\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "name": { "type": "string", "description": "Name of the alias.\n" }, "routingStrategy": { "$ref": "#/types/aws:gamelift/AliasRoutingStrategy:AliasRoutingStrategy", "description": "Specifies the fleet and/or routing type to use for the alias.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "name", "routingStrategy" ], "inputProperties": { "description": { "type": "string", "description": "Description of the alias.\n" }, "name": { "type": "string", "description": "Name of the alias.\n" }, "routingStrategy": { "$ref": "#/types/aws:gamelift/AliasRoutingStrategy:AliasRoutingStrategy", "description": "Specifies the fleet and/or routing type to use for the alias.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "routingStrategy" ], "stateInputs": { "description": "Input properties used for looking up and filtering Alias resources.\n", "properties": { "arn": { "type": "string", "description": "Alias ARN.\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "name": { "type": "string", "description": "Name of the alias.\n" }, "routingStrategy": { "$ref": "#/types/aws:gamelift/AliasRoutingStrategy:AliasRoutingStrategy", "description": "Specifies the fleet and/or routing type to use for the alias.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:gamelift/build:Build": { "description": "Provides an Gamelift Build resource.\n", "properties": { "arn": { "type": "string", "description": "Gamelift Build ARN.\n" }, "name": { "type": "string", "description": "Name of the build\n" }, "operatingSystem": { "type": "string", "description": "Operating system that the game server binaries are built to run on. e.g. `WINDOWS_2012` or `AMAZON_LINUX`.\n" }, "storageLocation": { "$ref": "#/types/aws:gamelift/BuildStorageLocation:BuildStorageLocation", "description": "Information indicating where your game build files are stored. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "version": { "type": "string", "description": "Version that is associated with this build.\n" } }, "required": [ "arn", "name", "operatingSystem", "storageLocation" ], "inputProperties": { "name": { "type": "string", "description": "Name of the build\n" }, "operatingSystem": { "type": "string", "description": "Operating system that the game server binaries are built to run on. e.g. `WINDOWS_2012` or `AMAZON_LINUX`.\n" }, "storageLocation": { "$ref": "#/types/aws:gamelift/BuildStorageLocation:BuildStorageLocation", "description": "Information indicating where your game build files are stored. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "version": { "type": "string", "description": "Version that is associated with this build.\n" } }, "requiredInputs": [ "operatingSystem", "storageLocation" ], "stateInputs": { "description": "Input properties used for looking up and filtering Build resources.\n", "properties": { "arn": { "type": "string", "description": "Gamelift Build ARN.\n" }, "name": { "type": "string", "description": "Name of the build\n" }, "operatingSystem": { "type": "string", "description": "Operating system that the game server binaries are built to run on. e.g. `WINDOWS_2012` or `AMAZON_LINUX`.\n" }, "storageLocation": { "$ref": "#/types/aws:gamelift/BuildStorageLocation:BuildStorageLocation", "description": "Information indicating where your game build files are stored. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "version": { "type": "string", "description": "Version that is associated with this build.\n" } }, "type": "object" } }, "aws:gamelift/fleet:Fleet": { "description": "Provides a Gamelift Fleet resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.Fleet(\"example\", {\n buildId: aws_gamelift_build_example.id,\n ec2InstanceType: \"t2.micro\",\n fleetType: \"ON_DEMAND\",\n runtimeConfiguration: {\n serverProcesses: [{\n concurrentExecutions: 1,\n launchPath: \"C:\\\\game\\\\GomokuServer.exe\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.Fleet(\"example\",\n build_id=aws_gamelift_build[\"example\"][\"id\"],\n ec2_instance_type=\"t2.micro\",\n fleet_type=\"ON_DEMAND\",\n runtime_configuration={\n \"serverProcess\": [{\n \"concurrentExecutions\": 1,\n \"launchPath\": \"C:\\\\game\\\\GomokuServer.exe\",\n }],\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.GameLift.Fleet(\"example\", new Aws.GameLift.FleetArgs\n {\n BuildId = aws_gamelift_build.Example.Id,\n Ec2InstanceType = \"t2.micro\",\n FleetType = \"ON_DEMAND\",\n RuntimeConfiguration = new Aws.GameLift.Inputs.FleetRuntimeConfigurationArgs\n {\n ServerProcess = \n {\n \n {\n { \"concurrentExecutions\", 1 },\n { \"launchPath\", \"C:\\\\game\\\\GomokuServer.exe\" },\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = gamelift.NewFleet(ctx, \"example\", \u0026gamelift.FleetArgs{\n\t\t\tBuildId: pulumi.String(aws_gamelift_build.Example.Id),\n\t\t\tEc2InstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tFleetType: pulumi.String(\"ON_DEMAND\"),\n\t\t\tRuntimeConfiguration: \u0026gamelift.FleetRuntimeConfigurationArgs{\n\t\t\t\tServerProcess: pulumi.MapArray{\n\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\"concurrentExecutions\": pulumi.Float64(1),\n\t\t\t\t\t\t\"launchPath\": pulumi.String(\"C:\\\\game\\\\GomokuServer.exe\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Fleet ARN.\n" }, "buildId": { "type": "string", "description": "ID of the Gamelift Build to be deployed on the fleet.\n" }, "description": { "type": "string", "description": "Human-readable description of the fleet.\n" }, "ec2InboundPermissions": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/FleetEc2InboundPermission:FleetEc2InboundPermission" }, "description": "Range of IP addresses and port settings that permit inbound traffic to access server processes running on the fleet. See below.\n" }, "ec2InstanceType": { "type": "string", "description": "Name of an EC2 instance type. e.g. `t2.micro`\n" }, "fleetType": { "type": "string", "description": "Type of fleet. This value must be `ON_DEMAND` or `SPOT`. Defaults to `ON_DEMAND`.\n" }, "instanceRoleArn": { "type": "string", "description": "ARN of an IAM role that instances in the fleet can assume.\n" }, "logPaths": { "type": "array", "items": { "type": "string" } }, "metricGroups": { "type": "array", "items": { "type": "string" }, "description": "List of names of metric groups to add this fleet to. A metric group tracks metrics across all fleets in the group. Defaults to `default`.\n" }, "name": { "type": "string", "description": "The name of the fleet.\n" }, "newGameSessionProtectionPolicy": { "type": "string", "description": "Game session protection policy to apply to all instances in this fleet. e.g. `FullProtection`. Defaults to `NoProtection`.\n" }, "operatingSystem": { "type": "string", "description": "Operating system of the fleet's computing resources.\n" }, "resourceCreationLimitPolicy": { "$ref": "#/types/aws:gamelift/FleetResourceCreationLimitPolicy:FleetResourceCreationLimitPolicy", "description": "Policy that limits the number of game sessions an individual player can create over a span of time for this fleet. See below.\n" }, "runtimeConfiguration": { "$ref": "#/types/aws:gamelift/FleetRuntimeConfiguration:FleetRuntimeConfiguration", "description": "Instructions for launching server processes on each instance in the fleet. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "buildId", "ec2InstanceType", "logPaths", "metricGroups", "name", "operatingSystem" ], "inputProperties": { "buildId": { "type": "string", "description": "ID of the Gamelift Build to be deployed on the fleet.\n" }, "description": { "type": "string", "description": "Human-readable description of the fleet.\n" }, "ec2InboundPermissions": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/FleetEc2InboundPermission:FleetEc2InboundPermission" }, "description": "Range of IP addresses and port settings that permit inbound traffic to access server processes running on the fleet. See below.\n" }, "ec2InstanceType": { "type": "string", "description": "Name of an EC2 instance type. e.g. `t2.micro`\n" }, "fleetType": { "type": "string", "description": "Type of fleet. This value must be `ON_DEMAND` or `SPOT`. Defaults to `ON_DEMAND`.\n" }, "instanceRoleArn": { "type": "string", "description": "ARN of an IAM role that instances in the fleet can assume.\n" }, "metricGroups": { "type": "array", "items": { "type": "string" }, "description": "List of names of metric groups to add this fleet to. A metric group tracks metrics across all fleets in the group. Defaults to `default`.\n" }, "name": { "type": "string", "description": "The name of the fleet.\n" }, "newGameSessionProtectionPolicy": { "type": "string", "description": "Game session protection policy to apply to all instances in this fleet. e.g. `FullProtection`. Defaults to `NoProtection`.\n" }, "resourceCreationLimitPolicy": { "$ref": "#/types/aws:gamelift/FleetResourceCreationLimitPolicy:FleetResourceCreationLimitPolicy", "description": "Policy that limits the number of game sessions an individual player can create over a span of time for this fleet. See below.\n" }, "runtimeConfiguration": { "$ref": "#/types/aws:gamelift/FleetRuntimeConfiguration:FleetRuntimeConfiguration", "description": "Instructions for launching server processes on each instance in the fleet. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "buildId", "ec2InstanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Fleet resources.\n", "properties": { "arn": { "type": "string", "description": "Fleet ARN.\n" }, "buildId": { "type": "string", "description": "ID of the Gamelift Build to be deployed on the fleet.\n" }, "description": { "type": "string", "description": "Human-readable description of the fleet.\n" }, "ec2InboundPermissions": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/FleetEc2InboundPermission:FleetEc2InboundPermission" }, "description": "Range of IP addresses and port settings that permit inbound traffic to access server processes running on the fleet. See below.\n" }, "ec2InstanceType": { "type": "string", "description": "Name of an EC2 instance type. e.g. `t2.micro`\n" }, "fleetType": { "type": "string", "description": "Type of fleet. This value must be `ON_DEMAND` or `SPOT`. Defaults to `ON_DEMAND`.\n" }, "instanceRoleArn": { "type": "string", "description": "ARN of an IAM role that instances in the fleet can assume.\n" }, "logPaths": { "type": "array", "items": { "type": "string" } }, "metricGroups": { "type": "array", "items": { "type": "string" }, "description": "List of names of metric groups to add this fleet to. A metric group tracks metrics across all fleets in the group. Defaults to `default`.\n" }, "name": { "type": "string", "description": "The name of the fleet.\n" }, "newGameSessionProtectionPolicy": { "type": "string", "description": "Game session protection policy to apply to all instances in this fleet. e.g. `FullProtection`. Defaults to `NoProtection`.\n" }, "operatingSystem": { "type": "string", "description": "Operating system of the fleet's computing resources.\n" }, "resourceCreationLimitPolicy": { "$ref": "#/types/aws:gamelift/FleetResourceCreationLimitPolicy:FleetResourceCreationLimitPolicy", "description": "Policy that limits the number of game sessions an individual player can create over a span of time for this fleet. See below.\n" }, "runtimeConfiguration": { "$ref": "#/types/aws:gamelift/FleetRuntimeConfiguration:FleetRuntimeConfiguration", "description": "Instructions for launching server processes on each instance in the fleet. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:gamelift/gameSessionQueue:GameSessionQueue": { "description": "Provides an Gamelift Game Session Queue resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.gamelift.GameSessionQueue(\"test\", {\n destinations: [\n aws_gamelift_fleet_us_west_2_fleet.arn,\n aws_gamelift_fleet_eu_central_1_fleet.arn,\n ],\n playerLatencyPolicies: [\n {\n maximumIndividualPlayerLatencyMilliseconds: 100,\n policyDurationSeconds: 5,\n },\n {\n maximumIndividualPlayerLatencyMilliseconds: 200,\n },\n ],\n timeoutInSeconds: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.gamelift.GameSessionQueue(\"test\",\n destinations=[\n aws_gamelift_fleet[\"us_west_2_fleet\"][\"arn\"],\n aws_gamelift_fleet[\"eu_central_1_fleet\"][\"arn\"],\n ],\n player_latency_policies=[\n {\n \"maximumIndividualPlayerLatencyMilliseconds\": 100,\n \"policyDurationSeconds\": 5,\n },\n {\n \"maximumIndividualPlayerLatencyMilliseconds\": 200,\n },\n ],\n timeout_in_seconds=60)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.GameLift.GameSessionQueue(\"test\", new Aws.GameLift.GameSessionQueueArgs\n {\n Destinations = \n {\n aws_gamelift_fleet.Us_west_2_fleet.Arn,\n aws_gamelift_fleet.Eu_central_1_fleet.Arn,\n },\n PlayerLatencyPolicies = \n {\n new Aws.GameLift.Inputs.GameSessionQueuePlayerLatencyPolicyArgs\n {\n MaximumIndividualPlayerLatencyMilliseconds = 100,\n PolicyDurationSeconds = 5,\n },\n new Aws.GameLift.Inputs.GameSessionQueuePlayerLatencyPolicyArgs\n {\n MaximumIndividualPlayerLatencyMilliseconds = 200,\n },\n },\n TimeoutInSeconds = 60,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Game Session Queue ARN.\n" }, "destinations": { "type": "array", "items": { "type": "string" }, "description": "List of fleet/alias ARNs used by session queue for placing game sessions.\n" }, "name": { "type": "string", "description": "Name of the session queue.\n" }, "playerLatencyPolicies": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/GameSessionQueuePlayerLatencyPolicy:GameSessionQueuePlayerLatencyPolicy" }, "description": "One or more policies used to choose fleet based on player latency. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "timeoutInSeconds": { "type": "integer", "description": "Maximum time a game session request can remain in the queue.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "destinations": { "type": "array", "items": { "type": "string" }, "description": "List of fleet/alias ARNs used by session queue for placing game sessions.\n" }, "name": { "type": "string", "description": "Name of the session queue.\n" }, "playerLatencyPolicies": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/GameSessionQueuePlayerLatencyPolicy:GameSessionQueuePlayerLatencyPolicy" }, "description": "One or more policies used to choose fleet based on player latency. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "timeoutInSeconds": { "type": "integer", "description": "Maximum time a game session request can remain in the queue.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering GameSessionQueue resources.\n", "properties": { "arn": { "type": "string", "description": "Game Session Queue ARN.\n" }, "destinations": { "type": "array", "items": { "type": "string" }, "description": "List of fleet/alias ARNs used by session queue for placing game sessions.\n" }, "name": { "type": "string", "description": "Name of the session queue.\n" }, "playerLatencyPolicies": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/GameSessionQueuePlayerLatencyPolicy:GameSessionQueuePlayerLatencyPolicy" }, "description": "One or more policies used to choose fleet based on player latency. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "timeoutInSeconds": { "type": "integer", "description": "Maximum time a game session request can remain in the queue.\n" } }, "type": "object" } }, "aws:glacier/vault:Vault": { "description": "Provides a Glacier Vault Resource. You can refer to the [Glacier Developer Guide](https://docs.aws.amazon.com/amazonglacier/latest/dev/working-with-vaults.html) for a full explanation of the Glacier Vault functionality\n\n\u003e **NOTE:** When removing a Glacier Vault, the Vault must be empty.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awsSnsTopic = new aws.sns.Topic(\"aws_sns_topic\", {});\nconst myArchive = new aws.glacier.Vault(\"my_archive\", {\n accessPolicy: `{\n \"Version\":\"2012-10-17\",\n \"Statement\":[\n {\n \"Sid\": \"add-read-only-perm\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"glacier:InitiateJob\",\n \"glacier:GetJobOutput\"\n ],\n \"Resource\": \"arn:aws:glacier:eu-west-1:432981146916:vaults/MyArchive\"\n }\n ]\n}\n`,\n notifications: [{\n events: [\n \"ArchiveRetrievalCompleted\",\n \"InventoryRetrievalCompleted\",\n ],\n snsTopic: awsSnsTopic.arn,\n }],\n tags: {\n Test: \"MyArchive\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naws_sns_topic = aws.sns.Topic(\"awsSnsTopic\")\nmy_archive = aws.glacier.Vault(\"myArchive\",\n access_policy=\"\"\"{\n \"Version\":\"2012-10-17\",\n \"Statement\":[\n {\n \"Sid\": \"add-read-only-perm\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"glacier:InitiateJob\",\n \"glacier:GetJobOutput\"\n ],\n \"Resource\": \"arn:aws:glacier:eu-west-1:432981146916:vaults/MyArchive\"\n }\n ]\n}\n\n\"\"\",\n notifications=[{\n \"events\": [\n \"ArchiveRetrievalCompleted\",\n \"InventoryRetrievalCompleted\",\n ],\n \"sns_topic\": aws_sns_topic.arn,\n }],\n tags={\n \"Test\": \"MyArchive\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var awsSnsTopic = new Aws.Sns.Topic(\"awsSnsTopic\", new Aws.Sns.TopicArgs\n {\n });\n var myArchive = new Aws.Glacier.Vault(\"myArchive\", new Aws.Glacier.VaultArgs\n {\n AccessPolicy = @\"{\n \"\"Version\"\":\"\"2012-10-17\"\",\n \"\"Statement\"\":[\n {\n \"\"Sid\"\": \"\"add-read-only-perm\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"glacier:InitiateJob\"\",\n \"\"glacier:GetJobOutput\"\"\n ],\n \"\"Resource\"\": \"\"arn:aws:glacier:eu-west-1:432981146916:vaults/MyArchive\"\"\n }\n ]\n}\n\n\",\n Notifications = \n {\n new Aws.Glacier.Inputs.VaultNotificationArgs\n {\n Events = \n {\n \"ArchiveRetrievalCompleted\",\n \"InventoryRetrievalCompleted\",\n },\n SnsTopic = awsSnsTopic.Arn,\n },\n },\n Tags = \n {\n { \"Test\", \"MyArchive\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glacier\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tawsSnsTopic, err := sns.NewTopic(ctx, \"awsSnsTopic\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glacier.NewVault(ctx, \"myArchive\", \u0026glacier.VaultArgs{\n\t\t\tAccessPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\":\\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\":[\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"add-read-only-perm\\\",\\n\", \" \\\"Principal\\\": \\\"*\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Action\\\": [\\n\", \" \\\"glacier:InitiateJob\\\",\\n\", \" \\\"glacier:GetJobOutput\\\"\\n\", \" ],\\n\", \" \\\"Resource\\\": \\\"arn:aws:glacier:eu-west-1:432981146916:vaults/MyArchive\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tNotifications: glacier.VaultNotificationArray{\n\t\t\t\t\u0026glacier.VaultNotificationArgs{\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ArchiveRetrievalCompleted\"),\n\t\t\t\t\t\tpulumi.String(\"InventoryRetrievalCompleted\"),\n\t\t\t\t\t},\n\t\t\t\t\tSnsTopic: awsSnsTopic.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Test\": pulumi.String(\"MyArchive\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\nThe heredoc syntax or `file` function is helpful here. Use the [Glacier Developer Guide](https://docs.aws.amazon.com/amazonglacier/latest/dev/vault-access-policy.html) for more information on Glacier Vault Policy\n" }, "arn": { "type": "string", "description": "The ARN of the vault.\n" }, "location": { "type": "string", "description": "The URI of the vault that was created.\n" }, "name": { "type": "string", "description": "The name of the Vault. Names can be between 1 and 255 characters long and the valid characters are a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), and '.' (period).\n" }, "notifications": { "type": "array", "items": { "$ref": "#/types/aws:glacier/VaultNotification:VaultNotification" }, "description": "The notifications for the Vault. Fields documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "location", "name" ], "inputProperties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\nThe heredoc syntax or `file` function is helpful here. Use the [Glacier Developer Guide](https://docs.aws.amazon.com/amazonglacier/latest/dev/vault-access-policy.html) for more information on Glacier Vault Policy\n" }, "name": { "type": "string", "description": "The name of the Vault. Names can be between 1 and 255 characters long and the valid characters are a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), and '.' (period).\n" }, "notifications": { "type": "array", "items": { "$ref": "#/types/aws:glacier/VaultNotification:VaultNotification" }, "description": "The notifications for the Vault. Fields documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Vault resources.\n", "properties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\nThe heredoc syntax or `file` function is helpful here. Use the [Glacier Developer Guide](https://docs.aws.amazon.com/amazonglacier/latest/dev/vault-access-policy.html) for more information on Glacier Vault Policy\n" }, "arn": { "type": "string", "description": "The ARN of the vault.\n" }, "location": { "type": "string", "description": "The URI of the vault that was created.\n" }, "name": { "type": "string", "description": "The name of the Vault. Names can be between 1 and 255 characters long and the valid characters are a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), and '.' (period).\n" }, "notifications": { "type": "array", "items": { "$ref": "#/types/aws:glacier/VaultNotification:VaultNotification" }, "description": "The notifications for the Vault. Fields documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:glacier/vaultLock:VaultLock": { "description": "Manages a Glacier Vault Lock. You can refer to the [Glacier Developer Guide](https://docs.aws.amazon.com/amazonglacier/latest/dev/vault-lock.html) for a full explanation of the Glacier Vault Lock functionality.\n\n\u003e **NOTE:** This resource allows you to test Glacier Vault Lock policies by setting the `complete_lock` argument to `false`. When testing policies in this manner, the Glacier Vault Lock automatically expires after 24 hours and this provider will show this resource as needing recreation after that time. To permanently apply the policy, set the `complete_lock` argument to `true`. When changing `complete_lock` to `true`, it is expected the resource will show as recreating.\n\n!\u003e **WARNING:** Once a Glacier Vault Lock is completed, it is immutable. The deletion of the Glacier Vault Lock is not be possible and attempting to remove it from this provider will return an error. Set the `ignore_deletion_error` argument to `true` and apply this configuration before attempting to delete this resource via this provider or remove this resource from this provider's management.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Testing Glacier Vault Lock Policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleVault = new aws.glacier.Vault(\"example\", {});\nconst examplePolicyDocument = exampleVault.arn.apply(arn =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"glacier:DeleteArchive\"],\n conditions: [{\n test: \"NumericLessThanEquals\",\n values: [\"365\"],\n variable: \"glacier:ArchiveAgeinDays\",\n }],\n effect: \"Deny\",\n resources: [arn],\n }],\n}, { async: true }));\nconst exampleVaultLock = new aws.glacier.VaultLock(\"example\", {\n completeLock: false,\n policy: examplePolicyDocument.json,\n vaultName: exampleVault.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_vault = aws.glacier.Vault(\"exampleVault\")\nexample_policy_document = example_vault.arn.apply(lambda arn: aws.iam.get_policy_document(statements=[{\n \"actions\": [\"glacier:DeleteArchive\"],\n \"condition\": [{\n \"test\": \"NumericLessThanEquals\",\n \"values\": [\"365\"],\n \"variable\": \"glacier:ArchiveAgeinDays\",\n }],\n \"effect\": \"Deny\",\n \"resources\": [arn],\n}]))\nexample_vault_lock = aws.glacier.VaultLock(\"exampleVaultLock\",\n complete_lock=False,\n policy=example_policy_document.json,\n vault_name=example_vault.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleVault = new Aws.Glacier.Vault(\"exampleVault\", new Aws.Glacier.VaultArgs\n {\n });\n var examplePolicyDocument = exampleVault.Arn.Apply(arn =\u003e Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"glacier:DeleteArchive\",\n },\n Condition = \n {\n \n {\n { \"test\", \"NumericLessThanEquals\" },\n { \"values\", \n {\n \"365\",\n } },\n { \"variable\", \"glacier:ArchiveAgeinDays\" },\n },\n },\n Effect = \"Deny\",\n Resources = \n {\n arn,\n },\n },\n },\n }));\n var exampleVaultLock = new Aws.Glacier.VaultLock(\"exampleVaultLock\", new Aws.Glacier.VaultLockArgs\n {\n CompleteLock = false,\n Policy = examplePolicyDocument.Apply(examplePolicyDocument =\u003e examplePolicyDocument.Json),\n VaultName = exampleVault.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glacier\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVault, err := glacier.NewVault(ctx, \"exampleVault\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glacier.NewVaultLock(ctx, \"exampleVaultLock\", \u0026glacier.VaultLockArgs{\n\t\t\tCompleteLock: pulumi.Bool(false),\n\t\t\tPolicy: examplePolicyDocument.ApplyT(func(examplePolicyDocument iam.GetPolicyDocumentResult) (string, error) {\n\t\t\t\treturn examplePolicyDocument.Json, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tVaultName: exampleVault.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Permanently Applying Glacier Vault Lock Policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glacier.VaultLock(\"example\", {\n completeLock: true,\n policy: aws_iam_policy_document_example.json,\n vaultName: aws_glacier_vault_example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glacier.VaultLock(\"example\",\n complete_lock=True,\n policy=data[\"aws_iam_policy_document\"][\"example\"][\"json\"],\n vault_name=aws_glacier_vault[\"example\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glacier.VaultLock(\"example\", new Aws.Glacier.VaultLockArgs\n {\n CompleteLock = true,\n Policy = data.Aws_iam_policy_document.Example.Json,\n VaultName = aws_glacier_vault.Example.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glacier\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glacier.NewVaultLock(ctx, \"example\", \u0026glacier.VaultLockArgs{\n\t\t\tCompleteLock: pulumi.Bool(true),\n\t\t\tPolicy: pulumi.String(data.Aws_iam_policy_document.Example.Json),\n\t\t\tVaultName: pulumi.String(aws_glacier_vault.Example.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "completeLock": { "type": "boolean", "description": "Boolean whether to permanently apply this Glacier Lock Policy. Once completed, this cannot be undone. If set to `false`, the Glacier Lock Policy remains in a testing mode for 24 hours. After that time, the Glacier Lock Policy is automatically removed by Glacier and the this provider resource will show as needing recreation. Changing this from `false` to `true` will show as resource recreation, which is expected. Changing this from `true` to `false` is not possible unless the Glacier Vault is recreated at the same time.\n" }, "ignoreDeletionError": { "type": "boolean", "description": "Allow this provider to ignore the error returned when attempting to delete the Glacier Lock Policy. This can be used to delete or recreate the Glacier Vault via this provider, for example, if the Glacier Vault Lock policy permits that action. This should only be used in conjunction with `complete_lock` being set to `true`.\n" }, "policy": { "type": "string", "description": "JSON string containing the IAM policy to apply as the Glacier Vault Lock policy.\n" }, "vaultName": { "type": "string", "description": "The name of the Glacier Vault.\n" } }, "required": [ "completeLock", "policy", "vaultName" ], "inputProperties": { "completeLock": { "type": "boolean", "description": "Boolean whether to permanently apply this Glacier Lock Policy. Once completed, this cannot be undone. If set to `false`, the Glacier Lock Policy remains in a testing mode for 24 hours. After that time, the Glacier Lock Policy is automatically removed by Glacier and the this provider resource will show as needing recreation. Changing this from `false` to `true` will show as resource recreation, which is expected. Changing this from `true` to `false` is not possible unless the Glacier Vault is recreated at the same time.\n" }, "ignoreDeletionError": { "type": "boolean", "description": "Allow this provider to ignore the error returned when attempting to delete the Glacier Lock Policy. This can be used to delete or recreate the Glacier Vault via this provider, for example, if the Glacier Vault Lock policy permits that action. This should only be used in conjunction with `complete_lock` being set to `true`.\n" }, "policy": { "type": "string", "description": "JSON string containing the IAM policy to apply as the Glacier Vault Lock policy.\n" }, "vaultName": { "type": "string", "description": "The name of the Glacier Vault.\n" } }, "requiredInputs": [ "completeLock", "policy", "vaultName" ], "stateInputs": { "description": "Input properties used for looking up and filtering VaultLock resources.\n", "properties": { "completeLock": { "type": "boolean", "description": "Boolean whether to permanently apply this Glacier Lock Policy. Once completed, this cannot be undone. If set to `false`, the Glacier Lock Policy remains in a testing mode for 24 hours. After that time, the Glacier Lock Policy is automatically removed by Glacier and the this provider resource will show as needing recreation. Changing this from `false` to `true` will show as resource recreation, which is expected. Changing this from `true` to `false` is not possible unless the Glacier Vault is recreated at the same time.\n" }, "ignoreDeletionError": { "type": "boolean", "description": "Allow this provider to ignore the error returned when attempting to delete the Glacier Lock Policy. This can be used to delete or recreate the Glacier Vault via this provider, for example, if the Glacier Vault Lock policy permits that action. This should only be used in conjunction with `complete_lock` being set to `true`.\n" }, "policy": { "type": "string", "description": "JSON string containing the IAM policy to apply as the Glacier Vault Lock policy.\n" }, "vaultName": { "type": "string", "description": "The name of the Glacier Vault.\n" } }, "type": "object" } }, "aws:globalaccelerator/accelerator:Accelerator": { "description": "Creates a Global Accelerator accelerator.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.globalaccelerator.Accelerator(\"example\", {\n attributes: {\n flowLogsEnabled: true,\n flowLogsS3Bucket: \"example-bucket\",\n flowLogsS3Prefix: \"flow-logs/\",\n },\n enabled: true,\n ipAddressType: \"IPV4\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.globalaccelerator.Accelerator(\"example\",\n attributes={\n \"flowLogsEnabled\": True,\n \"flowLogsS3Bucket\": \"example-bucket\",\n \"flowLogsS3Prefix\": \"flow-logs/\",\n },\n enabled=True,\n ip_address_type=\"IPV4\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.GlobalAccelerator.Accelerator(\"example\", new Aws.GlobalAccelerator.AcceleratorArgs\n {\n Attributes = new Aws.GlobalAccelerator.Inputs.AcceleratorAttributesArgs\n {\n FlowLogsEnabled = true,\n FlowLogsS3Bucket = \"example-bucket\",\n FlowLogsS3Prefix = \"flow-logs/\",\n },\n Enabled = true,\n IpAddressType = \"IPV4\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = globalaccelerator.NewAccelerator(ctx, \"example\", \u0026globalaccelerator.AcceleratorArgs{\n\t\t\tAttributes: \u0026globalaccelerator.AcceleratorAttributesArgs{\n\t\t\t\tFlowLogsEnabled: pulumi.Bool(true),\n\t\t\t\tFlowLogsS3Bucket: pulumi.String(\"example-bucket\"),\n\t\t\t\tFlowLogsS3Prefix: pulumi.String(\"flow-logs/\"),\n\t\t\t},\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tIpAddressType: pulumi.String(\"IPV4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "attributes": { "$ref": "#/types/aws:globalaccelerator/AcceleratorAttributes:AcceleratorAttributes", "description": "The attributes of the accelerator. Fields documented below.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the accelerator. For example, `a5d53ff5ee6bca4ce.awsglobalaccelerator.com`.\n* `hosted_zone_id` -- The Global Accelerator Route 53 zone ID that can be used to\nroute an [Alias Resource Record Set](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html) to the Global Accelerator. This attribute\nis simply an alias for the zone ID `Z2BJ6XQ5FK7U4H`.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n" }, "hostedZoneId": { "type": "string" }, "ipAddressType": { "type": "string", "description": "The value for the address type must be `IPV4`.\n" }, "ipSets": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/AcceleratorIpSet:AcceleratorIpSet" }, "description": "IP address set associated with the accelerator.\n" }, "name": { "type": "string", "description": "The name of the accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "dnsName", "hostedZoneId", "ipSets", "name" ], "inputProperties": { "attributes": { "$ref": "#/types/aws:globalaccelerator/AcceleratorAttributes:AcceleratorAttributes", "description": "The attributes of the accelerator. Fields documented below.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n" }, "ipAddressType": { "type": "string", "description": "The value for the address type must be `IPV4`.\n" }, "name": { "type": "string", "description": "The name of the accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Accelerator resources.\n", "properties": { "attributes": { "$ref": "#/types/aws:globalaccelerator/AcceleratorAttributes:AcceleratorAttributes", "description": "The attributes of the accelerator. Fields documented below.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the accelerator. For example, `a5d53ff5ee6bca4ce.awsglobalaccelerator.com`.\n* `hosted_zone_id` -- The Global Accelerator Route 53 zone ID that can be used to\nroute an [Alias Resource Record Set](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html) to the Global Accelerator. This attribute\nis simply an alias for the zone ID `Z2BJ6XQ5FK7U4H`.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n" }, "hostedZoneId": { "type": "string" }, "ipAddressType": { "type": "string", "description": "The value for the address type must be `IPV4`.\n" }, "ipSets": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/AcceleratorIpSet:AcceleratorIpSet" }, "description": "IP address set associated with the accelerator.\n" }, "name": { "type": "string", "description": "The name of the accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:globalaccelerator/endpointGroup:EndpointGroup": { "description": "Provides a Global Accelerator endpoint group.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.globalaccelerator.EndpointGroup(\"example\", {\n endpointConfigurations: [{\n endpointId: aws_lb_example.arn,\n weight: 100,\n }],\n listenerArn: aws_globalaccelerator_listener_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.globalaccelerator.EndpointGroup(\"example\",\n endpoint_configurations=[{\n \"endpoint_id\": aws_lb[\"example\"][\"arn\"],\n \"weight\": 100,\n }],\n listener_arn=aws_globalaccelerator_listener[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.GlobalAccelerator.EndpointGroup(\"example\", new Aws.GlobalAccelerator.EndpointGroupArgs\n {\n EndpointConfigurations = \n {\n new Aws.GlobalAccelerator.Inputs.EndpointGroupEndpointConfigurationArgs\n {\n EndpointId = aws_lb.Example.Arn,\n Weight = 100,\n },\n },\n ListenerArn = aws_globalaccelerator_listener.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = globalaccelerator.NewEndpointGroup(ctx, \"example\", \u0026globalaccelerator.EndpointGroupArgs{\n\t\t\tEndpointConfigurations: globalaccelerator.EndpointGroupEndpointConfigurationArray{\n\t\t\t\t\u0026globalaccelerator.EndpointGroupEndpointConfigurationArgs{\n\t\t\t\t\tEndpointId: pulumi.String(aws_lb.Example.Arn),\n\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: pulumi.String(aws_globalaccelerator_listener.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "endpointConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/EndpointGroupEndpointConfiguration:EndpointGroupEndpointConfiguration" }, "description": "The list of endpoint objects. Fields documented below.\n" }, "endpointGroupRegion": { "type": "string", "description": "The name of the AWS Region where the endpoint group is located.\n" }, "healthCheckIntervalSeconds": { "type": "integer", "description": "The time—10 seconds or 30 seconds—between each health check for an endpoint. The default value is 30.\n" }, "healthCheckPath": { "type": "string", "description": "If the protocol is HTTP/S, then this specifies the path that is the destination for health check targets. The default value is slash (/).\n" }, "healthCheckPort": { "type": "integer", "description": "The port that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default port is the listener port that this endpoint group is associated with. If listener port is a list of ports, Global Accelerator uses the first port in the list.\n" }, "healthCheckProtocol": { "type": "string", "description": "The protocol that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default value is TCP.\n" }, "listenerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the listener.\n" }, "thresholdCount": { "type": "integer", "description": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.\n" }, "trafficDialPercentage": { "type": "number", "description": "The percentage of traffic to send to an AWS Region. Additional traffic is distributed to other endpoint groups for this listener. The default value is 100.\n" } }, "required": [ "endpointGroupRegion", "listenerArn" ], "inputProperties": { "endpointConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/EndpointGroupEndpointConfiguration:EndpointGroupEndpointConfiguration" }, "description": "The list of endpoint objects. Fields documented below.\n" }, "endpointGroupRegion": { "type": "string", "description": "The name of the AWS Region where the endpoint group is located.\n" }, "healthCheckIntervalSeconds": { "type": "integer", "description": "The time—10 seconds or 30 seconds—between each health check for an endpoint. The default value is 30.\n" }, "healthCheckPath": { "type": "string", "description": "If the protocol is HTTP/S, then this specifies the path that is the destination for health check targets. The default value is slash (/).\n" }, "healthCheckPort": { "type": "integer", "description": "The port that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default port is the listener port that this endpoint group is associated with. If listener port is a list of ports, Global Accelerator uses the first port in the list.\n" }, "healthCheckProtocol": { "type": "string", "description": "The protocol that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default value is TCP.\n" }, "listenerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the listener.\n" }, "thresholdCount": { "type": "integer", "description": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.\n" }, "trafficDialPercentage": { "type": "number", "description": "The percentage of traffic to send to an AWS Region. Additional traffic is distributed to other endpoint groups for this listener. The default value is 100.\n" } }, "requiredInputs": [ "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EndpointGroup resources.\n", "properties": { "endpointConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/EndpointGroupEndpointConfiguration:EndpointGroupEndpointConfiguration" }, "description": "The list of endpoint objects. Fields documented below.\n" }, "endpointGroupRegion": { "type": "string", "description": "The name of the AWS Region where the endpoint group is located.\n" }, "healthCheckIntervalSeconds": { "type": "integer", "description": "The time—10 seconds or 30 seconds—between each health check for an endpoint. The default value is 30.\n" }, "healthCheckPath": { "type": "string", "description": "If the protocol is HTTP/S, then this specifies the path that is the destination for health check targets. The default value is slash (/).\n" }, "healthCheckPort": { "type": "integer", "description": "The port that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default port is the listener port that this endpoint group is associated with. If listener port is a list of ports, Global Accelerator uses the first port in the list.\n" }, "healthCheckProtocol": { "type": "string", "description": "The protocol that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default value is TCP.\n" }, "listenerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the listener.\n" }, "thresholdCount": { "type": "integer", "description": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.\n" }, "trafficDialPercentage": { "type": "number", "description": "The percentage of traffic to send to an AWS Region. Additional traffic is distributed to other endpoint groups for this listener. The default value is 100.\n" } }, "type": "object" } }, "aws:globalaccelerator/listener:Listener": { "description": "Provides a Global Accelerator listener.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleAccelerator = new aws.globalaccelerator.Accelerator(\"example\", {\n attributes: {\n flowLogsEnabled: true,\n flowLogsS3Bucket: \"example-bucket\",\n flowLogsS3Prefix: \"flow-logs/\",\n },\n enabled: true,\n ipAddressType: \"IPV4\",\n});\nconst exampleListener = new aws.globalaccelerator.Listener(\"example\", {\n acceleratorArn: exampleAccelerator.id,\n clientAffinity: \"SOURCE_IP\",\n portRanges: [{\n fromPort: 80,\n toPort: 80,\n }],\n protocol: \"TCP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_accelerator = aws.globalaccelerator.Accelerator(\"exampleAccelerator\",\n attributes={\n \"flowLogsEnabled\": True,\n \"flowLogsS3Bucket\": \"example-bucket\",\n \"flowLogsS3Prefix\": \"flow-logs/\",\n },\n enabled=True,\n ip_address_type=\"IPV4\")\nexample_listener = aws.globalaccelerator.Listener(\"exampleListener\",\n accelerator_arn=example_accelerator.id,\n client_affinity=\"SOURCE_IP\",\n port_ranges=[{\n \"from_port\": 80,\n \"to_port\": 80,\n }],\n protocol=\"TCP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleAccelerator = new Aws.GlobalAccelerator.Accelerator(\"exampleAccelerator\", new Aws.GlobalAccelerator.AcceleratorArgs\n {\n Attributes = new Aws.GlobalAccelerator.Inputs.AcceleratorAttributesArgs\n {\n FlowLogsEnabled = true,\n FlowLogsS3Bucket = \"example-bucket\",\n FlowLogsS3Prefix = \"flow-logs/\",\n },\n Enabled = true,\n IpAddressType = \"IPV4\",\n });\n var exampleListener = new Aws.GlobalAccelerator.Listener(\"exampleListener\", new Aws.GlobalAccelerator.ListenerArgs\n {\n AcceleratorArn = exampleAccelerator.Id,\n ClientAffinity = \"SOURCE_IP\",\n PortRanges = \n {\n new Aws.GlobalAccelerator.Inputs.ListenerPortRangeArgs\n {\n FromPort = 80,\n ToPort = 80,\n },\n },\n Protocol = \"TCP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAccelerator, err := globalaccelerator.NewAccelerator(ctx, \"exampleAccelerator\", \u0026globalaccelerator.AcceleratorArgs{\n\t\t\tAttributes: \u0026globalaccelerator.AcceleratorAttributesArgs{\n\t\t\t\tFlowLogsEnabled: pulumi.Bool(true),\n\t\t\t\tFlowLogsS3Bucket: pulumi.String(\"example-bucket\"),\n\t\t\t\tFlowLogsS3Prefix: pulumi.String(\"flow-logs/\"),\n\t\t\t},\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tIpAddressType: pulumi.String(\"IPV4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = globalaccelerator.NewListener(ctx, \"exampleListener\", \u0026globalaccelerator.ListenerArgs{\n\t\t\tAcceleratorArn: exampleAccelerator.ID(),\n\t\t\tClientAffinity: pulumi.String(\"SOURCE_IP\"),\n\t\t\tPortRanges: globalaccelerator.ListenerPortRangeArray{\n\t\t\t\t\u0026globalaccelerator.ListenerPortRangeArgs{\n\t\t\t\t\tFromPort: pulumi.Int(80),\n\t\t\t\t\tToPort: pulumi.Int(80),\n\t\t\t\t},\n\t\t\t},\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "acceleratorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of your accelerator.\n" }, "clientAffinity": { "type": "string", "description": "Direct all requests from a user to the same endpoint. Valid values are `NONE`, `SOURCE_IP`. Default: `NONE`. If `NONE`, Global Accelerator uses the \"five-tuple\" properties of source IP address, source port, destination IP address, destination port, and protocol to select the hash value. If `SOURCE_IP`, Global Accelerator uses the \"two-tuple\" properties of source (client) IP address and destination IP address to select the hash value.\n" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/ListenerPortRange:ListenerPortRange" }, "description": "The list of port ranges for the connections from clients to the accelerator. Fields documented below.\n" }, "protocol": { "type": "string", "description": "The protocol for the connections from clients to the accelerator. Valid values are `TCP`, `UDP`.\n" } }, "required": [ "acceleratorArn", "portRanges", "protocol" ], "inputProperties": { "acceleratorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of your accelerator.\n" }, "clientAffinity": { "type": "string", "description": "Direct all requests from a user to the same endpoint. Valid values are `NONE`, `SOURCE_IP`. Default: `NONE`. If `NONE`, Global Accelerator uses the \"five-tuple\" properties of source IP address, source port, destination IP address, destination port, and protocol to select the hash value. If `SOURCE_IP`, Global Accelerator uses the \"two-tuple\" properties of source (client) IP address and destination IP address to select the hash value.\n" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/ListenerPortRange:ListenerPortRange" }, "description": "The list of port ranges for the connections from clients to the accelerator. Fields documented below.\n" }, "protocol": { "type": "string", "description": "The protocol for the connections from clients to the accelerator. Valid values are `TCP`, `UDP`.\n" } }, "requiredInputs": [ "acceleratorArn", "portRanges", "protocol" ], "stateInputs": { "description": "Input properties used for looking up and filtering Listener resources.\n", "properties": { "acceleratorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of your accelerator.\n" }, "clientAffinity": { "type": "string", "description": "Direct all requests from a user to the same endpoint. Valid values are `NONE`, `SOURCE_IP`. Default: `NONE`. If `NONE`, Global Accelerator uses the \"five-tuple\" properties of source IP address, source port, destination IP address, destination port, and protocol to select the hash value. If `SOURCE_IP`, Global Accelerator uses the \"two-tuple\" properties of source (client) IP address and destination IP address to select the hash value.\n" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/ListenerPortRange:ListenerPortRange" }, "description": "The list of port ranges for the connections from clients to the accelerator. Fields documented below.\n" }, "protocol": { "type": "string", "description": "The protocol for the connections from clients to the accelerator. Valid values are `TCP`, `UDP`.\n" } }, "type": "object" } }, "aws:glue/catalogDatabase:CatalogDatabase": { "description": "Provides a Glue Catalog Database Resource. You can refer to the [Glue Developer Guide](http://docs.aws.amazon.com/glue/latest/dg/populate-data-catalog.html) for a full explanation of the Glue Data Catalog functionality\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awsGlueCatalogDatabase = new aws.glue.CatalogDatabase(\"aws_glue_catalog_database\", {\n name: \"MyCatalogDatabase\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naws_glue_catalog_database = aws.glue.CatalogDatabase(\"awsGlueCatalogDatabase\", name=\"MyCatalogDatabase\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var awsGlueCatalogDatabase = new Aws.Glue.CatalogDatabase(\"awsGlueCatalogDatabase\", new Aws.Glue.CatalogDatabaseArgs\n {\n Name = \"MyCatalogDatabase\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewCatalogDatabase(ctx, \"awsGlueCatalogDatabase\", \u0026glue.CatalogDatabaseArgs{\n\t\t\tName: pulumi.String(\"MyCatalogDatabase\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Glue Catalog Database.\n" }, "catalogId": { "type": "string", "description": "ID of the Glue Catalog to create the database in. If omitted, this defaults to the AWS Account ID.\n" }, "description": { "type": "string", "description": "Description of the database.\n" }, "locationUri": { "type": "string", "description": "The location of the database (for example, an HDFS path).\n" }, "name": { "type": "string", "description": "The name of the database.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of key-value pairs that define parameters and properties of the database.\n" } }, "required": [ "arn", "catalogId", "name" ], "inputProperties": { "catalogId": { "type": "string", "description": "ID of the Glue Catalog to create the database in. If omitted, this defaults to the AWS Account ID.\n" }, "description": { "type": "string", "description": "Description of the database.\n" }, "locationUri": { "type": "string", "description": "The location of the database (for example, an HDFS path).\n" }, "name": { "type": "string", "description": "The name of the database.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of key-value pairs that define parameters and properties of the database.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering CatalogDatabase resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Glue Catalog Database.\n" }, "catalogId": { "type": "string", "description": "ID of the Glue Catalog to create the database in. If omitted, this defaults to the AWS Account ID.\n" }, "description": { "type": "string", "description": "Description of the database.\n" }, "locationUri": { "type": "string", "description": "The location of the database (for example, an HDFS path).\n" }, "name": { "type": "string", "description": "The name of the database.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of key-value pairs that define parameters and properties of the database.\n" } }, "type": "object" } }, "aws:glue/catalogTable:CatalogTable": { "description": "Provides a Glue Catalog Table Resource. You can refer to the [Glue Developer Guide](http://docs.aws.amazon.com/glue/latest/dg/populate-data-catalog.html) for a full explanation of the Glue Data Catalog functionality.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic Table\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awsGlueCatalogTable = new aws.glue.CatalogTable(\"aws_glue_catalog_table\", {\n databaseName: \"MyCatalogDatabase\",\n name: \"MyCatalogTable\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naws_glue_catalog_table = aws.glue.CatalogTable(\"awsGlueCatalogTable\",\n database_name=\"MyCatalogDatabase\",\n name=\"MyCatalogTable\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var awsGlueCatalogTable = new Aws.Glue.CatalogTable(\"awsGlueCatalogTable\", new Aws.Glue.CatalogTableArgs\n {\n DatabaseName = \"MyCatalogDatabase\",\n Name = \"MyCatalogTable\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewCatalogTable(ctx, \"awsGlueCatalogTable\", \u0026glue.CatalogTableArgs{\n\t\t\tDatabaseName: pulumi.String(\"MyCatalogDatabase\"),\n\t\t\tName: pulumi.String(\"MyCatalogTable\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Parquet Table for Athena\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awsGlueCatalogTable = new aws.glue.CatalogTable(\"aws_glue_catalog_table\", {\n databaseName: \"MyCatalogDatabase\",\n name: \"MyCatalogTable\",\n parameters: {\n EXTERNAL: \"TRUE\",\n \"parquet.compression\": \"SNAPPY\",\n },\n storageDescriptor: {\n columns: [\n {\n name: \"my_string\",\n type: \"string\",\n },\n {\n name: \"my_double\",\n type: \"double\",\n },\n {\n comment: \"\",\n name: \"my_date\",\n type: \"date\",\n },\n {\n comment: \"\",\n name: \"my_bigint\",\n type: \"bigint\",\n },\n {\n comment: \"\",\n name: \"my_struct\",\n type: \"struct\u003cmy_nested_string:string\u003e\",\n },\n ],\n inputFormat: \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat\",\n location: \"s3://my-bucket/event-streams/my-stream\",\n outputFormat: \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat\",\n serDeInfo: {\n name: \"my-stream\",\n parameters: {\n \"serialization.format\": 1,\n },\n serializationLibrary: \"org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe\",\n },\n },\n tableType: \"EXTERNAL_TABLE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naws_glue_catalog_table = aws.glue.CatalogTable(\"awsGlueCatalogTable\",\n database_name=\"MyCatalogDatabase\",\n name=\"MyCatalogTable\",\n parameters={\n \"EXTERNAL\": \"TRUE\",\n \"parquet.compression\": \"SNAPPY\",\n },\n storage_descriptor={\n \"columns\": [\n {\n \"name\": \"my_string\",\n \"type\": \"string\",\n },\n {\n \"name\": \"my_double\",\n \"type\": \"double\",\n },\n {\n \"comment\": \"\",\n \"name\": \"my_date\",\n \"type\": \"date\",\n },\n {\n \"comment\": \"\",\n \"name\": \"my_bigint\",\n \"type\": \"bigint\",\n },\n {\n \"comment\": \"\",\n \"name\": \"my_struct\",\n \"type\": \"struct\u003cmy_nested_string:string\u003e\",\n },\n ],\n \"inputFormat\": \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat\",\n \"location\": \"s3://my-bucket/event-streams/my-stream\",\n \"outputFormat\": \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat\",\n \"serDeInfo\": {\n \"name\": \"my-stream\",\n \"parameters\": {\n \"serialization.format\": 1,\n },\n \"serializationLibrary\": \"org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe\",\n },\n },\n table_type=\"EXTERNAL_TABLE\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var awsGlueCatalogTable = new Aws.Glue.CatalogTable(\"awsGlueCatalogTable\", new Aws.Glue.CatalogTableArgs\n {\n DatabaseName = \"MyCatalogDatabase\",\n Name = \"MyCatalogTable\",\n Parameters = \n {\n { \"EXTERNAL\", \"TRUE\" },\n { \"parquet.compression\", \"SNAPPY\" },\n },\n StorageDescriptor = new Aws.Glue.Inputs.CatalogTableStorageDescriptorArgs\n {\n Columns = \n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_string\",\n Type = \"string\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_double\",\n Type = \"double\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Comment = \"\",\n Name = \"my_date\",\n Type = \"date\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Comment = \"\",\n Name = \"my_bigint\",\n Type = \"bigint\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Comment = \"\",\n Name = \"my_struct\",\n Type = \"struct\u003cmy_nested_string:string\u003e\",\n },\n },\n InputFormat = \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat\",\n Location = \"s3://my-bucket/event-streams/my-stream\",\n OutputFormat = \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat\",\n SerDeInfo = new Aws.Glue.Inputs.CatalogTableStorageDescriptorSerDeInfoArgs\n {\n Name = \"my-stream\",\n Parameters = \n {\n { \"serialization.format\", \"1\" },\n },\n SerializationLibrary = \"org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe\",\n },\n },\n TableType = \"EXTERNAL_TABLE\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewCatalogTable(ctx, \"awsGlueCatalogTable\", \u0026glue.CatalogTableArgs{\n\t\t\tDatabaseName: pulumi.String(\"MyCatalogDatabase\"),\n\t\t\tName: pulumi.String(\"MyCatalogTable\"),\n\t\t\tParameters: pulumi.Map{\n\t\t\t\t\"EXTERNAL\": pulumi.String(\"TRUE\"),\n\t\t\t\t\"parquet.compression\": pulumi.String(\"SNAPPY\"),\n\t\t\t},\n\t\t\tStorageDescriptor: \u0026glue.CatalogTableStorageDescriptorArgs{\n\t\t\t\tColumns: glue.CatalogTableStorageDescriptorColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_string\"),\n\t\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_double\"),\n\t\t\t\t\t\tType: pulumi.String(\"double\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tComment: pulumi.String(\"\"),\n\t\t\t\t\t\tName: pulumi.String(\"my_date\"),\n\t\t\t\t\t\tType: pulumi.String(\"date\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tComment: pulumi.String(\"\"),\n\t\t\t\t\t\tName: pulumi.String(\"my_bigint\"),\n\t\t\t\t\t\tType: pulumi.String(\"bigint\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tComment: pulumi.String(\"\"),\n\t\t\t\t\t\tName: pulumi.String(\"my_struct\"),\n\t\t\t\t\t\tType: pulumi.String(\"struct\u003cmy_nested_string:string\u003e\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tInputFormat: pulumi.String(\"org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat\"),\n\t\t\t\tLocation: pulumi.String(\"s3://my-bucket/event-streams/my-stream\"),\n\t\t\t\tOutputFormat: pulumi.String(\"org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat\"),\n\t\t\t\tSerDeInfo: \u0026glue.CatalogTableStorageDescriptorSerDeInfoArgs{\n\t\t\t\t\tName: pulumi.String(\"my-stream\"),\n\t\t\t\t\tParameters: pulumi.Map{\n\t\t\t\t\t\t\"serialization.format\": pulumi.String(\"1\"),\n\t\t\t\t\t},\n\t\t\t\t\tSerializationLibrary: pulumi.String(\"org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTableType: pulumi.String(\"EXTERNAL_TABLE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Glue Table.\n" }, "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database to create the table in. If omitted, this defaults to the AWS Account ID plus the database name.\n" }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n" }, "description": { "type": "string", "description": "Description of the table.\n" }, "name": { "type": "string", "description": "Name of the SerDe.\n" }, "owner": { "type": "string", "description": "Owner of the table.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of initialization parameters for the SerDe, in key-value form.\n" }, "partitionKeys": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTablePartitionKey:CatalogTablePartitionKey" }, "description": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n" }, "retention": { "type": "integer", "description": "Retention time for this table.\n" }, "storageDescriptor": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptor:CatalogTableStorageDescriptor", "description": "A storage descriptor object containing information about the physical storage of this table. You can refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-StorageDescriptor) for a full explanation of this object.\n" }, "tableType": { "type": "string", "description": "The type of this table (EXTERNAL_TABLE, VIRTUAL_VIEW, etc.).\n" }, "viewExpandedText": { "type": "string", "description": "If the table is a view, the expanded text of the view; otherwise null.\n" }, "viewOriginalText": { "type": "string", "description": "If the table is a view, the original text of the view; otherwise null.\n" } }, "required": [ "arn", "catalogId", "databaseName", "name" ], "inputProperties": { "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database to create the table in. If omitted, this defaults to the AWS Account ID plus the database name.\n" }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n" }, "description": { "type": "string", "description": "Description of the table.\n" }, "name": { "type": "string", "description": "Name of the SerDe.\n" }, "owner": { "type": "string", "description": "Owner of the table.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of initialization parameters for the SerDe, in key-value form.\n" }, "partitionKeys": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTablePartitionKey:CatalogTablePartitionKey" }, "description": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n" }, "retention": { "type": "integer", "description": "Retention time for this table.\n" }, "storageDescriptor": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptor:CatalogTableStorageDescriptor", "description": "A storage descriptor object containing information about the physical storage of this table. You can refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-StorageDescriptor) for a full explanation of this object.\n" }, "tableType": { "type": "string", "description": "The type of this table (EXTERNAL_TABLE, VIRTUAL_VIEW, etc.).\n" }, "viewExpandedText": { "type": "string", "description": "If the table is a view, the expanded text of the view; otherwise null.\n" }, "viewOriginalText": { "type": "string", "description": "If the table is a view, the original text of the view; otherwise null.\n" } }, "requiredInputs": [ "databaseName" ], "stateInputs": { "description": "Input properties used for looking up and filtering CatalogTable resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Glue Table.\n" }, "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database to create the table in. If omitted, this defaults to the AWS Account ID plus the database name.\n" }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n" }, "description": { "type": "string", "description": "Description of the table.\n" }, "name": { "type": "string", "description": "Name of the SerDe.\n" }, "owner": { "type": "string", "description": "Owner of the table.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of initialization parameters for the SerDe, in key-value form.\n" }, "partitionKeys": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTablePartitionKey:CatalogTablePartitionKey" }, "description": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n" }, "retention": { "type": "integer", "description": "Retention time for this table.\n" }, "storageDescriptor": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptor:CatalogTableStorageDescriptor", "description": "A storage descriptor object containing information about the physical storage of this table. You can refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-StorageDescriptor) for a full explanation of this object.\n" }, "tableType": { "type": "string", "description": "The type of this table (EXTERNAL_TABLE, VIRTUAL_VIEW, etc.).\n" }, "viewExpandedText": { "type": "string", "description": "If the table is a view, the expanded text of the view; otherwise null.\n" }, "viewOriginalText": { "type": "string", "description": "If the table is a view, the original text of the view; otherwise null.\n" } }, "type": "object" } }, "aws:glue/classifier:Classifier": { "description": "Provides a Glue Classifier resource.\n\n\u003e **NOTE:** It is only valid to create one type of classifier (csv, grok, JSON, or XML). Changing classifier types will recreate the classifier.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Csv Classifier\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Classifier(\"example\", {\n csvClassifier: {\n allowSingleColumn: false,\n containsHeader: \"PRESENT\",\n delimiter: \",\",\n disableValueTrimming: false,\n headers: [\n \"example1\",\n \"example2\",\n ],\n quoteSymbol: \"'\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Classifier(\"example\", csv_classifier={\n \"allowSingleColumn\": False,\n \"containsHeader\": \"PRESENT\",\n \"delimiter\": \",\",\n \"disableValueTrimming\": False,\n \"header\": [\n \"example1\",\n \"example2\",\n ],\n \"quoteSymbol\": \"'\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Classifier(\"example\", new Aws.Glue.ClassifierArgs\n {\n CsvClassifier = new Aws.Glue.Inputs.ClassifierCsvClassifierArgs\n {\n AllowSingleColumn = false,\n ContainsHeader = \"PRESENT\",\n Delimiter = \",\",\n DisableValueTrimming = false,\n Header = \n {\n \"example1\",\n \"example2\",\n },\n QuoteSymbol = \"'\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewClassifier(ctx, \"example\", \u0026glue.ClassifierArgs{\n\t\t\tCsvClassifier: \u0026glue.ClassifierCsvClassifierArgs{\n\t\t\t\tAllowSingleColumn: pulumi.Bool(false),\n\t\t\t\tContainsHeader: pulumi.String(\"PRESENT\"),\n\t\t\t\tDelimiter: pulumi.String(\",\"),\n\t\t\t\tDisableValueTrimming: pulumi.Bool(false),\n\t\t\t\tHeader: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"example1\"),\n\t\t\t\t\tpulumi.String(\"example2\"),\n\t\t\t\t},\n\t\t\t\tQuoteSymbol: pulumi.String(\"'\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Grok Classifier\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Classifier(\"example\", {\n grokClassifier: {\n classification: \"example\",\n grokPattern: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Classifier(\"example\", grok_classifier={\n \"classification\": \"example\",\n \"grokPattern\": \"example\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Classifier(\"example\", new Aws.Glue.ClassifierArgs\n {\n GrokClassifier = new Aws.Glue.Inputs.ClassifierGrokClassifierArgs\n {\n Classification = \"example\",\n GrokPattern = \"example\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewClassifier(ctx, \"example\", \u0026glue.ClassifierArgs{\n\t\t\tGrokClassifier: \u0026glue.ClassifierGrokClassifierArgs{\n\t\t\t\tClassification: pulumi.String(\"example\"),\n\t\t\t\tGrokPattern: pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### JSON Classifier\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Classifier(\"example\", {\n jsonClassifier: {\n jsonPath: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Classifier(\"example\", json_classifier={\n \"jsonPath\": \"example\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Classifier(\"example\", new Aws.Glue.ClassifierArgs\n {\n JsonClassifier = new Aws.Glue.Inputs.ClassifierJsonClassifierArgs\n {\n JsonPath = \"example\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewClassifier(ctx, \"example\", \u0026glue.ClassifierArgs{\n\t\t\tJsonClassifier: \u0026glue.ClassifierJsonClassifierArgs{\n\t\t\t\tJsonPath: pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### XML Classifier\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Classifier(\"example\", {\n xmlClassifier: {\n classification: \"example\",\n rowTag: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Classifier(\"example\", xml_classifier={\n \"classification\": \"example\",\n \"rowTag\": \"example\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Classifier(\"example\", new Aws.Glue.ClassifierArgs\n {\n XmlClassifier = new Aws.Glue.Inputs.ClassifierXmlClassifierArgs\n {\n Classification = \"example\",\n RowTag = \"example\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewClassifier(ctx, \"example\", \u0026glue.ClassifierArgs{\n\t\t\tXmlClassifier: \u0026glue.ClassifierXmlClassifierArgs{\n\t\t\t\tClassification: pulumi.String(\"example\"),\n\t\t\t\tRowTag: pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "csvClassifier": { "$ref": "#/types/aws:glue/ClassifierCsvClassifier:ClassifierCsvClassifier", "description": "A classifier for Csv content. Defined below.\n" }, "grokClassifier": { "$ref": "#/types/aws:glue/ClassifierGrokClassifier:ClassifierGrokClassifier", "description": "A classifier that uses grok patterns. Defined below.\n" }, "jsonClassifier": { "$ref": "#/types/aws:glue/ClassifierJsonClassifier:ClassifierJsonClassifier", "description": "A classifier for JSON content. Defined below.\n" }, "name": { "type": "string", "description": "The name of the classifier.\n" }, "xmlClassifier": { "$ref": "#/types/aws:glue/ClassifierXmlClassifier:ClassifierXmlClassifier", "description": "A classifier for XML content. Defined below.\n" } }, "required": [ "name" ], "inputProperties": { "csvClassifier": { "$ref": "#/types/aws:glue/ClassifierCsvClassifier:ClassifierCsvClassifier", "description": "A classifier for Csv content. Defined below.\n" }, "grokClassifier": { "$ref": "#/types/aws:glue/ClassifierGrokClassifier:ClassifierGrokClassifier", "description": "A classifier that uses grok patterns. Defined below.\n" }, "jsonClassifier": { "$ref": "#/types/aws:glue/ClassifierJsonClassifier:ClassifierJsonClassifier", "description": "A classifier for JSON content. Defined below.\n" }, "name": { "type": "string", "description": "The name of the classifier.\n" }, "xmlClassifier": { "$ref": "#/types/aws:glue/ClassifierXmlClassifier:ClassifierXmlClassifier", "description": "A classifier for XML content. Defined below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Classifier resources.\n", "properties": { "csvClassifier": { "$ref": "#/types/aws:glue/ClassifierCsvClassifier:ClassifierCsvClassifier", "description": "A classifier for Csv content. Defined below.\n" }, "grokClassifier": { "$ref": "#/types/aws:glue/ClassifierGrokClassifier:ClassifierGrokClassifier", "description": "A classifier that uses grok patterns. Defined below.\n" }, "jsonClassifier": { "$ref": "#/types/aws:glue/ClassifierJsonClassifier:ClassifierJsonClassifier", "description": "A classifier for JSON content. Defined below.\n" }, "name": { "type": "string", "description": "The name of the classifier.\n" }, "xmlClassifier": { "$ref": "#/types/aws:glue/ClassifierXmlClassifier:ClassifierXmlClassifier", "description": "A classifier for XML content. Defined below.\n" } }, "type": "object" } }, "aws:glue/connection:Connection": { "description": "Provides a Glue Connection resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Non-VPC Connection\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Connection(\"example\", {\n connectionProperties: {\n JDBC_CONNECTION_URL: \"jdbc:mysql://example.com/exampledatabase\",\n PASSWORD: \"examplepassword\",\n USERNAME: \"exampleusername\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Connection(\"example\", connection_properties={\n \"JDBC_CONNECTION_URL\": \"jdbc:mysql://example.com/exampledatabase\",\n \"PASSWORD\": \"examplepassword\",\n \"USERNAME\": \"exampleusername\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Connection(\"example\", new Aws.Glue.ConnectionArgs\n {\n ConnectionProperties = \n {\n { \"JDBC_CONNECTION_URL\", \"jdbc:mysql://example.com/exampledatabase\" },\n { \"PASSWORD\", \"examplepassword\" },\n { \"USERNAME\", \"exampleusername\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewConnection(ctx, \"example\", \u0026glue.ConnectionArgs{\n\t\t\tConnectionProperties: pulumi.Map{\n\t\t\t\t\"JDBC_CONNECTION_URL\": pulumi.String(\"jdbc:mysql://example.com/exampledatabase\"),\n\t\t\t\t\"PASSWORD\": pulumi.String(\"examplepassword\"),\n\t\t\t\t\"USERNAME\": pulumi.String(\"exampleusername\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### VPC Connection\n\nFor more information, see the [AWS Documentation](https://docs.aws.amazon.com/glue/latest/dg/populate-add-connection.html#connection-JDBC-VPC).\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Connection(\"example\", {\n connectionProperties: {\n JDBC_CONNECTION_URL: pulumi.interpolate`jdbc:mysql://${aws_rds_cluster_example.endpoint}/exampledatabase`,\n PASSWORD: \"examplepassword\",\n USERNAME: \"exampleusername\",\n },\n physicalConnectionRequirements: {\n availabilityZone: aws_subnet_example.availabilityZone,\n securityGroupIdLists: [aws_security_group_example.id],\n subnetId: aws_subnet_example.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Connection(\"example\",\n connection_properties={\n \"JDBC_CONNECTION_URL\": f\"jdbc:mysql://{aws_rds_cluster['example']['endpoint']}/exampledatabase\",\n \"PASSWORD\": \"examplepassword\",\n \"USERNAME\": \"exampleusername\",\n },\n physical_connection_requirements={\n \"availability_zone\": aws_subnet[\"example\"][\"availability_zone\"],\n \"securityGroupIdList\": [aws_security_group[\"example\"][\"id\"]],\n \"subnet_id\": aws_subnet[\"example\"][\"id\"],\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Connection(\"example\", new Aws.Glue.ConnectionArgs\n {\n ConnectionProperties = \n {\n { \"JDBC_CONNECTION_URL\", $\"jdbc:mysql://{aws_rds_cluster.Example.Endpoint}/exampledatabase\" },\n { \"PASSWORD\", \"examplepassword\" },\n { \"USERNAME\", \"exampleusername\" },\n },\n PhysicalConnectionRequirements = new Aws.Glue.Inputs.ConnectionPhysicalConnectionRequirementsArgs\n {\n AvailabilityZone = aws_subnet.Example.Availability_zone,\n SecurityGroupIdList = \n {\n aws_security_group.Example.Id,\n },\n SubnetId = aws_subnet.Example.Id,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewConnection(ctx, \"example\", \u0026glue.ConnectionArgs{\n\t\t\tConnectionProperties: pulumi.Map{\n\t\t\t\t\"JDBC_CONNECTION_URL\": pulumi.String(fmt.Sprintf(\"%v%v%v\", \"jdbc:mysql://\", aws_rds_cluster.Example.Endpoint, \"/exampledatabase\")),\n\t\t\t\t\"PASSWORD\": pulumi.String(\"examplepassword\"),\n\t\t\t\t\"USERNAME\": pulumi.String(\"exampleusername\"),\n\t\t\t},\n\t\t\tPhysicalConnectionRequirements: \u0026glue.ConnectionPhysicalConnectionRequirementsArgs{\n\t\t\t\tAvailabilityZone: pulumi.String(aws_subnet.Example.Availability_zone),\n\t\t\t\tSecurityGroupIdList: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(aws_security_group.Example.Id),\n\t\t\t\t},\n\t\t\t\tSubnetId: pulumi.String(aws_subnet.Example.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Glue Connection.\n" }, "catalogId": { "type": "string", "description": "The ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.\n" }, "connectionProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs used as parameters for this connection.\n" }, "connectionType": { "type": "string", "description": "The type of the connection. Supported are: `JDBC`, `MONGODB`, `KAFKA`. Defaults to `JBDC`.\n" }, "description": { "type": "string", "description": "Description of the connection.\n" }, "matchCriterias": { "type": "array", "items": { "type": "string" }, "description": "A list of criteria that can be used in selecting this connection.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "physicalConnectionRequirements": { "$ref": "#/types/aws:glue/ConnectionPhysicalConnectionRequirements:ConnectionPhysicalConnectionRequirements", "description": "A map of physical connection requirements, such as VPC and SecurityGroup. Defined below.\n" } }, "required": [ "arn", "catalogId", "connectionProperties", "name" ], "inputProperties": { "catalogId": { "type": "string", "description": "The ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.\n" }, "connectionProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs used as parameters for this connection.\n" }, "connectionType": { "type": "string", "description": "The type of the connection. Supported are: `JDBC`, `MONGODB`, `KAFKA`. Defaults to `JBDC`.\n" }, "description": { "type": "string", "description": "Description of the connection.\n" }, "matchCriterias": { "type": "array", "items": { "type": "string" }, "description": "A list of criteria that can be used in selecting this connection.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "physicalConnectionRequirements": { "$ref": "#/types/aws:glue/ConnectionPhysicalConnectionRequirements:ConnectionPhysicalConnectionRequirements", "description": "A map of physical connection requirements, such as VPC and SecurityGroup. Defined below.\n" } }, "requiredInputs": [ "connectionProperties" ], "stateInputs": { "description": "Input properties used for looking up and filtering Connection resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Glue Connection.\n" }, "catalogId": { "type": "string", "description": "The ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.\n" }, "connectionProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs used as parameters for this connection.\n" }, "connectionType": { "type": "string", "description": "The type of the connection. Supported are: `JDBC`, `MONGODB`, `KAFKA`. Defaults to `JBDC`.\n" }, "description": { "type": "string", "description": "Description of the connection.\n" }, "matchCriterias": { "type": "array", "items": { "type": "string" }, "description": "A list of criteria that can be used in selecting this connection.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "physicalConnectionRequirements": { "$ref": "#/types/aws:glue/ConnectionPhysicalConnectionRequirements:ConnectionPhysicalConnectionRequirements", "description": "A map of physical connection requirements, such as VPC and SecurityGroup. Defined below.\n" } }, "type": "object" } }, "aws:glue/crawler:Crawler": { "description": "Manages a Glue Crawler. More information can be found in the [AWS Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### DynamoDB Target\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: aws_glue_catalog_database_example.name,\n dynamodbTargets: [{\n path: \"table-name\",\n }],\n role: aws_iam_role_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=aws_glue_catalog_database[\"example\"][\"name\"],\n dynamodb_targets=[{\n \"path\": \"table-name\",\n }],\n role=aws_iam_role[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Crawler(\"example\", new Aws.Glue.CrawlerArgs\n {\n DatabaseName = aws_glue_catalog_database.Example.Name,\n DynamodbTargets = \n {\n new Aws.Glue.Inputs.CrawlerDynamodbTargetArgs\n {\n Path = \"table-name\",\n },\n },\n Role = aws_iam_role.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.String(aws_glue_catalog_database.Example.Name),\n\t\t\tDynamodbTargets: glue.CrawlerDynamodbTargetArray{\n\t\t\t\t\u0026glue.CrawlerDynamodbTargetArgs{\n\t\t\t\t\tPath: pulumi.String(\"table-name\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRole: pulumi.String(aws_iam_role.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### JDBC Target\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: aws_glue_catalog_database_example.name,\n jdbcTargets: [{\n connectionName: aws_glue_connection_example.name,\n path: \"database-name/%\",\n }],\n role: aws_iam_role_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=aws_glue_catalog_database[\"example\"][\"name\"],\n jdbc_targets=[{\n \"connectionName\": aws_glue_connection[\"example\"][\"name\"],\n \"path\": \"database-name/%\",\n }],\n role=aws_iam_role[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Crawler(\"example\", new Aws.Glue.CrawlerArgs\n {\n DatabaseName = aws_glue_catalog_database.Example.Name,\n JdbcTargets = \n {\n new Aws.Glue.Inputs.CrawlerJdbcTargetArgs\n {\n ConnectionName = aws_glue_connection.Example.Name,\n Path = \"database-name/%\",\n },\n },\n Role = aws_iam_role.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.String(aws_glue_catalog_database.Example.Name),\n\t\t\tJdbcTargets: glue.CrawlerJdbcTargetArray{\n\t\t\t\t\u0026glue.CrawlerJdbcTargetArgs{\n\t\t\t\t\tConnectionName: pulumi.String(aws_glue_connection.Example.Name),\n\t\t\t\t\tPath: pulumi.String(fmt.Sprintf(\"%v%v\", \"database-name/\", \"%\")),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRole: pulumi.String(aws_iam_role.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### S3 Target\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: aws_glue_catalog_database_example.name,\n role: aws_iam_role_example.arn,\n s3Targets: [{\n path: pulumi.interpolate`s3://${aws_s3_bucket_example.bucket}`,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=aws_glue_catalog_database[\"example\"][\"name\"],\n role=aws_iam_role[\"example\"][\"arn\"],\n s3_targets=[{\n \"path\": f\"s3://{aws_s3_bucket['example']['bucket']}\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Crawler(\"example\", new Aws.Glue.CrawlerArgs\n {\n DatabaseName = aws_glue_catalog_database.Example.Name,\n Role = aws_iam_role.Example.Arn,\n S3Targets = \n {\n new Aws.Glue.Inputs.CrawlerS3TargetArgs\n {\n Path = $\"s3://{aws_s3_bucket.Example.Bucket}\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.String(aws_glue_catalog_database.Example.Name),\n\t\t\tRole: pulumi.String(aws_iam_role.Example.Arn),\n\t\t\tS3Targets: glue.CrawlerS3TargetArray{\n\t\t\t\t\u0026glue.CrawlerS3TargetArgs{\n\t\t\t\t\tPath: pulumi.String(fmt.Sprintf(\"%v%v\", \"s3://\", aws_s3_bucket.Example.Bucket)),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n{{% /example %}}\n{{% example %}}\n### Catalog Target\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n catalogTargets: [{\n databaseName: aws_glue_catalog_database_example.name,\n tables: [aws_glue_catalog_table_example.name],\n }],\n configuration: `{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n`,\n databaseName: aws_glue_catalog_database_example.name,\n role: aws_iam_role_example.arn,\n schemaChangePolicy: {\n deleteBehavior: \"LOG\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n catalog_targets=[{\n \"database_name\": aws_glue_catalog_database[\"example\"][\"name\"],\n \"tables\": [aws_glue_catalog_table[\"example\"][\"name\"]],\n }],\n configuration=\"\"\"{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n\n\"\"\",\n database_name=aws_glue_catalog_database[\"example\"][\"name\"],\n role=aws_iam_role[\"example\"][\"arn\"],\n schema_change_policy={\n \"deleteBehavior\": \"LOG\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Crawler(\"example\", new Aws.Glue.CrawlerArgs\n {\n CatalogTargets = \n {\n new Aws.Glue.Inputs.CrawlerCatalogTargetArgs\n {\n DatabaseName = aws_glue_catalog_database.Example.Name,\n Tables = \n {\n aws_glue_catalog_table.Example.Name,\n },\n },\n },\n Configuration = @\"{\n \"\"Version\"\":1.0,\n \"\"Grouping\"\": {\n \"\"TableGroupingPolicy\"\": \"\"CombineCompatibleSchemas\"\"\n }\n}\n\n\",\n DatabaseName = aws_glue_catalog_database.Example.Name,\n Role = aws_iam_role.Example.Arn,\n SchemaChangePolicy = new Aws.Glue.Inputs.CrawlerSchemaChangePolicyArgs\n {\n DeleteBehavior = \"LOG\",\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the crawler\n" }, "catalogTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerCatalogTarget:CrawlerCatalogTarget" } }, "classifiers": { "type": "array", "items": { "type": "string" }, "description": "List of custom classifiers. By default, all AWS classifiers are included in a crawl, but these custom classifiers always override the default classifiers for a given classification.\n" }, "configuration": { "type": "string", "description": "JSON string of configuration information.\n" }, "databaseName": { "type": "string", "description": "Glue database where results are written.\n" }, "description": { "type": "string", "description": "Description of the crawler.\n" }, "dynamodbTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerDynamodbTarget:CrawlerDynamodbTarget" }, "description": "List of nested DynamoDB target arguments. See below.\n" }, "jdbcTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerJdbcTarget:CrawlerJdbcTarget" }, "description": "List of nested JBDC target arguments. See below.\n" }, "name": { "type": "string", "description": "Name of the crawler.\n" }, "role": { "type": "string", "description": "The IAM role friendly name (including path without leading slash), or ARN of an IAM role, used by the crawler to access other resources.\n" }, "s3Targets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerS3Target:CrawlerS3Target" }, "description": "List nested Amazon S3 target arguments. See below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html). For example, to run something every day at 12:15 UTC, you would specify: `cron(15 12 * * ? *)`.\n" }, "schemaChangePolicy": { "$ref": "#/types/aws:glue/CrawlerSchemaChangePolicy:CrawlerSchemaChangePolicy", "description": "Policy for the crawler's update and deletion behavior.\n" }, "securityConfiguration": { "type": "string", "description": "The name of Security Configuration to be used by the crawler\n" }, "tablePrefix": { "type": "string", "description": "The table prefix used for catalog tables that are created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "databaseName", "name", "role" ], "inputProperties": { "catalogTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerCatalogTarget:CrawlerCatalogTarget" } }, "classifiers": { "type": "array", "items": { "type": "string" }, "description": "List of custom classifiers. By default, all AWS classifiers are included in a crawl, but these custom classifiers always override the default classifiers for a given classification.\n" }, "configuration": { "type": "string", "description": "JSON string of configuration information.\n" }, "databaseName": { "type": "string", "description": "Glue database where results are written.\n" }, "description": { "type": "string", "description": "Description of the crawler.\n" }, "dynamodbTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerDynamodbTarget:CrawlerDynamodbTarget" }, "description": "List of nested DynamoDB target arguments. See below.\n" }, "jdbcTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerJdbcTarget:CrawlerJdbcTarget" }, "description": "List of nested JBDC target arguments. See below.\n" }, "name": { "type": "string", "description": "Name of the crawler.\n" }, "role": { "type": "string", "description": "The IAM role friendly name (including path without leading slash), or ARN of an IAM role, used by the crawler to access other resources.\n" }, "s3Targets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerS3Target:CrawlerS3Target" }, "description": "List nested Amazon S3 target arguments. See below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html). For example, to run something every day at 12:15 UTC, you would specify: `cron(15 12 * * ? *)`.\n" }, "schemaChangePolicy": { "$ref": "#/types/aws:glue/CrawlerSchemaChangePolicy:CrawlerSchemaChangePolicy", "description": "Policy for the crawler's update and deletion behavior.\n" }, "securityConfiguration": { "type": "string", "description": "The name of Security Configuration to be used by the crawler\n" }, "tablePrefix": { "type": "string", "description": "The table prefix used for catalog tables that are created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "databaseName", "role" ], "stateInputs": { "description": "Input properties used for looking up and filtering Crawler resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the crawler\n" }, "catalogTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerCatalogTarget:CrawlerCatalogTarget" } }, "classifiers": { "type": "array", "items": { "type": "string" }, "description": "List of custom classifiers. By default, all AWS classifiers are included in a crawl, but these custom classifiers always override the default classifiers for a given classification.\n" }, "configuration": { "type": "string", "description": "JSON string of configuration information.\n" }, "databaseName": { "type": "string", "description": "Glue database where results are written.\n" }, "description": { "type": "string", "description": "Description of the crawler.\n" }, "dynamodbTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerDynamodbTarget:CrawlerDynamodbTarget" }, "description": "List of nested DynamoDB target arguments. See below.\n" }, "jdbcTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerJdbcTarget:CrawlerJdbcTarget" }, "description": "List of nested JBDC target arguments. See below.\n" }, "name": { "type": "string", "description": "Name of the crawler.\n" }, "role": { "type": "string", "description": "The IAM role friendly name (including path without leading slash), or ARN of an IAM role, used by the crawler to access other resources.\n" }, "s3Targets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerS3Target:CrawlerS3Target" }, "description": "List nested Amazon S3 target arguments. See below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html). For example, to run something every day at 12:15 UTC, you would specify: `cron(15 12 * * ? *)`.\n" }, "schemaChangePolicy": { "$ref": "#/types/aws:glue/CrawlerSchemaChangePolicy:CrawlerSchemaChangePolicy", "description": "Policy for the crawler's update and deletion behavior.\n" }, "securityConfiguration": { "type": "string", "description": "The name of Security Configuration to be used by the crawler\n" }, "tablePrefix": { "type": "string", "description": "The table prefix used for catalog tables that are created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:glue/job:Job": { "description": "Provides a Glue Job resource.\n\n\u003e Glue functionality, such as monitoring and logging of jobs, is typically managed with the `default_arguments` argument. See the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the Glue developer guide for additional information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Python Job\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Job(\"example\", {\n command: {\n scriptLocation: pulumi.interpolate`s3://${aws_s3_bucket_example.bucket}/example.py`,\n },\n roleArn: aws_iam_role_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Job(\"example\",\n command={\n \"scriptLocation\": f\"s3://{aws_s3_bucket['example']['bucket']}/example.py\",\n },\n role_arn=aws_iam_role[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Job(\"example\", new Aws.Glue.JobArgs\n {\n Command = new Aws.Glue.Inputs.JobCommandArgs\n {\n ScriptLocation = $\"s3://{aws_s3_bucket.Example.Bucket}/example.py\",\n },\n RoleArn = aws_iam_role.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewJob(ctx, \"example\", \u0026glue.JobArgs{\n\t\t\tCommand: \u0026glue.JobCommandArgs{\n\t\t\t\tScriptLocation: pulumi.String(fmt.Sprintf(\"%v%v%v\", \"s3://\", aws_s3_bucket.Example.Bucket, \"/example.py\")),\n\t\t\t},\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Scala Job\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Job(\"example\", {\n command: {\n scriptLocation: pulumi.interpolate`s3://${aws_s3_bucket_example.bucket}/example.scala`,\n },\n defaultArguments: {\n \"--job-language\": \"scala\",\n },\n roleArn: aws_iam_role_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Job(\"example\",\n command={\n \"scriptLocation\": f\"s3://{aws_s3_bucket['example']['bucket']}/example.scala\",\n },\n default_arguments={\n \"--job-language\": \"scala\",\n },\n role_arn=aws_iam_role[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Job(\"example\", new Aws.Glue.JobArgs\n {\n Command = new Aws.Glue.Inputs.JobCommandArgs\n {\n ScriptLocation = $\"s3://{aws_s3_bucket.Example.Bucket}/example.scala\",\n },\n DefaultArguments = \n {\n { \"--job-language\", \"scala\" },\n },\n RoleArn = aws_iam_role.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewJob(ctx, \"example\", \u0026glue.JobArgs{\n\t\t\tCommand: \u0026glue.JobCommandArgs{\n\t\t\t\tScriptLocation: pulumi.String(fmt.Sprintf(\"%v%v%v\", \"s3://\", aws_s3_bucket.Example.Bucket, \"/example.scala\")),\n\t\t\t},\n\t\t\tDefaultArguments: pulumi.Map{\n\t\t\t\t\"--job-language\": pulumi.String(\"scala\"),\n\t\t\t},\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Enabling CloudWatch Logs and Metrics\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {\n retentionInDays: 14,\n});\nconst exampleJob = new aws.glue.Job(\"example\", {\n defaultArguments: {\n // ... potentially other arguments ...\n \"--continuous-log-logGroup\": exampleLogGroup.name,\n \"--enable-continuous-cloudwatch-log\": \"true\",\n \"--enable-continuous-log-filter\": \"true\",\n \"--enable-metrics\": \"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"exampleLogGroup\", retention_in_days=14)\nexample_job = aws.glue.Job(\"exampleJob\", default_arguments={\n \"--continuous-log-logGroup\": example_log_group.name,\n \"--enable-continuous-cloudwatch-log\": \"true\",\n \"--enable-continuous-log-filter\": \"true\",\n \"--enable-metrics\": \"\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"exampleLogGroup\", new Aws.CloudWatch.LogGroupArgs\n {\n RetentionInDays = 14,\n });\n var exampleJob = new Aws.Glue.Job(\"exampleJob\", new Aws.Glue.JobArgs\n {\n DefaultArguments = \n {\n { \"--continuous-log-logGroup\", exampleLogGroup.Name },\n { \"--enable-continuous-cloudwatch-log\", \"true\" },\n { \"--enable-continuous-log-filter\", \"true\" },\n { \"--enable-metrics\", \"\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"exampleLogGroup\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tRetentionInDays: pulumi.Int(14),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewJob(ctx, \"exampleJob\", \u0026glue.JobArgs{\n\t\t\tDefaultArguments: pulumi.Map{\n\t\t\t\t\"--continuous-log-logGroup\": exampleLogGroup.Name,\n\t\t\t\t\"--enable-continuous-cloudwatch-log\": pulumi.String(\"true\"),\n\t\t\t\t\"--enable-continuous-log-filter\": pulumi.String(\"true\"),\n\t\t\t\t\"--enable-metrics\": pulumi.String(\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allocatedCapacity": { "type": "integer", "description": "**DEPRECATED** (Optional) The number of AWS Glue data processing units (DPUs) to allocate to this Job. At least 2 DPUs need to be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n", "deprecationMessage": "Please use attribute `max_capacity' instead. This attribute might be removed in future releases." }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Job\n" }, "command": { "$ref": "#/types/aws:glue/JobCommand:JobCommand", "description": "The command of the job. Defined below.\n" }, "connections": { "type": "array", "items": { "type": "string" }, "description": "The list of connections used for this job.\n" }, "defaultArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes. For information about how to specify and consume your own Job arguments, see the [Calling AWS Glue APIs in Python](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) topic in the developer guide. For information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-glue-arguments.html) topic in the developer guide.\n" }, "description": { "type": "string", "description": "Description of the job.\n" }, "executionProperty": { "$ref": "#/types/aws:glue/JobExecutionProperty:JobExecutionProperty", "description": "Execution property of the job. Defined below.\n" }, "glueVersion": { "type": "string", "description": "The version of glue to use, for example \"1.0\". For information about available versions, see the [AWS Glue Release Notes](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html).\n" }, "maxCapacity": { "type": "number", "description": "The maximum number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. `Required` when `pythonshell` is set, accept either `0.0625` or `1.0`.\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times to retry this job if it fails.\n" }, "name": { "type": "string", "description": "The name you assign to this job. It must be unique in your account.\n" }, "notificationProperty": { "$ref": "#/types/aws:glue/JobNotificationProperty:JobNotificationProperty", "description": "Notification property of the job. Defined below.\n" }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined workerType that are allocated when a job runs.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role associated with this job.\n" }, "securityConfiguration": { "type": "string", "description": "The name of the Security Configuration to be associated with the job.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "timeout": { "type": "integer", "description": "The job timeout in minutes. The default is 2880 minutes (48 hours).\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of Standard, G.1X, or G.2X.\n" } }, "required": [ "allocatedCapacity", "arn", "command", "executionProperty", "glueVersion", "maxCapacity", "name", "notificationProperty", "roleArn" ], "inputProperties": { "allocatedCapacity": { "type": "integer", "description": "**DEPRECATED** (Optional) The number of AWS Glue data processing units (DPUs) to allocate to this Job. At least 2 DPUs need to be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n", "deprecationMessage": "Please use attribute `max_capacity' instead. This attribute might be removed in future releases." }, "command": { "$ref": "#/types/aws:glue/JobCommand:JobCommand", "description": "The command of the job. Defined below.\n" }, "connections": { "type": "array", "items": { "type": "string" }, "description": "The list of connections used for this job.\n" }, "defaultArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes. For information about how to specify and consume your own Job arguments, see the [Calling AWS Glue APIs in Python](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) topic in the developer guide. For information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-glue-arguments.html) topic in the developer guide.\n" }, "description": { "type": "string", "description": "Description of the job.\n" }, "executionProperty": { "$ref": "#/types/aws:glue/JobExecutionProperty:JobExecutionProperty", "description": "Execution property of the job. Defined below.\n" }, "glueVersion": { "type": "string", "description": "The version of glue to use, for example \"1.0\". For information about available versions, see the [AWS Glue Release Notes](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html).\n" }, "maxCapacity": { "type": "number", "description": "The maximum number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. `Required` when `pythonshell` is set, accept either `0.0625` or `1.0`.\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times to retry this job if it fails.\n" }, "name": { "type": "string", "description": "The name you assign to this job. It must be unique in your account.\n" }, "notificationProperty": { "$ref": "#/types/aws:glue/JobNotificationProperty:JobNotificationProperty", "description": "Notification property of the job. Defined below.\n" }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined workerType that are allocated when a job runs.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role associated with this job.\n" }, "securityConfiguration": { "type": "string", "description": "The name of the Security Configuration to be associated with the job.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "timeout": { "type": "integer", "description": "The job timeout in minutes. The default is 2880 minutes (48 hours).\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of Standard, G.1X, or G.2X.\n" } }, "requiredInputs": [ "command", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Job resources.\n", "properties": { "allocatedCapacity": { "type": "integer", "description": "**DEPRECATED** (Optional) The number of AWS Glue data processing units (DPUs) to allocate to this Job. At least 2 DPUs need to be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n", "deprecationMessage": "Please use attribute `max_capacity' instead. This attribute might be removed in future releases." }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Job\n" }, "command": { "$ref": "#/types/aws:glue/JobCommand:JobCommand", "description": "The command of the job. Defined below.\n" }, "connections": { "type": "array", "items": { "type": "string" }, "description": "The list of connections used for this job.\n" }, "defaultArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes. For information about how to specify and consume your own Job arguments, see the [Calling AWS Glue APIs in Python](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) topic in the developer guide. For information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-glue-arguments.html) topic in the developer guide.\n" }, "description": { "type": "string", "description": "Description of the job.\n" }, "executionProperty": { "$ref": "#/types/aws:glue/JobExecutionProperty:JobExecutionProperty", "description": "Execution property of the job. Defined below.\n" }, "glueVersion": { "type": "string", "description": "The version of glue to use, for example \"1.0\". For information about available versions, see the [AWS Glue Release Notes](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html).\n" }, "maxCapacity": { "type": "number", "description": "The maximum number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. `Required` when `pythonshell` is set, accept either `0.0625` or `1.0`.\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times to retry this job if it fails.\n" }, "name": { "type": "string", "description": "The name you assign to this job. It must be unique in your account.\n" }, "notificationProperty": { "$ref": "#/types/aws:glue/JobNotificationProperty:JobNotificationProperty", "description": "Notification property of the job. Defined below.\n" }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined workerType that are allocated when a job runs.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role associated with this job.\n" }, "securityConfiguration": { "type": "string", "description": "The name of the Security Configuration to be associated with the job.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "timeout": { "type": "integer", "description": "The job timeout in minutes. The default is 2880 minutes (48 hours).\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of Standard, G.1X, or G.2X.\n" } }, "type": "object" } }, "aws:glue/securityConfiguration:SecurityConfiguration": { "description": "Manages a Glue Security Configuration.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.SecurityConfiguration(\"example\", {\n encryptionConfiguration: {\n cloudwatchEncryption: {\n cloudwatchEncryptionMode: \"DISABLED\",\n },\n jobBookmarksEncryption: {\n jobBookmarksEncryptionMode: \"DISABLED\",\n },\n s3Encryption: {\n kmsKeyArn: aws_kms_key_example.arn,\n s3EncryptionMode: \"SSE-KMS\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.SecurityConfiguration(\"example\", encryption_configuration={\n \"cloudwatchEncryption\": {\n \"cloudwatchEncryptionMode\": \"DISABLED\",\n },\n \"jobBookmarksEncryption\": {\n \"jobBookmarksEncryptionMode\": \"DISABLED\",\n },\n \"s3Encryption\": {\n \"kms_key_arn\": data[\"aws_kms_key\"][\"example\"][\"arn\"],\n \"s3EncryptionMode\": \"SSE-KMS\",\n },\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.SecurityConfiguration(\"example\", new Aws.Glue.SecurityConfigurationArgs\n {\n EncryptionConfiguration = new Aws.Glue.Inputs.SecurityConfigurationEncryptionConfigurationArgs\n {\n CloudwatchEncryption = new Aws.Glue.Inputs.SecurityConfigurationEncryptionConfigurationCloudwatchEncryptionArgs\n {\n CloudwatchEncryptionMode = \"DISABLED\",\n },\n JobBookmarksEncryption = new Aws.Glue.Inputs.SecurityConfigurationEncryptionConfigurationJobBookmarksEncryptionArgs\n {\n JobBookmarksEncryptionMode = \"DISABLED\",\n },\n S3Encryption = new Aws.Glue.Inputs.SecurityConfigurationEncryptionConfigurationS3EncryptionArgs\n {\n KmsKeyArn = data.Aws_kms_key.Example.Arn,\n S3EncryptionMode = \"SSE-KMS\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewSecurityConfiguration(ctx, \"example\", \u0026glue.SecurityConfigurationArgs{\n\t\t\tEncryptionConfiguration: \u0026glue.SecurityConfigurationEncryptionConfigurationArgs{\n\t\t\t\tCloudwatchEncryption: \u0026glue.SecurityConfigurationEncryptionConfigurationCloudwatchEncryptionArgs{\n\t\t\t\t\tCloudwatchEncryptionMode: pulumi.String(\"DISABLED\"),\n\t\t\t\t},\n\t\t\t\tJobBookmarksEncryption: \u0026glue.SecurityConfigurationEncryptionConfigurationJobBookmarksEncryptionArgs{\n\t\t\t\t\tJobBookmarksEncryptionMode: pulumi.String(\"DISABLED\"),\n\t\t\t\t},\n\t\t\t\tS3Encryption: \u0026glue.SecurityConfigurationEncryptionConfigurationS3EncryptionArgs{\n\t\t\t\t\tKmsKeyArn: pulumi.String(data.Aws_kms_key.Example.Arn),\n\t\t\t\t\tS3EncryptionMode: pulumi.String(\"SSE-KMS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "encryptionConfiguration": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfiguration:SecurityConfigurationEncryptionConfiguration", "description": "Configuration block containing encryption configuration. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the security configuration.\n" } }, "required": [ "encryptionConfiguration", "name" ], "inputProperties": { "encryptionConfiguration": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfiguration:SecurityConfigurationEncryptionConfiguration", "description": "Configuration block containing encryption configuration. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the security configuration.\n" } }, "requiredInputs": [ "encryptionConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityConfiguration resources.\n", "properties": { "encryptionConfiguration": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfiguration:SecurityConfigurationEncryptionConfiguration", "description": "Configuration block containing encryption configuration. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the security configuration.\n" } }, "type": "object" } }, "aws:glue/trigger:Trigger": { "description": "Manages a Glue Trigger resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Conditional Trigger\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Trigger(\"example\", {\n actions: [{\n jobName: aws_glue_job_example1.name,\n }],\n predicate: {\n conditions: [{\n jobName: aws_glue_job_example2.name,\n state: \"SUCCEEDED\",\n }],\n },\n type: \"CONDITIONAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Trigger(\"example\",\n actions=[{\n \"jobName\": aws_glue_job[\"example1\"][\"name\"],\n }],\n predicate={\n \"conditions\": [{\n \"jobName\": aws_glue_job[\"example2\"][\"name\"],\n \"state\": \"SUCCEEDED\",\n }],\n },\n type=\"CONDITIONAL\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Trigger(\"example\", new Aws.Glue.TriggerArgs\n {\n Actions = \n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = aws_glue_job.Example1.Name,\n },\n },\n Predicate = new Aws.Glue.Inputs.TriggerPredicateArgs\n {\n Conditions = \n {\n new Aws.Glue.Inputs.TriggerPredicateConditionArgs\n {\n JobName = aws_glue_job.Example2.Name,\n State = \"SUCCEEDED\",\n },\n },\n },\n Type = \"CONDITIONAL\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewTrigger(ctx, \"example\", \u0026glue.TriggerArgs{\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.String(aws_glue_job.Example1.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPredicate: \u0026glue.TriggerPredicateArgs{\n\t\t\t\tConditions: glue.TriggerPredicateConditionArray{\n\t\t\t\t\t\u0026glue.TriggerPredicateConditionArgs{\n\t\t\t\t\t\tJobName: pulumi.String(aws_glue_job.Example2.Name),\n\t\t\t\t\t\tState: pulumi.String(\"SUCCEEDED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tType: pulumi.String(\"CONDITIONAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### On-Demand Trigger\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Trigger(\"example\", {\n actions: [{\n jobName: aws_glue_job_example.name,\n }],\n type: \"ON_DEMAND\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Trigger(\"example\",\n actions=[{\n \"jobName\": aws_glue_job[\"example\"][\"name\"],\n }],\n type=\"ON_DEMAND\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Trigger(\"example\", new Aws.Glue.TriggerArgs\n {\n Actions = \n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = aws_glue_job.Example.Name,\n },\n },\n Type = \"ON_DEMAND\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewTrigger(ctx, \"example\", \u0026glue.TriggerArgs{\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.String(aws_glue_job.Example.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tType: pulumi.String(\"ON_DEMAND\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Scheduled Trigger\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Trigger(\"example\", {\n actions: [{\n jobName: aws_glue_job_example.name,\n }],\n schedule: \"cron(15 12 * * ? *)\",\n type: \"SCHEDULED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Trigger(\"example\",\n actions=[{\n \"jobName\": aws_glue_job[\"example\"][\"name\"],\n }],\n schedule=\"cron(15 12 * * ? *)\",\n type=\"SCHEDULED\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Trigger(\"example\", new Aws.Glue.TriggerArgs\n {\n Actions = \n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = aws_glue_job.Example.Name,\n },\n },\n Schedule = \"cron(15 12 * * ? *)\",\n Type = \"SCHEDULED\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewTrigger(ctx, \"example\", \u0026glue.TriggerArgs{\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.String(aws_glue_job.Example.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSchedule: pulumi.String(\"cron(15 12 * * ? *)\"),\n\t\t\tType: pulumi.String(\"SCHEDULED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Conditional Trigger with Crawler Action\n\n**Note:** Triggers can have both a crawler action and a crawler condition, just no example provided.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Trigger(\"example\", {\n actions: [{\n crawlerName: aws_glue_crawler_example1.name,\n }],\n predicate: {\n conditions: [{\n jobName: aws_glue_job_example2.name,\n state: \"SUCCEEDED\",\n }],\n },\n type: \"CONDITIONAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Trigger(\"example\",\n actions=[{\n \"crawlerName\": aws_glue_crawler[\"example1\"][\"name\"],\n }],\n predicate={\n \"conditions\": [{\n \"jobName\": aws_glue_job[\"example2\"][\"name\"],\n \"state\": \"SUCCEEDED\",\n }],\n },\n type=\"CONDITIONAL\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Trigger(\"example\", new Aws.Glue.TriggerArgs\n {\n Actions = \n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n CrawlerName = aws_glue_crawler.Example1.Name,\n },\n },\n Predicate = new Aws.Glue.Inputs.TriggerPredicateArgs\n {\n Conditions = \n {\n new Aws.Glue.Inputs.TriggerPredicateConditionArgs\n {\n JobName = aws_glue_job.Example2.Name,\n State = \"SUCCEEDED\",\n },\n },\n },\n Type = \"CONDITIONAL\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewTrigger(ctx, \"example\", \u0026glue.TriggerArgs{\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tCrawlerName: pulumi.String(aws_glue_crawler.Example1.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPredicate: \u0026glue.TriggerPredicateArgs{\n\t\t\t\tConditions: glue.TriggerPredicateConditionArray{\n\t\t\t\t\t\u0026glue.TriggerPredicateConditionArgs{\n\t\t\t\t\t\tJobName: pulumi.String(aws_glue_job.Example2.Name),\n\t\t\t\t\t\tState: pulumi.String(\"SUCCEEDED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tType: pulumi.String(\"CONDITIONAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Conditional Trigger with Crawler Condition \n\n**Note:** Triggers can have both a crawler action and a crawler condition, just no example provided.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Trigger(\"example\", {\n actions: [{\n jobName: aws_glue_job_example1.name,\n }],\n predicate: {\n conditions: [{\n crawlState: \"SUCCEEDED\",\n crawlerName: aws_glue_crawler_example2.name,\n }],\n },\n type: \"CONDITIONAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Trigger(\"example\",\n actions=[{\n \"jobName\": aws_glue_job[\"example1\"][\"name\"],\n }],\n predicate={\n \"conditions\": [{\n \"crawlState\": \"SUCCEEDED\",\n \"crawlerName\": aws_glue_crawler[\"example2\"][\"name\"],\n }],\n },\n type=\"CONDITIONAL\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Trigger(\"example\", new Aws.Glue.TriggerArgs\n {\n Actions = \n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = aws_glue_job.Example1.Name,\n },\n },\n Predicate = new Aws.Glue.Inputs.TriggerPredicateArgs\n {\n Conditions = \n {\n new Aws.Glue.Inputs.TriggerPredicateConditionArgs\n {\n CrawlState = \"SUCCEEDED\",\n CrawlerName = aws_glue_crawler.Example2.Name,\n },\n },\n },\n Type = \"CONDITIONAL\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = glue.NewTrigger(ctx, \"example\", \u0026glue.TriggerArgs{\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.String(aws_glue_job.Example1.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPredicate: \u0026glue.TriggerPredicateArgs{\n\t\t\t\tConditions: glue.TriggerPredicateConditionArray{\n\t\t\t\t\t\u0026glue.TriggerPredicateConditionArgs{\n\t\t\t\t\t\tCrawlState: pulumi.String(\"SUCCEEDED\"),\n\t\t\t\t\t\tCrawlerName: pulumi.String(aws_glue_crawler.Example2.Name),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tType: pulumi.String(\"CONDITIONAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerAction:TriggerAction" }, "description": "List of actions initiated by this trigger when it fires. Defined below.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Trigger\n" }, "description": { "type": "string", "description": "A description of the new trigger.\n" }, "enabled": { "type": "boolean", "description": "Start the trigger. Defaults to `true`. Not valid to disable for `ON_DEMAND` type.\n" }, "name": { "type": "string", "description": "The name of the trigger.\n" }, "predicate": { "$ref": "#/types/aws:glue/TriggerPredicate:TriggerPredicate", "description": "A predicate to specify when the new trigger should fire. Required when trigger type is `CONDITIONAL`. Defined below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "type": { "type": "string", "description": "The type of trigger. Valid values are `CONDITIONAL`, `ON_DEMAND`, and `SCHEDULED`.\n" }, "workflowName": { "type": "string", "description": "A workflow to which the trigger should be associated to. Every workflow graph (DAG) needs a starting trigger (`ON_DEMAND` or `SCHEDULED` type) and can contain multiple additional `CONDITIONAL` triggers.\n" } }, "required": [ "actions", "arn", "name", "type" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerAction:TriggerAction" }, "description": "List of actions initiated by this trigger when it fires. Defined below.\n" }, "description": { "type": "string", "description": "A description of the new trigger.\n" }, "enabled": { "type": "boolean", "description": "Start the trigger. Defaults to `true`. Not valid to disable for `ON_DEMAND` type.\n" }, "name": { "type": "string", "description": "The name of the trigger.\n" }, "predicate": { "$ref": "#/types/aws:glue/TriggerPredicate:TriggerPredicate", "description": "A predicate to specify when the new trigger should fire. Required when trigger type is `CONDITIONAL`. Defined below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "type": { "type": "string", "description": "The type of trigger. Valid values are `CONDITIONAL`, `ON_DEMAND`, and `SCHEDULED`.\n" }, "workflowName": { "type": "string", "description": "A workflow to which the trigger should be associated to. Every workflow graph (DAG) needs a starting trigger (`ON_DEMAND` or `SCHEDULED` type) and can contain multiple additional `CONDITIONAL` triggers.\n" } }, "requiredInputs": [ "actions", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Trigger resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerAction:TriggerAction" }, "description": "List of actions initiated by this trigger when it fires. Defined below.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Trigger\n" }, "description": { "type": "string", "description": "A description of the new trigger.\n" }, "enabled": { "type": "boolean", "description": "Start the trigger. Defaults to `true`. Not valid to disable for `ON_DEMAND` type.\n" }, "name": { "type": "string", "description": "The name of the trigger.\n" }, "predicate": { "$ref": "#/types/aws:glue/TriggerPredicate:TriggerPredicate", "description": "A predicate to specify when the new trigger should fire. Required when trigger type is `CONDITIONAL`. Defined below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "type": { "type": "string", "description": "The type of trigger. Valid values are `CONDITIONAL`, `ON_DEMAND`, and `SCHEDULED`.\n" }, "workflowName": { "type": "string", "description": "A workflow to which the trigger should be associated to. Every workflow graph (DAG) needs a starting trigger (`ON_DEMAND` or `SCHEDULED` type) and can contain multiple additional `CONDITIONAL` triggers.\n" } }, "type": "object" } }, "aws:glue/workflow:Workflow": { "description": "Provides a Glue Workflow resource.\nThe workflow graph (DAG) can be build using the `aws.glue.Trigger` resource. \nSee the example below for creating a graph with four nodes (two triggers and two jobs). \n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Workflow(\"example\", {});\nconst example_start = new aws.glue.Trigger(\"example-start\", {\n actions: [{\n jobName: \"example-job\",\n }],\n type: \"ON_DEMAND\",\n workflowName: example.name,\n});\nconst example_inner = new aws.glue.Trigger(\"example-inner\", {\n actions: [{\n jobName: \"another-example-job\",\n }],\n predicate: {\n conditions: [{\n jobName: \"example-job\",\n state: \"SUCCEEDED\",\n }],\n },\n type: \"CONDITIONAL\",\n workflowName: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Workflow(\"example\")\nexample_start = aws.glue.Trigger(\"example-start\",\n actions=[{\n \"jobName\": \"example-job\",\n }],\n type=\"ON_DEMAND\",\n workflow_name=example.name)\nexample_inner = aws.glue.Trigger(\"example-inner\",\n actions=[{\n \"jobName\": \"another-example-job\",\n }],\n predicate={\n \"conditions\": [{\n \"jobName\": \"example-job\",\n \"state\": \"SUCCEEDED\",\n }],\n },\n type=\"CONDITIONAL\",\n workflow_name=example.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Glue.Workflow(\"example\", new Aws.Glue.WorkflowArgs\n {\n });\n var example_start = new Aws.Glue.Trigger(\"example-start\", new Aws.Glue.TriggerArgs\n {\n Actions = \n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = \"example-job\",\n },\n },\n Type = \"ON_DEMAND\",\n WorkflowName = example.Name,\n });\n var example_inner = new Aws.Glue.Trigger(\"example-inner\", new Aws.Glue.TriggerArgs\n {\n Actions = \n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = \"another-example-job\",\n },\n },\n Predicate = new Aws.Glue.Inputs.TriggerPredicateArgs\n {\n Conditions = \n {\n new Aws.Glue.Inputs.TriggerPredicateConditionArgs\n {\n JobName = \"example-job\",\n State = \"SUCCEEDED\",\n },\n },\n },\n Type = \"CONDITIONAL\",\n WorkflowName = example.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := glue.NewWorkflow(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewTrigger(ctx, \"example-start\", \u0026glue.TriggerArgs{\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.String(\"example-job\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tType: pulumi.String(\"ON_DEMAND\"),\n\t\t\tWorkflowName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewTrigger(ctx, \"example-inner\", \u0026glue.TriggerArgs{\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.String(\"another-example-job\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPredicate: \u0026glue.TriggerPredicateArgs{\n\t\t\t\tConditions: glue.TriggerPredicateConditionArray{\n\t\t\t\t\t\u0026glue.TriggerPredicateConditionArgs{\n\t\t\t\t\t\tJobName: pulumi.String(\"example-job\"),\n\t\t\t\t\t\tState: pulumi.String(\"SUCCEEDED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tType: pulumi.String(\"CONDITIONAL\"),\n\t\t\tWorkflowName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "defaultRunProperties": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, "description": "A map of default run properties for this workflow. These properties are passed to all jobs associated to the workflow.\n" }, "description": { "type": "string", "description": "Description of the workflow.\n" }, "name": { "type": "string", "description": "The name you assign to this workflow.\n" } }, "required": [ "name" ], "inputProperties": { "defaultRunProperties": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, "description": "A map of default run properties for this workflow. These properties are passed to all jobs associated to the workflow.\n" }, "description": { "type": "string", "description": "Description of the workflow.\n" }, "name": { "type": "string", "description": "The name you assign to this workflow.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Workflow resources.\n", "properties": { "defaultRunProperties": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, "description": "A map of default run properties for this workflow. These properties are passed to all jobs associated to the workflow.\n" }, "description": { "type": "string", "description": "Description of the workflow.\n" }, "name": { "type": "string", "description": "The name you assign to this workflow.\n" } }, "type": "object" } }, "aws:guardduty/detector:Detector": { "description": "Provides a resource to manage a GuardDuty detector.\n\n\u003e **NOTE:** Deleting this resource is equivalent to \"disabling\" GuardDuty for an AWS region, which removes all existing findings. You can set the `enable` attribute to `false` to instead \"suspend\" monitoring and feedback reporting while keeping existing data. See the [Suspending or Disabling Amazon GuardDuty documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_suspend-disable.html) for more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDetector = new aws.guardduty.Detector(\"MyDetector\", {\n enable: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_detector = aws.guardduty.Detector(\"myDetector\", enable=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDetector = new Aws.GuardDuty.Detector(\"myDetector\", new Aws.GuardDuty.DetectorArgs\n {\n Enable = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = guardduty.NewDetector(ctx, \"myDetector\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "The AWS account ID of the GuardDuty detector\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty detector\n" }, "enable": { "type": "boolean", "description": "Enable monitoring and feedback reporting. Setting to `false` is equivalent to \"suspending\" GuardDuty. Defaults to `true`.\n" }, "findingPublishingFrequency": { "type": "string", "description": "Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty master accounts, it must be configured in this provider to enable drift detection. Valid values for standalone and master accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "required": [ "accountId", "arn", "findingPublishingFrequency" ], "inputProperties": { "enable": { "type": "boolean", "description": "Enable monitoring and feedback reporting. Setting to `false` is equivalent to \"suspending\" GuardDuty. Defaults to `true`.\n" }, "findingPublishingFrequency": { "type": "string", "description": "Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty master accounts, it must be configured in this provider to enable drift detection. Valid values for standalone and master accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Detector resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID of the GuardDuty detector\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty detector\n" }, "enable": { "type": "boolean", "description": "Enable monitoring and feedback reporting. Setting to `false` is equivalent to \"suspending\" GuardDuty. Defaults to `true`.\n" }, "findingPublishingFrequency": { "type": "string", "description": "Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty master accounts, it must be configured in this provider to enable drift detection. Valid values for standalone and master accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object" } }, "aws:guardduty/iPSet:IPSet": { "description": "Provides a resource to manage a GuardDuty IPSet.\n\n\u003e **Note:** Currently in GuardDuty, users from member accounts cannot upload and further manage IPSets. IPSets that are uploaded by the master account are imposed on GuardDuty functionality in its member accounts. See the [GuardDuty API Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/create-ip-set.html)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst master = new aws.guardduty.Detector(\"master\", {\n enable: true,\n});\nconst bucket = new aws.s3.Bucket(\"bucket\", {\n acl: \"private\",\n});\nconst myIPSetBucketObject = new aws.s3.BucketObject(\"MyIPSet\", {\n acl: \"public-read\",\n bucket: bucket.id,\n content: \"10.0.0.0/8\\n\",\n key: \"MyIPSet\",\n});\nconst myIPSetIPSet = new aws.guardduty.IPSet(\"MyIPSet\", {\n activate: true,\n detectorId: master.id,\n format: \"TXT\",\n location: pulumi.interpolate`https://s3.amazonaws.com/${myIPSetBucketObject.bucket}/${myIPSetBucketObject.key}`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmaster = aws.guardduty.Detector(\"master\", enable=True)\nbucket = aws.s3.Bucket(\"bucket\", acl=\"private\")\nmy_ip_set_bucket_object = aws.s3.BucketObject(\"myIPSetBucketObject\",\n acl=\"public-read\",\n bucket=bucket.id,\n content=\"\"\"10.0.0.0/8\n\n\"\"\",\n key=\"MyIPSet\")\nmy_ip_set_ip_set = aws.guardduty.IPSet(\"myIPSetIPSet\",\n activate=True,\n detector_id=master.id,\n format=\"TXT\",\n location=pulumi.Output.all(my_ip_set_bucket_object.bucket, my_ip_set_bucket_object.key).apply(lambda bucket, key: f\"https://s3.amazonaws.com/{bucket}/{key}\"))\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var master = new Aws.GuardDuty.Detector(\"master\", new Aws.GuardDuty.DetectorArgs\n {\n Enable = true,\n });\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n });\n var myIPSetBucketObject = new Aws.S3.BucketObject(\"myIPSetBucketObject\", new Aws.S3.BucketObjectArgs\n {\n Acl = \"public-read\",\n Bucket = bucket.Id,\n Content = @\"10.0.0.0/8\n\n\",\n Key = \"MyIPSet\",\n });\n var myIPSetIPSet = new Aws.GuardDuty.IPSet(\"myIPSetIPSet\", new Aws.GuardDuty.IPSetArgs\n {\n Activate = true,\n DetectorId = master.Id,\n Format = \"TXT\",\n Location = Output.Tuple(myIPSetBucketObject.Bucket, myIPSetBucketObject.Key).Apply(values =\u003e\n {\n var bucket = values.Item1;\n var key = values.Item2;\n return $\"https://s3.amazonaws.com/{bucket}/{key}\";\n }),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmaster, err := guardduty.NewDetector(ctx, \"master\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyIPSetBucketObject, err := s3.NewBucketObject(ctx, \"myIPSetBucketObject\", \u0026s3.BucketObjectArgs{\n\t\t\tAcl: pulumi.String(\"public-read\"),\n\t\t\tBucket: bucket.ID(),\n\t\t\tContent: pulumi.String(fmt.Sprintf(\"%v%v\", \"10.0.0.0/8\\n\", \"\\n\")),\n\t\t\tKey: pulumi.String(\"MyIPSet\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewIPSet(ctx, \"myIPSetIPSet\", \u0026guardduty.IPSetArgs{\n\t\t\tActivate: pulumi.Bool(true),\n\t\t\tDetectorId: master.ID(),\n\t\t\tFormat: pulumi.String(\"TXT\"),\n\t\t\tLocation: pulumi.All(myIPSetBucketObject.Bucket, myIPSetBucketObject.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucket := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v\", \"https://s3.amazonaws.com/\", bucket, \"/\", key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded IPSet.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty IPSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n" }, "format": { "type": "string", "description": "The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n" }, "location": { "type": "string", "description": "The URI of the file that contains the IPSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the IPSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "required": [ "activate", "arn", "detectorId", "format", "location", "name" ], "inputProperties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded IPSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n" }, "format": { "type": "string", "description": "The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n" }, "location": { "type": "string", "description": "The URI of the file that contains the IPSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the IPSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "requiredInputs": [ "activate", "detectorId", "format", "location" ], "stateInputs": { "description": "Input properties used for looking up and filtering IPSet resources.\n", "properties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded IPSet.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty IPSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n" }, "format": { "type": "string", "description": "The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n" }, "location": { "type": "string", "description": "The URI of the file that contains the IPSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the IPSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object" } }, "aws:guardduty/inviteAccepter:InviteAccepter": { "description": "Provides a resource to accept a pending GuardDuty invite on creation, ensure the detector has the correct master account on read, and disassociate with the master account upon removal.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst master = new aws.guardduty.Detector(\"master\", {});\nconst memberDetector = new aws.guardduty.Detector(\"memberDetector\", {});\nconst dev = new aws.guardduty.Member(\"dev\", {\n accountId: memberDetector.accountId,\n detectorId: master.id,\n email: \"required@example.com\",\n invite: true,\n});\nconst memberInviteAccepter = new aws.guardduty.InviteAccepter(\"memberInviteAccepter\", {\n detectorId: memberDetector.id,\n masterAccountId: master.accountId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmaster = aws.guardduty.Detector(\"master\")\nmember_detector = aws.guardduty.Detector(\"memberDetector\")\ndev = aws.guardduty.Member(\"dev\",\n account_id=member_detector.account_id,\n detector_id=master.id,\n email=\"required@example.com\",\n invite=True)\nmember_invite_accepter = aws.guardduty.InviteAccepter(\"memberInviteAccepter\",\n detector_id=member_detector.id,\n master_account_id=master.account_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var master = new Aws.GuardDuty.Detector(\"master\", new Aws.GuardDuty.DetectorArgs\n {\n });\n var memberDetector = new Aws.GuardDuty.Detector(\"memberDetector\", new Aws.GuardDuty.DetectorArgs\n {\n });\n var dev = new Aws.GuardDuty.Member(\"dev\", new Aws.GuardDuty.MemberArgs\n {\n AccountId = memberDetector.AccountId,\n DetectorId = master.Id,\n Email = \"required@example.com\",\n Invite = true,\n });\n var memberInviteAccepter = new Aws.GuardDuty.InviteAccepter(\"memberInviteAccepter\", new Aws.GuardDuty.InviteAccepterArgs\n {\n DetectorId = memberDetector.Id,\n MasterAccountId = master.AccountId,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmaster, err := guardduty.NewDetector(ctx, \"master\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmemberDetector, err := guardduty.NewDetector(ctx, \"memberDetector\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewMember(ctx, \"dev\", \u0026guardduty.MemberArgs{\n\t\t\tAccountId: memberDetector.AccountId,\n\t\t\tDetectorId: master.ID(),\n\t\t\tEmail: pulumi.String(\"required@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewInviteAccepter(ctx, \"memberInviteAccepter\", \u0026guardduty.InviteAccepterArgs{\n\t\t\tDetectorId: memberDetector.ID(),\n\t\t\tMasterAccountId: master.AccountId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "detectorId": { "type": "string", "description": "The detector ID of the member GuardDuty account.\n" }, "masterAccountId": { "type": "string", "description": "AWS account ID for master account.\n" } }, "required": [ "detectorId", "masterAccountId" ], "inputProperties": { "detectorId": { "type": "string", "description": "The detector ID of the member GuardDuty account.\n" }, "masterAccountId": { "type": "string", "description": "AWS account ID for master account.\n" } }, "requiredInputs": [ "detectorId", "masterAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering InviteAccepter resources.\n", "properties": { "detectorId": { "type": "string", "description": "The detector ID of the member GuardDuty account.\n" }, "masterAccountId": { "type": "string", "description": "AWS account ID for master account.\n" } }, "type": "object" } }, "aws:guardduty/member:Member": { "description": "Provides a resource to manage a GuardDuty member. To accept invitations in member accounts, see the `aws.guardduty.InviteAccepter` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst master = new aws.guardduty.Detector(\"master\", {enable: true});\nconst memberDetector = new aws.guardduty.Detector(\"memberDetector\", {enable: true});\nconst memberMember = new aws.guardduty.Member(\"memberMember\", {\n accountId: memberDetector.accountId,\n detectorId: master.id,\n email: \"required@example.com\",\n invite: true,\n invitationMessage: \"please accept guardduty invitation\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmaster = aws.guardduty.Detector(\"master\", enable=True)\nmember_detector = aws.guardduty.Detector(\"memberDetector\", enable=True)\nmember_member = aws.guardduty.Member(\"memberMember\",\n account_id=member_detector.account_id,\n detector_id=master.id,\n email=\"required@example.com\",\n invite=True,\n invitation_message=\"please accept guardduty invitation\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var master = new Aws.GuardDuty.Detector(\"master\", new Aws.GuardDuty.DetectorArgs\n {\n Enable = true,\n });\n var memberDetector = new Aws.GuardDuty.Detector(\"memberDetector\", new Aws.GuardDuty.DetectorArgs\n {\n Enable = true,\n });\n var memberMember = new Aws.GuardDuty.Member(\"memberMember\", new Aws.GuardDuty.MemberArgs\n {\n AccountId = memberDetector.AccountId,\n DetectorId = master.Id,\n Email = \"required@example.com\",\n Invite = true,\n InvitationMessage = \"please accept guardduty invitation\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmaster, err := guardduty.NewDetector(ctx, \"master\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmemberDetector, err := guardduty.NewDetector(ctx, \"memberDetector\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewMember(ctx, \"memberMember\", \u0026guardduty.MemberArgs{\n\t\t\tAccountId: memberDetector.AccountId,\n\t\t\tDetectorId: master.ID(),\n\t\t\tEmail: pulumi.String(\"required@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t\tInvitationMessage: pulumi.String(\"please accept guardduty invitation\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "AWS account ID for member account.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account where you want to create member accounts.\n" }, "disableEmailNotification": { "type": "boolean", "description": "Boolean whether an email notification is sent to the accounts. Defaults to `false`.\n" }, "email": { "type": "string", "description": "Email address for member account.\n" }, "invitationMessage": { "type": "string", "description": "Message for invitation.\n" }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the this provider state value is `true` based on a `relationship_status` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.\n" }, "relationshipStatus": { "type": "string", "description": "The status of the relationship between the member account and its master account. More information can be found in [Amazon GuardDuty API Reference](https://docs.aws.amazon.com/guardduty/latest/ug/get-members.html).\n" } }, "required": [ "accountId", "detectorId", "email", "relationshipStatus" ], "inputProperties": { "accountId": { "type": "string", "description": "AWS account ID for member account.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account where you want to create member accounts.\n" }, "disableEmailNotification": { "type": "boolean", "description": "Boolean whether an email notification is sent to the accounts. Defaults to `false`.\n" }, "email": { "type": "string", "description": "Email address for member account.\n" }, "invitationMessage": { "type": "string", "description": "Message for invitation.\n" }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the this provider state value is `true` based on a `relationship_status` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.\n" } }, "requiredInputs": [ "accountId", "detectorId", "email" ], "stateInputs": { "description": "Input properties used for looking up and filtering Member resources.\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID for member account.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account where you want to create member accounts.\n" }, "disableEmailNotification": { "type": "boolean", "description": "Boolean whether an email notification is sent to the accounts. Defaults to `false`.\n" }, "email": { "type": "string", "description": "Email address for member account.\n" }, "invitationMessage": { "type": "string", "description": "Message for invitation.\n" }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the this provider state value is `true` based on a `relationship_status` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.\n" }, "relationshipStatus": { "type": "string", "description": "The status of the relationship between the member account and its master account. More information can be found in [Amazon GuardDuty API Reference](https://docs.aws.amazon.com/guardduty/latest/ug/get-members.html).\n" } }, "type": "object" } }, "aws:guardduty/organizationAdminAccount:OrganizationAdminAccount": { "description": "Manages a GuardDuty Organization Admin Account. The AWS account utilizing this resource must be an Organizations master account. More information about Organizations support in GuardDuty can be found in the [GuardDuty User Guide](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleOrganization = new aws.organizations.Organization(\"exampleOrganization\", {\n awsServiceAccessPrincipals: [\"guardduty.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleDetector = new aws.guardduty.Detector(\"exampleDetector\", {});\nconst exampleOrganizationAdminAccount = new aws.guardduty.OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", {adminAccountId: \"123456789012\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_organization = aws.organizations.Organization(\"exampleOrganization\",\n aws_service_access_principals=[\"guardduty.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_detector = aws.guardduty.Detector(\"exampleDetector\")\nexample_organization_admin_account = aws.guardduty.OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", admin_account_id=\"123456789012\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleOrganization = new Aws.Organizations.Organization(\"exampleOrganization\", new Aws.Organizations.OrganizationArgs\n {\n AwsServiceAccessPrincipals = \n {\n \"guardduty.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n var exampleDetector = new Aws.GuardDuty.Detector(\"exampleDetector\", new Aws.GuardDuty.DetectorArgs\n {\n });\n var exampleOrganizationAdminAccount = new Aws.GuardDuty.OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", new Aws.GuardDuty.OrganizationAdminAccountArgs\n {\n AdminAccountId = \"123456789012\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleOrganization, err := organizations.NewOrganization(ctx, \"exampleOrganization\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"guardduty.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewDetector(ctx, \"exampleDetector\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewOrganizationAdminAccount(ctx, \"exampleOrganizationAdminAccount\", \u0026guardduty.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "adminAccountId": { "type": "string", "description": "AWS account identifier to designate as a delegated administrator for GuardDuty.\n" } }, "required": [ "adminAccountId" ], "inputProperties": { "adminAccountId": { "type": "string", "description": "AWS account identifier to designate as a delegated administrator for GuardDuty.\n" } }, "requiredInputs": [ "adminAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationAdminAccount resources.\n", "properties": { "adminAccountId": { "type": "string", "description": "AWS account identifier to designate as a delegated administrator for GuardDuty.\n" } }, "type": "object" } }, "aws:guardduty/organizationConfiguration:OrganizationConfiguration": { "description": "Manages the GuardDuty Organization Configuration in the current AWS Region. The AWS account utilizing this resource must have been assigned as a delegated Organization administrator account, e.g. via the `aws.guardduty.OrganizationAdminAccount` resource. More information about Organizations support in GuardDuty can be found in the [GuardDuty User Guide](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html).\n\n\u003e **NOTE:** This is an advanced resource. The provider will automatically assume management of the GuardDuty Organization Configuration without import and perform no actions on removal from the resource configuration.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleDetector = new aws.guardduty.Detector(\"exampleDetector\", {enable: true});\nconst exampleOrganizationConfiguration = new aws.guardduty.OrganizationConfiguration(\"exampleOrganizationConfiguration\", {\n autoEnable: true,\n detectorId: exampleDetector.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_detector = aws.guardduty.Detector(\"exampleDetector\", enable=True)\nexample_organization_configuration = aws.guardduty.OrganizationConfiguration(\"exampleOrganizationConfiguration\",\n auto_enable=True,\n detector_id=example_detector.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleDetector = new Aws.GuardDuty.Detector(\"exampleDetector\", new Aws.GuardDuty.DetectorArgs\n {\n Enable = true,\n });\n var exampleOrganizationConfiguration = new Aws.GuardDuty.OrganizationConfiguration(\"exampleOrganizationConfiguration\", new Aws.GuardDuty.OrganizationConfigurationArgs\n {\n AutoEnable = true,\n DetectorId = exampleDetector.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDetector, err := guardduty.NewDetector(ctx, \"exampleDetector\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewOrganizationConfiguration(ctx, \"exampleOrganizationConfiguration\", \u0026guardduty.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(true),\n\t\t\tDetectorId: exampleDetector.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "autoEnable": { "type": "boolean", "description": "When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account.\n" } }, "required": [ "autoEnable", "detectorId" ], "inputProperties": { "autoEnable": { "type": "boolean", "description": "When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account.\n" } }, "requiredInputs": [ "autoEnable", "detectorId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationConfiguration resources.\n", "properties": { "autoEnable": { "type": "boolean", "description": "When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account.\n" } }, "type": "object" } }, "aws:guardduty/threatIntelSet:ThreatIntelSet": { "description": "Provides a resource to manage a GuardDuty ThreatIntelSet.\n\n\u003e **Note:** Currently in GuardDuty, users from member accounts cannot upload and further manage ThreatIntelSets. ThreatIntelSets that are uploaded by the master account are imposed on GuardDuty functionality in its member accounts. See the [GuardDuty API Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/create-threat-intel-set.html)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst master = new aws.guardduty.Detector(\"master\", {\n enable: true,\n});\nconst bucket = new aws.s3.Bucket(\"bucket\", {\n acl: \"private\",\n});\nconst myThreatIntelSetBucketObject = new aws.s3.BucketObject(\"MyThreatIntelSet\", {\n acl: \"public-read\",\n bucket: bucket.id,\n content: \"10.0.0.0/8\\n\",\n key: \"MyThreatIntelSet\",\n});\nconst myThreatIntelSetThreatIntelSet = new aws.guardduty.ThreatIntelSet(\"MyThreatIntelSet\", {\n activate: true,\n detectorId: master.id,\n format: \"TXT\",\n location: pulumi.interpolate`https://s3.amazonaws.com/${myThreatIntelSetBucketObject.bucket}/${myThreatIntelSetBucketObject.key}`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmaster = aws.guardduty.Detector(\"master\", enable=True)\nbucket = aws.s3.Bucket(\"bucket\", acl=\"private\")\nmy_threat_intel_set_bucket_object = aws.s3.BucketObject(\"myThreatIntelSetBucketObject\",\n acl=\"public-read\",\n bucket=bucket.id,\n content=\"\"\"10.0.0.0/8\n\n\"\"\",\n key=\"MyThreatIntelSet\")\nmy_threat_intel_set_threat_intel_set = aws.guardduty.ThreatIntelSet(\"myThreatIntelSetThreatIntelSet\",\n activate=True,\n detector_id=master.id,\n format=\"TXT\",\n location=pulumi.Output.all(my_threat_intel_set_bucket_object.bucket, my_threat_intel_set_bucket_object.key).apply(lambda bucket, key: f\"https://s3.amazonaws.com/{bucket}/{key}\"))\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var master = new Aws.GuardDuty.Detector(\"master\", new Aws.GuardDuty.DetectorArgs\n {\n Enable = true,\n });\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n });\n var myThreatIntelSetBucketObject = new Aws.S3.BucketObject(\"myThreatIntelSetBucketObject\", new Aws.S3.BucketObjectArgs\n {\n Acl = \"public-read\",\n Bucket = bucket.Id,\n Content = @\"10.0.0.0/8\n\n\",\n Key = \"MyThreatIntelSet\",\n });\n var myThreatIntelSetThreatIntelSet = new Aws.GuardDuty.ThreatIntelSet(\"myThreatIntelSetThreatIntelSet\", new Aws.GuardDuty.ThreatIntelSetArgs\n {\n Activate = true,\n DetectorId = master.Id,\n Format = \"TXT\",\n Location = Output.Tuple(myThreatIntelSetBucketObject.Bucket, myThreatIntelSetBucketObject.Key).Apply(values =\u003e\n {\n var bucket = values.Item1;\n var key = values.Item2;\n return $\"https://s3.amazonaws.com/{bucket}/{key}\";\n }),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmaster, err := guardduty.NewDetector(ctx, \"master\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyThreatIntelSetBucketObject, err := s3.NewBucketObject(ctx, \"myThreatIntelSetBucketObject\", \u0026s3.BucketObjectArgs{\n\t\t\tAcl: pulumi.String(\"public-read\"),\n\t\t\tBucket: bucket.ID(),\n\t\t\tContent: pulumi.String(fmt.Sprintf(\"%v%v\", \"10.0.0.0/8\\n\", \"\\n\")),\n\t\t\tKey: pulumi.String(\"MyThreatIntelSet\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewThreatIntelSet(ctx, \"myThreatIntelSetThreatIntelSet\", \u0026guardduty.ThreatIntelSetArgs{\n\t\t\tActivate: pulumi.Bool(true),\n\t\t\tDetectorId: master.ID(),\n\t\t\tFormat: pulumi.String(\"TXT\"),\n\t\t\tLocation: pulumi.All(myThreatIntelSetBucketObject.Bucket, myThreatIntelSetBucketObject.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucket := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v\", \"https://s3.amazonaws.com/\", bucket, \"/\", key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty ThreatIntelSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n" }, "format": { "type": "string", "description": "The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n" }, "location": { "type": "string", "description": "The URI of the file that contains the ThreatIntelSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the ThreatIntelSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "required": [ "activate", "arn", "detectorId", "format", "location", "name" ], "inputProperties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n" }, "format": { "type": "string", "description": "The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n" }, "location": { "type": "string", "description": "The URI of the file that contains the ThreatIntelSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the ThreatIntelSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "requiredInputs": [ "activate", "detectorId", "format", "location" ], "stateInputs": { "description": "Input properties used for looking up and filtering ThreatIntelSet resources.\n", "properties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty ThreatIntelSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n" }, "format": { "type": "string", "description": "The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n" }, "location": { "type": "string", "description": "The URI of the file that contains the ThreatIntelSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the ThreatIntelSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object" } }, "aws:iam/accessKey:AccessKey": { "description": "Provides an IAM access key. This is a set of credentials that allow API requests to be made as an IAM user.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lbUser = new aws.iam.User(\"lb\", {\n path: \"/system/\",\n});\nconst lbAccessKey = new aws.iam.AccessKey(\"lb\", {\n pgpKey: \"keybase:some_person_that_exists\",\n user: lbUser.name,\n});\nconst lbRo = new aws.iam.UserPolicy(\"lb_ro\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n user: lbUser.name,\n});\n\nexport const secret = lbAccessKey.encryptedSecret;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb_user = aws.iam.User(\"lbUser\", path=\"/system/\")\nlb_access_key = aws.iam.AccessKey(\"lbAccessKey\",\n pgp_key=\"keybase:some_person_that_exists\",\n user=lb_user.name)\nlb_ro = aws.iam.UserPolicy(\"lbRo\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n\n\"\"\",\n user=lb_user.name)\npulumi.export(\"secret\", lb_access_key.encrypted_secret)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lbUser = new Aws.Iam.User(\"lbUser\", new Aws.Iam.UserArgs\n {\n Path = \"/system/\",\n });\n var lbAccessKey = new Aws.Iam.AccessKey(\"lbAccessKey\", new Aws.Iam.AccessKeyArgs\n {\n PgpKey = \"keybase:some_person_that_exists\",\n User = lbUser.Name,\n });\n var lbRo = new Aws.Iam.UserPolicy(\"lbRo\", new Aws.Iam.UserPolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"ec2:Describe*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\n\",\n User = lbUser.Name,\n });\n this.Secret = lbAccessKey.EncryptedSecret;\n }\n\n [Output(\"secret\")]\n public Output\u003cstring\u003e Secret { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlbUser, err := iam.NewUser(ctx, \"lbUser\", \u0026iam.UserArgs{\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlbAccessKey, err := iam.NewAccessKey(ctx, \"lbAccessKey\", \u0026iam.AccessKeyArgs{\n\t\t\tPgpKey: pulumi.String(\"keybase:some_person_that_exists\"),\n\t\t\tUser: lbUser.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserPolicy(ctx, \"lbRo\", \u0026iam.UserPolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ec2:Describe*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tUser: lbUser.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"secret\", lbAccessKey.EncryptedSecret)\n\t\treturn nil\n\t})\n}\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testUser = new aws.iam.User(\"testUser\", {path: \"/test/\"});\nconst testAccessKey = new aws.iam.AccessKey(\"testAccessKey\", {user: testUser.name});\nexport const awsIamSmtpPasswordV4 = testAccessKey.sesSmtpPasswordV4;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_user = aws.iam.User(\"testUser\", path=\"/test/\")\ntest_access_key = aws.iam.AccessKey(\"testAccessKey\", user=test_user.name)\npulumi.export(\"awsIamSmtpPasswordV4\", test_access_key.ses_smtp_password_v4)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testUser = new Aws.Iam.User(\"testUser\", new Aws.Iam.UserArgs\n {\n Path = \"/test/\",\n });\n var testAccessKey = new Aws.Iam.AccessKey(\"testAccessKey\", new Aws.Iam.AccessKeyArgs\n {\n User = testUser.Name,\n });\n this.AwsIamSmtpPasswordV4 = testAccessKey.SesSmtpPasswordV4;\n }\n\n [Output(\"awsIamSmtpPasswordV4\")]\n public Output\u003cstring\u003e AwsIamSmtpPasswordV4 { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestUser, err := iam.NewUser(ctx, \"testUser\", \u0026iam.UserArgs{\n\t\t\tPath: pulumi.String(\"/test/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAccessKey, err := iam.NewAccessKey(ctx, \"testAccessKey\", \u0026iam.AccessKeyArgs{\n\t\t\tUser: testUser.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"awsIamSmtpPasswordV4\", testAccessKey.SesSmtpPasswordV4)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "encryptedSecret": { "type": "string", "description": "The encrypted secret, base64 encoded, if `pgp_key` was specified.\n\u003e **NOTE:** The encrypted secret may be decrypted using the command line,\n" }, "keyFingerprint": { "type": "string", "description": "The fingerprint of the PGP key used to encrypt\nthe secret\n" }, "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a\nkeybase username in the form `keybase:some_person_that_exists`, for use\nin the `encrypted_secret` output attribute.\n" }, "secret": { "type": "string", "description": "The secret access key. Note that this will be written\nto the state file. If you use this, please protect your backend state file\njudiciously. Alternatively, you may supply a `pgp_key` instead, which will\nprevent the secret from being stored in plaintext, at the cost of preventing\nthe use of the secret key in automation.\n" }, "sesSmtpPassword": { "type": "string", "description": "**DEPRECATED** The secret access key converted into an SES SMTP\npassword by applying [AWS's documented conversion\n", "deprecationMessage": "AWS SigV2 for SES SMTP passwords isy deprecated.\nUse 'ses_smtp_password_v4' for region-specific AWS SigV4 signed SES SMTP password instead." }, "sesSmtpPasswordV4": { "type": "string", "description": "The secret access key converted into an SES SMTP\npassword by applying [AWS's documented Sigv4 conversion\nalgorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert).\nAs SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region)\n" }, "status": { "type": "string", "description": "The access key status to apply. Defaults to `Active`.\nValid values are `Active` and `Inactive`.\n" }, "user": { "type": "string", "description": "The IAM user to associate with this access key.\n" } }, "required": [ "encryptedSecret", "keyFingerprint", "secret", "sesSmtpPassword", "sesSmtpPasswordV4", "status", "user" ], "inputProperties": { "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a\nkeybase username in the form `keybase:some_person_that_exists`, for use\nin the `encrypted_secret` output attribute.\n" }, "status": { "type": "string", "description": "The access key status to apply. Defaults to `Active`.\nValid values are `Active` and `Inactive`.\n" }, "user": { "type": "string", "description": "The IAM user to associate with this access key.\n" } }, "requiredInputs": [ "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessKey resources.\n", "properties": { "encryptedSecret": { "type": "string", "description": "The encrypted secret, base64 encoded, if `pgp_key` was specified.\n\u003e **NOTE:** The encrypted secret may be decrypted using the command line,\n" }, "keyFingerprint": { "type": "string", "description": "The fingerprint of the PGP key used to encrypt\nthe secret\n" }, "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a\nkeybase username in the form `keybase:some_person_that_exists`, for use\nin the `encrypted_secret` output attribute.\n" }, "secret": { "type": "string", "description": "The secret access key. Note that this will be written\nto the state file. If you use this, please protect your backend state file\njudiciously. Alternatively, you may supply a `pgp_key` instead, which will\nprevent the secret from being stored in plaintext, at the cost of preventing\nthe use of the secret key in automation.\n" }, "sesSmtpPassword": { "type": "string", "description": "**DEPRECATED** The secret access key converted into an SES SMTP\npassword by applying [AWS's documented conversion\n", "deprecationMessage": "AWS SigV2 for SES SMTP passwords isy deprecated.\nUse 'ses_smtp_password_v4' for region-specific AWS SigV4 signed SES SMTP password instead." }, "sesSmtpPasswordV4": { "type": "string", "description": "The secret access key converted into an SES SMTP\npassword by applying [AWS's documented Sigv4 conversion\nalgorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert).\nAs SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region)\n" }, "status": { "type": "string", "description": "The access key status to apply. Defaults to `Active`.\nValid values are `Active` and `Inactive`.\n" }, "user": { "type": "string", "description": "The IAM user to associate with this access key.\n" } }, "type": "object" } }, "aws:iam/accountAlias:AccountAlias": { "description": "\u003e **Note:** There is only a single account alias per AWS account.\n\nManages the account alias for the AWS Account.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst alias = new aws.iam.AccountAlias(\"alias\", {\n accountAlias: \"my-account-alias\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nalias = aws.iam.AccountAlias(\"alias\", account_alias=\"my-account-alias\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @alias = new Aws.Iam.AccountAlias(\"alias\", new Aws.Iam.AccountAliasArgs\n {\n AccountAlias = \"my-account-alias\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iam.NewAccountAlias(ctx, \"alias\", \u0026iam.AccountAliasArgs{\n\t\t\tAccountAlias: pulumi.String(\"my-account-alias\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountAlias": { "type": "string", "description": "The account alias\n", "language": { "csharp": { "name": "Alias" } } } }, "required": [ "accountAlias" ], "inputProperties": { "accountAlias": { "type": "string", "description": "The account alias\n", "language": { "csharp": { "name": "Alias" } } } }, "requiredInputs": [ "accountAlias" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccountAlias resources.\n", "properties": { "accountAlias": { "type": "string", "description": "The account alias\n", "language": { "csharp": { "name": "Alias" } } } }, "type": "object" } }, "aws:iam/accountPasswordPolicy:AccountPasswordPolicy": { "description": "\u003e **Note:** There is only a single policy allowed per AWS account. An existing policy will be lost when using this resource as an effect of this limitation.\n\nManages Password Policy for the AWS Account.\nSee more about [Account Password Policy](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html)\nin the official AWS docs.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst strict = new aws.iam.AccountPasswordPolicy(\"strict\", {\n allowUsersToChangePassword: true,\n minimumPasswordLength: 8,\n requireLowercaseCharacters: true,\n requireNumbers: true,\n requireSymbols: true,\n requireUppercaseCharacters: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nstrict = aws.iam.AccountPasswordPolicy(\"strict\",\n allow_users_to_change_password=True,\n minimum_password_length=8,\n require_lowercase_characters=True,\n require_numbers=True,\n require_symbols=True,\n require_uppercase_characters=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var strict = new Aws.Iam.AccountPasswordPolicy(\"strict\", new Aws.Iam.AccountPasswordPolicyArgs\n {\n AllowUsersToChangePassword = true,\n MinimumPasswordLength = 8,\n RequireLowercaseCharacters = true,\n RequireNumbers = true,\n RequireSymbols = true,\n RequireUppercaseCharacters = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iam.NewAccountPasswordPolicy(ctx, \"strict\", \u0026iam.AccountPasswordPolicyArgs{\n\t\t\tAllowUsersToChangePassword: pulumi.Bool(true),\n\t\t\tMinimumPasswordLength: pulumi.Int(8),\n\t\t\tRequireLowercaseCharacters: pulumi.Bool(true),\n\t\t\tRequireNumbers: pulumi.Bool(true),\n\t\t\tRequireSymbols: pulumi.Bool(true),\n\t\t\tRequireUppercaseCharacters: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowUsersToChangePassword": { "type": "boolean", "description": "Whether to allow users to change their own password\n" }, "expirePasswords": { "type": "boolean", "description": "Indicates whether passwords in the account expire.\nReturns `true` if `max_password_age` contains a value greater than `0`.\nReturns `false` if it is `0` or _not present_.\n" }, "hardExpiry": { "type": "boolean", "description": "Whether users are prevented from setting a new password after their password has expired\n(i.e. require administrator reset)\n" }, "maxPasswordAge": { "type": "integer", "description": "The number of days that an user password is valid.\n" }, "minimumPasswordLength": { "type": "integer", "description": "Minimum length to require for user passwords.\n" }, "passwordReusePrevention": { "type": "integer", "description": "The number of previous passwords that users are prevented from reusing.\n" }, "requireLowercaseCharacters": { "type": "boolean", "description": "Whether to require lowercase characters for user passwords.\n" }, "requireNumbers": { "type": "boolean", "description": "Whether to require numbers for user passwords.\n" }, "requireSymbols": { "type": "boolean", "description": "Whether to require symbols for user passwords.\n" }, "requireUppercaseCharacters": { "type": "boolean", "description": "Whether to require uppercase characters for user passwords.\n" } }, "required": [ "expirePasswords", "hardExpiry", "maxPasswordAge", "passwordReusePrevention", "requireLowercaseCharacters", "requireNumbers", "requireSymbols", "requireUppercaseCharacters" ], "inputProperties": { "allowUsersToChangePassword": { "type": "boolean", "description": "Whether to allow users to change their own password\n" }, "hardExpiry": { "type": "boolean", "description": "Whether users are prevented from setting a new password after their password has expired\n(i.e. require administrator reset)\n" }, "maxPasswordAge": { "type": "integer", "description": "The number of days that an user password is valid.\n" }, "minimumPasswordLength": { "type": "integer", "description": "Minimum length to require for user passwords.\n" }, "passwordReusePrevention": { "type": "integer", "description": "The number of previous passwords that users are prevented from reusing.\n" }, "requireLowercaseCharacters": { "type": "boolean", "description": "Whether to require lowercase characters for user passwords.\n" }, "requireNumbers": { "type": "boolean", "description": "Whether to require numbers for user passwords.\n" }, "requireSymbols": { "type": "boolean", "description": "Whether to require symbols for user passwords.\n" }, "requireUppercaseCharacters": { "type": "boolean", "description": "Whether to require uppercase characters for user passwords.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AccountPasswordPolicy resources.\n", "properties": { "allowUsersToChangePassword": { "type": "boolean", "description": "Whether to allow users to change their own password\n" }, "expirePasswords": { "type": "boolean", "description": "Indicates whether passwords in the account expire.\nReturns `true` if `max_password_age` contains a value greater than `0`.\nReturns `false` if it is `0` or _not present_.\n" }, "hardExpiry": { "type": "boolean", "description": "Whether users are prevented from setting a new password after their password has expired\n(i.e. require administrator reset)\n" }, "maxPasswordAge": { "type": "integer", "description": "The number of days that an user password is valid.\n" }, "minimumPasswordLength": { "type": "integer", "description": "Minimum length to require for user passwords.\n" }, "passwordReusePrevention": { "type": "integer", "description": "The number of previous passwords that users are prevented from reusing.\n" }, "requireLowercaseCharacters": { "type": "boolean", "description": "Whether to require lowercase characters for user passwords.\n" }, "requireNumbers": { "type": "boolean", "description": "Whether to require numbers for user passwords.\n" }, "requireSymbols": { "type": "boolean", "description": "Whether to require symbols for user passwords.\n" }, "requireUppercaseCharacters": { "type": "boolean", "description": "Whether to require uppercase characters for user passwords.\n" } }, "type": "object" } }, "aws:iam/group:Group": { "description": "Provides an IAM group.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst developers = new aws.iam.Group(\"developers\", {\n path: \"/users/\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndevelopers = aws.iam.Group(\"developers\", path=\"/users/\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var developers = new Aws.Iam.Group(\"developers\", new Aws.Iam.GroupArgs\n {\n Path = \"/users/\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iam.NewGroup(ctx, \"developers\", \u0026iam.GroupArgs{\n\t\t\tPath: pulumi.String(\"/users/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this group.\n" }, "name": { "type": "string", "description": "The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\".\n" }, "path": { "type": "string", "description": "Path in which to create the group.\n" }, "uniqueId": { "type": "string", "description": "The [unique ID][1] assigned by AWS.\n" } }, "required": [ "arn", "name", "uniqueId" ], "inputProperties": { "name": { "type": "string", "description": "The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\".\n" }, "path": { "type": "string", "description": "Path in which to create the group.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this group.\n" }, "name": { "type": "string", "description": "The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\".\n" }, "path": { "type": "string", "description": "Path in which to create the group.\n" }, "uniqueId": { "type": "string", "description": "The [unique ID][1] assigned by AWS.\n" } }, "type": "object" } }, "aws:iam/groupMembership:GroupMembership": { "description": "\u003e **WARNING:** Multiple aws.iam.GroupMembership resources with the same group name will produce inconsistent behavior!\n\nProvides a top level resource to manage IAM Group membership for IAM Users. For\nmore information on managing IAM Groups or IAM Users, see [IAM Groups](https://www.terraform.io/docs/providers/aws/r/iam_group.html) or\n[IAM Users](https://www.terraform.io/docs/providers/aws/r/iam_user.html)\n\n\u003e **Note:** `aws.iam.GroupMembership` will conflict with itself if used more than once with the same group. To non-exclusively manage the users in a group, see the\n[`aws.iam.UserGroupMembership` resource][3].\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst group = new aws.iam.Group(\"group\", {});\nconst userOne = new aws.iam.User(\"user_one\", {});\nconst userTwo = new aws.iam.User(\"user_two\", {});\nconst team = new aws.iam.GroupMembership(\"team\", {\n group: group.name,\n users: [\n userOne.name,\n userTwo.name,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngroup = aws.iam.Group(\"group\")\nuser_one = aws.iam.User(\"userOne\")\nuser_two = aws.iam.User(\"userTwo\")\nteam = aws.iam.GroupMembership(\"team\",\n group=group.name,\n users=[\n user_one.name,\n user_two.name,\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @group = new Aws.Iam.Group(\"group\", new Aws.Iam.GroupArgs\n {\n });\n var userOne = new Aws.Iam.User(\"userOne\", new Aws.Iam.UserArgs\n {\n });\n var userTwo = new Aws.Iam.User(\"userTwo\", new Aws.Iam.UserArgs\n {\n });\n var team = new Aws.Iam.GroupMembership(\"team\", new Aws.Iam.GroupMembershipArgs\n {\n Group = @group.Name,\n Users = \n {\n userOne.Name,\n userTwo.Name,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgroup, err := iam.NewGroup(ctx, \"group\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tuserOne, err := iam.NewUser(ctx, \"userOne\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tuserTwo, err := iam.NewUser(ctx, \"userTwo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewGroupMembership(ctx, \"team\", \u0026iam.GroupMembershipArgs{\n\t\t\tGroup: group.Name,\n\t\t\tUsers: pulumi.StringArray{\n\t\t\t\tuserOne.Name,\n\t\t\t\tuserTwo.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "group": { "type": "string", "description": "The IAM Group name to attach the list of `users` to\n" }, "name": { "type": "string", "description": "The name to identify the Group Membership\n" }, "users": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM User names to associate with the Group\n" } }, "required": [ "group", "name", "users" ], "inputProperties": { "group": { "type": "string", "description": "The IAM Group name to attach the list of `users` to\n" }, "name": { "type": "string", "description": "The name to identify the Group Membership\n" }, "users": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM User names to associate with the Group\n" } }, "requiredInputs": [ "group", "users" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupMembership resources.\n", "properties": { "group": { "type": "string", "description": "The IAM Group name to attach the list of `users` to\n" }, "name": { "type": "string", "description": "The name to identify the Group Membership\n" }, "users": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM User names to associate with the Group\n" } }, "type": "object" } }, "aws:iam/groupPolicy:GroupPolicy": { "description": "Provides an IAM policy attached to a group.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDevelopers = new aws.iam.Group(\"my_developers\", {\n path: \"/users/\",\n});\nconst myDeveloperPolicy = new aws.iam.GroupPolicy(\"my_developer_policy\", {\n group: myDevelopers.id,\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_developers = aws.iam.Group(\"myDevelopers\", path=\"/users/\")\nmy_developer_policy = aws.iam.GroupPolicy(\"myDeveloperPolicy\",\n group=my_developers.id,\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDevelopers = new Aws.Iam.Group(\"myDevelopers\", new Aws.Iam.GroupArgs\n {\n Path = \"/users/\",\n });\n var myDeveloperPolicy = new Aws.Iam.GroupPolicy(\"myDeveloperPolicy\", new Aws.Iam.GroupPolicyArgs\n {\n Group = myDevelopers.Id,\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"ec2:Describe*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDevelopers, err := iam.NewGroup(ctx, \"myDevelopers\", \u0026iam.GroupArgs{\n\t\t\tPath: pulumi.String(\"/users/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewGroupPolicy(ctx, \"myDeveloperPolicy\", \u0026iam.GroupPolicyArgs{\n\t\t\tGroup: myDevelopers.ID(),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ec2:Describe*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "group": { "type": "string", "description": "The IAM group to attach to the policy.\n" }, "name": { "type": "string", "description": "The name of the policy. If omitted, this provider will\nassign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" } }, "required": [ "group", "name", "policy" ], "inputProperties": { "group": { "type": "string", "description": "The IAM group to attach to the policy.\n" }, "name": { "type": "string", "description": "The name of the policy. If omitted, this provider will\nassign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" } }, "requiredInputs": [ "group", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupPolicy resources.\n", "properties": { "group": { "type": "string", "description": "The IAM group to attach to the policy.\n" }, "name": { "type": "string", "description": "The name of the policy. If omitted, this provider will\nassign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" } }, "type": "object" } }, "aws:iam/groupPolicyAttachment:GroupPolicyAttachment": { "description": "Attaches a Managed IAM Policy to an IAM group\n\n\u003e **NOTE:** The usage of this resource conflicts with the `aws.iam.PolicyAttachment` resource and will permanently show a difference if both are defined.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst group = new aws.iam.Group(\"group\", {});\nconst policy = new aws.iam.Policy(\"policy\", {\n description: \"A test policy\",\n policy: \"\", // insert policy here\n});\nconst test_attach = new aws.iam.GroupPolicyAttachment(\"test-attach\", {\n group: group.name,\n policyArn: policy.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngroup = aws.iam.Group(\"group\")\npolicy = aws.iam.Policy(\"policy\",\n description=\"A test policy\",\n policy=\"\")\n# insert policy here\ntest_attach = aws.iam.GroupPolicyAttachment(\"test-attach\",\n group=group.name,\n policy_arn=policy.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @group = new Aws.Iam.Group(\"group\", new Aws.Iam.GroupArgs\n {\n });\n var policy = new Aws.Iam.Policy(\"policy\", new Aws.Iam.PolicyArgs\n {\n Description = \"A test policy\",\n Policy = \"\",\n });\n // insert policy here\n var test_attach = new Aws.Iam.GroupPolicyAttachment(\"test-attach\", new Aws.Iam.GroupPolicyAttachmentArgs\n {\n Group = @group.Name,\n PolicyArn = policy.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgroup, err := iam.NewGroup(ctx, \"group\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicy, err := iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tDescription: pulumi.String(\"A test policy\"),\n\t\t\tPolicy: pulumi.String(\"\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewGroupPolicyAttachment(ctx, \"test-attach\", \u0026iam.GroupPolicyAttachmentArgs{\n\t\t\tGroup: group.Name,\n\t\t\tPolicyArn: policy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "group": { "type": "string", "description": "The group the policy should be applied to\n" }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" } }, "required": [ "group", "policyArn" ], "inputProperties": { "group": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/group:Group" } ], "description": "The group the policy should be applied to\n" }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" } }, "requiredInputs": [ "group", "policyArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupPolicyAttachment resources.\n", "properties": { "group": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/group:Group" } ], "description": "The group the policy should be applied to\n" }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" } }, "type": "object" } }, "aws:iam/instanceProfile:InstanceProfile": { "description": "Provides an IAM instance profile.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst role = new aws.iam.Role(\"role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n path: \"/\",\n});\nconst testProfile = new aws.iam.InstanceProfile(\"test_profile\", {\n role: role.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nrole = aws.iam.Role(\"role\",\n assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\",\n path=\"/\")\ntest_profile = aws.iam.InstanceProfile(\"testProfile\", role=role.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"ec2.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n Path = \"/\",\n });\n var testProfile = new Aws.Iam.InstanceProfile(\"testProfile\", new Aws.Iam.InstanceProfileArgs\n {\n Role = role.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"ec2.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewInstanceProfile(ctx, \"testProfile\", \u0026iam.InstanceProfileArgs{\n\t\t\tRole: role.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to the instance profile.\n" }, "createDate": { "type": "string", "description": "The creation timestamp of the instance profile.\n" }, "name": { "type": "string", "description": "The profile's name. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "Path in which to create the profile.\n" }, "role": { "type": "string", "description": "The role name to include in the profile.\n" }, "roles": { "type": "array", "items": { "type": "string" }, "description": "A list of role names to include in the profile. The current default is 1. If you see an error message similar to `Cannot exceed quota for InstanceSessionsPerInstanceProfile: 1`, then you must contact AWS support and ask for a limit increase.\n", "deprecationMessage": "Use `role` instead. Only a single role can be passed to an IAM Instance Profile" }, "uniqueId": { "type": "string", "description": "The [unique ID][1] assigned by AWS.\n" } }, "required": [ "arn", "createDate", "name", "role", "roles", "uniqueId" ], "inputProperties": { "name": { "type": "string", "description": "The profile's name. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "Path in which to create the profile.\n" }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "The role name to include in the profile.\n" }, "roles": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ] }, "description": "A list of role names to include in the profile. The current default is 1. If you see an error message similar to `Cannot exceed quota for InstanceSessionsPerInstanceProfile: 1`, then you must contact AWS support and ask for a limit increase.\n", "deprecationMessage": "Use `role` instead. Only a single role can be passed to an IAM Instance Profile" } }, "stateInputs": { "description": "Input properties used for looking up and filtering InstanceProfile resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to the instance profile.\n" }, "createDate": { "type": "string", "description": "The creation timestamp of the instance profile.\n" }, "name": { "type": "string", "description": "The profile's name. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "Path in which to create the profile.\n" }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "The role name to include in the profile.\n" }, "roles": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ] }, "description": "A list of role names to include in the profile. The current default is 1. If you see an error message similar to `Cannot exceed quota for InstanceSessionsPerInstanceProfile: 1`, then you must contact AWS support and ask for a limit increase.\n", "deprecationMessage": "Use `role` instead. Only a single role can be passed to an IAM Instance Profile" }, "uniqueId": { "type": "string", "description": "The [unique ID][1] assigned by AWS.\n" } }, "type": "object" } }, "aws:iam/openIdConnectProvider:OpenIdConnectProvider": { "description": "Provides an IAM OpenID Connect provider.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultOpenIdConnectProvider = new aws.iam.OpenIdConnectProvider(\"default\", {\n clientIdLists: [\"266362248691-342342xasdasdasda-apps.googleusercontent.com\"],\n thumbprintLists: [],\n url: \"https://accounts.google.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.iam.OpenIdConnectProvider(\"default\",\n client_id_lists=[\"266362248691-342342xasdasdasda-apps.googleusercontent.com\"],\n thumbprint_lists=[],\n url=\"https://accounts.google.com\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Iam.OpenIdConnectProvider(\"default\", new Aws.Iam.OpenIdConnectProviderArgs\n {\n ClientIdLists = \n {\n \"266362248691-342342xasdasdasda-apps.googleusercontent.com\",\n },\n ThumbprintLists = {},\n Url = \"https://accounts.google.com\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iam.NewOpenIdConnectProvider(ctx, \"default\", \u0026iam.OpenIdConnectProviderArgs{\n\t\t\tClientIdLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"266362248691-342342xasdasdasda-apps.googleusercontent.com\"),\n\t\t\t},\n\t\t\tThumbprintLists: []interface{}{},\n\t\t\tUrl: pulumi.String(\"https://accounts.google.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this provider.\n" }, "clientIdLists": { "type": "array", "items": { "type": "string" }, "description": "A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)\n" }, "thumbprintLists": { "type": "array", "items": { "type": "string" }, "description": "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).\n" }, "url": { "type": "string", "description": "The URL of the identity provider. Corresponds to the _iss_ claim.\n" } }, "required": [ "arn", "clientIdLists", "thumbprintLists", "url" ], "inputProperties": { "clientIdLists": { "type": "array", "items": { "type": "string" }, "description": "A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)\n" }, "thumbprintLists": { "type": "array", "items": { "type": "string" }, "description": "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).\n" }, "url": { "type": "string", "description": "The URL of the identity provider. Corresponds to the _iss_ claim.\n" } }, "requiredInputs": [ "clientIdLists", "thumbprintLists", "url" ], "stateInputs": { "description": "Input properties used for looking up and filtering OpenIdConnectProvider resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this provider.\n" }, "clientIdLists": { "type": "array", "items": { "type": "string" }, "description": "A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)\n" }, "thumbprintLists": { "type": "array", "items": { "type": "string" }, "description": "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).\n" }, "url": { "type": "string", "description": "The URL of the identity provider. Corresponds to the _iss_ claim.\n" } }, "type": "object" } }, "aws:iam/policy:Policy": { "description": "Provides an IAM policy.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst policy = new aws.iam.Policy(\"policy\", {\n description: \"My test policy\",\n path: \"/\",\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npolicy = aws.iam.Policy(\"policy\",\n description=\"My test policy\",\n path=\"/\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var policy = new Aws.Iam.Policy(\"policy\", new Aws.Iam.PolicyArgs\n {\n Description = \"My test policy\",\n Path = \"/\",\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"ec2:Describe*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tDescription: pulumi.String(\"My test policy\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ec2:Describe*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to this policy.\n" }, "description": { "type": "string", "description": "Description of the IAM policy.\n" }, "name": { "type": "string", "description": "The name of the policy. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "Path in which to create the policy.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n" }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n", "language": { "csharp": { "name": "PolicyDocument" } } } }, "required": [ "arn", "name", "policy" ], "inputProperties": { "description": { "type": "string", "description": "Description of the IAM policy.\n" }, "name": { "type": "string", "description": "The name of the policy. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "Path in which to create the policy.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n", "language": { "csharp": { "name": "PolicyDocument" } } } }, "requiredInputs": [ "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to this policy.\n" }, "description": { "type": "string", "description": "Description of the IAM policy.\n" }, "name": { "type": "string", "description": "The name of the policy. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "Path in which to create the policy.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n", "language": { "csharp": { "name": "PolicyDocument" } } } }, "type": "object" } }, "aws:iam/policyAttachment:PolicyAttachment": { "description": "Attaches a Managed IAM Policy to user(s), role(s), and/or group(s)\n\n!\u003e **WARNING:** The aws.iam.PolicyAttachment resource creates **exclusive** attachments of IAM policies. Across the entire AWS account, all of the users/roles/groups to which a single policy is attached must be declared by a single aws.iam.PolicyAttachment resource. This means that even any users/roles/groups that have the attached policy via any other mechanism (including other resources managed by this provider) will have that attached policy revoked by this resource. Consider `aws.iam.RolePolicyAttachment`, `aws.iam.UserPolicyAttachment`, or `aws.iam.GroupPolicyAttachment` instead. These resources do not enforce exclusive attachment of an IAM policy.\n\n\u003e **NOTE:** The usage of this resource conflicts with the `aws.iam.GroupPolicyAttachment`, `aws.iam.RolePolicyAttachment`, and `aws.iam.UserPolicyAttachment` resources and will permanently show a difference if both are defined.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst user = new aws.iam.User(\"user\", {});\nconst role = new aws.iam.Role(\"role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst group = new aws.iam.Group(\"group\", {});\nconst policy = new aws.iam.Policy(\"policy\", {\n description: \"A test policy\",\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n});\nconst test_attach = new aws.iam.PolicyAttachment(\"test-attach\", {\n groups: [group.name],\n policyArn: policy.arn,\n roles: [role.name],\n users: [user.name],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser = aws.iam.User(\"user\")\nrole = aws.iam.Role(\"role\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\ngroup = aws.iam.Group(\"group\")\npolicy = aws.iam.Policy(\"policy\",\n description=\"A test policy\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n\n\"\"\")\ntest_attach = aws.iam.PolicyAttachment(\"test-attach\",\n groups=[group.name],\n policy_arn=policy.arn,\n roles=[role.name],\n users=[user.name])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var user = new Aws.Iam.User(\"user\", new Aws.Iam.UserArgs\n {\n });\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"ec2.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var @group = new Aws.Iam.Group(\"group\", new Aws.Iam.GroupArgs\n {\n });\n var policy = new Aws.Iam.Policy(\"policy\", new Aws.Iam.PolicyArgs\n {\n Description = \"A test policy\",\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"ec2:Describe*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\n\",\n });\n var test_attach = new Aws.Iam.PolicyAttachment(\"test-attach\", new Aws.Iam.PolicyAttachmentArgs\n {\n Groups = \n {\n @group.Name,\n },\n PolicyArn = policy.Arn,\n Roles = \n {\n role.Name,\n },\n Users = \n {\n user.Name,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuser, err := iam.NewUser(ctx, \"user\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"ec2.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroup, err := iam.NewGroup(ctx, \"group\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicy, err := iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tDescription: pulumi.String(\"A test policy\"),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ec2:Describe*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewPolicyAttachment(ctx, \"test-attach\", \u0026iam.PolicyAttachmentArgs{\n\t\t\tGroups: pulumi.StringArray{\n\t\t\t\tgroup.Name,\n\t\t\t},\n\t\t\tPolicyArn: policy.Arn,\n\t\t\tRoles: pulumi.StringArray{\n\t\t\t\trole.Name,\n\t\t\t},\n\t\t\tUsers: pulumi.StringArray{\n\t\t\t\tuser.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "The group(s) the policy should be applied to\n" }, "name": { "type": "string", "description": "The name of the attachment. This cannot be an empty string.\n" }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "roles": { "type": "array", "items": { "type": "string" }, "description": "The role(s) the policy should be applied to\n" }, "users": { "type": "array", "items": { "type": "string" }, "description": "The user(s) the policy should be applied to\n" } }, "required": [ "name", "policyArn" ], "inputProperties": { "groups": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/group:Group" } ] }, "description": "The group(s) the policy should be applied to\n" }, "name": { "type": "string", "description": "The name of the attachment. This cannot be an empty string.\n" }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "roles": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ] }, "description": "The role(s) the policy should be applied to\n" }, "users": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/user:User" } ] }, "description": "The user(s) the policy should be applied to\n" } }, "requiredInputs": [ "policyArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering PolicyAttachment resources.\n", "properties": { "groups": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/group:Group" } ] }, "description": "The group(s) the policy should be applied to\n" }, "name": { "type": "string", "description": "The name of the attachment. This cannot be an empty string.\n" }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "roles": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ] }, "description": "The role(s) the policy should be applied to\n" }, "users": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/user:User" } ] }, "description": "The user(s) the policy should be applied to\n" } }, "type": "object" } }, "aws:iam/role:Role": { "description": "Provides an IAM role.\n\n\u003e *NOTE:* If policies are attached to the role via the `aws.iam.PolicyAttachment` resource and you are modifying the role `name` or `path`, the `force_detach_policies` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `aws.iam.RolePolicyAttachment` resource (recommended) does not have this requirement.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRole = new aws.iam.Role(\"test_role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n tags: {\n \"tag-key\": \"tag-value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_role = aws.iam.Role(\"testRole\",\n assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\",\n tags={\n \"tag-key\": \"tag-value\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testRole = new Aws.Iam.Role(\"testRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"ec2.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n Tags = \n {\n { \"tag-key\", \"tag-value\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iam.NewRole(ctx, \"testRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"ec2.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"tag-key\": pulumi.String(\"tag-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Example of Using Data Source for Assume Role Policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst instance_assume_role_policy = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n identifiers: [\"ec2.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n}, { async: true }));\nconst instance = new aws.iam.Role(\"instance\", {\n assumeRolePolicy: instance_assume_role_policy.json,\n path: \"/system/\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ninstance_assume_role_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"identifiers\": [\"ec2.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\ninstance = aws.iam.Role(\"instance\",\n assume_role_policy=instance_assume_role_policy.json,\n path=\"/system/\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var instance_assume_role_policy = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"sts:AssumeRole\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"ec2.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n }));\n var instance = new Aws.Iam.Role(\"instance\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = instance_assume_role_policy.Apply(instance_assume_role_policy =\u003e instance_assume_role_policy.Json),\n Path = \"/system/\",\n });\n }\n\n}\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the role.\n" }, "assumeRolePolicy": { "type": "string", "description": "The policy that grants an entity permission to assume the role.\n" }, "createDate": { "type": "string", "description": "The creation date of the IAM role.\n" }, "description": { "type": "string", "description": "The description of the role.\n" }, "forceDetachPolicies": { "type": "boolean", "description": "Specifies to force detaching any policies the role has before destroying it. Defaults to `false`.\n" }, "maxSessionDuration": { "type": "integer", "description": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n" }, "name": { "type": "string", "description": "The name of the role. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "The path to the role.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the IAM role\n" }, "uniqueId": { "type": "string", "description": "The stable and unique string identifying the role.\n" } }, "required": [ "arn", "assumeRolePolicy", "createDate", "name", "uniqueId" ], "inputProperties": { "assumeRolePolicy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy that grants an entity permission to assume the role.\n" }, "description": { "type": "string", "description": "The description of the role.\n" }, "forceDetachPolicies": { "type": "boolean", "description": "Specifies to force detaching any policies the role has before destroying it. Defaults to `false`.\n" }, "maxSessionDuration": { "type": "integer", "description": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n" }, "name": { "type": "string", "description": "The name of the role. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "The path to the role.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the IAM role\n" } }, "requiredInputs": [ "assumeRolePolicy" ], "stateInputs": { "description": "Input properties used for looking up and filtering Role resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the role.\n" }, "assumeRolePolicy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy that grants an entity permission to assume the role.\n" }, "createDate": { "type": "string", "description": "The creation date of the IAM role.\n" }, "description": { "type": "string", "description": "The description of the role.\n" }, "forceDetachPolicies": { "type": "boolean", "description": "Specifies to force detaching any policies the role has before destroying it. Defaults to `false`.\n" }, "maxSessionDuration": { "type": "integer", "description": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n" }, "name": { "type": "string", "description": "The name of the role. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "The path to the role.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the IAM role\n" }, "uniqueId": { "type": "string", "description": "The stable and unique string identifying the role.\n" } }, "type": "object" } }, "aws:iam/rolePolicy:RolePolicy": { "description": "Provides an IAM role inline policy.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRole = new aws.iam.Role(\"testRole\", {assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`});\nconst testPolicy = new aws.iam.RolePolicy(\"testPolicy\", {\n role: testRole.id,\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_role = aws.iam.Role(\"testRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\"\"\")\ntest_policy = aws.iam.RolePolicy(\"testPolicy\",\n role=test_role.id,\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testRole = new Aws.Iam.Role(\"testRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"ec2.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\",\n });\n var testPolicy = new Aws.Iam.RolePolicy(\"testPolicy\", new Aws.Iam.RolePolicyArgs\n {\n Role = testRole.Id,\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"ec2:Describe*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestRole, err := iam.NewRole(ctx, \"testRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"ec2.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"testPolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tRole: testRole.ID(),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ec2:Describe*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name of the role policy. If omitted, this provider will\nassign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "role": { "type": "string", "description": "The IAM role to attach to the policy.\n" } }, "required": [ "name", "policy", "role" ], "inputProperties": { "name": { "type": "string", "description": "The name of the role policy. If omitted, this provider will\nassign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "The IAM role to attach to the policy.\n" } }, "requiredInputs": [ "policy", "role" ], "stateInputs": { "description": "Input properties used for looking up and filtering RolePolicy resources.\n", "properties": { "name": { "type": "string", "description": "The name of the role policy. If omitted, this provider will\nassign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "The IAM role to attach to the policy.\n" } }, "type": "object" } }, "aws:iam/rolePolicyAttachment:RolePolicyAttachment": { "description": "Attaches a Managed IAM Policy to an IAM role\n\n\u003e **NOTE:** The usage of this resource conflicts with the `aws.iam.PolicyAttachment` resource and will permanently show a difference if both are defined.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst role = new aws.iam.Role(\"role\", {\n assumeRolePolicy: ` {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n }\n`,\n});\nconst policy = new aws.iam.Policy(\"policy\", {\n description: \"A test policy\",\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n});\nconst test_attach = new aws.iam.RolePolicyAttachment(\"test-attach\", {\n policyArn: policy.arn,\n role: role.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nrole = aws.iam.Role(\"role\", assume_role_policy=\"\"\" {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n }\n\n\"\"\")\npolicy = aws.iam.Policy(\"policy\",\n description=\"A test policy\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n\n\"\"\")\ntest_attach = aws.iam.RolePolicyAttachment(\"test-attach\",\n policy_arn=policy.arn,\n role=role.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\" {\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"ec2.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n }\n\n\",\n });\n var policy = new Aws.Iam.Policy(\"policy\", new Aws.Iam.PolicyArgs\n {\n Description = \"A test policy\",\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"ec2:Describe*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\n\",\n });\n var test_attach = new Aws.Iam.RolePolicyAttachment(\"test-attach\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = policy.Arn,\n Role = role.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \" {\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"ec2.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \" }\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicy, err := iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tDescription: pulumi.String(\"A test policy\"),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ec2:Describe*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"test-attach\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: policy.Arn,\n\t\t\tRole: role.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "role": { "type": "string", "description": "The role the policy should be applied to\n" } }, "required": [ "policyArn", "role" ], "inputProperties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "The role the policy should be applied to\n" } }, "requiredInputs": [ "policyArn", "role" ], "stateInputs": { "description": "Input properties used for looking up and filtering RolePolicyAttachment resources.\n", "properties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "The role the policy should be applied to\n" } }, "type": "object" } }, "aws:iam/samlProvider:SamlProvider": { "description": "Provides an IAM SAML provider.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this provider.\n" }, "name": { "type": "string", "description": "The name of the provider to create.\n" }, "samlMetadataDocument": { "type": "string", "description": "An XML document generated by an identity provider that supports SAML 2.0.\n" }, "validUntil": { "type": "string", "description": "The expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`.\n" } }, "required": [ "arn", "name", "samlMetadataDocument", "validUntil" ], "inputProperties": { "name": { "type": "string", "description": "The name of the provider to create.\n" }, "samlMetadataDocument": { "type": "string", "description": "An XML document generated by an identity provider that supports SAML 2.0.\n" } }, "requiredInputs": [ "samlMetadataDocument" ], "stateInputs": { "description": "Input properties used for looking up and filtering SamlProvider resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this provider.\n" }, "name": { "type": "string", "description": "The name of the provider to create.\n" }, "samlMetadataDocument": { "type": "string", "description": "An XML document generated by an identity provider that supports SAML 2.0.\n" }, "validUntil": { "type": "string", "description": "The expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`.\n" } }, "type": "object" } }, "aws:iam/serverCertificate:ServerCertificate": { "description": "Provides an IAM Server Certificate resource to upload Server Certificates.\nCerts uploaded to IAM can easily work with other AWS services such as:\n\n- AWS Elastic Beanstalk\n- Elastic Load Balancing\n- CloudFront\n- AWS OpsWorks\n\nFor information about server certificates in IAM, see [Managing Server\nCertificates][2] in AWS Documentation.\n\n\u003e **Note:** All arguments including the private key will be stored in the raw state as plain-text.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the server certificate.\n" }, "certificateBody": { "type": "string", "description": "The contents of the public key certificate in\nPEM-encoded format.\n" }, "certificateChain": { "type": "string", "description": "The contents of the certificate chain.\nThis is typically a concatenation of the PEM-encoded public key certificates\nof the chain.\n" }, "name": { "type": "string", "description": "The name of the Server Certificate. Do not include the\npath in this value. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "The IAM path for the server certificate. If it is not\nincluded, it defaults to a slash (/). If this certificate is for use with\nAWS CloudFront, the path must be in format `/cloudfront/your_path_here`.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.\n" }, "privateKey": { "type": "string", "description": "The contents of the private key in PEM-encoded format.\n" } }, "required": [ "arn", "certificateBody", "name", "privateKey" ], "inputProperties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the server certificate.\n" }, "certificateBody": { "type": "string", "description": "The contents of the public key certificate in\nPEM-encoded format.\n" }, "certificateChain": { "type": "string", "description": "The contents of the certificate chain.\nThis is typically a concatenation of the PEM-encoded public key certificates\nof the chain.\n" }, "name": { "type": "string", "description": "The name of the Server Certificate. Do not include the\npath in this value. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "The IAM path for the server certificate. If it is not\nincluded, it defaults to a slash (/). If this certificate is for use with\nAWS CloudFront, the path must be in format `/cloudfront/your_path_here`.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.\n" }, "privateKey": { "type": "string", "description": "The contents of the private key in PEM-encoded format.\n" } }, "requiredInputs": [ "certificateBody", "privateKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServerCertificate resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the server certificate.\n" }, "certificateBody": { "type": "string", "description": "The contents of the public key certificate in\nPEM-encoded format.\n" }, "certificateChain": { "type": "string", "description": "The contents of the certificate chain.\nThis is typically a concatenation of the PEM-encoded public key certificates\nof the chain.\n" }, "name": { "type": "string", "description": "The name of the Server Certificate. Do not include the\npath in this value. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "The IAM path for the server certificate. If it is not\nincluded, it defaults to a slash (/). If this certificate is for use with\nAWS CloudFront, the path must be in format `/cloudfront/your_path_here`.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.\n" }, "privateKey": { "type": "string", "description": "The contents of the private key in PEM-encoded format.\n" } }, "type": "object" } }, "aws:iam/serviceLinkedRole:ServiceLinkedRole": { "description": "Provides an [IAM service-linked role](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst elasticbeanstalk = new aws.iam.ServiceLinkedRole(\"elasticbeanstalk\", {\n awsServiceName: \"elasticbeanstalk.amazonaws.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nelasticbeanstalk = aws.iam.ServiceLinkedRole(\"elasticbeanstalk\", aws_service_name=\"elasticbeanstalk.amazonaws.com\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var elasticbeanstalk = new Aws.Iam.ServiceLinkedRole(\"elasticbeanstalk\", new Aws.Iam.ServiceLinkedRoleArgs\n {\n AwsServiceName = \"elasticbeanstalk.amazonaws.com\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iam.NewServiceLinkedRole(ctx, \"elasticbeanstalk\", \u0026iam.ServiceLinkedRoleArgs{\n\t\t\tAwsServiceName: pulumi.String(\"elasticbeanstalk.amazonaws.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the role.\n" }, "awsServiceName": { "type": "string", "description": "The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).\n" }, "createDate": { "type": "string", "description": "The creation date of the IAM role.\n" }, "customSuffix": { "type": "string", "description": "Additional string appended to the role name. Not all AWS services support custom suffixes.\n" }, "description": { "type": "string", "description": "The description of the role.\n" }, "name": { "type": "string", "description": "The name of the role.\n" }, "path": { "type": "string", "description": "The path of the role.\n" }, "uniqueId": { "type": "string", "description": "The stable and unique string identifying the role.\n" } }, "required": [ "arn", "awsServiceName", "createDate", "name", "path", "uniqueId" ], "inputProperties": { "awsServiceName": { "type": "string", "description": "The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).\n" }, "customSuffix": { "type": "string", "description": "Additional string appended to the role name. Not all AWS services support custom suffixes.\n" }, "description": { "type": "string", "description": "The description of the role.\n" } }, "requiredInputs": [ "awsServiceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServiceLinkedRole resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the role.\n" }, "awsServiceName": { "type": "string", "description": "The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).\n" }, "createDate": { "type": "string", "description": "The creation date of the IAM role.\n" }, "customSuffix": { "type": "string", "description": "Additional string appended to the role name. Not all AWS services support custom suffixes.\n" }, "description": { "type": "string", "description": "The description of the role.\n" }, "name": { "type": "string", "description": "The name of the role.\n" }, "path": { "type": "string", "description": "The path of the role.\n" }, "uniqueId": { "type": "string", "description": "The stable and unique string identifying the role.\n" } }, "type": "object" } }, "aws:iam/sshKey:SshKey": { "description": "Uploads an SSH public key and associates it with the specified IAM user.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst userUser = new aws.iam.User(\"user\", {\n path: \"/\",\n});\nconst userSshKey = new aws.iam.SshKey(\"user\", {\n encoding: \"SSH\",\n publicKey: \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com\",\n username: userUser.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser_user = aws.iam.User(\"userUser\", path=\"/\")\nuser_ssh_key = aws.iam.SshKey(\"userSshKey\",\n encoding=\"SSH\",\n public_key=\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com\",\n username=user_user.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var userUser = new Aws.Iam.User(\"userUser\", new Aws.Iam.UserArgs\n {\n Path = \"/\",\n });\n var userSshKey = new Aws.Iam.SshKey(\"userSshKey\", new Aws.Iam.SshKeyArgs\n {\n Encoding = \"SSH\",\n PublicKey = \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com\",\n Username = userUser.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuserUser, err := iam.NewUser(ctx, \"userUser\", \u0026iam.UserArgs{\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewSshKey(ctx, \"userSshKey\", \u0026iam.SshKeyArgs{\n\t\t\tEncoding: pulumi.String(\"SSH\"),\n\t\t\tPublicKey: pulumi.String(\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com\"),\n\t\t\tUsername: userUser.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "encoding": { "type": "string", "description": "Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.\n" }, "fingerprint": { "type": "string", "description": "The MD5 message digest of the SSH public key.\n" }, "publicKey": { "type": "string", "description": "The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.\n" }, "sshPublicKeyId": { "type": "string", "description": "The unique identifier for the SSH public key.\n" }, "status": { "type": "string", "description": "The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.\n" }, "username": { "type": "string", "description": "The name of the IAM user to associate the SSH public key with.\n" } }, "required": [ "encoding", "fingerprint", "publicKey", "sshPublicKeyId", "status", "username" ], "inputProperties": { "encoding": { "type": "string", "description": "Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.\n" }, "publicKey": { "type": "string", "description": "The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.\n" }, "status": { "type": "string", "description": "The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.\n" }, "username": { "type": "string", "description": "The name of the IAM user to associate the SSH public key with.\n" } }, "requiredInputs": [ "encoding", "publicKey", "username" ], "stateInputs": { "description": "Input properties used for looking up and filtering SshKey resources.\n", "properties": { "encoding": { "type": "string", "description": "Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.\n" }, "fingerprint": { "type": "string", "description": "The MD5 message digest of the SSH public key.\n" }, "publicKey": { "type": "string", "description": "The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.\n" }, "sshPublicKeyId": { "type": "string", "description": "The unique identifier for the SSH public key.\n" }, "status": { "type": "string", "description": "The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.\n" }, "username": { "type": "string", "description": "The name of the IAM user to associate the SSH public key with.\n" } }, "type": "object" } }, "aws:iam/user:User": { "description": "Provides an IAM user.\n\n\u003e *NOTE:* If policies are attached to the user via the `aws.iam.PolicyAttachment` resource and you are modifying the user `name` or `path`, the `force_destroy` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `aws.iam.UserPolicyAttachment` resource (recommended) does not have this requirement.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lbUser = new aws.iam.User(\"lb\", {\n path: \"/system/\",\n tags: {\n \"tag-key\": \"tag-value\",\n },\n});\nconst lbAccessKey = new aws.iam.AccessKey(\"lb\", {\n user: lbUser.name,\n});\nconst lbRo = new aws.iam.UserPolicy(\"lb_ro\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n user: lbUser.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb_user = aws.iam.User(\"lbUser\",\n path=\"/system/\",\n tags={\n \"tag-key\": \"tag-value\",\n })\nlb_access_key = aws.iam.AccessKey(\"lbAccessKey\", user=lb_user.name)\nlb_ro = aws.iam.UserPolicy(\"lbRo\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n\n\"\"\",\n user=lb_user.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lbUser = new Aws.Iam.User(\"lbUser\", new Aws.Iam.UserArgs\n {\n Path = \"/system/\",\n Tags = \n {\n { \"tag-key\", \"tag-value\" },\n },\n });\n var lbAccessKey = new Aws.Iam.AccessKey(\"lbAccessKey\", new Aws.Iam.AccessKeyArgs\n {\n User = lbUser.Name,\n });\n var lbRo = new Aws.Iam.UserPolicy(\"lbRo\", new Aws.Iam.UserPolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"ec2:Describe*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\n\",\n User = lbUser.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlbUser, err := iam.NewUser(ctx, \"lbUser\", \u0026iam.UserArgs{\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"tag-key\": pulumi.String(\"tag-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewAccessKey(ctx, \"lbAccessKey\", \u0026iam.AccessKeyArgs{\n\t\t\tUser: lbUser.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserPolicy(ctx, \"lbRo\", \u0026iam.UserPolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ec2:Describe*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tUser: lbUser.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this user.\n" }, "forceDestroy": { "type": "boolean", "description": "When destroying this user, destroy even if it\nhas non-provider-managed IAM access keys, login profile or MFA devices. Without `force_destroy`\na user with non-provider-managed access keys and login profile will fail to be destroyed.\n" }, "name": { "type": "string", "description": "The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both \"TESTUSER\" and \"testuser\".\n" }, "path": { "type": "string", "description": "Path in which to create the user.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the user.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM user\n" }, "uniqueId": { "type": "string", "description": "The [unique ID][1] assigned by AWS.\n" } }, "required": [ "arn", "name", "uniqueId" ], "inputProperties": { "forceDestroy": { "type": "boolean", "description": "When destroying this user, destroy even if it\nhas non-provider-managed IAM access keys, login profile or MFA devices. Without `force_destroy`\na user with non-provider-managed access keys and login profile will fail to be destroyed.\n" }, "name": { "type": "string", "description": "The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both \"TESTUSER\" and \"testuser\".\n" }, "path": { "type": "string", "description": "Path in which to create the user.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the user.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM user\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this user.\n" }, "forceDestroy": { "type": "boolean", "description": "When destroying this user, destroy even if it\nhas non-provider-managed IAM access keys, login profile or MFA devices. Without `force_destroy`\na user with non-provider-managed access keys and login profile will fail to be destroyed.\n" }, "name": { "type": "string", "description": "The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both \"TESTUSER\" and \"testuser\".\n" }, "path": { "type": "string", "description": "Path in which to create the user.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the user.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM user\n" }, "uniqueId": { "type": "string", "description": "The [unique ID][1] assigned by AWS.\n" } }, "type": "object" } }, "aws:iam/userGroupMembership:UserGroupMembership": { "description": "Provides a resource for adding an [IAM User](https://www.terraform.io/docs/providers/aws/r/iam_user.html) to [IAM Groups](https://www.terraform.io/docs/providers/aws/r/iam_group.html). This\nresource can be used multiple times with the same user for non-overlapping\ngroups.\n\nTo exclusively manage the users in a group, see the\n[`aws.iam.GroupMembership` resource][3].\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst user1 = new aws.iam.User(\"user1\", {});\nconst group1 = new aws.iam.Group(\"group1\", {});\nconst group2 = new aws.iam.Group(\"group2\", {});\nconst example1 = new aws.iam.UserGroupMembership(\"example1\", {\n groups: [\n group1.name,\n group2.name,\n ],\n user: user1.name,\n});\nconst group3 = new aws.iam.Group(\"group3\", {});\nconst example2 = new aws.iam.UserGroupMembership(\"example2\", {\n groups: [group3.name],\n user: user1.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser1 = aws.iam.User(\"user1\")\ngroup1 = aws.iam.Group(\"group1\")\ngroup2 = aws.iam.Group(\"group2\")\nexample1 = aws.iam.UserGroupMembership(\"example1\",\n groups=[\n group1.name,\n group2.name,\n ],\n user=user1.name)\ngroup3 = aws.iam.Group(\"group3\")\nexample2 = aws.iam.UserGroupMembership(\"example2\",\n groups=[group3.name],\n user=user1.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var user1 = new Aws.Iam.User(\"user1\", new Aws.Iam.UserArgs\n {\n });\n var group1 = new Aws.Iam.Group(\"group1\", new Aws.Iam.GroupArgs\n {\n });\n var group2 = new Aws.Iam.Group(\"group2\", new Aws.Iam.GroupArgs\n {\n });\n var example1 = new Aws.Iam.UserGroupMembership(\"example1\", new Aws.Iam.UserGroupMembershipArgs\n {\n Groups = \n {\n group1.Name,\n group2.Name,\n },\n User = user1.Name,\n });\n var group3 = new Aws.Iam.Group(\"group3\", new Aws.Iam.GroupArgs\n {\n });\n var example2 = new Aws.Iam.UserGroupMembership(\"example2\", new Aws.Iam.UserGroupMembershipArgs\n {\n Groups = \n {\n group3.Name,\n },\n User = user1.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuser1, err := iam.NewUser(ctx, \"user1\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroup1, err := iam.NewGroup(ctx, \"group1\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroup2, err := iam.NewGroup(ctx, \"group2\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserGroupMembership(ctx, \"example1\", \u0026iam.UserGroupMembershipArgs{\n\t\t\tGroups: pulumi.StringArray{\n\t\t\t\tgroup1.Name,\n\t\t\t\tgroup2.Name,\n\t\t\t},\n\t\t\tUser: user1.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroup3, err := iam.NewGroup(ctx, \"group3\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserGroupMembership(ctx, \"example2\", \u0026iam.UserGroupMembershipArgs{\n\t\t\tGroups: pulumi.StringArray{\n\t\t\t\tgroup3.Name,\n\t\t\t},\n\t\t\tUser: user1.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "A list of [IAM Groups](https://www.terraform.io/docs/providers/aws/r/iam_group.html) to add the user to\n" }, "user": { "type": "string", "description": "The name of the [IAM User](https://www.terraform.io/docs/providers/aws/r/iam_user.html) to add to groups\n" } }, "required": [ "groups", "user" ], "inputProperties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "A list of [IAM Groups](https://www.terraform.io/docs/providers/aws/r/iam_group.html) to add the user to\n" }, "user": { "type": "string", "description": "The name of the [IAM User](https://www.terraform.io/docs/providers/aws/r/iam_user.html) to add to groups\n" } }, "requiredInputs": [ "groups", "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserGroupMembership resources.\n", "properties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "A list of [IAM Groups](https://www.terraform.io/docs/providers/aws/r/iam_group.html) to add the user to\n" }, "user": { "type": "string", "description": "The name of the [IAM User](https://www.terraform.io/docs/providers/aws/r/iam_user.html) to add to groups\n" } }, "type": "object" } }, "aws:iam/userLoginProfile:UserLoginProfile": { "description": "Manages an IAM User Login Profile with limited support for password creation during this provider resource creation. Uses PGP to encrypt the password for safe transport to the user. PGP keys can be obtained from Keybase.\n\n\u003e To reset an IAM User login password via this provider, you can use delete and recreate this resource or change any of the arguments.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleUser = new aws.iam.User(\"example\", {\n forceDestroy: true,\n path: \"/\",\n});\nconst exampleUserLoginProfile = new aws.iam.UserLoginProfile(\"example\", {\n pgpKey: \"keybase:some_person_that_exists\",\n user: exampleUser.name,\n});\n\nexport const password = exampleUserLoginProfile.encryptedPassword;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_user = aws.iam.User(\"exampleUser\",\n force_destroy=True,\n path=\"/\")\nexample_user_login_profile = aws.iam.UserLoginProfile(\"exampleUserLoginProfile\",\n pgp_key=\"keybase:some_person_that_exists\",\n user=example_user.name)\npulumi.export(\"password\", example_user_login_profile.encrypted_password)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleUser = new Aws.Iam.User(\"exampleUser\", new Aws.Iam.UserArgs\n {\n ForceDestroy = true,\n Path = \"/\",\n });\n var exampleUserLoginProfile = new Aws.Iam.UserLoginProfile(\"exampleUserLoginProfile\", new Aws.Iam.UserLoginProfileArgs\n {\n PgpKey = \"keybase:some_person_that_exists\",\n User = exampleUser.Name,\n });\n this.Password = exampleUserLoginProfile.EncryptedPassword;\n }\n\n [Output(\"password\")]\n public Output\u003cstring\u003e Password { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := iam.NewUser(ctx, \"exampleUser\", \u0026iam.UserArgs{\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUserLoginProfile, err := iam.NewUserLoginProfile(ctx, \"exampleUserLoginProfile\", \u0026iam.UserLoginProfileArgs{\n\t\t\tPgpKey: pulumi.String(\"keybase:some_person_that_exists\"),\n\t\t\tUser: exampleUser.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"password\", exampleUserLoginProfile.EncryptedPassword)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "encryptedPassword": { "type": "string", "description": "The encrypted password, base64 encoded. Only available if password was handled on this provider resource creation, not import.\n" }, "keyFingerprint": { "type": "string", "description": "The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.\n" }, "passwordLength": { "type": "integer", "description": "The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.\n" }, "passwordResetRequired": { "type": "boolean", "description": "Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.\n" }, "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.\n" }, "user": { "type": "string", "description": "The IAM user's name.\n" } }, "required": [ "encryptedPassword", "keyFingerprint", "pgpKey", "user" ], "inputProperties": { "passwordLength": { "type": "integer", "description": "The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.\n" }, "passwordResetRequired": { "type": "boolean", "description": "Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.\n" }, "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.\n" }, "user": { "type": "string", "description": "The IAM user's name.\n" } }, "requiredInputs": [ "pgpKey", "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserLoginProfile resources.\n", "properties": { "encryptedPassword": { "type": "string", "description": "The encrypted password, base64 encoded. Only available if password was handled on this provider resource creation, not import.\n" }, "keyFingerprint": { "type": "string", "description": "The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.\n" }, "passwordLength": { "type": "integer", "description": "The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.\n" }, "passwordResetRequired": { "type": "boolean", "description": "Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.\n" }, "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.\n" }, "user": { "type": "string", "description": "The IAM user's name.\n" } }, "type": "object" } }, "aws:iam/userPolicy:UserPolicy": { "description": "Provides an IAM policy attached to a user.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lbUser = new aws.iam.User(\"lb\", {\n path: \"/system/\",\n});\nconst lbRo = new aws.iam.UserPolicy(\"lb_ro\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n user: lbUser.name,\n});\nconst lbAccessKey = new aws.iam.AccessKey(\"lb\", {\n user: lbUser.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb_user = aws.iam.User(\"lbUser\", path=\"/system/\")\nlb_ro = aws.iam.UserPolicy(\"lbRo\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:Describe*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n\n\"\"\",\n user=lb_user.name)\nlb_access_key = aws.iam.AccessKey(\"lbAccessKey\", user=lb_user.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lbUser = new Aws.Iam.User(\"lbUser\", new Aws.Iam.UserArgs\n {\n Path = \"/system/\",\n });\n var lbRo = new Aws.Iam.UserPolicy(\"lbRo\", new Aws.Iam.UserPolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"ec2:Describe*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\n\",\n User = lbUser.Name,\n });\n var lbAccessKey = new Aws.Iam.AccessKey(\"lbAccessKey\", new Aws.Iam.AccessKeyArgs\n {\n User = lbUser.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlbUser, err := iam.NewUser(ctx, \"lbUser\", \u0026iam.UserArgs{\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserPolicy(ctx, \"lbRo\", \u0026iam.UserPolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"ec2:Describe*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tUser: lbUser.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewAccessKey(ctx, \"lbAccessKey\", \u0026iam.AccessKeyArgs{\n\t\t\tUser: lbUser.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name of the policy. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "user": { "type": "string", "description": "IAM user to which to attach this policy.\n" } }, "required": [ "name", "policy", "user" ], "inputProperties": { "name": { "type": "string", "description": "The name of the policy. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "user": { "type": "string", "description": "IAM user to which to attach this policy.\n" } }, "requiredInputs": [ "policy", "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserPolicy resources.\n", "properties": { "name": { "type": "string", "description": "The name of the policy. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "user": { "type": "string", "description": "IAM user to which to attach this policy.\n" } }, "type": "object" } }, "aws:iam/userPolicyAttachment:UserPolicyAttachment": { "description": "Attaches a Managed IAM Policy to an IAM user\n\n\u003e **NOTE:** The usage of this resource conflicts with the `aws.iam.PolicyAttachment` resource and will permanently show a difference if both are defined.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst user = new aws.iam.User(\"user\", {});\nconst policy = new aws.iam.Policy(\"policy\", {\n description: \"A test policy\",\n policy: \"\", // insert policy here\n});\nconst test_attach = new aws.iam.UserPolicyAttachment(\"test-attach\", {\n policyArn: policy.arn,\n user: user.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser = aws.iam.User(\"user\")\npolicy = aws.iam.Policy(\"policy\",\n description=\"A test policy\",\n policy=\"\")\n# insert policy here\ntest_attach = aws.iam.UserPolicyAttachment(\"test-attach\",\n policy_arn=policy.arn,\n user=user.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var user = new Aws.Iam.User(\"user\", new Aws.Iam.UserArgs\n {\n });\n var policy = new Aws.Iam.Policy(\"policy\", new Aws.Iam.PolicyArgs\n {\n Description = \"A test policy\",\n Policy = \"\",\n });\n // insert policy here\n var test_attach = new Aws.Iam.UserPolicyAttachment(\"test-attach\", new Aws.Iam.UserPolicyAttachmentArgs\n {\n PolicyArn = policy.Arn,\n User = user.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuser, err := iam.NewUser(ctx, \"user\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicy, err := iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tDescription: pulumi.String(\"A test policy\"),\n\t\t\tPolicy: pulumi.String(\"\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserPolicyAttachment(ctx, \"test-attach\", \u0026iam.UserPolicyAttachmentArgs{\n\t\t\tPolicyArn: policy.Arn,\n\t\t\tUser: user.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "user": { "type": "string", "description": "The user the policy should be applied to\n" } }, "required": [ "policyArn", "user" ], "inputProperties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "user": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/user:User" } ], "description": "The user the policy should be applied to\n" } }, "requiredInputs": [ "policyArn", "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserPolicyAttachment resources.\n", "properties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "user": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/user:User" } ], "description": "The user the policy should be applied to\n" } }, "type": "object" } }, "aws:inspector/assessmentTarget:AssessmentTarget": { "description": "Provides a Inspector assessment target\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.inspector.ResourceGroup(\"bar\", {\n tags: {\n Env: \"bar\",\n Name: \"foo\",\n },\n});\nconst foo = new aws.inspector.AssessmentTarget(\"foo\", {\n resourceGroupArn: bar.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.inspector.ResourceGroup(\"bar\", tags={\n \"Env\": \"bar\",\n \"Name\": \"foo\",\n})\nfoo = aws.inspector.AssessmentTarget(\"foo\", resource_group_arn=bar.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bar = new Aws.Inspector.ResourceGroup(\"bar\", new Aws.Inspector.ResourceGroupArgs\n {\n Tags = \n {\n { \"Env\", \"bar\" },\n { \"Name\", \"foo\" },\n },\n });\n var foo = new Aws.Inspector.AssessmentTarget(\"foo\", new Aws.Inspector.AssessmentTargetArgs\n {\n ResourceGroupArn = bar.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/inspector\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbar, err := inspector.NewResourceGroup(ctx, \"bar\", \u0026inspector.ResourceGroupArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Env\": pulumi.String(\"bar\"),\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = inspector.NewAssessmentTarget(ctx, \"foo\", \u0026inspector.AssessmentTargetArgs{\n\t\t\tResourceGroupArn: bar.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The target assessment ARN.\n" }, "name": { "type": "string", "description": "The name of the assessment target.\n" }, "resourceGroupArn": { "type": "string", "description": "Inspector Resource Group Amazon Resource Name (ARN) stating tags for instance matching. If not specified, all EC2 instances in the current AWS account and region are included in the assessment target.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the assessment target.\n" }, "resourceGroupArn": { "type": "string", "description": "Inspector Resource Group Amazon Resource Name (ARN) stating tags for instance matching. If not specified, all EC2 instances in the current AWS account and region are included in the assessment target.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AssessmentTarget resources.\n", "properties": { "arn": { "type": "string", "description": "The target assessment ARN.\n" }, "name": { "type": "string", "description": "The name of the assessment target.\n" }, "resourceGroupArn": { "type": "string", "description": "Inspector Resource Group Amazon Resource Name (ARN) stating tags for instance matching. If not specified, all EC2 instances in the current AWS account and region are included in the assessment target.\n" } }, "type": "object" } }, "aws:inspector/assessmentTemplate:AssessmentTemplate": { "description": "Provides a Inspector assessment template\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.inspector.AssessmentTemplate(\"example\", {\n duration: 3600,\n rulesPackageArns: [\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD\",\n ],\n targetArn: aws_inspector_assessment_target_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.inspector.AssessmentTemplate(\"example\",\n duration=3600,\n rules_package_arns=[\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD\",\n ],\n target_arn=aws_inspector_assessment_target[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Inspector.AssessmentTemplate(\"example\", new Aws.Inspector.AssessmentTemplateArgs\n {\n Duration = 3600,\n RulesPackageArns = \n {\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD\",\n },\n TargetArn = aws_inspector_assessment_target.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/inspector\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = inspector.NewAssessmentTemplate(ctx, \"example\", \u0026inspector.AssessmentTemplateArgs{\n\t\t\tDuration: pulumi.Int(3600),\n\t\t\tRulesPackageArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p\"),\n\t\t\t\tpulumi.String(\"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc\"),\n\t\t\t\tpulumi.String(\"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ\"),\n\t\t\t\tpulumi.String(\"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD\"),\n\t\t\t},\n\t\t\tTargetArn: pulumi.String(aws_inspector_assessment_target.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The template assessment ARN.\n" }, "duration": { "type": "integer", "description": "The duration of the inspector run.\n" }, "name": { "type": "string", "description": "The name of the assessment template.\n" }, "rulesPackageArns": { "type": "array", "items": { "type": "string" }, "description": "The rules to be used during the run.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Inspector assessment template.\n" }, "targetArn": { "type": "string", "description": "The assessment target ARN to attach the template to.\n" } }, "required": [ "arn", "duration", "name", "rulesPackageArns", "targetArn" ], "inputProperties": { "duration": { "type": "integer", "description": "The duration of the inspector run.\n" }, "name": { "type": "string", "description": "The name of the assessment template.\n" }, "rulesPackageArns": { "type": "array", "items": { "type": "string" }, "description": "The rules to be used during the run.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Inspector assessment template.\n" }, "targetArn": { "type": "string", "description": "The assessment target ARN to attach the template to.\n" } }, "requiredInputs": [ "duration", "rulesPackageArns", "targetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering AssessmentTemplate resources.\n", "properties": { "arn": { "type": "string", "description": "The template assessment ARN.\n" }, "duration": { "type": "integer", "description": "The duration of the inspector run.\n" }, "name": { "type": "string", "description": "The name of the assessment template.\n" }, "rulesPackageArns": { "type": "array", "items": { "type": "string" }, "description": "The rules to be used during the run.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Inspector assessment template.\n" }, "targetArn": { "type": "string", "description": "The assessment target ARN to attach the template to.\n" } }, "type": "object" } }, "aws:inspector/resourceGroup:ResourceGroup": { "description": "Provides an Amazon Inspector resource group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.inspector.ResourceGroup(\"example\", {\n tags: {\n Env: \"bar\",\n Name: \"foo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.inspector.ResourceGroup(\"example\", tags={\n \"Env\": \"bar\",\n \"Name\": \"foo\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Inspector.ResourceGroup(\"example\", new Aws.Inspector.ResourceGroupArgs\n {\n Tags = \n {\n { \"Env\", \"bar\" },\n { \"Name\", \"foo\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/inspector\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = inspector.NewResourceGroup(ctx, \"example\", \u0026inspector.ResourceGroupArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Env\": pulumi.String(\"bar\"),\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The resource group ARN.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags that are used to select the EC2 instances to be included in an `Amazon Inspector assessment target` resource.\n" } }, "required": [ "arn", "tags" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags that are used to select the EC2 instances to be included in an `Amazon Inspector assessment target` resource.\n" } }, "requiredInputs": [ "tags" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The resource group ARN.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags that are used to select the EC2 instances to be included in an `Amazon Inspector assessment target` resource.\n" } }, "type": "object" } }, "aws:iot/certificate:Certificate": { "description": "Creates and manages an AWS IoT certificate.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Without CSR\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cert = new aws.iot.Certificate(\"cert\", {\n active: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncert = aws.iot.Certificate(\"cert\", active=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var cert = new Aws.Iot.Certificate(\"cert\", new Aws.Iot.CertificateArgs\n {\n Active = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iot.NewCertificate(ctx, \"cert\", \u0026iot.CertificateArgs{\n\t\t\tActive: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "active": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active\n" }, "arn": { "type": "string", "description": "The ARN of the created certificate.\n" }, "certificatePem": { "type": "string", "description": "The certificate data, in PEM format.\n" }, "csr": { "type": "string", "description": "The certificate signing request. Review\n[CreateCertificateFromCsr](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateFromCsr.html)\nfor more information on generating a certificate from a certificate signing request (CSR).\nIf none is specified both the certificate and keys will be generated, review [CreateKeysAndCertificate](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateKeysAndCertificate.html)\nfor more information on generating keys and a certificate.\n" }, "privateKey": { "type": "string", "description": "When no CSR is provided, the private key.\n" }, "publicKey": { "type": "string", "description": "When no CSR is provided, the public key.\n" } }, "required": [ "active", "arn", "certificatePem", "privateKey", "publicKey" ], "inputProperties": { "active": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active\n" }, "csr": { "type": "string", "description": "The certificate signing request. Review\n[CreateCertificateFromCsr](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateFromCsr.html)\nfor more information on generating a certificate from a certificate signing request (CSR).\nIf none is specified both the certificate and keys will be generated, review [CreateKeysAndCertificate](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateKeysAndCertificate.html)\nfor more information on generating keys and a certificate.\n" } }, "requiredInputs": [ "active" ], "stateInputs": { "description": "Input properties used for looking up and filtering Certificate resources.\n", "properties": { "active": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active\n" }, "arn": { "type": "string", "description": "The ARN of the created certificate.\n" }, "certificatePem": { "type": "string", "description": "The certificate data, in PEM format.\n" }, "csr": { "type": "string", "description": "The certificate signing request. Review\n[CreateCertificateFromCsr](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateFromCsr.html)\nfor more information on generating a certificate from a certificate signing request (CSR).\nIf none is specified both the certificate and keys will be generated, review [CreateKeysAndCertificate](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateKeysAndCertificate.html)\nfor more information on generating keys and a certificate.\n" }, "privateKey": { "type": "string", "description": "When no CSR is provided, the private key.\n" }, "publicKey": { "type": "string", "description": "When no CSR is provided, the public key.\n" } }, "type": "object" } }, "aws:iot/policy:Policy": { "description": "Provides an IoT policy.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pubsub = new aws.iot.Policy(\"pubsub\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"iot:*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npubsub = aws.iot.Policy(\"pubsub\", policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"iot:*\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\"\n }\n ]\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var pubsub = new Aws.Iot.Policy(\"pubsub\", new Aws.Iot.PolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"iot:*\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iot.NewPolicy(ctx, \"pubsub\", \u0026iot.PolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"iot:*\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to this policy.\n" }, "defaultVersionId": { "type": "string", "description": "The default version of this policy.\n" }, "name": { "type": "string", "description": "The name of the policy.\n" }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string. Use the [IoT Developer Guide](http://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) for more information on IoT Policies.\n", "language": { "csharp": { "name": "PolicyDocument" } } } }, "required": [ "arn", "defaultVersionId", "name", "policy" ], "inputProperties": { "name": { "type": "string", "description": "The name of the policy.\n" }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string. Use the [IoT Developer Guide](http://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) for more information on IoT Policies.\n", "language": { "csharp": { "name": "PolicyDocument" } } } }, "requiredInputs": [ "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to this policy.\n" }, "defaultVersionId": { "type": "string", "description": "The default version of this policy.\n" }, "name": { "type": "string", "description": "The name of the policy.\n" }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string. Use the [IoT Developer Guide](http://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) for more information on IoT Policies.\n", "language": { "csharp": { "name": "PolicyDocument" } } } }, "type": "object" } }, "aws:iot/policyAttachment:PolicyAttachment": { "description": "Provides an IoT policy attachment.\n", "properties": { "policy": { "type": "string", "description": "The name of the policy to attach.\n" }, "target": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The identity to which the policy is attached.\n" } }, "required": [ "policy", "target" ], "inputProperties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iot/policy:Policy" } ], "description": "The name of the policy to attach.\n" }, "target": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The identity to which the policy is attached.\n" } }, "requiredInputs": [ "policy", "target" ], "stateInputs": { "description": "Input properties used for looking up and filtering PolicyAttachment resources.\n", "properties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iot/policy:Policy" } ], "description": "The name of the policy to attach.\n" }, "target": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The identity to which the policy is attached.\n" } }, "type": "object" } }, "aws:iot/roleAlias:RoleAlias": { "description": "Provides an IoT role alias.\n", "properties": { "alias": { "type": "string", "description": "The name of the role alias.\n" }, "arn": { "type": "string", "description": "The ARN assigned by AWS to this role alias.\n" }, "credentialDuration": { "type": "integer", "description": "The duration of the credential, in seconds. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 900 seconds (15 minutes) to 3600 seconds (60 minutes).\n" }, "roleArn": { "type": "string", "description": "The identity of the role to which the alias refers.\n" } }, "required": [ "alias", "arn", "roleArn" ], "inputProperties": { "alias": { "type": "string", "description": "The name of the role alias.\n" }, "credentialDuration": { "type": "integer", "description": "The duration of the credential, in seconds. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 900 seconds (15 minutes) to 3600 seconds (60 minutes).\n" }, "roleArn": { "type": "string", "description": "The identity of the role to which the alias refers.\n" } }, "requiredInputs": [ "alias", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering RoleAlias resources.\n", "properties": { "alias": { "type": "string", "description": "The name of the role alias.\n" }, "arn": { "type": "string", "description": "The ARN assigned by AWS to this role alias.\n" }, "credentialDuration": { "type": "integer", "description": "The duration of the credential, in seconds. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 900 seconds (15 minutes) to 3600 seconds (60 minutes).\n" }, "roleArn": { "type": "string", "description": "The identity of the role to which the alias refers.\n" } }, "type": "object" } }, "aws:iot/thing:Thing": { "description": "Creates and manages an AWS IoT Thing.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iot.Thing(\"example\", {\n attributes: {\n First: \"examplevalue\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iot.Thing(\"example\", attributes={\n \"First\": \"examplevalue\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Iot.Thing(\"example\", new Aws.Iot.ThingArgs\n {\n Attributes = \n {\n { \"First\", \"examplevalue\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iot.NewThing(ctx, \"example\", \u0026iot.ThingArgs{\n\t\t\tAttributes: pulumi.Map{\n\t\t\t\t\"First\": pulumi.String(\"examplevalue\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the thing.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of attributes of the thing.\n" }, "defaultClientId": { "type": "string", "description": "The default client ID.\n" }, "name": { "type": "string", "description": "The name of the thing.\n" }, "thingTypeName": { "type": "string", "description": "The thing type name.\n" }, "version": { "type": "integer", "description": "The current version of the thing record in the registry.\n" } }, "required": [ "arn", "defaultClientId", "name", "version" ], "inputProperties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of attributes of the thing.\n" }, "name": { "type": "string", "description": "The name of the thing.\n" }, "thingTypeName": { "type": "string", "description": "The thing type name.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Thing resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the thing.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of attributes of the thing.\n" }, "defaultClientId": { "type": "string", "description": "The default client ID.\n" }, "name": { "type": "string", "description": "The name of the thing.\n" }, "thingTypeName": { "type": "string", "description": "The thing type name.\n" }, "version": { "type": "integer", "description": "The current version of the thing record in the registry.\n" } }, "type": "object" } }, "aws:iot/thingPrincipalAttachment:ThingPrincipalAttachment": { "description": "Attaches Principal to AWS IoT Thing.\n", "properties": { "principal": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The AWS IoT Certificate ARN or Amazon Cognito Identity ID.\n" }, "thing": { "type": "string", "description": "The name of the thing.\n" } }, "required": [ "principal", "thing" ], "inputProperties": { "principal": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The AWS IoT Certificate ARN or Amazon Cognito Identity ID.\n" }, "thing": { "type": "string", "description": "The name of the thing.\n" } }, "requiredInputs": [ "principal", "thing" ], "stateInputs": { "description": "Input properties used for looking up and filtering ThingPrincipalAttachment resources.\n", "properties": { "principal": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The AWS IoT Certificate ARN or Amazon Cognito Identity ID.\n" }, "thing": { "type": "string", "description": "The name of the thing.\n" } }, "type": "object" } }, "aws:iot/thingType:ThingType": { "description": "Creates and manages an AWS IoT Thing Type.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.iot.ThingType(\"foo\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.iot.ThingType(\"foo\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Iot.ThingType(\"foo\", new Aws.Iot.ThingTypeArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = iot.NewThingType(ctx, \"foo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the created AWS IoT Thing Type.\n" }, "deprecated": { "type": "boolean", "description": "Whether the thing type is deprecated. If true, no new things could be associated with this type.\n" }, "name": { "type": "string", "description": "The name of the thing type.\n" }, "properties": { "$ref": "#/types/aws:iot/ThingTypeProperties:ThingTypeProperties", "description": ", Configuration block that can contain the following properties of the thing type:\n" } }, "required": [ "arn", "name" ], "inputProperties": { "deprecated": { "type": "boolean", "description": "Whether the thing type is deprecated. If true, no new things could be associated with this type.\n" }, "name": { "type": "string", "description": "The name of the thing type.\n" }, "properties": { "$ref": "#/types/aws:iot/ThingTypeProperties:ThingTypeProperties", "description": ", Configuration block that can contain the following properties of the thing type:\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ThingType resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the created AWS IoT Thing Type.\n" }, "deprecated": { "type": "boolean", "description": "Whether the thing type is deprecated. If true, no new things could be associated with this type.\n" }, "name": { "type": "string", "description": "The name of the thing type.\n" }, "properties": { "$ref": "#/types/aws:iot/ThingTypeProperties:ThingTypeProperties", "description": ", Configuration block that can contain the following properties of the thing type:\n" } }, "type": "object" } }, "aws:iot/topicRule:TopicRule": { "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mytopic = new aws.sns.Topic(\"mytopic\", {});\nconst myerrortopic = new aws.sns.Topic(\"myerrortopic\", {});\nconst role = new aws.iam.Role(\"role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"iot.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n`,\n});\nconst rule = new aws.iot.TopicRule(\"rule\", {\n description: \"Example rule\",\n enabled: true,\n errorAction: {\n sns: {\n messageFormat: \"RAW\",\n roleArn: role.arn,\n targetArn: myerrortopic.arn,\n },\n },\n sns: {\n messageFormat: \"RAW\",\n roleArn: role.arn,\n targetArn: mytopic.arn,\n },\n sql: \"SELECT * FROM 'topic/test'\",\n sqlVersion: \"2016-03-23\",\n});\nconst iamPolicyForLambda = new aws.iam.RolePolicy(\"iam_policy_for_lambda\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sns:Publish\"\n ],\n \"Resource\": \"${mytopic.arn}\"\n }\n ]\n}\n`,\n role: role.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmytopic = aws.sns.Topic(\"mytopic\")\nmyerrortopic = aws.sns.Topic(\"myerrortopic\")\nrole = aws.iam.Role(\"role\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"iot.amazonaws.com\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}\n\n\"\"\")\nrule = aws.iot.TopicRule(\"rule\",\n description=\"Example rule\",\n enabled=True,\n error_action={\n \"sns\": {\n \"messageFormat\": \"RAW\",\n \"role_arn\": role.arn,\n \"target_arn\": myerrortopic.arn,\n },\n },\n sns={\n \"sns\": \"RAW\",\n \"sns\": role.arn,\n \"sns\": mytopic.arn,\n },\n sql=\"SELECT * FROM 'topic/test'\",\n sql_version=\"2016-03-23\")\niam_policy_for_lambda = aws.iam.RolePolicy(\"iamPolicyForLambda\",\n policy=mytopic.arn.apply(lambda arn: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sns:Publish\"\n ],\n \"Resource\": \"{arn}\"\n }}\n ]\n}}\n\n\"\"\"),\n role=role.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mytopic = new Aws.Sns.Topic(\"mytopic\", new Aws.Sns.TopicArgs\n {\n });\n var myerrortopic = new Aws.Sns.Topic(\"myerrortopic\", new Aws.Sns.TopicArgs\n {\n });\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"iot.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"sts:AssumeRole\"\"\n }\n ]\n}\n\n\",\n });\n var rule = new Aws.Iot.TopicRule(\"rule\", new Aws.Iot.TopicRuleArgs\n {\n Description = \"Example rule\",\n Enabled = true,\n ErrorAction = new Aws.Iot.Inputs.TopicRuleErrorActionArgs\n {\n Sns = new Aws.Iot.Inputs.TopicRuleErrorActionSnsArgs\n {\n MessageFormat = \"RAW\",\n RoleArn = role.Arn,\n TargetArn = myerrortopic.Arn,\n },\n },\n Sns = new Aws.Iot.Inputs.TopicRuleSnsArgs\n {\n Sns = \"RAW\",\n Sns = role.Arn,\n Sns = mytopic.Arn,\n },\n Sql = \"SELECT * FROM 'topic/test'\",\n SqlVersion = \"2016-03-23\",\n });\n var iamPolicyForLambda = new Aws.Iam.RolePolicy(\"iamPolicyForLambda\", new Aws.Iam.RolePolicyArgs\n {\n Policy = mytopic.Arn.Apply(arn =\u003e @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"sns:Publish\"\"\n ],\n \"\"Resource\"\": \"\"{arn}\"\"\n }}\n ]\n}}\n\n\"),\n Role = role.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iot\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmytopic, err := sns.NewTopic(ctx, \"mytopic\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyerrortopic, err := sns.NewTopic(ctx, \"myerrortopic\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"iot.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewTopicRule(ctx, \"rule\", \u0026iot.TopicRuleArgs{\n\t\t\tDescription: pulumi.String(\"Example rule\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tErrorAction: \u0026iot.TopicRuleErrorActionArgs{\n\t\t\t\tSns: \u0026iot.TopicRuleErrorActionSnsArgs{\n\t\t\t\t\tMessageFormat: pulumi.String(\"RAW\"),\n\t\t\t\t\tRoleArn: role.Arn,\n\t\t\t\t\tTargetArn: myerrortopic.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t\tSns: \u0026iot.TopicRuleSnsArgs{\n\t\t\t\tSns: pulumi.String(\"RAW\"),\n\t\t\t\tSns: role.Arn,\n\t\t\t\tSns: mytopic.Arn,\n\t\t\t},\n\t\t\tSql: pulumi.String(\"SELECT * FROM 'topic/test'\"),\n\t\t\tSqlVersion: pulumi.String(\"2016-03-23\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"iamPolicyForLambda\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: mytopic.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Action\\\": [\\n\", \" \\\"sns:Publish\\\"\\n\", \" ],\\n\", \" \\\"Resource\\\": \\\"\", arn, \"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRole: role.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the topic rule\n" }, "cloudwatchAlarm": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchAlarm:TopicRuleCloudwatchAlarm" }, "cloudwatchMetric": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchMetric:TopicRuleCloudwatchMetric" }, "description": { "type": "string", "description": "The description of the rule.\n" }, "dynamodb": { "$ref": "#/types/aws:iot/TopicRuleDynamodb:TopicRuleDynamodb" }, "dynamodbv2s": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleDynamodbv2:TopicRuleDynamodbv2" } }, "elasticsearch": { "$ref": "#/types/aws:iot/TopicRuleElasticsearch:TopicRuleElasticsearch" }, "enabled": { "type": "boolean", "description": "Specifies whether the rule is enabled.\n" }, "errorAction": { "$ref": "#/types/aws:iot/TopicRuleErrorAction:TopicRuleErrorAction", "description": "Configuration block with error action to be associated with the rule. See the documentation for `cloudwatch_alarm`, `cloudwatch_metric`, `dynamodb`, `dynamodbv2`, `elasticsearch`, `firehose`, `iot_analytics`, `iot_events`, `kinesis`, `lambda`, `republish`, `s3`, `step_functions`, `sns`, `sqs` configuration blocks for further configuration details.\n" }, "firehose": { "$ref": "#/types/aws:iot/TopicRuleFirehose:TopicRuleFirehose" }, "iotAnalytics": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotAnalytic:TopicRuleIotAnalytic" } }, "iotEvents": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotEvent:TopicRuleIotEvent" } }, "kinesis": { "$ref": "#/types/aws:iot/TopicRuleKinesis:TopicRuleKinesis" }, "lambda": { "$ref": "#/types/aws:iot/TopicRuleLambda:TopicRuleLambda" }, "name": { "type": "string", "description": "The name of the rule.\n" }, "republish": { "$ref": "#/types/aws:iot/TopicRuleRepublish:TopicRuleRepublish" }, "s3": { "$ref": "#/types/aws:iot/TopicRuleS3:TopicRuleS3" }, "sns": { "$ref": "#/types/aws:iot/TopicRuleSns:TopicRuleSns" }, "sql": { "type": "string", "description": "The SQL statement used to query the topic. For more information, see AWS IoT SQL Reference (http://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference) in the AWS IoT Developer Guide.\n" }, "sqlVersion": { "type": "string", "description": "The version of the SQL rules engine to use when evaluating the rule.\n" }, "sqs": { "$ref": "#/types/aws:iot/TopicRuleSqs:TopicRuleSqs" }, "stepFunctions": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleStepFunction:TopicRuleStepFunction" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "enabled", "name", "sql", "sqlVersion" ], "inputProperties": { "cloudwatchAlarm": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchAlarm:TopicRuleCloudwatchAlarm" }, "cloudwatchMetric": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchMetric:TopicRuleCloudwatchMetric" }, "description": { "type": "string", "description": "The description of the rule.\n" }, "dynamodb": { "$ref": "#/types/aws:iot/TopicRuleDynamodb:TopicRuleDynamodb" }, "dynamodbv2s": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleDynamodbv2:TopicRuleDynamodbv2" } }, "elasticsearch": { "$ref": "#/types/aws:iot/TopicRuleElasticsearch:TopicRuleElasticsearch" }, "enabled": { "type": "boolean", "description": "Specifies whether the rule is enabled.\n" }, "errorAction": { "$ref": "#/types/aws:iot/TopicRuleErrorAction:TopicRuleErrorAction", "description": "Configuration block with error action to be associated with the rule. See the documentation for `cloudwatch_alarm`, `cloudwatch_metric`, `dynamodb`, `dynamodbv2`, `elasticsearch`, `firehose`, `iot_analytics`, `iot_events`, `kinesis`, `lambda`, `republish`, `s3`, `step_functions`, `sns`, `sqs` configuration blocks for further configuration details.\n" }, "firehose": { "$ref": "#/types/aws:iot/TopicRuleFirehose:TopicRuleFirehose" }, "iotAnalytics": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotAnalytic:TopicRuleIotAnalytic" } }, "iotEvents": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotEvent:TopicRuleIotEvent" } }, "kinesis": { "$ref": "#/types/aws:iot/TopicRuleKinesis:TopicRuleKinesis" }, "lambda": { "$ref": "#/types/aws:iot/TopicRuleLambda:TopicRuleLambda" }, "name": { "type": "string", "description": "The name of the rule.\n" }, "republish": { "$ref": "#/types/aws:iot/TopicRuleRepublish:TopicRuleRepublish" }, "s3": { "$ref": "#/types/aws:iot/TopicRuleS3:TopicRuleS3" }, "sns": { "$ref": "#/types/aws:iot/TopicRuleSns:TopicRuleSns" }, "sql": { "type": "string", "description": "The SQL statement used to query the topic. For more information, see AWS IoT SQL Reference (http://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference) in the AWS IoT Developer Guide.\n" }, "sqlVersion": { "type": "string", "description": "The version of the SQL rules engine to use when evaluating the rule.\n" }, "sqs": { "$ref": "#/types/aws:iot/TopicRuleSqs:TopicRuleSqs" }, "stepFunctions": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleStepFunction:TopicRuleStepFunction" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "enabled", "sql", "sqlVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering TopicRule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the topic rule\n" }, "cloudwatchAlarm": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchAlarm:TopicRuleCloudwatchAlarm" }, "cloudwatchMetric": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchMetric:TopicRuleCloudwatchMetric" }, "description": { "type": "string", "description": "The description of the rule.\n" }, "dynamodb": { "$ref": "#/types/aws:iot/TopicRuleDynamodb:TopicRuleDynamodb" }, "dynamodbv2s": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleDynamodbv2:TopicRuleDynamodbv2" } }, "elasticsearch": { "$ref": "#/types/aws:iot/TopicRuleElasticsearch:TopicRuleElasticsearch" }, "enabled": { "type": "boolean", "description": "Specifies whether the rule is enabled.\n" }, "errorAction": { "$ref": "#/types/aws:iot/TopicRuleErrorAction:TopicRuleErrorAction", "description": "Configuration block with error action to be associated with the rule. See the documentation for `cloudwatch_alarm`, `cloudwatch_metric`, `dynamodb`, `dynamodbv2`, `elasticsearch`, `firehose`, `iot_analytics`, `iot_events`, `kinesis`, `lambda`, `republish`, `s3`, `step_functions`, `sns`, `sqs` configuration blocks for further configuration details.\n" }, "firehose": { "$ref": "#/types/aws:iot/TopicRuleFirehose:TopicRuleFirehose" }, "iotAnalytics": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotAnalytic:TopicRuleIotAnalytic" } }, "iotEvents": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotEvent:TopicRuleIotEvent" } }, "kinesis": { "$ref": "#/types/aws:iot/TopicRuleKinesis:TopicRuleKinesis" }, "lambda": { "$ref": "#/types/aws:iot/TopicRuleLambda:TopicRuleLambda" }, "name": { "type": "string", "description": "The name of the rule.\n" }, "republish": { "$ref": "#/types/aws:iot/TopicRuleRepublish:TopicRuleRepublish" }, "s3": { "$ref": "#/types/aws:iot/TopicRuleS3:TopicRuleS3" }, "sns": { "$ref": "#/types/aws:iot/TopicRuleSns:TopicRuleSns" }, "sql": { "type": "string", "description": "The SQL statement used to query the topic. For more information, see AWS IoT SQL Reference (http://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference) in the AWS IoT Developer Guide.\n" }, "sqlVersion": { "type": "string", "description": "The version of the SQL rules engine to use when evaluating the rule.\n" }, "sqs": { "$ref": "#/types/aws:iot/TopicRuleSqs:TopicRuleSqs" }, "stepFunctions": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleStepFunction:TopicRuleStepFunction" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:kinesis/analyticsApplication:AnalyticsApplication": { "description": "Provides a Kinesis Analytics Application resource. Kinesis Analytics is a managed service that\nallows processing and analyzing streaming data using standard SQL.\n\nFor more details, see the [Amazon Kinesis Analytics Documentation](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/what-is.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.Stream(\"test_stream\", {\n shardCount: 1,\n});\nconst testApplication = new aws.kinesis.AnalyticsApplication(\"test_application\", {\n inputs: {\n kinesisStream: {\n resourceArn: testStream.arn,\n roleArn: aws_iam_role_test.arn,\n },\n namePrefix: \"test_prefix\",\n parallelism: {\n count: 1,\n },\n schema: {\n recordColumns: [{\n mapping: \"$.test\",\n name: \"test\",\n sqlType: \"VARCHAR(8)\",\n }],\n recordEncoding: \"UTF-8\",\n recordFormat: {\n mappingParameters: {\n json: {\n recordRowPath: \"$\",\n },\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.Stream(\"testStream\", shard_count=1)\ntest_application = aws.kinesis.AnalyticsApplication(\"testApplication\", inputs={\n \"kinesisStream\": {\n \"resource_arn\": test_stream.arn,\n \"role_arn\": aws_iam_role[\"test\"][\"arn\"],\n },\n \"name_prefix\": \"test_prefix\",\n \"parallelism\": {\n \"count\": 1,\n },\n \"schema\": {\n \"recordColumns\": [{\n \"mapping\": \"$.test\",\n \"name\": \"test\",\n \"sqlType\": \"VARCHAR(8)\",\n }],\n \"recordEncoding\": \"UTF-8\",\n \"recordFormat\": {\n \"mappingParameters\": {\n \"json\": {\n \"recordRowPath\": \"$\",\n },\n },\n },\n },\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testStream = new Aws.Kinesis.Stream(\"testStream\", new Aws.Kinesis.StreamArgs\n {\n ShardCount = 1,\n });\n var testApplication = new Aws.Kinesis.AnalyticsApplication(\"testApplication\", new Aws.Kinesis.AnalyticsApplicationArgs\n {\n Inputs = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsArgs\n {\n KinesisStream = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsKinesisStreamArgs\n {\n ResourceArn = testStream.Arn,\n RoleArn = aws_iam_role.Test.Arn,\n },\n NamePrefix = \"test_prefix\",\n Parallelism = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsParallelismArgs\n {\n Count = 1,\n },\n Schema = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaArgs\n {\n RecordColumns = \n {\n new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordColumnArgs\n {\n Mapping = \"$.test\",\n Name = \"test\",\n SqlType = \"VARCHAR(8)\",\n },\n },\n RecordEncoding = \"UTF-8\",\n RecordFormat = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordFormatArgs\n {\n MappingParameters = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersArgs\n {\n Json = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJsonArgs\n {\n RecordRowPath = \"$\",\n },\n },\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestStream, err := kinesis.NewStream(ctx, \"testStream\", \u0026kinesis.StreamArgs{\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewAnalyticsApplication(ctx, \"testApplication\", \u0026kinesis.AnalyticsApplicationArgs{\n\t\t\tInputs: \u0026kinesis.AnalyticsApplicationInputsArgs{\n\t\t\t\tKinesisStream: \u0026kinesis.AnalyticsApplicationInputsKinesisStreamArgs{\n\t\t\t\t\tResourceArn: testStream.Arn,\n\t\t\t\t\tRoleArn: pulumi.String(aws_iam_role.Test.Arn),\n\t\t\t\t},\n\t\t\t\tNamePrefix: pulumi.String(\"test_prefix\"),\n\t\t\t\tParallelism: \u0026kinesis.AnalyticsApplicationInputsParallelismArgs{\n\t\t\t\t\tCount: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t\tSchema: \u0026kinesis.AnalyticsApplicationInputsSchemaArgs{\n\t\t\t\t\tRecordColumns: kinesis.AnalyticsApplicationInputsSchemaRecordColumnArray{\n\t\t\t\t\t\t\u0026kinesis.AnalyticsApplicationInputsSchemaRecordColumnArgs{\n\t\t\t\t\t\t\tMapping: pulumi.String(fmt.Sprintf(\"%v%v\", \"$\", \".test\")),\n\t\t\t\t\t\t\tName: pulumi.String(\"test\"),\n\t\t\t\t\t\t\tSqlType: pulumi.String(\"VARCHAR(8)\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tRecordEncoding: pulumi.String(\"UTF-8\"),\n\t\t\t\t\tRecordFormat: \u0026kinesis.AnalyticsApplicationInputsSchemaRecordFormatArgs{\n\t\t\t\t\t\tMappingParameters: \u0026kinesis.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersArgs{\n\t\t\t\t\t\t\tJson: \u0026kinesis.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJsonArgs{\n\t\t\t\t\t\t\t\tRecordRowPath: pulumi.String(\"$\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the Kinesis Analytics Appliation.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationCloudwatchLoggingOptions:AnalyticsApplicationCloudwatchLoggingOptions", "description": "The CloudWatch log stream options to monitor application errors.\nSee CloudWatch Logging Options below for more details.\n" }, "code": { "type": "string", "description": "SQL Code to transform input data, and generate output.\n" }, "createTimestamp": { "type": "string", "description": "The Timestamp when the application version was created.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "inputs": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputs:AnalyticsApplicationInputs", "description": "Input configuration of the application. See Inputs below for more details.\n" }, "lastUpdateTimestamp": { "type": "string", "description": "The Timestamp when the application was last updated.\n" }, "name": { "type": "string", "description": "Name of the Kinesis Analytics Application.\n" }, "outputs": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutput:AnalyticsApplicationOutput" }, "description": "Output destination configuration of the application. See Outputs below for more details.\n" }, "referenceDataSources": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSources:AnalyticsApplicationReferenceDataSources", "description": "An S3 Reference Data Source for the application.\nSee Reference Data Sources below for more details.\n" }, "status": { "type": "string", "description": "The Status of the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Kinesis Analytics Application.\n" }, "version": { "type": "integer", "description": "The Version of the application.\n" } }, "required": [ "arn", "createTimestamp", "lastUpdateTimestamp", "name", "status", "version" ], "inputProperties": { "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationCloudwatchLoggingOptions:AnalyticsApplicationCloudwatchLoggingOptions", "description": "The CloudWatch log stream options to monitor application errors.\nSee CloudWatch Logging Options below for more details.\n" }, "code": { "type": "string", "description": "SQL Code to transform input data, and generate output.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "inputs": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputs:AnalyticsApplicationInputs", "description": "Input configuration of the application. See Inputs below for more details.\n" }, "name": { "type": "string", "description": "Name of the Kinesis Analytics Application.\n" }, "outputs": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutput:AnalyticsApplicationOutput" }, "description": "Output destination configuration of the application. See Outputs below for more details.\n" }, "referenceDataSources": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSources:AnalyticsApplicationReferenceDataSources", "description": "An S3 Reference Data Source for the application.\nSee Reference Data Sources below for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Kinesis Analytics Application.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AnalyticsApplication resources.\n", "properties": { "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the Kinesis Analytics Appliation.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationCloudwatchLoggingOptions:AnalyticsApplicationCloudwatchLoggingOptions", "description": "The CloudWatch log stream options to monitor application errors.\nSee CloudWatch Logging Options below for more details.\n" }, "code": { "type": "string", "description": "SQL Code to transform input data, and generate output.\n" }, "createTimestamp": { "type": "string", "description": "The Timestamp when the application version was created.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "inputs": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputs:AnalyticsApplicationInputs", "description": "Input configuration of the application. See Inputs below for more details.\n" }, "lastUpdateTimestamp": { "type": "string", "description": "The Timestamp when the application was last updated.\n" }, "name": { "type": "string", "description": "Name of the Kinesis Analytics Application.\n" }, "outputs": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutput:AnalyticsApplicationOutput" }, "description": "Output destination configuration of the application. See Outputs below for more details.\n" }, "referenceDataSources": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSources:AnalyticsApplicationReferenceDataSources", "description": "An S3 Reference Data Source for the application.\nSee Reference Data Sources below for more details.\n" }, "status": { "type": "string", "description": "The Status of the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Kinesis Analytics Application.\n" }, "version": { "type": "integer", "description": "The Version of the application.\n" } }, "type": "object" } }, "aws:kinesis/firehoseDeliveryStream:FirehoseDeliveryStream": { "description": "Provides a Kinesis Firehose Delivery Stream resource. Amazon Kinesis Firehose is a fully managed, elastic service to easily deliver real-time data streams to destinations such as Amazon S3 and Amazon Redshift.\n\nFor more details, see the [Amazon Kinesis Firehose Documentation](https://aws.amazon.com/documentation/firehose/).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### S3 Destination\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"bucket\", {\n acl: \"private\",\n});\nconst firehoseRole = new aws.iam.Role(\"firehose_role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"firehose.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n destination: \"s3\",\n s3Configuration: {\n bucketArn: bucket.arn,\n roleArn: firehoseRole.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\", acl=\"private\")\nfirehose_role = aws.iam.Role(\"firehoseRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"firehose.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"testStream\",\n destination=\"s3\",\n s3_configuration={\n \"bucketArn\": bucket.arn,\n \"role_arn\": firehose_role.arn,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n });\n var firehoseRole = new Aws.Iam.Role(\"firehoseRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"firehose.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"testStream\", new Aws.Kinesis.FirehoseDeliveryStreamArgs\n {\n Destination = \"s3\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamS3ConfigurationArgs\n {\n BucketArn = bucket.Arn,\n RoleArn = firehoseRole.Arn,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseRole, err := iam.NewRole(ctx, \"firehoseRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"firehose.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"testStream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tDestination: pulumi.String(\"s3\"),\n\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamS3ConfigurationArgs{\n\t\t\t\tBucketArn: bucket.Arn,\n\t\t\t\tRoleArn: firehoseRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Redshift Destination\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.redshift.Cluster(\"test_cluster\", {\n clusterIdentifier: \"tf-redshift-cluster-%d\",\n clusterType: \"single-node\",\n databaseName: \"test\",\n masterPassword: \"T3stPass\",\n masterUsername: \"testuser\",\n nodeType: \"dc1.large\",\n});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n destination: \"redshift\",\n redshiftConfiguration: {\n clusterJdbcurl: pulumi.interpolate`jdbc:redshift://${testCluster.endpoint}/${testCluster.databaseName}`,\n copyOptions: \"delimiter '|'\", // the default delimiter\n dataTableColumns: \"test-col\",\n dataTableName: \"test-table\",\n password: \"T3stPass\",\n roleArn: aws_iam_role_firehose_role.arn,\n s3BackupConfiguration: {\n bucketArn: aws_s3_bucket_bucket.arn,\n bufferInterval: 300,\n bufferSize: 15,\n compressionFormat: \"GZIP\",\n roleArn: aws_iam_role_firehose_role.arn,\n },\n s3BackupMode: \"Enabled\",\n username: \"testuser\",\n },\n s3Configuration: {\n bucketArn: aws_s3_bucket_bucket.arn,\n bufferInterval: 400,\n bufferSize: 10,\n compressionFormat: \"GZIP\",\n roleArn: aws_iam_role_firehose_role.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.redshift.Cluster(\"testCluster\",\n cluster_identifier=\"tf-redshift-cluster-%d\",\n cluster_type=\"single-node\",\n database_name=\"test\",\n master_password=\"T3stPass\",\n master_username=\"testuser\",\n node_type=\"dc1.large\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"testStream\",\n destination=\"redshift\",\n redshift_configuration={\n \"clusterJdbcurl\": pulumi.Output.all(test_cluster.endpoint, test_cluster.database_name).apply(lambda endpoint, database_name: f\"jdbc:redshift://{endpoint}/{database_name}\"),\n \"copyOptions\": \"delimiter '|'\",\n \"dataTableColumns\": \"test-col\",\n \"dataTableName\": \"test-table\",\n \"password\": \"T3stPass\",\n \"role_arn\": aws_iam_role[\"firehose_role\"][\"arn\"],\n \"s3BackupConfiguration\": {\n \"bucketArn\": aws_s3_bucket[\"bucket\"][\"arn\"],\n \"bufferInterval\": 300,\n \"bufferSize\": 15,\n \"compressionFormat\": \"GZIP\",\n \"role_arn\": aws_iam_role[\"firehose_role\"][\"arn\"],\n },\n \"s3BackupMode\": \"Enabled\",\n \"username\": \"testuser\",\n },\n s3_configuration={\n \"bucketArn\": aws_s3_bucket[\"bucket\"][\"arn\"],\n \"bufferInterval\": 400,\n \"bufferSize\": 10,\n \"compressionFormat\": \"GZIP\",\n \"role_arn\": aws_iam_role[\"firehose_role\"][\"arn\"],\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testCluster = new Aws.RedShift.Cluster(\"testCluster\", new Aws.RedShift.ClusterArgs\n {\n ClusterIdentifier = \"tf-redshift-cluster-%d\",\n ClusterType = \"single-node\",\n DatabaseName = \"test\",\n MasterPassword = \"T3stPass\",\n MasterUsername = \"testuser\",\n NodeType = \"dc1.large\",\n });\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"testStream\", new Aws.Kinesis.FirehoseDeliveryStreamArgs\n {\n Destination = \"redshift\",\n RedshiftConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationArgs\n {\n ClusterJdbcurl = Output.Tuple(testCluster.Endpoint, testCluster.DatabaseName).Apply(values =\u003e\n {\n var endpoint = values.Item1;\n var databaseName = values.Item2;\n return $\"jdbc:redshift://{endpoint}/{databaseName}\";\n }),\n CopyOptions = \"delimiter '|'\",\n DataTableColumns = \"test-col\",\n DataTableName = \"test-table\",\n Password = \"T3stPass\",\n RoleArn = aws_iam_role.Firehose_role.Arn,\n S3BackupConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs\n {\n BucketArn = aws_s3_bucket.Bucket.Arn,\n BufferInterval = 300,\n BufferSize = 15,\n CompressionFormat = \"GZIP\",\n RoleArn = aws_iam_role.Firehose_role.Arn,\n },\n S3BackupMode = \"Enabled\",\n Username = \"testuser\",\n },\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamS3ConfigurationArgs\n {\n BucketArn = aws_s3_bucket.Bucket.Arn,\n BufferInterval = 400,\n BufferSize = 10,\n CompressionFormat = \"GZIP\",\n RoleArn = aws_iam_role.Firehose_role.Arn,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := redshift.NewCluster(ctx, \"testCluster\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(fmt.Sprintf(\"%v%v%v\", \"tf-redshift-cluster-\", \"%\", \"d\")),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t\tDatabaseName: pulumi.String(\"test\"),\n\t\t\tMasterPassword: pulumi.String(\"T3stPass\"),\n\t\t\tMasterUsername: pulumi.String(\"testuser\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"testStream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tDestination: pulumi.String(\"redshift\"),\n\t\t\tRedshiftConfiguration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationArgs{\n\t\t\t\tClusterJdbcurl: pulumi.All(testCluster.Endpoint, testCluster.DatabaseName).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\tendpoint := _args[0].(string)\n\t\t\t\t\tdatabaseName := _args[1].(string)\n\t\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v\", \"jdbc:redshift://\", endpoint, \"/\", databaseName), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tCopyOptions: pulumi.String(\"delimiter '|'\"),\n\t\t\t\tDataTableColumns: pulumi.String(\"test-col\"),\n\t\t\t\tDataTableName: pulumi.String(\"test-table\"),\n\t\t\t\tPassword: pulumi.String(\"T3stPass\"),\n\t\t\t\tRoleArn: pulumi.String(aws_iam_role.Firehose_role.Arn),\n\t\t\t\tS3BackupConfiguration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs{\n\t\t\t\t\tBucketArn: pulumi.String(aws_s3_bucket.Bucket.Arn),\n\t\t\t\t\tBufferInterval: pulumi.Int(300),\n\t\t\t\t\tBufferSize: pulumi.Int(15),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t\tRoleArn: pulumi.String(aws_iam_role.Firehose_role.Arn),\n\t\t\t\t},\n\t\t\t\tS3BackupMode: pulumi.String(\"Enabled\"),\n\t\t\t\tUsername: pulumi.String(\"testuser\"),\n\t\t\t},\n\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamS3ConfigurationArgs{\n\t\t\t\tBucketArn: pulumi.String(aws_s3_bucket.Bucket.Arn),\n\t\t\t\tBufferInterval: pulumi.Int(400),\n\t\t\t\tBufferSize: pulumi.Int(10),\n\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\tRoleArn: pulumi.String(aws_iam_role.Firehose_role.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Elasticsearch Destination\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.elasticsearch.Domain(\"test_cluster\", {});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n destination: \"elasticsearch\",\n elasticsearchConfiguration: {\n domainArn: testCluster.arn,\n indexName: \"test\",\n processingConfiguration: {\n enabled: true,\n processors: [{\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: pulumi.interpolate`${aws_lambda_function_lambda_processor.arn}:$LATEST`,\n }],\n type: \"Lambda\",\n }],\n },\n roleArn: aws_iam_role_firehose_role.arn,\n typeName: \"test\",\n },\n s3Configuration: {\n bucketArn: aws_s3_bucket_bucket.arn,\n bufferInterval: 400,\n bufferSize: 10,\n compressionFormat: \"GZIP\",\n roleArn: aws_iam_role_firehose_role.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.elasticsearch.Domain(\"testCluster\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"testStream\",\n destination=\"elasticsearch\",\n elasticsearch_configuration={\n \"domainArn\": test_cluster.arn,\n \"indexName\": \"test\",\n \"processingConfiguration\": {\n \"enabled\": \"true\",\n \"processors\": [{\n \"parameters\": [{\n \"parameterName\": \"LambdaArn\",\n \"parameterValue\": f\"{aws_lambda_function['lambda_processor']['arn']}:$LATEST\",\n }],\n \"type\": \"Lambda\",\n }],\n },\n \"role_arn\": aws_iam_role[\"firehose_role\"][\"arn\"],\n \"typeName\": \"test\",\n },\n s3_configuration={\n \"bucketArn\": aws_s3_bucket[\"bucket\"][\"arn\"],\n \"bufferInterval\": 400,\n \"bufferSize\": 10,\n \"compressionFormat\": \"GZIP\",\n \"role_arn\": aws_iam_role[\"firehose_role\"][\"arn\"],\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testCluster = new Aws.ElasticSearch.Domain(\"testCluster\", new Aws.ElasticSearch.DomainArgs\n {\n });\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"testStream\", new Aws.Kinesis.FirehoseDeliveryStreamArgs\n {\n Destination = \"elasticsearch\",\n ElasticsearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n IndexName = \"test\",\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = \n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs\n {\n Parameters = \n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = $\"{aws_lambda_function.Lambda_processor.Arn}:$LATEST\",\n },\n },\n Type = \"Lambda\",\n },\n },\n },\n RoleArn = aws_iam_role.Firehose_role.Arn,\n TypeName = \"test\",\n },\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamS3ConfigurationArgs\n {\n BucketArn = aws_s3_bucket.Bucket.Arn,\n BufferInterval = 400,\n BufferSize = 10,\n CompressionFormat = \"GZIP\",\n RoleArn = aws_iam_role.Firehose_role.Arn,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := elasticsearch.NewDomain(ctx, \"testCluster\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"testStream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tDestination: pulumi.String(\"elasticsearch\"),\n\t\t\tElasticsearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(fmt.Sprintf(\"%v%v%v%v\", aws_lambda_function.Lambda_processor.Arn, \":\", \"$\", \"LATEST\")),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRoleArn: pulumi.String(aws_iam_role.Firehose_role.Arn),\n\t\t\t\tTypeName: pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamS3ConfigurationArgs{\n\t\t\t\tBucketArn: pulumi.String(aws_s3_bucket.Bucket.Arn),\n\t\t\t\tBufferInterval: pulumi.Int(400),\n\t\t\t\tBufferSize: pulumi.Int(10),\n\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\tRoleArn: pulumi.String(aws_iam_role.Firehose_role.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n{{% /example %}}\n{{% example %}}\n### Splunk Destination\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n destination: \"splunk\",\n s3Configuration: {\n bucketArn: aws_s3_bucket_bucket.arn,\n bufferInterval: 400,\n bufferSize: 10,\n compressionFormat: \"GZIP\",\n roleArn: aws_iam_role_firehose.arn,\n },\n splunkConfiguration: {\n hecAcknowledgmentTimeout: 600,\n hecEndpoint: \"https://http-inputs-mydomain.splunkcloud.com:443\",\n hecEndpointType: \"Event\",\n hecToken: \"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n s3BackupMode: \"FailedEventsOnly\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"testStream\",\n destination=\"splunk\",\n s3_configuration={\n \"bucketArn\": aws_s3_bucket[\"bucket\"][\"arn\"],\n \"bufferInterval\": 400,\n \"bufferSize\": 10,\n \"compressionFormat\": \"GZIP\",\n \"role_arn\": aws_iam_role[\"firehose\"][\"arn\"],\n },\n splunk_configuration={\n \"hecAcknowledgmentTimeout\": 600,\n \"hecEndpoint\": \"https://http-inputs-mydomain.splunkcloud.com:443\",\n \"hecEndpointType\": \"Event\",\n \"hecToken\": \"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n \"s3BackupMode\": \"FailedEventsOnly\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"testStream\", new Aws.Kinesis.FirehoseDeliveryStreamArgs\n {\n Destination = \"splunk\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamS3ConfigurationArgs\n {\n BucketArn = aws_s3_bucket.Bucket.Arn,\n BufferInterval = 400,\n BufferSize = 10,\n CompressionFormat = \"GZIP\",\n RoleArn = aws_iam_role.Firehose.Arn,\n },\n SplunkConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamSplunkConfigurationArgs\n {\n HecAcknowledgmentTimeout = 600,\n HecEndpoint = \"https://http-inputs-mydomain.splunkcloud.com:443\",\n HecEndpointType = \"Event\",\n HecToken = \"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n S3BackupMode = \"FailedEventsOnly\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"testStream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tDestination: pulumi.String(\"splunk\"),\n\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamS3ConfigurationArgs{\n\t\t\t\tBucketArn: pulumi.String(aws_s3_bucket.Bucket.Arn),\n\t\t\t\tBufferInterval: pulumi.Int(400),\n\t\t\t\tBufferSize: pulumi.Int(10),\n\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\tRoleArn: pulumi.String(aws_iam_role.Firehose.Arn),\n\t\t\t},\n\t\t\tSplunkConfiguration: \u0026kinesis.FirehoseDeliveryStreamSplunkConfigurationArgs{\n\t\t\t\tHecAcknowledgmentTimeout: pulumi.Int(600),\n\t\t\t\tHecEndpoint: pulumi.String(\"https://http-inputs-mydomain.splunkcloud.com:443\"),\n\t\t\t\tHecEndpointType: pulumi.String(\"Event\"),\n\t\t\t\tHecToken: pulumi.String(\"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\"),\n\t\t\t\tS3BackupMode: pulumi.String(\"FailedEventsOnly\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream\n" }, "destination": { "type": "string", "description": "This is the destination to where the data is delivered. The only options are `s3` (Deprecated, use `extended_s3` instead), `extended_s3`, `redshift`, `elasticsearch`, and `splunk`.\n" }, "destinationId": { "type": "string" }, "elasticsearchConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfiguration:FirehoseDeliveryStreamElasticsearchConfiguration", "description": "Configuration options if elasticsearch is the destination. More details are given below.\n" }, "extendedS3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3Configuration:FirehoseDeliveryStreamExtendedS3Configuration", "description": "Enhanced configuration options for the s3 destination. More details are given below.\n" }, "kinesisSourceConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamKinesisSourceConfiguration:FirehoseDeliveryStreamKinesisSourceConfiguration", "description": "Allows the ability to specify the kinesis stream that is used as the source of the firehose delivery stream.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the\nAWS account and region the Stream is created in.\n" }, "redshiftConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfiguration:FirehoseDeliveryStreamRedshiftConfiguration", "description": "Configuration options if redshift is the destination.\nUsing `redshift_configuration` requires the user to also specify a\n`s3_configuration` block. More details are given below.\n" }, "s3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamS3Configuration:FirehoseDeliveryStreamS3Configuration", "description": "Required for non-S3 destinations. For S3 destination, use `extended_s3_configuration` instead. Configuration options for the s3 destination (or the intermediate bucket if the destination\nis redshift). More details are given below.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamServerSideEncryption:FirehoseDeliveryStreamServerSideEncryption", "description": "Encrypt at rest options.\nServer-side encryption should not be enabled when a kinesis stream is configured as the source of the firehose delivery stream.\n" }, "splunkConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfiguration:FirehoseDeliveryStreamSplunkConfiguration" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "versionId": { "type": "string", "description": "Specifies the table version for the output data schema. Defaults to `LATEST`.\n" } }, "required": [ "arn", "destination", "destinationId", "name", "versionId" ], "inputProperties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream\n" }, "destination": { "type": "string", "description": "This is the destination to where the data is delivered. The only options are `s3` (Deprecated, use `extended_s3` instead), `extended_s3`, `redshift`, `elasticsearch`, and `splunk`.\n" }, "destinationId": { "type": "string" }, "elasticsearchConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfiguration:FirehoseDeliveryStreamElasticsearchConfiguration", "description": "Configuration options if elasticsearch is the destination. More details are given below.\n" }, "extendedS3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3Configuration:FirehoseDeliveryStreamExtendedS3Configuration", "description": "Enhanced configuration options for the s3 destination. More details are given below.\n" }, "kinesisSourceConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamKinesisSourceConfiguration:FirehoseDeliveryStreamKinesisSourceConfiguration", "description": "Allows the ability to specify the kinesis stream that is used as the source of the firehose delivery stream.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the\nAWS account and region the Stream is created in.\n" }, "redshiftConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfiguration:FirehoseDeliveryStreamRedshiftConfiguration", "description": "Configuration options if redshift is the destination.\nUsing `redshift_configuration` requires the user to also specify a\n`s3_configuration` block. More details are given below.\n" }, "s3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamS3Configuration:FirehoseDeliveryStreamS3Configuration", "description": "Required for non-S3 destinations. For S3 destination, use `extended_s3_configuration` instead. Configuration options for the s3 destination (or the intermediate bucket if the destination\nis redshift). More details are given below.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamServerSideEncryption:FirehoseDeliveryStreamServerSideEncryption", "description": "Encrypt at rest options.\nServer-side encryption should not be enabled when a kinesis stream is configured as the source of the firehose delivery stream.\n" }, "splunkConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfiguration:FirehoseDeliveryStreamSplunkConfiguration" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "versionId": { "type": "string", "description": "Specifies the table version for the output data schema. Defaults to `LATEST`.\n" } }, "requiredInputs": [ "destination" ], "stateInputs": { "description": "Input properties used for looking up and filtering FirehoseDeliveryStream resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream\n" }, "destination": { "type": "string", "description": "This is the destination to where the data is delivered. The only options are `s3` (Deprecated, use `extended_s3` instead), `extended_s3`, `redshift`, `elasticsearch`, and `splunk`.\n" }, "destinationId": { "type": "string" }, "elasticsearchConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfiguration:FirehoseDeliveryStreamElasticsearchConfiguration", "description": "Configuration options if elasticsearch is the destination. More details are given below.\n" }, "extendedS3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3Configuration:FirehoseDeliveryStreamExtendedS3Configuration", "description": "Enhanced configuration options for the s3 destination. More details are given below.\n" }, "kinesisSourceConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamKinesisSourceConfiguration:FirehoseDeliveryStreamKinesisSourceConfiguration", "description": "Allows the ability to specify the kinesis stream that is used as the source of the firehose delivery stream.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the\nAWS account and region the Stream is created in.\n" }, "redshiftConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfiguration:FirehoseDeliveryStreamRedshiftConfiguration", "description": "Configuration options if redshift is the destination.\nUsing `redshift_configuration` requires the user to also specify a\n`s3_configuration` block. More details are given below.\n" }, "s3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamS3Configuration:FirehoseDeliveryStreamS3Configuration", "description": "Required for non-S3 destinations. For S3 destination, use `extended_s3_configuration` instead. Configuration options for the s3 destination (or the intermediate bucket if the destination\nis redshift). More details are given below.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamServerSideEncryption:FirehoseDeliveryStreamServerSideEncryption", "description": "Encrypt at rest options.\nServer-side encryption should not be enabled when a kinesis stream is configured as the source of the firehose delivery stream.\n" }, "splunkConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfiguration:FirehoseDeliveryStreamSplunkConfiguration" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "versionId": { "type": "string", "description": "Specifies the table version for the output data schema. Defaults to `LATEST`.\n" } }, "type": "object" } }, "aws:kinesis/stream:Stream": { "description": "Provides a Kinesis Stream resource. Amazon Kinesis is a managed service that\nscales elastically for real-time processing of streaming big data.\n\nFor more details, see the [Amazon Kinesis Documentation](https://aws.amazon.com/documentation/kinesis/).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.Stream(\"test_stream\", {\n retentionPeriod: 48,\n shardCount: 1,\n shardLevelMetrics: [\n \"IncomingBytes\",\n \"OutgoingBytes\",\n ],\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.Stream(\"testStream\",\n retention_period=48,\n shard_count=1,\n shard_level_metrics=[\n \"IncomingBytes\",\n \"OutgoingBytes\",\n ],\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testStream = new Aws.Kinesis.Stream(\"testStream\", new Aws.Kinesis.StreamArgs\n {\n RetentionPeriod = 48,\n ShardCount = 1,\n ShardLevelMetrics = \n {\n \"IncomingBytes\",\n \"OutgoingBytes\",\n },\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = kinesis.NewStream(ctx, \"testStream\", \u0026kinesis.StreamArgs{\n\t\t\tRetentionPeriod: pulumi.Int(48),\n\t\t\tShardCount: pulumi.Int(1),\n\t\t\tShardLevelMetrics: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"IncomingBytes\"),\n\t\t\t\tpulumi.String(\"OutgoingBytes\"),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream (same as `id`)\n" }, "encryptionType": { "type": "string", "description": "The encryption type to use. The only acceptable values are `NONE` or `KMS`. The default value is `NONE`.\n" }, "enforceConsumerDeletion": { "type": "boolean", "description": "A boolean that indicates all registered consumers should be deregistered from the stream so that the stream can be destroyed without error. The default value is `false`.\n" }, "kmsKeyId": { "type": "string", "description": "The GUID for the customer-managed KMS key to use for encryption. You can also use a Kinesis-owned master key by specifying the alias `alias/aws/kinesis`.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the AWS account and region the Stream is created in.\n" }, "retentionPeriod": { "type": "integer", "description": "Length of time data records are accessible after they are added to the stream. The maximum value of a stream's retention period is 168 hours. Minimum value is 24. Default is 24.\n" }, "shardCount": { "type": "integer", "description": "The number of shards that the stream will use.\nAmazon has guidelines for specifying the Stream size that should be referenced when creating a Kinesis stream. See [Amazon Kinesis Streams](https://docs.aws.amazon.com/kinesis/latest/dev/amazon-kinesis-streams.html) for more.\n" }, "shardLevelMetrics": { "type": "array", "items": { "type": "string" }, "description": "A list of shard-level CloudWatch metrics which can be enabled for the stream. See [Monitoring with CloudWatch](https://docs.aws.amazon.com/streams/latest/dev/monitoring-with-cloudwatch.html) for more. Note that the value ALL should not be used; instead you should provide an explicit list of metrics you wish to enable.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "name", "shardCount" ], "inputProperties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream (same as `id`)\n" }, "encryptionType": { "type": "string", "description": "The encryption type to use. The only acceptable values are `NONE` or `KMS`. The default value is `NONE`.\n" }, "enforceConsumerDeletion": { "type": "boolean", "description": "A boolean that indicates all registered consumers should be deregistered from the stream so that the stream can be destroyed without error. The default value is `false`.\n" }, "kmsKeyId": { "type": "string", "description": "The GUID for the customer-managed KMS key to use for encryption. You can also use a Kinesis-owned master key by specifying the alias `alias/aws/kinesis`.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the AWS account and region the Stream is created in.\n" }, "retentionPeriod": { "type": "integer", "description": "Length of time data records are accessible after they are added to the stream. The maximum value of a stream's retention period is 168 hours. Minimum value is 24. Default is 24.\n" }, "shardCount": { "type": "integer", "description": "The number of shards that the stream will use.\nAmazon has guidelines for specifying the Stream size that should be referenced when creating a Kinesis stream. See [Amazon Kinesis Streams](https://docs.aws.amazon.com/kinesis/latest/dev/amazon-kinesis-streams.html) for more.\n" }, "shardLevelMetrics": { "type": "array", "items": { "type": "string" }, "description": "A list of shard-level CloudWatch metrics which can be enabled for the stream. See [Monitoring with CloudWatch](https://docs.aws.amazon.com/streams/latest/dev/monitoring-with-cloudwatch.html) for more. Note that the value ALL should not be used; instead you should provide an explicit list of metrics you wish to enable.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "shardCount" ], "stateInputs": { "description": "Input properties used for looking up and filtering Stream resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream (same as `id`)\n" }, "encryptionType": { "type": "string", "description": "The encryption type to use. The only acceptable values are `NONE` or `KMS`. The default value is `NONE`.\n" }, "enforceConsumerDeletion": { "type": "boolean", "description": "A boolean that indicates all registered consumers should be deregistered from the stream so that the stream can be destroyed without error. The default value is `false`.\n" }, "kmsKeyId": { "type": "string", "description": "The GUID for the customer-managed KMS key to use for encryption. You can also use a Kinesis-owned master key by specifying the alias `alias/aws/kinesis`.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the AWS account and region the Stream is created in.\n" }, "retentionPeriod": { "type": "integer", "description": "Length of time data records are accessible after they are added to the stream. The maximum value of a stream's retention period is 168 hours. Minimum value is 24. Default is 24.\n" }, "shardCount": { "type": "integer", "description": "The number of shards that the stream will use.\nAmazon has guidelines for specifying the Stream size that should be referenced when creating a Kinesis stream. See [Amazon Kinesis Streams](https://docs.aws.amazon.com/kinesis/latest/dev/amazon-kinesis-streams.html) for more.\n" }, "shardLevelMetrics": { "type": "array", "items": { "type": "string" }, "description": "A list of shard-level CloudWatch metrics which can be enabled for the stream. See [Monitoring with CloudWatch](https://docs.aws.amazon.com/streams/latest/dev/monitoring-with-cloudwatch.html) for more. Note that the value ALL should not be used; instead you should provide an explicit list of metrics you wish to enable.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:kinesis/videoStream:VideoStream": { "description": "Provides a Kinesis Video Stream resource. Amazon Kinesis Video Streams makes it easy to securely stream video from connected devices to AWS for analytics, machine learning (ML), playback, and other processing.\n\nFor more details, see the [Amazon Kinesis Documentation](https://aws.amazon.com/documentation/kinesis/).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultVideoStream = new aws.kinesis.VideoStream(\"default\", {\n dataRetentionInHours: 1,\n deviceName: \"kinesis-video-device-name\",\n mediaType: \"video/h264\",\n tags: {\n Name: \"kinesis-video-stream\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.kinesis.VideoStream(\"default\",\n data_retention_in_hours=1,\n device_name=\"kinesis-video-device-name\",\n media_type=\"video/h264\",\n tags={\n \"Name\": \"kinesis-video-stream\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Kinesis.VideoStream(\"default\", new Aws.Kinesis.VideoStreamArgs\n {\n DataRetentionInHours = 1,\n DeviceName = \"kinesis-video-device-name\",\n MediaType = \"video/h264\",\n Tags = \n {\n { \"Name\", \"kinesis-video-stream\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = kinesis.NewVideoStream(ctx, \"default\", \u0026kinesis.VideoStreamArgs{\n\t\t\tDataRetentionInHours: pulumi.Int(1),\n\t\t\tDeviceName: pulumi.String(\"kinesis-video-device-name\"),\n\t\t\tMediaType: pulumi.String(\"video/h264\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"kinesis-video-stream\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream (same as `id`)\n" }, "creationTime": { "type": "string", "description": "A time stamp that indicates when the stream was created.\n" }, "dataRetentionInHours": { "type": "integer", "description": "The number of hours that you want to retain the data in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream. The default value is `0`, indicating that the stream does not persist data.\n" }, "deviceName": { "type": "string", "description": "The name of the device that is writing to the stream. **In the current implementation, Kinesis Video Streams does not use this name.**\n" }, "kmsKeyId": { "type": "string", "description": "The ID of the AWS Key Management Service (AWS KMS) key that you want Kinesis Video Streams to use to encrypt stream data. If no key ID is specified, the default, Kinesis Video-managed key (`aws/kinesisvideo`) is used.\n" }, "mediaType": { "type": "string", "description": "The media type of the stream. Consumers of the stream can use this information when processing the stream. For more information about media types, see [Media Types](http://www.iana.org/assignments/media-types/media-types.xhtml). If you choose to specify the MediaType, see [Naming Requirements](https://tools.ietf.org/html/rfc6838#section-4.2) for guidelines.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the\nAWS account and region the Stream is created in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "version": { "type": "string", "description": "The version of the stream.\n" } }, "required": [ "arn", "creationTime", "kmsKeyId", "name", "version" ], "inputProperties": { "dataRetentionInHours": { "type": "integer", "description": "The number of hours that you want to retain the data in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream. The default value is `0`, indicating that the stream does not persist data.\n" }, "deviceName": { "type": "string", "description": "The name of the device that is writing to the stream. **In the current implementation, Kinesis Video Streams does not use this name.**\n" }, "kmsKeyId": { "type": "string", "description": "The ID of the AWS Key Management Service (AWS KMS) key that you want Kinesis Video Streams to use to encrypt stream data. If no key ID is specified, the default, Kinesis Video-managed key (`aws/kinesisvideo`) is used.\n" }, "mediaType": { "type": "string", "description": "The media type of the stream. Consumers of the stream can use this information when processing the stream. For more information about media types, see [Media Types](http://www.iana.org/assignments/media-types/media-types.xhtml). If you choose to specify the MediaType, see [Naming Requirements](https://tools.ietf.org/html/rfc6838#section-4.2) for guidelines.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the\nAWS account and region the Stream is created in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering VideoStream resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream (same as `id`)\n" }, "creationTime": { "type": "string", "description": "A time stamp that indicates when the stream was created.\n" }, "dataRetentionInHours": { "type": "integer", "description": "The number of hours that you want to retain the data in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream. The default value is `0`, indicating that the stream does not persist data.\n" }, "deviceName": { "type": "string", "description": "The name of the device that is writing to the stream. **In the current implementation, Kinesis Video Streams does not use this name.**\n" }, "kmsKeyId": { "type": "string", "description": "The ID of the AWS Key Management Service (AWS KMS) key that you want Kinesis Video Streams to use to encrypt stream data. If no key ID is specified, the default, Kinesis Video-managed key (`aws/kinesisvideo`) is used.\n" }, "mediaType": { "type": "string", "description": "The media type of the stream. Consumers of the stream can use this information when processing the stream. For more information about media types, see [Media Types](http://www.iana.org/assignments/media-types/media-types.xhtml). If you choose to specify the MediaType, see [Naming Requirements](https://tools.ietf.org/html/rfc6838#section-4.2) for guidelines.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the\nAWS account and region the Stream is created in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "version": { "type": "string", "description": "The version of the stream.\n" } }, "type": "object" } }, "aws:kms/alias:Alias": { "description": "Provides an alias for a KMS customer master key. AWS Console enforces 1-to-1 mapping between aliases \u0026 keys,\nbut API (hence this provider too) allows you to create as many aliases as\nthe [account limits](http://docs.aws.amazon.com/kms/latest/developerguide/limits.html) allow you.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst key = new aws.kms.Key(\"a\", {});\nconst alias = new aws.kms.Alias(\"a\", {\n targetKeyId: key.keyId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nkey = aws.kms.Key(\"key\")\nalias = aws.kms.Alias(\"alias\", target_key_id=key.key_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var key = new Aws.Kms.Key(\"key\", new Aws.Kms.KeyArgs\n {\n });\n var @alias = new Aws.Kms.Alias(\"alias\", new Aws.Kms.AliasArgs\n {\n TargetKeyId = key.KeyId,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := kms.NewKey(ctx, \"key\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewAlias(ctx, \"alias\", \u0026kms.AliasArgs{\n\t\t\tTargetKeyId: key.KeyId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key alias.\n" }, "name": { "type": "string", "description": "The display name of the alias. The name must start with the word \"alias\" followed by a forward slash (alias/)\n" }, "namePrefix": { "type": "string", "description": "Creates an unique alias beginning with the specified prefix.\nThe name must start with the word \"alias\" followed by a forward slash (alias/). Conflicts with `name`.\n" }, "targetKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target key identifier.\n" }, "targetKeyId": { "type": "string", "description": "Identifier for the key for which the alias is for, can be either an ARN or key_id.\n" } }, "required": [ "arn", "name", "targetKeyArn", "targetKeyId" ], "inputProperties": { "name": { "type": "string", "description": "The display name of the alias. The name must start with the word \"alias\" followed by a forward slash (alias/)\n" }, "namePrefix": { "type": "string", "description": "Creates an unique alias beginning with the specified prefix.\nThe name must start with the word \"alias\" followed by a forward slash (alias/). Conflicts with `name`.\n" }, "targetKeyId": { "type": "string", "description": "Identifier for the key for which the alias is for, can be either an ARN or key_id.\n" } }, "requiredInputs": [ "targetKeyId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Alias resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key alias.\n" }, "name": { "type": "string", "description": "The display name of the alias. The name must start with the word \"alias\" followed by a forward slash (alias/)\n" }, "namePrefix": { "type": "string", "description": "Creates an unique alias beginning with the specified prefix.\nThe name must start with the word \"alias\" followed by a forward slash (alias/). Conflicts with `name`.\n" }, "targetKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target key identifier.\n" }, "targetKeyId": { "type": "string", "description": "Identifier for the key for which the alias is for, can be either an ARN or key_id.\n" } }, "type": "object" } }, "aws:kms/ciphertext:Ciphertext": { "description": "The KMS ciphertext resource allows you to encrypt plaintext into ciphertext\nby using an AWS KMS customer master key. The value returned by this resource\nis stable across every apply. For a changing ciphertext value each apply, see\nthe `aws.kms.Ciphertext` data source.\n\n\u003e **Note:** All arguments including the plaintext be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst oauthConfig = new aws.kms.Key(\"oauth_config\", {\n description: \"oauth config\",\n isEnabled: true,\n});\nconst oauth = new aws.kms.Ciphertext(\"oauth\", {\n keyId: oauthConfig.keyId,\n plaintext: `{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\noauth_config = aws.kms.Key(\"oauthConfig\",\n description=\"oauth config\",\n is_enabled=True)\noauth = aws.kms.Ciphertext(\"oauth\",\n key_id=oauth_config.key_id,\n plaintext=\"\"\"{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var oauthConfig = new Aws.Kms.Key(\"oauthConfig\", new Aws.Kms.KeyArgs\n {\n Description = \"oauth config\",\n IsEnabled = true,\n });\n var oauth = new Aws.Kms.Ciphertext(\"oauth\", new Aws.Kms.CiphertextArgs\n {\n KeyId = oauthConfig.KeyId,\n Plaintext = @\"{\n \"\"client_id\"\": \"\"e587dbae22222f55da22\"\",\n \"\"client_secret\"\": \"\"8289575d00000ace55e1815ec13673955721b8a5\"\"\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\toauthConfig, err := kms.NewKey(ctx, \"oauthConfig\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"oauth config\"),\n\t\t\tIsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewCiphertext(ctx, \"oauth\", \u0026kms.CiphertextArgs{\n\t\t\tKeyId: oauthConfig.KeyId,\n\t\t\tPlaintext: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v\", \"{\\n\", \" \\\"client_id\\\": \\\"e587dbae22222f55da22\\\",\\n\", \" \\\"client_secret\\\": \\\"8289575d00000ace55e1815ec13673955721b8a5\\\"\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "ciphertextBlob": { "type": "string", "description": "Base64 encoded ciphertext\n" }, "context": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An optional mapping that makes up the encryption context.\n" }, "keyId": { "type": "string", "description": "Globally unique key ID for the customer master key.\n" }, "plaintext": { "type": "string", "description": "Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.\n" } }, "required": [ "ciphertextBlob", "keyId", "plaintext" ], "inputProperties": { "context": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An optional mapping that makes up the encryption context.\n" }, "keyId": { "type": "string", "description": "Globally unique key ID for the customer master key.\n" }, "plaintext": { "type": "string", "description": "Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.\n" } }, "requiredInputs": [ "keyId", "plaintext" ], "stateInputs": { "description": "Input properties used for looking up and filtering Ciphertext resources.\n", "properties": { "ciphertextBlob": { "type": "string", "description": "Base64 encoded ciphertext\n" }, "context": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An optional mapping that makes up the encryption context.\n" }, "keyId": { "type": "string", "description": "Globally unique key ID for the customer master key.\n" }, "plaintext": { "type": "string", "description": "Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.\n" } }, "type": "object" } }, "aws:kms/externalKey:ExternalKey": { "description": "Manages a KMS Customer Master Key that uses external key material. To instead manage a KMS Customer Master Key where AWS automatically generates and potentially rotates key material, see the `aws.kms.Key` resource.\n\n\u003e **Note:** All arguments including the key material will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.ExternalKey(\"example\", {\n description: \"KMS EXTERNAL for AMI encryption\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.ExternalKey(\"example\", description=\"KMS EXTERNAL for AMI encryption\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Kms.ExternalKey(\"example\", new Aws.Kms.ExternalKeyArgs\n {\n Description = \"KMS EXTERNAL for AMI encryption\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = kms.NewExternalKey(ctx, \"example\", \u0026kms.ExternalKeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS EXTERNAL for AMI encryption\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key.\n" }, "deletionWindowInDays": { "type": "integer", "description": "Duration in days after which the key is deleted after destruction of the resource. Must be between `7` and `30` days. Defaults to `30`.\n" }, "description": { "type": "string", "description": "Description of the key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Keys pending import can only be `false`. Imported keys default to `true` unless expired.\n" }, "expirationModel": { "type": "string", "description": "Whether the key material expires. Empty when pending key material import, otherwise `KEY_MATERIAL_EXPIRES` or `KEY_MATERIAL_DOES_NOT_EXPIRE`.\n" }, "keyMaterialBase64": { "type": "string", "description": "Base64 encoded 256-bit symmetric encryption key material to import. The CMK is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material.\n" }, "keyState": { "type": "string", "description": "The state of the CMK.\n" }, "keyUsage": { "type": "string", "description": "The cryptographic operations for which you can use the CMK.\n" }, "policy": { "type": "string", "description": "A key policy JSON document. If you do not provide a key policy, AWS KMS attaches a default key policy to the CMK.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of tags to assign to the key.\n" }, "validTo": { "type": "string", "description": "Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. If not specified, key material does not expire. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" } }, "required": [ "arn", "enabled", "expirationModel", "keyState", "keyUsage", "policy" ], "inputProperties": { "deletionWindowInDays": { "type": "integer", "description": "Duration in days after which the key is deleted after destruction of the resource. Must be between `7` and `30` days. Defaults to `30`.\n" }, "description": { "type": "string", "description": "Description of the key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Keys pending import can only be `false`. Imported keys default to `true` unless expired.\n" }, "keyMaterialBase64": { "type": "string", "description": "Base64 encoded 256-bit symmetric encryption key material to import. The CMK is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material.\n" }, "policy": { "type": "string", "description": "A key policy JSON document. If you do not provide a key policy, AWS KMS attaches a default key policy to the CMK.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of tags to assign to the key.\n" }, "validTo": { "type": "string", "description": "Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. If not specified, key material does not expire. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ExternalKey resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key.\n" }, "deletionWindowInDays": { "type": "integer", "description": "Duration in days after which the key is deleted after destruction of the resource. Must be between `7` and `30` days. Defaults to `30`.\n" }, "description": { "type": "string", "description": "Description of the key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Keys pending import can only be `false`. Imported keys default to `true` unless expired.\n" }, "expirationModel": { "type": "string", "description": "Whether the key material expires. Empty when pending key material import, otherwise `KEY_MATERIAL_EXPIRES` or `KEY_MATERIAL_DOES_NOT_EXPIRE`.\n" }, "keyMaterialBase64": { "type": "string", "description": "Base64 encoded 256-bit symmetric encryption key material to import. The CMK is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material.\n" }, "keyState": { "type": "string", "description": "The state of the CMK.\n" }, "keyUsage": { "type": "string", "description": "The cryptographic operations for which you can use the CMK.\n" }, "policy": { "type": "string", "description": "A key policy JSON document. If you do not provide a key policy, AWS KMS attaches a default key policy to the CMK.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of tags to assign to the key.\n" }, "validTo": { "type": "string", "description": "Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. If not specified, key material does not expire. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" } }, "type": "object" } }, "aws:kms/grant:Grant": { "description": "Provides a resource-based access control mechanism for a KMS customer master key.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst key = new aws.kms.Key(\"a\", {});\nconst role = new aws.iam.Role(\"a\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst grant = new aws.kms.Grant(\"a\", {\n constraints: [{\n encryptionContextEquals: {\n Department: \"Finance\",\n },\n }],\n granteePrincipal: role.arn,\n keyId: key.keyId,\n operations: [\n \"Encrypt\",\n \"Decrypt\",\n \"GenerateDataKey\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nkey = aws.kms.Key(\"key\")\nrole = aws.iam.Role(\"role\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\ngrant = aws.kms.Grant(\"grant\",\n constraints=[{\n \"encryptionContextEquals\": {\n \"Department\": \"Finance\",\n },\n }],\n grantee_principal=role.arn,\n key_id=key.key_id,\n operations=[\n \"Encrypt\",\n \"Decrypt\",\n \"GenerateDataKey\",\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var key = new Aws.Kms.Key(\"key\", new Aws.Kms.KeyArgs\n {\n });\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"lambda.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var grant = new Aws.Kms.Grant(\"grant\", new Aws.Kms.GrantArgs\n {\n Constraints = \n {\n new Aws.Kms.Inputs.GrantConstraintArgs\n {\n EncryptionContextEquals = \n {\n { \"Department\", \"Finance\" },\n },\n },\n },\n GranteePrincipal = role.Arn,\n KeyId = key.KeyId,\n Operations = \n {\n \"Encrypt\",\n \"Decrypt\",\n \"GenerateDataKey\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := kms.NewKey(ctx, \"key\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"lambda.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewGrant(ctx, \"grant\", \u0026kms.GrantArgs{\n\t\t\tConstraints: kms.GrantConstraintArray{\n\t\t\t\t\u0026kms.GrantConstraintArgs{\n\t\t\t\t\tEncryptionContextEquals: pulumi.Map{\n\t\t\t\t\t\t\"Department\": pulumi.String(\"Finance\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGranteePrincipal: role.Arn,\n\t\t\tKeyId: key.KeyId,\n\t\t\tOperations: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Encrypt\"),\n\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\tpulumi.String(\"GenerateDataKey\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "constraints": { "type": "array", "items": { "$ref": "#/types/aws:kms/GrantConstraint:GrantConstraint" }, "description": "A structure that you can use to allow certain operations in the grant only when the desired encryption context is present. For more information about encryption context, see [Encryption Context](http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html).\n" }, "grantCreationTokens": { "type": "array", "items": { "type": "string" }, "description": "A list of grant tokens to be used when creating the grant. See [Grant Tokens](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) for more information about grant tokens.\n" }, "grantId": { "type": "string", "description": "The unique identifier for the grant.\n" }, "grantToken": { "type": "string", "description": "The grant token for the created grant. For more information, see [Grant Tokens](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token).\n" }, "granteePrincipal": { "type": "string", "description": "The principal that is given permission to perform the operations that the grant permits in ARN format. Note that due to eventual consistency issues around IAM principals, the state may not always be refreshed to reflect what is true in AWS.\n" }, "keyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.\n" }, "name": { "type": "string", "description": "A friendly name for identifying the grant.\n" }, "operations": { "type": "array", "items": { "type": "string" }, "description": "A list of operations that the grant permits. The permitted values are: `Decrypt, Encrypt, GenerateDataKey, GenerateDataKeyWithoutPlaintext, ReEncryptFrom, ReEncryptTo, CreateGrant, RetireGrant, DescribeKey`\n" }, "retireOnDelete": { "type": "boolean", "description": "-(Defaults to false, Forces new resources) If set to false (the default) the grants will be revoked upon deletion, and if set to true the grants will try to be retired upon deletion. Note that retiring grants requires special permissions, hence why we default to revoking grants.\nSee [RetireGrant](https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html) for more information.\n" }, "retiringPrincipal": { "type": "string", "description": "The principal that is given permission to retire the grant by using RetireGrant operation in ARN format. Note that due to eventual consistency issues around IAM principals, the state may not always be refreshed to reflect what is true in AWS.\n" } }, "required": [ "grantId", "grantToken", "granteePrincipal", "keyId", "name", "operations" ], "inputProperties": { "constraints": { "type": "array", "items": { "$ref": "#/types/aws:kms/GrantConstraint:GrantConstraint" }, "description": "A structure that you can use to allow certain operations in the grant only when the desired encryption context is present. For more information about encryption context, see [Encryption Context](http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html).\n" }, "grantCreationTokens": { "type": "array", "items": { "type": "string" }, "description": "A list of grant tokens to be used when creating the grant. See [Grant Tokens](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) for more information about grant tokens.\n" }, "granteePrincipal": { "type": "string", "description": "The principal that is given permission to perform the operations that the grant permits in ARN format. Note that due to eventual consistency issues around IAM principals, the state may not always be refreshed to reflect what is true in AWS.\n" }, "keyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.\n" }, "name": { "type": "string", "description": "A friendly name for identifying the grant.\n" }, "operations": { "type": "array", "items": { "type": "string" }, "description": "A list of operations that the grant permits. The permitted values are: `Decrypt, Encrypt, GenerateDataKey, GenerateDataKeyWithoutPlaintext, ReEncryptFrom, ReEncryptTo, CreateGrant, RetireGrant, DescribeKey`\n" }, "retireOnDelete": { "type": "boolean", "description": "-(Defaults to false, Forces new resources) If set to false (the default) the grants will be revoked upon deletion, and if set to true the grants will try to be retired upon deletion. Note that retiring grants requires special permissions, hence why we default to revoking grants.\nSee [RetireGrant](https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html) for more information.\n" }, "retiringPrincipal": { "type": "string", "description": "The principal that is given permission to retire the grant by using RetireGrant operation in ARN format. Note that due to eventual consistency issues around IAM principals, the state may not always be refreshed to reflect what is true in AWS.\n" } }, "requiredInputs": [ "granteePrincipal", "keyId", "operations" ], "stateInputs": { "description": "Input properties used for looking up and filtering Grant resources.\n", "properties": { "constraints": { "type": "array", "items": { "$ref": "#/types/aws:kms/GrantConstraint:GrantConstraint" }, "description": "A structure that you can use to allow certain operations in the grant only when the desired encryption context is present. For more information about encryption context, see [Encryption Context](http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html).\n" }, "grantCreationTokens": { "type": "array", "items": { "type": "string" }, "description": "A list of grant tokens to be used when creating the grant. See [Grant Tokens](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) for more information about grant tokens.\n" }, "grantId": { "type": "string", "description": "The unique identifier for the grant.\n" }, "grantToken": { "type": "string", "description": "The grant token for the created grant. For more information, see [Grant Tokens](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token).\n" }, "granteePrincipal": { "type": "string", "description": "The principal that is given permission to perform the operations that the grant permits in ARN format. Note that due to eventual consistency issues around IAM principals, the state may not always be refreshed to reflect what is true in AWS.\n" }, "keyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.\n" }, "name": { "type": "string", "description": "A friendly name for identifying the grant.\n" }, "operations": { "type": "array", "items": { "type": "string" }, "description": "A list of operations that the grant permits. The permitted values are: `Decrypt, Encrypt, GenerateDataKey, GenerateDataKeyWithoutPlaintext, ReEncryptFrom, ReEncryptTo, CreateGrant, RetireGrant, DescribeKey`\n" }, "retireOnDelete": { "type": "boolean", "description": "-(Defaults to false, Forces new resources) If set to false (the default) the grants will be revoked upon deletion, and if set to true the grants will try to be retired upon deletion. Note that retiring grants requires special permissions, hence why we default to revoking grants.\nSee [RetireGrant](https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html) for more information.\n" }, "retiringPrincipal": { "type": "string", "description": "The principal that is given permission to retire the grant by using RetireGrant operation in ARN format. Note that due to eventual consistency issues around IAM principals, the state may not always be refreshed to reflect what is true in AWS.\n" } }, "type": "object" } }, "aws:kms/key:Key": { "description": "Provides a KMS customer master key.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst key = new aws.kms.Key(\"a\", {\n deletionWindowInDays: 10,\n description: \"KMS key 1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nkey = aws.kms.Key(\"key\",\n deletion_window_in_days=10,\n description=\"KMS key 1\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var key = new Aws.Kms.Key(\"key\", new Aws.Kms.KeyArgs\n {\n DeletionWindowInDays = 10,\n Description = \"KMS key 1\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = kms.NewKey(ctx, \"key\", \u0026kms.KeyArgs{\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t\tDescription: pulumi.String(\"KMS key 1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key.\n" }, "customerMasterKeySpec": { "type": "string", "description": "Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.\nValid values: `SYMMETRIC_DEFAULT`, `RSA_2048`, `RSA_3072`, `RSA_4096`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, or `ECC_SECG_P256K1`. Defaults to `SYMMETRIC_DEFAULT`. For help with choosing a key spec, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html).\n" }, "deletionWindowInDays": { "type": "integer", "description": "Duration in days after which the key is deleted\nafter destruction of the resource, must be between 7 and 30 days. Defaults to 30 days.\n" }, "description": { "type": "string", "description": "The description of the key as viewed in AWS console.\n" }, "enableKeyRotation": { "type": "boolean", "description": "Specifies whether [key rotation](http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html)\nis enabled. Defaults to false.\n" }, "isEnabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Defaults to true.\n" }, "keyId": { "type": "string", "description": "The globally unique identifier for the key.\n" }, "keyUsage": { "type": "string", "description": "Specifies the intended use of the key. Valid values: `ENCRYPT_DECRYPT` or `SIGN_VERIFY`.\nDefaults to `ENCRYPT_DECRYPT`.\n" }, "policy": { "type": "string", "description": "A valid policy JSON document.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" } }, "required": [ "arn", "description", "keyId", "policy" ], "inputProperties": { "customerMasterKeySpec": { "type": "string", "description": "Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.\nValid values: `SYMMETRIC_DEFAULT`, `RSA_2048`, `RSA_3072`, `RSA_4096`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, or `ECC_SECG_P256K1`. Defaults to `SYMMETRIC_DEFAULT`. For help with choosing a key spec, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html).\n" }, "deletionWindowInDays": { "type": "integer", "description": "Duration in days after which the key is deleted\nafter destruction of the resource, must be between 7 and 30 days. Defaults to 30 days.\n" }, "description": { "type": "string", "description": "The description of the key as viewed in AWS console.\n" }, "enableKeyRotation": { "type": "boolean", "description": "Specifies whether [key rotation](http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html)\nis enabled. Defaults to false.\n" }, "isEnabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Defaults to true.\n" }, "keyUsage": { "type": "string", "description": "Specifies the intended use of the key. Valid values: `ENCRYPT_DECRYPT` or `SIGN_VERIFY`.\nDefaults to `ENCRYPT_DECRYPT`.\n" }, "policy": { "type": "string", "description": "A valid policy JSON document.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Key resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key.\n" }, "customerMasterKeySpec": { "type": "string", "description": "Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.\nValid values: `SYMMETRIC_DEFAULT`, `RSA_2048`, `RSA_3072`, `RSA_4096`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, or `ECC_SECG_P256K1`. Defaults to `SYMMETRIC_DEFAULT`. For help with choosing a key spec, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html).\n" }, "deletionWindowInDays": { "type": "integer", "description": "Duration in days after which the key is deleted\nafter destruction of the resource, must be between 7 and 30 days. Defaults to 30 days.\n" }, "description": { "type": "string", "description": "The description of the key as viewed in AWS console.\n" }, "enableKeyRotation": { "type": "boolean", "description": "Specifies whether [key rotation](http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html)\nis enabled. Defaults to false.\n" }, "isEnabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Defaults to true.\n" }, "keyId": { "type": "string", "description": "The globally unique identifier for the key.\n" }, "keyUsage": { "type": "string", "description": "Specifies the intended use of the key. Valid values: `ENCRYPT_DECRYPT` or `SIGN_VERIFY`.\nDefaults to `ENCRYPT_DECRYPT`.\n" }, "policy": { "type": "string", "description": "A valid policy JSON document.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" } }, "type": "object" } }, "aws:lambda/alias:Alias": { "description": "Creates a Lambda function alias. Creates an alias that points to the specified Lambda function version.\n\nFor information about Lambda and how to use it, see [What is AWS Lambda?](http://docs.aws.amazon.com/lambda/latest/dg/welcome.html)\nFor information about function aliases, see [CreateAlias](http://docs.aws.amazon.com/lambda/latest/dg/API_CreateAlias.html) and [AliasRoutingConfiguration](https://docs.aws.amazon.com/lambda/latest/dg/API_AliasRoutingConfiguration.html) in the API docs.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testLambdaAlias = new aws.lambda.Alias(\"test_lambda_alias\", {\n description: \"a sample description\",\n functionName: aws_lambda_function_lambda_function_test.arn,\n functionVersion: \"1\",\n routingConfig: {\n additionalVersionWeights: {\n \"2\": 0.5,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_lambda_alias = aws.lambda_.Alias(\"testLambdaAlias\",\n description=\"a sample description\",\n function_name=aws_lambda_function[\"lambda_function_test\"][\"arn\"],\n function_version=\"1\",\n routing_config={\n \"additionalVersionWeights\": {\n \"2\": 0.5,\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testLambdaAlias = new Aws.Lambda.Alias(\"testLambdaAlias\", new Aws.Lambda.AliasArgs\n {\n Description = \"a sample description\",\n FunctionName = aws_lambda_function.Lambda_function_test.Arn,\n FunctionVersion = \"1\",\n RoutingConfig = new Aws.Lambda.Inputs.AliasRoutingConfigArgs\n {\n AdditionalVersionWeights = \n {\n { \"2\", 0.5 },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewAlias(ctx, \"testLambdaAlias\", \u0026lambda.AliasArgs{\n\t\t\tDescription: pulumi.String(\"a sample description\"),\n\t\t\tFunctionName: pulumi.String(aws_lambda_function.Lambda_function_test.Arn),\n\t\t\tFunctionVersion: pulumi.String(\"1\"),\n\t\t\tRoutingConfig: \u0026lambda.AliasRoutingConfigArgs{\n\t\t\t\tAdditionalVersionWeights: pulumi.Map{\n\t\t\t\t\t\"2\": pulumi.Float64(0.5),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying your Lambda function alias.\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "functionName": { "type": "string", "description": "The function ARN of the Lambda function for which you want to create an alias.\n" }, "functionVersion": { "type": "string", "description": "Lambda function version for which you are creating the alias. Pattern: `(\\$LATEST|[0-9]+)`.\n" }, "invokeArn": { "type": "string", "description": "The ARN to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`\n" }, "name": { "type": "string", "description": "Name for the alias you are creating. Pattern: `(?!^[0-9]+$)([a-zA-Z0-9-_]+)`\n" }, "routingConfig": { "$ref": "#/types/aws:lambda/AliasRoutingConfig:AliasRoutingConfig", "description": "The Lambda alias' route configuration settings. Fields documented below\n" } }, "required": [ "arn", "functionName", "functionVersion", "invokeArn", "name" ], "inputProperties": { "description": { "type": "string", "description": "Description of the alias.\n" }, "functionName": { "type": "string", "description": "The function ARN of the Lambda function for which you want to create an alias.\n" }, "functionVersion": { "type": "string", "description": "Lambda function version for which you are creating the alias. Pattern: `(\\$LATEST|[0-9]+)`.\n" }, "name": { "type": "string", "description": "Name for the alias you are creating. Pattern: `(?!^[0-9]+$)([a-zA-Z0-9-_]+)`\n" }, "routingConfig": { "$ref": "#/types/aws:lambda/AliasRoutingConfig:AliasRoutingConfig", "description": "The Lambda alias' route configuration settings. Fields documented below\n" } }, "requiredInputs": [ "functionName", "functionVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering Alias resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying your Lambda function alias.\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "functionName": { "type": "string", "description": "The function ARN of the Lambda function for which you want to create an alias.\n" }, "functionVersion": { "type": "string", "description": "Lambda function version for which you are creating the alias. Pattern: `(\\$LATEST|[0-9]+)`.\n" }, "invokeArn": { "type": "string", "description": "The ARN to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`\n" }, "name": { "type": "string", "description": "Name for the alias you are creating. Pattern: `(?!^[0-9]+$)([a-zA-Z0-9-_]+)`\n" }, "routingConfig": { "$ref": "#/types/aws:lambda/AliasRoutingConfig:AliasRoutingConfig", "description": "The Lambda alias' route configuration settings. Fields documented below\n" } }, "type": "object" } }, "aws:lambda/eventSourceMapping:EventSourceMapping": { "description": "Provides a Lambda event source mapping. This allows Lambda functions to get events from Kinesis, DynamoDB and SQS.\n\nFor information about Lambda and how to use it, see [What is AWS Lambda?](http://docs.aws.amazon.com/lambda/latest/dg/welcome.html).\nFor information about event source mappings, see [CreateEventSourceMapping](http://docs.aws.amazon.com/lambda/latest/dg/API_CreateEventSourceMapping.html) in the API docs.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### DynamoDB\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: aws_dynamodb_table_example.streamArn,\n functionName: aws_lambda_function_example.arn,\n startingPosition: \"LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=aws_dynamodb_table[\"example\"][\"stream_arn\"],\n function_name=aws_lambda_function[\"example\"][\"arn\"],\n starting_position=\"LATEST\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new Aws.Lambda.EventSourceMappingArgs\n {\n EventSourceArn = aws_dynamodb_table.Example.Stream_arn,\n FunctionName = aws_lambda_function.Example.Arn,\n StartingPosition = \"LATEST\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.String(aws_dynamodb_table.Example.Stream_arn),\n\t\t\tFunctionName: pulumi.String(aws_lambda_function.Example.Arn),\n\t\t\tStartingPosition: pulumi.String(\"LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Kinesis\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: aws_kinesis_stream_example.arn,\n functionName: aws_lambda_function_example.arn,\n startingPosition: \"LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=aws_kinesis_stream[\"example\"][\"arn\"],\n function_name=aws_lambda_function[\"example\"][\"arn\"],\n starting_position=\"LATEST\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new Aws.Lambda.EventSourceMappingArgs\n {\n EventSourceArn = aws_kinesis_stream.Example.Arn,\n FunctionName = aws_lambda_function.Example.Arn,\n StartingPosition = \"LATEST\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.String(aws_kinesis_stream.Example.Arn),\n\t\t\tFunctionName: pulumi.String(aws_lambda_function.Example.Arn),\n\t\t\tStartingPosition: pulumi.String(\"LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### SQS\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: aws_sqs_queue_sqs_queue_test.arn,\n functionName: aws_lambda_function_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=aws_sqs_queue[\"sqs_queue_test\"][\"arn\"],\n function_name=aws_lambda_function[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new Aws.Lambda.EventSourceMappingArgs\n {\n EventSourceArn = aws_sqs_queue.Sqs_queue_test.Arn,\n FunctionName = aws_lambda_function.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.String(aws_sqs_queue.Sqs_queue_test.Arn),\n\t\t\tFunctionName: pulumi.String(aws_lambda_function.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "batchSize": { "type": "integer", "description": "The largest number of records that Lambda will retrieve from your event source at the time of invocation. Defaults to `100` for DynamoDB and Kinesis, `10` for SQS.\n" }, "bisectBatchOnFunctionError": { "type": "boolean" }, "destinationConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingDestinationConfig:EventSourceMappingDestinationConfig" }, "enabled": { "type": "boolean", "description": "Determines if the mapping will be enabled on creation. Defaults to `true`.\n" }, "eventSourceArn": { "type": "string", "description": "The event source ARN - can be a Kinesis stream, DynamoDB stream, or SQS queue.\n" }, "functionArn": { "type": "string", "description": "The the ARN of the Lambda function the event source mapping is sending events to. (Note: this is a computed value that differs from `function_name` above.)\n" }, "functionName": { "type": "string", "description": "The name or the ARN of the Lambda function that will be subscribing to events.\n" }, "lastModified": { "type": "string", "description": "The date this resource was last modified.\n" }, "lastProcessingResult": { "type": "string", "description": "The result of the last AWS Lambda invocation of your Lambda function.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum amount of time to gather records before invoking the function, in seconds. Records will continue to buffer until either `maximum_batching_window_in_seconds` expires or `batch_size` has been met. Defaults to as soon as records are available in the stream. If the batch it reads from the stream only has one record in it, Lambda only sends one record to the function.\n" }, "maximumRecordAgeInSeconds": { "type": "integer" }, "maximumRetryAttempts": { "type": "integer" }, "parallelizationFactor": { "type": "integer" }, "startingPosition": { "type": "string", "description": "The position in the stream where AWS Lambda should start reading. Must be one of `AT_TIMESTAMP` (Kinesis only), `LATEST` or `TRIM_HORIZON` if getting events from Kinesis or DynamoDB. Must not be provided if getting events from SQS. More information about these positions can be found in the [AWS DynamoDB Streams API Reference](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_GetShardIterator.html) and [AWS Kinesis API Reference](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetShardIterator.html#Kinesis-GetShardIterator-request-ShardIteratorType).\n" }, "startingPositionTimestamp": { "type": "string", "description": "A timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of the data record which to start reading when using `starting_position` set to `AT_TIMESTAMP`. If a record with this exact timestamp does not exist, the next later record is chosen. If the timestamp is older than the current trim horizon, the oldest available record is chosen.\n* `parallelization_factor`: - (Optional) The number of batches to process from each shard concurrently. Only available for stream sources (DynamoDB and Kinesis). Minimum and default of 1, maximum of 10.\n* `maximum_retry_attempts`: - (Optional) The maximum number of times to retry when the function returns an error. Only available for stream sources (DynamoDB and Kinesis). Minimum of 0, maximum and default of 10000.\n* `maximum_record_age_in_seconds`: - (Optional) The maximum age of a record that Lambda sends to a function for processing. Only available for stream sources (DynamoDB and Kinesis). Minimum of 60, maximum and default of 604800.\n* `bisect_batch_on_function_error`: - (Optional) If the function returns an error, split the batch in two and retry. Only available for stream sources (DynamoDB and Kinesis). Defaults to `false`.\n* `destination_config`: - (Optional) An Amazon SQS queue or Amazon SNS topic destination for failed records. Only available for stream sources (DynamoDB and Kinesis). Detailed below.\n" }, "state": { "type": "string", "description": "The state of the event source mapping.\n" }, "stateTransitionReason": { "type": "string", "description": "The reason the event source mapping is in its current state.\n" }, "uuid": { "type": "string", "description": "The UUID of the created event source mapping.\n" } }, "required": [ "eventSourceArn", "functionArn", "functionName", "lastModified", "lastProcessingResult", "maximumRecordAgeInSeconds", "maximumRetryAttempts", "parallelizationFactor", "state", "stateTransitionReason", "uuid" ], "inputProperties": { "batchSize": { "type": "integer", "description": "The largest number of records that Lambda will retrieve from your event source at the time of invocation. Defaults to `100` for DynamoDB and Kinesis, `10` for SQS.\n" }, "bisectBatchOnFunctionError": { "type": "boolean" }, "destinationConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingDestinationConfig:EventSourceMappingDestinationConfig" }, "enabled": { "type": "boolean", "description": "Determines if the mapping will be enabled on creation. Defaults to `true`.\n" }, "eventSourceArn": { "type": "string", "description": "The event source ARN - can be a Kinesis stream, DynamoDB stream, or SQS queue.\n" }, "functionName": { "type": "string", "description": "The name or the ARN of the Lambda function that will be subscribing to events.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum amount of time to gather records before invoking the function, in seconds. Records will continue to buffer until either `maximum_batching_window_in_seconds` expires or `batch_size` has been met. Defaults to as soon as records are available in the stream. If the batch it reads from the stream only has one record in it, Lambda only sends one record to the function.\n" }, "maximumRecordAgeInSeconds": { "type": "integer" }, "maximumRetryAttempts": { "type": "integer" }, "parallelizationFactor": { "type": "integer" }, "startingPosition": { "type": "string", "description": "The position in the stream where AWS Lambda should start reading. Must be one of `AT_TIMESTAMP` (Kinesis only), `LATEST` or `TRIM_HORIZON` if getting events from Kinesis or DynamoDB. Must not be provided if getting events from SQS. More information about these positions can be found in the [AWS DynamoDB Streams API Reference](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_GetShardIterator.html) and [AWS Kinesis API Reference](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetShardIterator.html#Kinesis-GetShardIterator-request-ShardIteratorType).\n" }, "startingPositionTimestamp": { "type": "string", "description": "A timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of the data record which to start reading when using `starting_position` set to `AT_TIMESTAMP`. If a record with this exact timestamp does not exist, the next later record is chosen. If the timestamp is older than the current trim horizon, the oldest available record is chosen.\n* `parallelization_factor`: - (Optional) The number of batches to process from each shard concurrently. Only available for stream sources (DynamoDB and Kinesis). Minimum and default of 1, maximum of 10.\n* `maximum_retry_attempts`: - (Optional) The maximum number of times to retry when the function returns an error. Only available for stream sources (DynamoDB and Kinesis). Minimum of 0, maximum and default of 10000.\n* `maximum_record_age_in_seconds`: - (Optional) The maximum age of a record that Lambda sends to a function for processing. Only available for stream sources (DynamoDB and Kinesis). Minimum of 60, maximum and default of 604800.\n* `bisect_batch_on_function_error`: - (Optional) If the function returns an error, split the batch in two and retry. Only available for stream sources (DynamoDB and Kinesis). Defaults to `false`.\n* `destination_config`: - (Optional) An Amazon SQS queue or Amazon SNS topic destination for failed records. Only available for stream sources (DynamoDB and Kinesis). Detailed below.\n" } }, "requiredInputs": [ "eventSourceArn", "functionName" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSourceMapping resources.\n", "properties": { "batchSize": { "type": "integer", "description": "The largest number of records that Lambda will retrieve from your event source at the time of invocation. Defaults to `100` for DynamoDB and Kinesis, `10` for SQS.\n" }, "bisectBatchOnFunctionError": { "type": "boolean" }, "destinationConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingDestinationConfig:EventSourceMappingDestinationConfig" }, "enabled": { "type": "boolean", "description": "Determines if the mapping will be enabled on creation. Defaults to `true`.\n" }, "eventSourceArn": { "type": "string", "description": "The event source ARN - can be a Kinesis stream, DynamoDB stream, or SQS queue.\n" }, "functionArn": { "type": "string", "description": "The the ARN of the Lambda function the event source mapping is sending events to. (Note: this is a computed value that differs from `function_name` above.)\n" }, "functionName": { "type": "string", "description": "The name or the ARN of the Lambda function that will be subscribing to events.\n" }, "lastModified": { "type": "string", "description": "The date this resource was last modified.\n" }, "lastProcessingResult": { "type": "string", "description": "The result of the last AWS Lambda invocation of your Lambda function.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum amount of time to gather records before invoking the function, in seconds. Records will continue to buffer until either `maximum_batching_window_in_seconds` expires or `batch_size` has been met. Defaults to as soon as records are available in the stream. If the batch it reads from the stream only has one record in it, Lambda only sends one record to the function.\n" }, "maximumRecordAgeInSeconds": { "type": "integer" }, "maximumRetryAttempts": { "type": "integer" }, "parallelizationFactor": { "type": "integer" }, "startingPosition": { "type": "string", "description": "The position in the stream where AWS Lambda should start reading. Must be one of `AT_TIMESTAMP` (Kinesis only), `LATEST` or `TRIM_HORIZON` if getting events from Kinesis or DynamoDB. Must not be provided if getting events from SQS. More information about these positions can be found in the [AWS DynamoDB Streams API Reference](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_GetShardIterator.html) and [AWS Kinesis API Reference](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetShardIterator.html#Kinesis-GetShardIterator-request-ShardIteratorType).\n" }, "startingPositionTimestamp": { "type": "string", "description": "A timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of the data record which to start reading when using `starting_position` set to `AT_TIMESTAMP`. If a record with this exact timestamp does not exist, the next later record is chosen. If the timestamp is older than the current trim horizon, the oldest available record is chosen.\n* `parallelization_factor`: - (Optional) The number of batches to process from each shard concurrently. Only available for stream sources (DynamoDB and Kinesis). Minimum and default of 1, maximum of 10.\n* `maximum_retry_attempts`: - (Optional) The maximum number of times to retry when the function returns an error. Only available for stream sources (DynamoDB and Kinesis). Minimum of 0, maximum and default of 10000.\n* `maximum_record_age_in_seconds`: - (Optional) The maximum age of a record that Lambda sends to a function for processing. Only available for stream sources (DynamoDB and Kinesis). Minimum of 60, maximum and default of 604800.\n* `bisect_batch_on_function_error`: - (Optional) If the function returns an error, split the batch in two and retry. Only available for stream sources (DynamoDB and Kinesis). Defaults to `false`.\n* `destination_config`: - (Optional) An Amazon SQS queue or Amazon SNS topic destination for failed records. Only available for stream sources (DynamoDB and Kinesis). Detailed below.\n" }, "state": { "type": "string", "description": "The state of the event source mapping.\n" }, "stateTransitionReason": { "type": "string", "description": "The reason the event source mapping is in its current state.\n" }, "uuid": { "type": "string", "description": "The UUID of the created event source mapping.\n" } }, "type": "object" } }, "aws:lambda/function:Function": { "description": "Provides a Lambda Function resource. Lambda allows you to trigger execution of code in response to events in AWS, enabling serverless backend solutions. The Lambda Function itself includes source code and runtime configuration.\n\nFor information about Lambda and how to use it, see [What is AWS Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html)\n\n\u003e **NOTE:** Due to [AWS Lambda improved VPC networking changes that began deploying in September 2019](https://aws.amazon.com/blogs/compute/announcing-improved-vpc-networking-for-aws-lambda-functions/), EC2 subnets and security groups associated with Lambda Functions can take up to 45 minutes to successfully delete.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Lambda Layers\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLayerVersion = new aws.lambda.LayerVersion(\"example\", {});\nconst exampleFunction = new aws.lambda.Function(\"example\", {\n // ... other configuration ...\n layers: [exampleLayerVersion.arn],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_layer_version = aws.lambda_.LayerVersion(\"exampleLayerVersion\")\nexample_function = aws.lambda_.Function(\"exampleFunction\", layers=[example_layer_version.arn])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleLayerVersion = new Aws.Lambda.LayerVersion(\"exampleLayerVersion\", new Aws.Lambda.LayerVersionArgs\n {\n });\n var exampleFunction = new Aws.Lambda.Function(\"exampleFunction\", new Aws.Lambda.FunctionArgs\n {\n Layers = \n {\n exampleLayerVersion.Arn,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLayerVersion, err := lambda.NewLayerVersion(ctx, \"exampleLayerVersion\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"exampleFunction\", \u0026lambda.FunctionArgs{\n\t\t\tLayers: pulumi.StringArray{\n\t\t\t\texampleLayerVersion.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### CloudWatch Logging and Permissions\n\nFor more information about CloudWatch Logs for Lambda, see the [Lambda User Guide](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-functions-logs.html).\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n// If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\nconst example = new aws.cloudwatch.LogGroup(\"example\", {\n retentionInDays: 14,\n});\n// See also the following AWS managed policy: AWSLambdaBasicExecutionRole\nconst lambdaLogging = new aws.iam.Policy(\"lambda_logging\", {\n description: \"IAM policy for logging from a lambda\",\n path: \"/\",\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\"\n ],\n \"Resource\": \"arn:aws:logs:*:*:*\",\n \"Effect\": \"Allow\"\n }\n ]\n}\n`,\n});\nconst lambdaLogs = new aws.iam.RolePolicyAttachment(\"lambda_logs\", {\n policyArn: lambdaLogging.arn,\n role: aws_iam_role_iam_for_lambda.name,\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {}, { dependsOn: [example, lambdaLogs] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_lambda = aws.lambda_.Function(\"testLambda\")\n# This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n# If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\nexample = aws.cloudwatch.LogGroup(\"example\", retention_in_days=14)\n# See also the following AWS managed policy: AWSLambdaBasicExecutionRole\nlambda_logging = aws.iam.Policy(\"lambdaLogging\",\n description=\"IAM policy for logging from a lambda\",\n path=\"/\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\"\n ],\n \"Resource\": \"arn:aws:logs:*:*:*\",\n \"Effect\": \"Allow\"\n }\n ]\n}\n\n\"\"\")\nlambda_logs = aws.iam.RolePolicyAttachment(\"lambdaLogs\",\n policy_arn=lambda_logging.arn,\n role=aws_iam_role[\"iam_for_lambda\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testLambda = new Aws.Lambda.Function(\"testLambda\", new Aws.Lambda.FunctionArgs\n {\n });\n // This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n // If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n var example = new Aws.CloudWatch.LogGroup(\"example\", new Aws.CloudWatch.LogGroupArgs\n {\n RetentionInDays = 14,\n });\n // See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n var lambdaLogging = new Aws.Iam.Policy(\"lambdaLogging\", new Aws.Iam.PolicyArgs\n {\n Description = \"IAM policy for logging from a lambda\",\n Path = \"/\",\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": [\n \"\"logs:CreateLogGroup\"\",\n \"\"logs:CreateLogStream\"\",\n \"\"logs:PutLogEvents\"\"\n ],\n \"\"Resource\"\": \"\"arn:aws:logs:*:*:*\"\",\n \"\"Effect\"\": \"\"Allow\"\"\n }\n ]\n}\n\n\",\n });\n var lambdaLogs = new Aws.Iam.RolePolicyAttachment(\"lambdaLogs\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = lambdaLogging.Arn,\n Role = aws_iam_role.Iam_for_lambda.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewFunction(ctx, \"testLambda\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tRetentionInDays: pulumi.Int(14),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaLogging, err := iam.NewPolicy(ctx, \"lambdaLogging\", \u0026iam.PolicyArgs{\n\t\t\tDescription: pulumi.String(\"IAM policy for logging from a lambda\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"logs:CreateLogGroup\\\",\\n\", \" \\\"logs:CreateLogStream\\\",\\n\", \" \\\"logs:PutLogEvents\\\"\\n\", \" ],\\n\", \" \\\"Resource\\\": \\\"arn:aws:logs:*:*:*\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"lambdaLogs\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: lambdaLogging.Arn,\n\t\t\tRole: pulumi.String(aws_iam_role.Iam_for_lambda.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Specifying the Deployment Package\n\nAWS Lambda expects source code to be provided as a deployment package whose structure varies depending on which `runtime` is in use.\nSee [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for the valid values of `runtime`. The expected structure of the deployment package can be found in\n[the AWS Lambda documentation for each runtime](https://docs.aws.amazon.com/lambda/latest/dg/deployment-package-v2.html).\n\nOnce you have created your deployment package you can specify it either directly as a local file (using the `filename` argument) or\nindirectly via Amazon S3 (using the `s3_bucket`, `s3_key` and `s3_object_version` arguments). When providing the deployment\npackage via S3 it may be useful to use the `aws.s3.BucketObject` resource to upload it.\n\nFor larger deployment packages it is recommended by Amazon to upload via S3, since the S3 API has better support for uploading\nlarge files efficiently.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.\n" }, "code": { "$ref": "pulumi.json#/Archive", "description": "The path to the function's deployment package within the local filesystem. If defined, The `s3_`-prefixed options cannot be used.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:lambda/FunctionDeadLetterConfig:FunctionDeadLetterConfig", "description": "Nested block to configure the function's *dead letter queue*. See details below.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Function does.\n" }, "environment": { "$ref": "#/types/aws:lambda/FunctionEnvironment:FunctionEnvironment", "description": "The Lambda environment's configuration settings. Fields documented below.\n" }, "fileSystemConfig": { "$ref": "#/types/aws:lambda/FunctionFileSystemConfig:FunctionFileSystemConfig", "description": "The connection settings for an EFS file system. Fields documented below. Before creating or updating Lambda functions with `file_system_config`, EFS mount targets much be in available lifecycle state. Use `depends_on` to explicitly declare this dependency. See [Using Amazon EFS with Lambda](https://docs.aws.amazon.com/lambda/latest/dg/services-efs.html).\n" }, "handler": { "type": "string", "description": "The function [entrypoint](https://docs.aws.amazon.com/lambda/latest/dg/walkthrough-custom-events-create-test-function.html) in your code.\n" }, "invokeArn": { "type": "string", "description": "The ARN to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and this provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.\n" }, "lastModified": { "type": "string", "description": "The date this resource was last modified.\n" }, "layers": { "type": "array", "items": { "type": "string" }, "description": "List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See [Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)\n" }, "memorySize": { "type": "integer", "description": "Amount of memory in MB your Lambda Function can use at runtime. Defaults to `128`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" }, "name": { "type": "string", "description": "A unique name for your Lambda Function.\n" }, "publish": { "type": "boolean", "description": "Whether to publish creation/change as new Lambda Function Version. Defaults to `false`.\n" }, "qualifiedArn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying your Lambda Function Version\n(if versioning is enabled via `publish = true`).\n" }, "reservedConcurrentExecutions": { "type": "integer", "description": "The amount of reserved concurrent executions for this lambda function. A value of `0` disables lambda from being triggered and `-1` removes any concurrency limitations. Defaults to Unreserved Concurrency Limits `-1`. See [Managing Concurrency](https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html)\n" }, "role": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "IAM role attached to the Lambda Function. This governs both who / what can invoke your Lambda Function, as well as what resources our Lambda Function has access to. See [Lambda Permission Model](https://docs.aws.amazon.com/lambda/latest/dg/intro-permission-model.html) for more details.\n" }, "runtime": { "type": "string", "description": "See [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for valid values.\n" }, "s3Bucket": { "type": "string", "description": "The S3 bucket location containing the function's deployment package. Conflicts with `filename`. This bucket must reside in the same AWS region where you are creating the Lambda function.\n" }, "s3Key": { "type": "string", "description": "The S3 key of an object containing the function's deployment package. Conflicts with `filename`.\n" }, "s3ObjectVersion": { "type": "string", "description": "The object version containing the function's deployment package. Conflicts with `filename`.\n" }, "sourceCodeHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either `filename` or `s3_key`. The usual way to set this is `filebase64sha256(\"file.zip\")` (this provider 0.11.12 and later) or `base64sha256(file(\"file.zip\"))` (this provider 0.11.11 and earlier), where \"file.zip\" is the local filename of the lambda function source archive.\n" }, "sourceCodeSize": { "type": "integer", "description": "The size in bytes of the function .zip file.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the object.\n" }, "timeout": { "type": "integer", "description": "The amount of time your Lambda Function has to run in seconds. Defaults to `3`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" }, "tracingConfig": { "$ref": "#/types/aws:lambda/FunctionTracingConfig:FunctionTracingConfig" }, "version": { "type": "string", "description": "Latest published version of your Lambda Function.\n" }, "vpcConfig": { "$ref": "#/types/aws:lambda/FunctionVpcConfig:FunctionVpcConfig", "description": "Provide this to allow your function to access your VPC. Fields documented below. See [Lambda in VPC](http://docs.aws.amazon.com/lambda/latest/dg/vpc.html)\n" } }, "required": [ "arn", "name", "handler", "invokeArn", "lastModified", "qualifiedArn", "role", "runtime", "sourceCodeHash", "sourceCodeSize", "tracingConfig", "version" ], "inputProperties": { "code": { "$ref": "pulumi.json#/Archive", "description": "The path to the function's deployment package within the local filesystem. If defined, The `s3_`-prefixed options cannot be used.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:lambda/FunctionDeadLetterConfig:FunctionDeadLetterConfig", "description": "Nested block to configure the function's *dead letter queue*. See details below.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Function does.\n" }, "environment": { "$ref": "#/types/aws:lambda/FunctionEnvironment:FunctionEnvironment", "description": "The Lambda environment's configuration settings. Fields documented below.\n" }, "fileSystemConfig": { "$ref": "#/types/aws:lambda/FunctionFileSystemConfig:FunctionFileSystemConfig", "description": "The connection settings for an EFS file system. Fields documented below. Before creating or updating Lambda functions with `file_system_config`, EFS mount targets much be in available lifecycle state. Use `depends_on` to explicitly declare this dependency. See [Using Amazon EFS with Lambda](https://docs.aws.amazon.com/lambda/latest/dg/services-efs.html).\n" }, "handler": { "type": "string", "description": "The function [entrypoint](https://docs.aws.amazon.com/lambda/latest/dg/walkthrough-custom-events-create-test-function.html) in your code.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and this provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.\n" }, "layers": { "type": "array", "items": { "type": "string" }, "description": "List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See [Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)\n" }, "memorySize": { "type": "integer", "description": "Amount of memory in MB your Lambda Function can use at runtime. Defaults to `128`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" }, "name": { "type": "string", "description": "A unique name for your Lambda Function.\n" }, "publish": { "type": "boolean", "description": "Whether to publish creation/change as new Lambda Function Version. Defaults to `false`.\n" }, "reservedConcurrentExecutions": { "type": "integer", "description": "The amount of reserved concurrent executions for this lambda function. A value of `0` disables lambda from being triggered and `-1` removes any concurrency limitations. Defaults to Unreserved Concurrency Limits `-1`. See [Managing Concurrency](https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html)\n" }, "role": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "IAM role attached to the Lambda Function. This governs both who / what can invoke your Lambda Function, as well as what resources our Lambda Function has access to. See [Lambda Permission Model](https://docs.aws.amazon.com/lambda/latest/dg/intro-permission-model.html) for more details.\n" }, "runtime": { "type": "string", "description": "See [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for valid values.\n" }, "s3Bucket": { "type": "string", "description": "The S3 bucket location containing the function's deployment package. Conflicts with `filename`. This bucket must reside in the same AWS region where you are creating the Lambda function.\n" }, "s3Key": { "type": "string", "description": "The S3 key of an object containing the function's deployment package. Conflicts with `filename`.\n" }, "s3ObjectVersion": { "type": "string", "description": "The object version containing the function's deployment package. Conflicts with `filename`.\n" }, "sourceCodeHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either `filename` or `s3_key`. The usual way to set this is `filebase64sha256(\"file.zip\")` (this provider 0.11.12 and later) or `base64sha256(file(\"file.zip\"))` (this provider 0.11.11 and earlier), where \"file.zip\" is the local filename of the lambda function source archive.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the object.\n" }, "timeout": { "type": "integer", "description": "The amount of time your Lambda Function has to run in seconds. Defaults to `3`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" }, "tracingConfig": { "$ref": "#/types/aws:lambda/FunctionTracingConfig:FunctionTracingConfig" }, "vpcConfig": { "$ref": "#/types/aws:lambda/FunctionVpcConfig:FunctionVpcConfig", "description": "Provide this to allow your function to access your VPC. Fields documented below. See [Lambda in VPC](http://docs.aws.amazon.com/lambda/latest/dg/vpc.html)\n" } }, "requiredInputs": [ "handler", "role", "runtime" ], "stateInputs": { "description": "Input properties used for looking up and filtering Function resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.\n" }, "code": { "$ref": "pulumi.json#/Archive", "description": "The path to the function's deployment package within the local filesystem. If defined, The `s3_`-prefixed options cannot be used.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:lambda/FunctionDeadLetterConfig:FunctionDeadLetterConfig", "description": "Nested block to configure the function's *dead letter queue*. See details below.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Function does.\n" }, "environment": { "$ref": "#/types/aws:lambda/FunctionEnvironment:FunctionEnvironment", "description": "The Lambda environment's configuration settings. Fields documented below.\n" }, "fileSystemConfig": { "$ref": "#/types/aws:lambda/FunctionFileSystemConfig:FunctionFileSystemConfig", "description": "The connection settings for an EFS file system. Fields documented below. Before creating or updating Lambda functions with `file_system_config`, EFS mount targets much be in available lifecycle state. Use `depends_on` to explicitly declare this dependency. See [Using Amazon EFS with Lambda](https://docs.aws.amazon.com/lambda/latest/dg/services-efs.html).\n" }, "handler": { "type": "string", "description": "The function [entrypoint](https://docs.aws.amazon.com/lambda/latest/dg/walkthrough-custom-events-create-test-function.html) in your code.\n" }, "invokeArn": { "type": "string", "description": "The ARN to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and this provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.\n" }, "lastModified": { "type": "string", "description": "The date this resource was last modified.\n" }, "layers": { "type": "array", "items": { "type": "string" }, "description": "List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See [Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)\n" }, "memorySize": { "type": "integer", "description": "Amount of memory in MB your Lambda Function can use at runtime. Defaults to `128`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" }, "name": { "type": "string", "description": "A unique name for your Lambda Function.\n" }, "publish": { "type": "boolean", "description": "Whether to publish creation/change as new Lambda Function Version. Defaults to `false`.\n" }, "qualifiedArn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying your Lambda Function Version\n(if versioning is enabled via `publish = true`).\n" }, "reservedConcurrentExecutions": { "type": "integer", "description": "The amount of reserved concurrent executions for this lambda function. A value of `0` disables lambda from being triggered and `-1` removes any concurrency limitations. Defaults to Unreserved Concurrency Limits `-1`. See [Managing Concurrency](https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html)\n" }, "role": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "IAM role attached to the Lambda Function. This governs both who / what can invoke your Lambda Function, as well as what resources our Lambda Function has access to. See [Lambda Permission Model](https://docs.aws.amazon.com/lambda/latest/dg/intro-permission-model.html) for more details.\n" }, "runtime": { "type": "string", "description": "See [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for valid values.\n" }, "s3Bucket": { "type": "string", "description": "The S3 bucket location containing the function's deployment package. Conflicts with `filename`. This bucket must reside in the same AWS region where you are creating the Lambda function.\n" }, "s3Key": { "type": "string", "description": "The S3 key of an object containing the function's deployment package. Conflicts with `filename`.\n" }, "s3ObjectVersion": { "type": "string", "description": "The object version containing the function's deployment package. Conflicts with `filename`.\n" }, "sourceCodeHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either `filename` or `s3_key`. The usual way to set this is `filebase64sha256(\"file.zip\")` (this provider 0.11.12 and later) or `base64sha256(file(\"file.zip\"))` (this provider 0.11.11 and earlier), where \"file.zip\" is the local filename of the lambda function source archive.\n" }, "sourceCodeSize": { "type": "integer", "description": "The size in bytes of the function .zip file.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the object.\n" }, "timeout": { "type": "integer", "description": "The amount of time your Lambda Function has to run in seconds. Defaults to `3`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" }, "tracingConfig": { "$ref": "#/types/aws:lambda/FunctionTracingConfig:FunctionTracingConfig" }, "version": { "type": "string", "description": "Latest published version of your Lambda Function.\n" }, "vpcConfig": { "$ref": "#/types/aws:lambda/FunctionVpcConfig:FunctionVpcConfig", "description": "Provide this to allow your function to access your VPC. Fields documented below. See [Lambda in VPC](http://docs.aws.amazon.com/lambda/latest/dg/vpc.html)\n" } }, "type": "object" } }, "aws:lambda/functionEventInvokeConfig:FunctionEventInvokeConfig": { "description": "Manages an asynchronous invocation configuration for a Lambda Function or Alias. More information about asynchronous invocations and the configurable values can be found in the [Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Error Handling Configuration\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.FunctionEventInvokeConfig(\"example\", {\n functionName: aws_lambda_alias.example.function_name,\n maximumEventAgeInSeconds: 60,\n maximumRetryAttempts: 0,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.FunctionEventInvokeConfig(\"example\",\n function_name=aws_lambda_alias[\"example\"][\"function_name\"],\n maximum_event_age_in_seconds=60,\n maximum_retry_attempts=0)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Lambda.FunctionEventInvokeConfig(\"example\", new Aws.Lambda.FunctionEventInvokeConfigArgs\n {\n FunctionName = aws_lambda_alias.Example.Function_name,\n MaximumEventAgeInSeconds = 60,\n MaximumRetryAttempts = 0,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewFunctionEventInvokeConfig(ctx, \"example\", \u0026lambda.FunctionEventInvokeConfigArgs{\n\t\t\tFunctionName: pulumi.String(aws_lambda_alias.Example.Function_name),\n\t\t\tMaximumEventAgeInSeconds: pulumi.Int(60),\n\t\t\tMaximumRetryAttempts: pulumi.Int(0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Configuration for Alias Name\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.FunctionEventInvokeConfig(\"example\", {\n functionName: aws_lambda_alias.example.function_name,\n qualifier: aws_lambda_alias.example.name,\n});\n// ... other configuration ...\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.FunctionEventInvokeConfig(\"example\",\n function_name=aws_lambda_alias[\"example\"][\"function_name\"],\n qualifier=aws_lambda_alias[\"example\"][\"name\"])\n# ... other configuration ...\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Lambda.FunctionEventInvokeConfig(\"example\", new Aws.Lambda.FunctionEventInvokeConfigArgs\n {\n FunctionName = aws_lambda_alias.Example.Function_name,\n Qualifier = aws_lambda_alias.Example.Name,\n });\n // ... other configuration ...\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewFunctionEventInvokeConfig(ctx, \"example\", \u0026lambda.FunctionEventInvokeConfigArgs{\n\t\t\tFunctionName: pulumi.String(aws_lambda_alias.Example.Function_name),\n\t\t\tQualifier: pulumi.String(aws_lambda_alias.Example.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Configuration for Function Latest Unpublished Version\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.FunctionEventInvokeConfig(\"example\", {\n functionName: aws_lambda_function.example.function_name,\n qualifier: `$LATEST`,\n});\n// ... other configuration ...\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.FunctionEventInvokeConfig(\"example\",\n function_name=aws_lambda_function[\"example\"][\"function_name\"],\n qualifier=\"$LATEST\")\n# ... other configuration ...\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Lambda.FunctionEventInvokeConfig(\"example\", new Aws.Lambda.FunctionEventInvokeConfigArgs\n {\n FunctionName = aws_lambda_function.Example.Function_name,\n Qualifier = \"$LATEST\",\n });\n // ... other configuration ...\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewFunctionEventInvokeConfig(ctx, \"example\", \u0026lambda.FunctionEventInvokeConfigArgs{\n\t\t\tFunctionName: pulumi.String(aws_lambda_function.Example.Function_name),\n\t\t\tQualifier: pulumi.String(fmt.Sprintf(\"%v%v\", \"$\", \"LATEST\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Configuration for Function Published Version\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.FunctionEventInvokeConfig(\"example\", {\n functionName: aws_lambda_function.example.function_name,\n qualifier: aws_lambda_function.example.version,\n});\n// ... other configuration ...\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.FunctionEventInvokeConfig(\"example\",\n function_name=aws_lambda_function[\"example\"][\"function_name\"],\n qualifier=aws_lambda_function[\"example\"][\"version\"])\n# ... other configuration ...\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Lambda.FunctionEventInvokeConfig(\"example\", new Aws.Lambda.FunctionEventInvokeConfigArgs\n {\n FunctionName = aws_lambda_function.Example.Function_name,\n Qualifier = aws_lambda_function.Example.Version,\n });\n // ... other configuration ...\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewFunctionEventInvokeConfig(ctx, \"example\", \u0026lambda.FunctionEventInvokeConfigArgs{\n\t\t\tFunctionName: pulumi.String(aws_lambda_function.Example.Function_name),\n\t\t\tQualifier: pulumi.String(aws_lambda_function.Example.Version),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "destinationConfig": { "$ref": "#/types/aws:lambda/FunctionEventInvokeConfigDestinationConfig:FunctionEventInvokeConfigDestinationConfig", "description": "Configuration block with destination configuration. See below for details.\n" }, "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function, omitting any version or alias qualifier.\n" }, "maximumEventAgeInSeconds": { "type": "integer", "description": "Maximum age of a request that Lambda sends to a function for processing in seconds. Valid values between 60 and 21600.\n" }, "maximumRetryAttempts": { "type": "integer", "description": "Maximum number of times to retry when the function returns an error. Valid values between 0 and 2. Defaults to 2.\n" }, "qualifier": { "type": "string", "description": "Lambda Function published version, `$LATEST`, or Lambda Alias name.\n" } }, "required": [ "functionName" ], "inputProperties": { "destinationConfig": { "$ref": "#/types/aws:lambda/FunctionEventInvokeConfigDestinationConfig:FunctionEventInvokeConfigDestinationConfig", "description": "Configuration block with destination configuration. See below for details.\n" }, "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function, omitting any version or alias qualifier.\n" }, "maximumEventAgeInSeconds": { "type": "integer", "description": "Maximum age of a request that Lambda sends to a function for processing in seconds. Valid values between 60 and 21600.\n" }, "maximumRetryAttempts": { "type": "integer", "description": "Maximum number of times to retry when the function returns an error. Valid values between 0 and 2. Defaults to 2.\n" }, "qualifier": { "type": "string", "description": "Lambda Function published version, `$LATEST`, or Lambda Alias name.\n" } }, "requiredInputs": [ "functionName" ], "stateInputs": { "description": "Input properties used for looking up and filtering FunctionEventInvokeConfig resources.\n", "properties": { "destinationConfig": { "$ref": "#/types/aws:lambda/FunctionEventInvokeConfigDestinationConfig:FunctionEventInvokeConfigDestinationConfig", "description": "Configuration block with destination configuration. See below for details.\n" }, "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function, omitting any version or alias qualifier.\n" }, "maximumEventAgeInSeconds": { "type": "integer", "description": "Maximum age of a request that Lambda sends to a function for processing in seconds. Valid values between 60 and 21600.\n" }, "maximumRetryAttempts": { "type": "integer", "description": "Maximum number of times to retry when the function returns an error. Valid values between 0 and 2. Defaults to 2.\n" }, "qualifier": { "type": "string", "description": "Lambda Function published version, `$LATEST`, or Lambda Alias name.\n" } }, "type": "object" } }, "aws:lambda/layerVersion:LayerVersion": { "description": "Provides a Lambda Layer Version resource. Lambda Layers allow you to reuse shared bits of code across multiple lambda functions.\n\nFor information about Lambda Layers and how to use them, see [AWS Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)\n\n## Specifying the Deployment Package\n\nAWS Lambda Layers expect source code to be provided as a deployment package whose structure varies depending on which `compatible_runtimes` this layer specifies.\nSee [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleRuntimes) for the valid values of `compatible_runtimes`.\n\nOnce you have created your deployment package you can specify it either directly as a local file (using the `filename` argument) or\nindirectly via Amazon S3 (using the `s3_bucket`, `s3_key` and `s3_object_version` arguments). When providing the deployment\npackage via S3 it may be useful to use the `aws.s3.BucketObject` resource to upload it.\n\nFor larger deployment packages it is recommended by Amazon to upload via S3, since the S3 API has better support for uploading\nlarge files efficiently.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lambda Layer with version.\n" }, "code": { "$ref": "pulumi.json#/Archive", "description": "The path to the function's deployment package within the local filesystem. If defined, The `s3_`-prefixed options cannot be used.\n" }, "compatibleRuntimes": { "type": "array", "items": { "type": "string" }, "description": "A list of [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleRuntimes) this layer is compatible with. Up to 5 runtimes can be specified.\n" }, "createdDate": { "type": "string", "description": "The date this resource was created.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Layer does.\n" }, "layerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lambda Layer without version.\n" }, "layerName": { "type": "string", "description": "A unique name for your Lambda Layer\n" }, "licenseInfo": { "type": "string", "description": "License info for your Lambda Layer. See [License Info](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-LicenseInfo).\n" }, "s3Bucket": { "type": "string", "description": "The S3 bucket location containing the function's deployment package. Conflicts with `filename`. This bucket must reside in the same AWS region where you are creating the Lambda function.\n" }, "s3Key": { "type": "string", "description": "The S3 key of an object containing the function's deployment package. Conflicts with `filename`.\n" }, "s3ObjectVersion": { "type": "string", "description": "The object version containing the function's deployment package. Conflicts with `filename`.\n" }, "sourceCodeHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either `filename` or `s3_key`. The usual way to set this is `${filebase64sha256(\"file.zip\")}` (this provider 0.11.12 or later) or `${base64sha256(file(\"file.zip\"))}` (this provider 0.11.11 and earlier), where \"file.zip\" is the local filename of the lambda layer source archive.\n" }, "sourceCodeSize": { "type": "integer", "description": "The size in bytes of the function .zip file.\n" }, "version": { "type": "string", "description": "This Lamba Layer version.\n" } }, "required": [ "arn", "createdDate", "layerArn", "layerName", "sourceCodeHash", "sourceCodeSize", "version" ], "inputProperties": { "code": { "$ref": "pulumi.json#/Archive", "description": "The path to the function's deployment package within the local filesystem. If defined, The `s3_`-prefixed options cannot be used.\n" }, "compatibleRuntimes": { "type": "array", "items": { "type": "string" }, "description": "A list of [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleRuntimes) this layer is compatible with. Up to 5 runtimes can be specified.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Layer does.\n" }, "layerName": { "type": "string", "description": "A unique name for your Lambda Layer\n" }, "licenseInfo": { "type": "string", "description": "License info for your Lambda Layer. See [License Info](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-LicenseInfo).\n" }, "s3Bucket": { "type": "string", "description": "The S3 bucket location containing the function's deployment package. Conflicts with `filename`. This bucket must reside in the same AWS region where you are creating the Lambda function.\n" }, "s3Key": { "type": "string", "description": "The S3 key of an object containing the function's deployment package. Conflicts with `filename`.\n" }, "s3ObjectVersion": { "type": "string", "description": "The object version containing the function's deployment package. Conflicts with `filename`.\n" }, "sourceCodeHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either `filename` or `s3_key`. The usual way to set this is `${filebase64sha256(\"file.zip\")}` (this provider 0.11.12 or later) or `${base64sha256(file(\"file.zip\"))}` (this provider 0.11.11 and earlier), where \"file.zip\" is the local filename of the lambda layer source archive.\n" } }, "requiredInputs": [ "layerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LayerVersion resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lambda Layer with version.\n" }, "code": { "$ref": "pulumi.json#/Archive", "description": "The path to the function's deployment package within the local filesystem. If defined, The `s3_`-prefixed options cannot be used.\n" }, "compatibleRuntimes": { "type": "array", "items": { "type": "string" }, "description": "A list of [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleRuntimes) this layer is compatible with. Up to 5 runtimes can be specified.\n" }, "createdDate": { "type": "string", "description": "The date this resource was created.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Layer does.\n" }, "layerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lambda Layer without version.\n" }, "layerName": { "type": "string", "description": "A unique name for your Lambda Layer\n" }, "licenseInfo": { "type": "string", "description": "License info for your Lambda Layer. See [License Info](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-LicenseInfo).\n" }, "s3Bucket": { "type": "string", "description": "The S3 bucket location containing the function's deployment package. Conflicts with `filename`. This bucket must reside in the same AWS region where you are creating the Lambda function.\n" }, "s3Key": { "type": "string", "description": "The S3 key of an object containing the function's deployment package. Conflicts with `filename`.\n" }, "s3ObjectVersion": { "type": "string", "description": "The object version containing the function's deployment package. Conflicts with `filename`.\n" }, "sourceCodeHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either `filename` or `s3_key`. The usual way to set this is `${filebase64sha256(\"file.zip\")}` (this provider 0.11.12 or later) or `${base64sha256(file(\"file.zip\"))}` (this provider 0.11.11 and earlier), where \"file.zip\" is the local filename of the lambda layer source archive.\n" }, "sourceCodeSize": { "type": "integer", "description": "The size in bytes of the function .zip file.\n" }, "version": { "type": "string", "description": "This Lamba Layer version.\n" } }, "type": "object" } }, "aws:lambda/permission:Permission": { "description": "Gives an external source (like a CloudWatch Event Rule, SNS, or S3) permission to access the Lambda function.\n\n## Usage with SNS\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultTopic = new aws.sns.Topic(\"default\", {});\nconst defaultRole = new aws.iam.Role(\"default\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst func = new aws.lambda.Function(\"func\", {\n code: new pulumi.asset.FileArchive(\"lambdatest.zip\"),\n handler: \"exports.handler\",\n role: defaultRole.arn,\n runtime: \"python2.7\",\n});\nconst withSns = new aws.lambda.Permission(\"with_sns\", {\n action: \"lambda:InvokeFunction\",\n function: func.functionName,\n principal: \"sns.amazonaws.com\",\n sourceArn: defaultTopic.arn,\n});\nconst lambda = new aws.sns.TopicSubscription(\"lambda\", {\n endpoint: func.arn,\n protocol: \"lambda\",\n topic: defaultTopic.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_topic = aws.sns.Topic(\"defaultTopic\")\ndefault_role = aws.iam.Role(\"defaultRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\nfunc = aws.lambda_.Function(\"func\",\n code=pulumi.FileArchive(\"lambdatest.zip\"),\n handler=\"exports.handler\",\n role=default_role.arn,\n runtime=\"python2.7\")\nwith_sns = aws.lambda_.Permission(\"withSns\",\n action=\"lambda:InvokeFunction\",\n function=func.name,\n principal=\"sns.amazonaws.com\",\n source_arn=default_topic.arn)\nlambda_ = aws.sns.TopicSubscription(\"lambda\",\n endpoint=func.arn,\n protocol=\"lambda\",\n topic=default_topic.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var defaultTopic = new Aws.Sns.Topic(\"defaultTopic\", new Aws.Sns.TopicArgs\n {\n });\n var defaultRole = new Aws.Iam.Role(\"defaultRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"lambda.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var func = new Aws.Lambda.Function(\"func\", new Aws.Lambda.FunctionArgs\n {\n Code = new FileArchive(\"lambdatest.zip\"),\n Handler = \"exports.handler\",\n Role = defaultRole.Arn,\n Runtime = \"python2.7\",\n });\n var withSns = new Aws.Lambda.Permission(\"withSns\", new Aws.Lambda.PermissionArgs\n {\n Action = \"lambda:InvokeFunction\",\n Function = func.Name,\n Principal = \"sns.amazonaws.com\",\n SourceArn = defaultTopic.Arn,\n });\n var lambda = new Aws.Sns.TopicSubscription(\"lambda\", new Aws.Sns.TopicSubscriptionArgs\n {\n Endpoint = func.Arn,\n Protocol = \"lambda\",\n Topic = defaultTopic.Arn,\n });\n }\n\n}\n```\n\n## Specify Lambda permissions for API Gateway REST API\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n description: \"This is my API for demonstration purposes\",\n});\nconst lambdaPermission = new aws.lambda.Permission(\"lambda_permission\", {\n action: \"lambda:InvokeFunction\",\n function: \"MyDemoFunction\",\n principal: \"apigateway.amazonaws.com\",\n sourceArn: pulumi.interpolate`${myDemoAPI.executionArn}/*/*/*`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"myDemoAPI\", description=\"This is my API for demonstration purposes\")\nlambda_permission = aws.lambda_.Permission(\"lambdaPermission\",\n action=\"lambda:InvokeFunction\",\n function=\"MyDemoFunction\",\n principal=\"apigateway.amazonaws.com\",\n source_arn=my_demo_api.execution_arn.apply(lambda execution_arn: f\"{execution_arn}/*/*/*\"))\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"myDemoAPI\", new Aws.ApiGateway.RestApiArgs\n {\n Description = \"This is my API for demonstration purposes\",\n });\n var lambdaPermission = new Aws.Lambda.Permission(\"lambdaPermission\", new Aws.Lambda.PermissionArgs\n {\n Action = \"lambda:InvokeFunction\",\n Function = \"MyDemoFunction\",\n Principal = \"apigateway.amazonaws.com\",\n SourceArn = myDemoAPI.ExecutionArn.Apply(executionArn =\u003e $\"{executionArn}/*/*/*\"),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"myDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"lambdaPermission\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: pulumi.String(\"MyDemoFunction\"),\n\t\t\tPrincipal: pulumi.String(\"apigateway.amazonaws.com\"),\n\t\t\tSourceArn: myDemoAPI.ExecutionArn.ApplyT(func(executionArn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v\", executionArn, \"/*/*/*\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "action": { "type": "string", "description": "The AWS Lambda action you want to allow in this statement. (e.g. `lambda:InvokeFunction`)\n" }, "eventSourceToken": { "type": "string", "description": "The Event Source Token to validate. Used with [Alexa Skills](https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli).\n" }, "function": { "type": "string", "description": "Name of the Lambda function whose resource policy you are updating\n" }, "principal": { "type": "string", "description": "The principal who is getting this permission.\ne.g. `s3.amazonaws.com`, an AWS account ID, or any valid AWS service principal\nsuch as `events.amazonaws.com` or `sns.amazonaws.com`.\n" }, "qualifier": { "type": "string", "description": "Query parameter to specify function version or alias name.\nThe permission will then apply to the specific qualified ARN.\ne.g. `arn:aws:lambda:aws-region:acct-id:function:function-name:2`\n" }, "sourceAccount": { "type": "string", "description": "This parameter is used for S3 and SES. The AWS account ID (without a hyphen) of the source owner.\n" }, "sourceArn": { "type": "string", "description": "When the principal is an AWS service, the ARN of the specific resource within that service to grant permission to.\nWithout this, any resource from `principal` will be granted permission – even if that resource is from another account.\nFor S3, this should be the ARN of the S3 Bucket.\nFor CloudWatch Events, this should be the ARN of the CloudWatch Events Rule.\nFor API Gateway, this should be the ARN of the API, as described [here](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html).\n" }, "statementId": { "type": "string", "description": "A unique statement identifier. By default generated by this provider.\n" }, "statementIdPrefix": { "type": "string", "description": "A statement identifier prefix. This provider will generate a unique suffix. Conflicts with `statement_id`.\n" } }, "required": [ "action", "function", "principal", "statementId" ], "inputProperties": { "action": { "type": "string", "description": "The AWS Lambda action you want to allow in this statement. (e.g. `lambda:InvokeFunction`)\n" }, "eventSourceToken": { "type": "string", "description": "The Event Source Token to validate. Used with [Alexa Skills](https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli).\n" }, "function": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:lambda/function:Function" } ], "description": "Name of the Lambda function whose resource policy you are updating\n" }, "principal": { "type": "string", "description": "The principal who is getting this permission.\ne.g. `s3.amazonaws.com`, an AWS account ID, or any valid AWS service principal\nsuch as `events.amazonaws.com` or `sns.amazonaws.com`.\n" }, "qualifier": { "type": "string", "description": "Query parameter to specify function version or alias name.\nThe permission will then apply to the specific qualified ARN.\ne.g. `arn:aws:lambda:aws-region:acct-id:function:function-name:2`\n" }, "sourceAccount": { "type": "string", "description": "This parameter is used for S3 and SES. The AWS account ID (without a hyphen) of the source owner.\n" }, "sourceArn": { "type": "string", "description": "When the principal is an AWS service, the ARN of the specific resource within that service to grant permission to.\nWithout this, any resource from `principal` will be granted permission – even if that resource is from another account.\nFor S3, this should be the ARN of the S3 Bucket.\nFor CloudWatch Events, this should be the ARN of the CloudWatch Events Rule.\nFor API Gateway, this should be the ARN of the API, as described [here](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html).\n" }, "statementId": { "type": "string", "description": "A unique statement identifier. By default generated by this provider.\n" }, "statementIdPrefix": { "type": "string", "description": "A statement identifier prefix. This provider will generate a unique suffix. Conflicts with `statement_id`.\n" } }, "requiredInputs": [ "action", "function", "principal" ], "stateInputs": { "description": "Input properties used for looking up and filtering Permission resources.\n", "properties": { "action": { "type": "string", "description": "The AWS Lambda action you want to allow in this statement. (e.g. `lambda:InvokeFunction`)\n" }, "eventSourceToken": { "type": "string", "description": "The Event Source Token to validate. Used with [Alexa Skills](https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli).\n" }, "function": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:lambda/function:Function" } ], "description": "Name of the Lambda function whose resource policy you are updating\n" }, "principal": { "type": "string", "description": "The principal who is getting this permission.\ne.g. `s3.amazonaws.com`, an AWS account ID, or any valid AWS service principal\nsuch as `events.amazonaws.com` or `sns.amazonaws.com`.\n" }, "qualifier": { "type": "string", "description": "Query parameter to specify function version or alias name.\nThe permission will then apply to the specific qualified ARN.\ne.g. `arn:aws:lambda:aws-region:acct-id:function:function-name:2`\n" }, "sourceAccount": { "type": "string", "description": "This parameter is used for S3 and SES. The AWS account ID (without a hyphen) of the source owner.\n" }, "sourceArn": { "type": "string", "description": "When the principal is an AWS service, the ARN of the specific resource within that service to grant permission to.\nWithout this, any resource from `principal` will be granted permission – even if that resource is from another account.\nFor S3, this should be the ARN of the S3 Bucket.\nFor CloudWatch Events, this should be the ARN of the CloudWatch Events Rule.\nFor API Gateway, this should be the ARN of the API, as described [here](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html).\n" }, "statementId": { "type": "string", "description": "A unique statement identifier. By default generated by this provider.\n" }, "statementIdPrefix": { "type": "string", "description": "A statement identifier prefix. This provider will generate a unique suffix. Conflicts with `statement_id`.\n" } }, "type": "object" } }, "aws:lambda/provisionedConcurrencyConfig:ProvisionedConcurrencyConfig": { "description": "Manages a Lambda Provisioned Concurrency Configuration.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Alias Name\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.ProvisionedConcurrencyConfig(\"example\", {\n functionName: aws_lambda_alias.example.function_name,\n provisionedConcurrentExecutions: 1,\n qualifier: aws_lambda_alias.example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.ProvisionedConcurrencyConfig(\"example\",\n function_name=aws_lambda_alias[\"example\"][\"function_name\"],\n provisioned_concurrent_executions=1,\n qualifier=aws_lambda_alias[\"example\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Lambda.ProvisionedConcurrencyConfig(\"example\", new Aws.Lambda.ProvisionedConcurrencyConfigArgs\n {\n FunctionName = aws_lambda_alias.Example.Function_name,\n ProvisionedConcurrentExecutions = 1,\n Qualifier = aws_lambda_alias.Example.Name,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewProvisionedConcurrencyConfig(ctx, \"example\", \u0026lambda.ProvisionedConcurrencyConfigArgs{\n\t\t\tFunctionName: pulumi.String(aws_lambda_alias.Example.Function_name),\n\t\t\tProvisionedConcurrentExecutions: pulumi.Int(1),\n\t\t\tQualifier: pulumi.String(aws_lambda_alias.Example.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Function Version\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.ProvisionedConcurrencyConfig(\"example\", {\n functionName: aws_lambda_function.example.function_name,\n provisionedConcurrentExecutions: 1,\n qualifier: aws_lambda_function.example.version,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.ProvisionedConcurrencyConfig(\"example\",\n function_name=aws_lambda_function[\"example\"][\"function_name\"],\n provisioned_concurrent_executions=1,\n qualifier=aws_lambda_function[\"example\"][\"version\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Lambda.ProvisionedConcurrencyConfig(\"example\", new Aws.Lambda.ProvisionedConcurrencyConfigArgs\n {\n FunctionName = aws_lambda_function.Example.Function_name,\n ProvisionedConcurrentExecutions = 1,\n Qualifier = aws_lambda_function.Example.Version,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lambda.NewProvisionedConcurrencyConfig(ctx, \"example\", \u0026lambda.ProvisionedConcurrencyConfigArgs{\n\t\t\tFunctionName: pulumi.String(aws_lambda_function.Example.Function_name),\n\t\t\tProvisionedConcurrentExecutions: pulumi.Int(1),\n\t\t\tQualifier: pulumi.String(aws_lambda_function.Example.Version),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function.\n" }, "provisionedConcurrentExecutions": { "type": "integer", "description": "Amount of capacity to allocate. Must be greater than or equal to `1`.\n" }, "qualifier": { "type": "string", "description": "Lambda Function version or Lambda Alias name.\n" } }, "required": [ "functionName", "provisionedConcurrentExecutions", "qualifier" ], "inputProperties": { "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function.\n" }, "provisionedConcurrentExecutions": { "type": "integer", "description": "Amount of capacity to allocate. Must be greater than or equal to `1`.\n" }, "qualifier": { "type": "string", "description": "Lambda Function version or Lambda Alias name.\n" } }, "requiredInputs": [ "functionName", "provisionedConcurrentExecutions", "qualifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProvisionedConcurrencyConfig resources.\n", "properties": { "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function.\n" }, "provisionedConcurrentExecutions": { "type": "integer", "description": "Amount of capacity to allocate. Must be greater than or equal to `1`.\n" }, "qualifier": { "type": "string", "description": "Lambda Function version or Lambda Alias name.\n" } }, "type": "object" } }, "aws:lb/listener:Listener": { "description": "Provides a Load Balancer Listener resource.\n\n\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Forward Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"443\",\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Redirect Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [{\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n type: \"redirect\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[{\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n \"type\": \"redirect\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n Type = \"redirect\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tRedirect: \u0026lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Fixed-response Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [{\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n type: \"fixed-response\",\n }],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[{\n \"fixedResponse\": {\n \"content_type\": \"text/plain\",\n \"messageBody\": \"Fixed response content\",\n \"status_code\": \"200\",\n },\n \"type\": \"fixed-response\",\n }],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n Type = \"fixed-response\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Authenticate-cognito Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [\n {\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n type: \"authenticate-cognito\",\n },\n {\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n },\n ],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[\n {\n \"authenticateCognito\": {\n \"userPoolArn\": pool.arn,\n \"userPoolClientId\": client.id,\n \"userPoolDomain\": domain.domain,\n },\n \"type\": \"authenticate-cognito\",\n },\n {\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n },\n ],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n });\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\", new Aws.Cognito.UserPoolDomainArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n Type = \"authenticate-cognito\",\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Authenticate-oidc Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n defaultActions: [\n {\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n type: \"authenticate-oidc\",\n },\n {\n targetGroupArn: frontEndTargetGroup.arn,\n type: \"forward\",\n },\n ],\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n default_actions=[\n {\n \"authenticateOidc\": {\n \"authorizationEndpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"tokenEndpoint\": \"https://example.com/token_endpoint\",\n \"userInfoEndpoint\": \"https://example.com/user_info_endpoint\",\n },\n \"type\": \"authenticate-oidc\",\n },\n {\n \"target_group_arn\": front_end_target_group.arn,\n \"type\": \"forward\",\n },\n ],\n load_balancer_arn=front_end_load_balancer.arn,\n port=\"80\",\n protocol=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n Type = \"authenticate-oidc\",\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = frontEndTargetGroup.Arn,\n Type = \"forward\",\n },\n },\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", \u0026lb.ListenerArgs{\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "required": [ "arn", "defaultActions", "loadBalancerArn", "port", "sslPolicy" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "requiredInputs": [ "defaultActions", "loadBalancerArn", "port" ], "stateInputs": { "description": "Input properties used for looking up and filtering Listener resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "certificateArn": { "type": "string", "description": "The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "loadBalancerArn": { "type": "string", "description": "The ARN of the load balancer.\n" }, "port": { "type": "integer", "description": "The port on which the load balancer is listening.\n" }, "protocol": { "type": "string", "description": "The protocol for connections from clients to the load balancer. Valid values are `TCP`, `TLS`, `UDP`, `TCP_UDP`, `HTTP` and `HTTPS`. Defaults to `HTTP`.\n" }, "sslPolicy": { "type": "string", "description": "The name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/listener:Listener" } ] }, "aws:lb/listenerCertificate:ListenerCertificate": { "description": "Provides a Load Balancer Listener Certificate resource.\n\nThis resource is for additional certificates and does not replace the default certificate on the listener.\n\n\u003e **Note:** `aws.alb.ListenerCertificate` is known as `aws.lb.ListenerCertificate`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCertificate = new aws.acm.Certificate(\"example\", {});\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst exampleListenerCertificate = new aws.lb.ListenerCertificate(\"example\", {\n certificateArn: exampleCertificate.arn,\n listenerArn: frontEndListener.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_certificate = aws.acm.Certificate(\"exampleCertificate\")\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\")\nexample_listener_certificate = aws.lb.ListenerCertificate(\"exampleListenerCertificate\",\n certificate_arn=example_certificate.arn,\n listener_arn=front_end_listener.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleCertificate = new Aws.Acm.Certificate(\"exampleCertificate\", new Aws.Acm.CertificateArgs\n {\n });\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n });\n var exampleListenerCertificate = new Aws.LB.ListenerCertificate(\"exampleListenerCertificate\", new Aws.LB.ListenerCertificateArgs\n {\n CertificateArn = exampleCertificate.Arn,\n ListenerArn = frontEndListener.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCertificate, err := acm.NewCertificate(ctx, \"exampleCertificate\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"frontEndListener\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerCertificate(ctx, \"exampleListenerCertificate\", \u0026lb.ListenerCertificateArgs{\n\t\t\tCertificateArn: exampleCertificate.Arn,\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "required": [ "certificateArn", "listenerArn" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "requiredInputs": [ "certificateArn", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerCertificate resources.\n", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/listenerCertificate:ListenerCertificate" } ] }, "aws:lb/listenerRule:ListenerRule": { "description": "Provides a Load Balancer Listener Rule resource.\n\n\u003e **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst static = new aws.lb.ListenerRule(\"static\", {\n actions: [{\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n }],\n conditions: [\n {\n pathPattern: {\n values: [\"/static/*\"],\n },\n },\n {\n hostHeader: {\n values: [\"example.com\"],\n },\n },\n ],\n listenerArn: frontEndListener.arn,\n priority: 100,\n});\nconst hostBasedRouting = new aws.lb.ListenerRule(\"host_based_routing\", {\n actions: [{\n forward: {\n stickiness: {\n duration: 600,\n enabled: true,\n },\n targetGroups: [\n {\n arn: aws_lb_target_group_main.arn,\n weight: 80,\n },\n {\n arn: aws_lb_target_group_canary.arn,\n weight: 20,\n },\n ],\n },\n type: \"forward\",\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n priority: 99,\n});\nconst hostBasedWeightedRouting = new aws.lb.ListenerRule(\"host_based_weighted_routing\", {\n actions: [{\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mydomain.io\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n priority: 99,\n});\nconst redirectHttpToHttps = new aws.lb.ListenerRule(\"redirect_http_to_https\", {\n actions: [{\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n type: \"redirect\",\n }],\n conditions: [{\n httpHeader: {\n httpHeaderName: \"X-Forwarded-For\",\n values: [\"192.168.1.*\"],\n },\n }],\n listenerArn: frontEndListener.arn,\n});\nconst healthCheck = new aws.lb.ListenerRule(\"health_check\", {\n actions: [{\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"HEALTHY\",\n statusCode: \"200\",\n },\n type: \"fixed-response\",\n }],\n conditions: [{\n queryStrings: [\n {\n key: \"health\",\n value: \"check\",\n },\n {\n value: \"bar\",\n },\n ],\n }],\n listenerArn: frontEndListener.arn,\n});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst admin = new aws.lb.ListenerRule(\"admin\", {\n actions: [\n {\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n type: \"authenticate-oidc\",\n },\n {\n targetGroupArn: aws_lb_target_group_static.arn,\n type: \"forward\",\n },\n ],\n listenerArn: frontEndListener.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\nfront_end_listener = aws.lb.Listener(\"frontEndListener\")\nstatic = aws.lb.ListenerRule(\"static\",\n actions=[{\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n }],\n conditions=[\n {\n \"pathPattern\": {\n \"values\": [\"/static/*\"],\n },\n },\n {\n \"hostHeader\": {\n \"values\": [\"example.com\"],\n },\n },\n ],\n listener_arn=front_end_listener.arn,\n priority=100)\nhost_based_routing = aws.lb.ListenerRule(\"hostBasedRouting\",\n actions=[{\n \"forward\": {\n \"stickiness\": {\n \"duration\": 600,\n \"enabled\": True,\n },\n \"targetGroup\": [\n {\n \"arn\": aws_lb_target_group[\"main\"][\"arn\"],\n \"weight\": 80,\n },\n {\n \"arn\": aws_lb_target_group[\"canary\"][\"arn\"],\n \"weight\": 20,\n },\n ],\n },\n \"type\": \"forward\",\n }],\n conditions=[{\n \"hostHeader\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }],\n listener_arn=front_end_listener.arn,\n priority=99)\nhost_based_weighted_routing = aws.lb.ListenerRule(\"hostBasedWeightedRouting\",\n actions=[{\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n }],\n conditions=[{\n \"hostHeader\": {\n \"values\": [\"my-service.*.mydomain.io\"],\n },\n }],\n listener_arn=front_end_listener.arn,\n priority=99)\nredirect_http_to_https = aws.lb.ListenerRule(\"redirectHttpToHttps\",\n actions=[{\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n \"type\": \"redirect\",\n }],\n conditions=[{\n \"httpHeader\": {\n \"httpHeaderName\": \"X-Forwarded-For\",\n \"values\": [\"192.168.1.*\"],\n },\n }],\n listener_arn=front_end_listener.arn)\nhealth_check = aws.lb.ListenerRule(\"healthCheck\",\n actions=[{\n \"fixedResponse\": {\n \"content_type\": \"text/plain\",\n \"messageBody\": \"HEALTHY\",\n \"status_code\": \"200\",\n },\n \"type\": \"fixed-response\",\n }],\n conditions=[{\n \"queryString\": [\n {\n \"key\": \"health\",\n \"value\": \"check\",\n },\n {\n \"value\": \"bar\",\n },\n ],\n }],\n listener_arn=front_end_listener.arn)\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nadmin = aws.lb.ListenerRule(\"admin\",\n actions=[\n {\n \"authenticateOidc\": {\n \"authorizationEndpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"tokenEndpoint\": \"https://example.com/token_endpoint\",\n \"userInfoEndpoint\": \"https://example.com/user_info_endpoint\",\n },\n \"type\": \"authenticate-oidc\",\n },\n {\n \"target_group_arn\": aws_lb_target_group[\"static\"][\"arn\"],\n \"type\": \"forward\",\n },\n ],\n listener_arn=front_end_listener.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n });\n var @static = new Aws.LB.ListenerRule(\"static\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs\n {\n Values = \n {\n \"/static/*\",\n },\n },\n },\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"example.com\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 100,\n });\n var hostBasedRouting = new Aws.LB.ListenerRule(\"hostBasedRouting\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs\n {\n Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs\n {\n Duration = 600,\n Enabled = true,\n },\n TargetGroup = \n {\n \n {\n { \"arn\", aws_lb_target_group.Main.Arn },\n { \"weight\", 80 },\n },\n \n {\n { \"arn\", aws_lb_target_group.Canary.Arn },\n { \"weight\", 20 },\n },\n },\n },\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n });\n var hostBasedWeightedRouting = new Aws.LB.ListenerRule(\"hostBasedWeightedRouting\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = \n {\n \"my-service.*.mydomain.io\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n });\n var redirectHttpToHttps = new Aws.LB.ListenerRule(\"redirectHttpToHttps\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n Type = \"redirect\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs\n {\n HttpHeaderName = \"X-Forwarded-For\",\n Values = \n {\n \"192.168.1.*\",\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n var healthCheck = new Aws.LB.ListenerRule(\"healthCheck\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"HEALTHY\",\n StatusCode = \"200\",\n },\n Type = \"fixed-response\",\n },\n },\n Conditions = \n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n QueryString = \n {\n \n {\n { \"key\", \"health\" },\n { \"value\", \"check\" },\n },\n \n {\n { \"value\", \"bar\" },\n },\n },\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n });\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\", new Aws.Cognito.UserPoolDomainArgs\n {\n });\n var admin = new Aws.LB.ListenerRule(\"admin\", new Aws.LB.ListenerRuleArgs\n {\n Actions = \n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n Type = \"authenticate-oidc\",\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n TargetGroupArn = aws_lb_target_group.Static.Arn,\n Type = \"forward\",\n },\n },\n ListenerArn = frontEndListener.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"frontEndListener\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"static\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tPathPattern: \u0026lb.ListenerRuleConditionPathPatternArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"/static/*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"hostBasedRouting\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tForward: \u0026lb.ListenerRuleActionForwardArgs{\n\t\t\t\t\t\tStickiness: \u0026lb.ListenerRuleActionForwardStickinessArgs{\n\t\t\t\t\t\t\tDuration: pulumi.Int(600),\n\t\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTargetGroup: pulumi.MapArray{\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"arn\": pulumi.String(aws_lb_target_group.Main.Arn),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(80),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\t\"arn\": pulumi.String(aws_lb_target_group.Canary.Arn),\n\t\t\t\t\t\t\t\t\"weight\": pulumi.Float64(20),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"hostBasedWeightedRouting\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mydomain.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"redirectHttpToHttps\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tRedirect: \u0026lb.ListenerRuleActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHttpHeader: \u0026lb.ListenerRuleConditionHttpHeaderArgs{\n\t\t\t\t\t\tHttpHeaderName: pulumi.String(\"X-Forwarded-For\"),\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"192.168.1.*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"healthCheck\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerRuleActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"HEALTHY\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tQueryString: pulumi.Array{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"health\"),\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"check\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"value\": pulumi.String(\"bar\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"admin\", \u0026lb.ListenerRuleArgs{\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerRuleActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.String(aws_lb_target_group.Static.Arn),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "required": [ "actions", "arn", "conditions", "listenerArn", "priority" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "requiredInputs": [ "actions", "conditions", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerRule resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/listenerRule:ListenerRule" } ] }, "aws:lb/loadBalancer:LoadBalancer": { "description": "Provides a Load Balancer resource.\n\n\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Application Load Balancer\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n accessLogs: {\n bucket: aws_s3_bucket_lb_logs.bucket,\n enabled: true,\n prefix: \"test-lb\",\n },\n enableDeletionProtection: true,\n internal: false,\n loadBalancerType: \"application\",\n securityGroups: [aws_security_group_lb_sg.id],\n subnets: [aws_subnet_public.map(v =\u003e v.id)],\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n access_logs={\n \"bucket\": aws_s3_bucket[\"lb_logs\"][\"bucket\"],\n \"enabled\": True,\n \"prefix\": \"test-lb\",\n },\n enable_deletion_protection=True,\n internal=False,\n load_balancer_type=\"application\",\n security_groups=[aws_security_group[\"lb_sg\"][\"id\"]],\n subnets=[[__item[\"id\"] for __item in aws_subnet[\"public\"]]],\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.LB.LoadBalancer(\"test\", new Aws.LB.LoadBalancerArgs\n {\n AccessLogs = new Aws.LB.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = aws_s3_bucket.Lb_logs.Bucket,\n Enabled = true,\n Prefix = \"test-lb\",\n },\n EnableDeletionProtection = true,\n Internal = false,\n LoadBalancerType = \"application\",\n SecurityGroups = \n {\n aws_security_group.Lb_sg.Id,\n },\n Subnets = \n {\n aws_subnet.Public.Select(__item =\u003e __item.Id).ToList(),\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Network Load Balancer\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n enableDeletionProtection: true,\n internal: false,\n loadBalancerType: \"network\",\n subnets: [aws_subnet_public.map(v =\u003e v.id)],\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n enable_deletion_protection=True,\n internal=False,\n load_balancer_type=\"network\",\n subnets=[[__item[\"id\"] for __item in aws_subnet[\"public\"]]],\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.LB.LoadBalancer(\"test\", new Aws.LB.LoadBalancerArgs\n {\n EnableDeletionProtection = true,\n Internal = false,\n LoadBalancerType = \"network\",\n Subnets = \n {\n aws_subnet.Public.Select(__item =\u003e __item.Id).ToList(),\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Specifying Elastic IPs\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n loadBalancerType: \"network\",\n subnetMappings: [\n {\n allocationId: aws_eip_example1.id,\n subnetId: aws_subnet_example1.id,\n },\n {\n allocationId: aws_eip_example2.id,\n subnetId: aws_subnet_example2.id,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n load_balancer_type=\"network\",\n subnet_mappings=[\n {\n \"allocation_id\": aws_eip[\"example1\"][\"id\"],\n \"subnet_id\": aws_subnet[\"example1\"][\"id\"],\n },\n {\n \"allocation_id\": aws_eip[\"example2\"][\"id\"],\n \"subnet_id\": aws_subnet[\"example2\"][\"id\"],\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.LB.LoadBalancer(\"example\", new Aws.LB.LoadBalancerArgs\n {\n LoadBalancerType = \"network\",\n SubnetMappings = \n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n AllocationId = aws_eip.Example1.Id,\n SubnetId = aws_subnet.Example1.Id,\n },\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n AllocationId = aws_eip.Example2.Id,\n SubnetId = aws_subnet.Example2.Id,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tAllocationId: pulumi.String(aws_eip.Example1.Id),\n\t\t\t\t\tSubnetId: pulumi.String(aws_subnet.Example1.Id),\n\t\t\t\t},\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tAllocationId: pulumi.String(aws_eip.Example2.Id),\n\t\t\t\t\tSubnetId: pulumi.String(aws_subnet.Example2.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessLogs": { "$ref": "#/types/aws:lb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the load balancer.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:lb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "required": [ "arn", "arnSuffix", "dnsName", "internal", "ipAddressType", "name", "securityGroups", "subnetMappings", "subnets", "vpcId", "zoneId" ], "inputProperties": { "accessLogs": { "$ref": "#/types/aws:lb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:lb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancer resources.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:lb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the load balancer.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n" }, "loadBalancerType": { "type": "string", "description": "The type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:lb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "A subnet mapping block as documented below.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcId": { "type": "string" }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/loadBalancer:LoadBalancer" } ] }, "aws:lb/targetGroup:TargetGroup": { "description": "Provides a Target Group resource for use with Load Balancer resources.\n\n\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Instance Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst test = new aws.lb.TargetGroup(\"test\", {\n port: 80,\n protocol: \"HTTP\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\ntest = aws.lb.TargetGroup(\"test\",\n port=80,\n protocol=\"HTTP\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var test = new Aws.LB.TargetGroup(\"test\", new Aws.LB.TargetGroupArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### IP Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst ip_example = new aws.lb.TargetGroup(\"ip-example\", {\n port: 80,\n protocol: \"HTTP\",\n targetType: \"ip\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nip_example = aws.lb.TargetGroup(\"ip-example\",\n port=80,\n protocol=\"HTTP\",\n target_type=\"ip\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var ip_example = new Aws.LB.TargetGroup(\"ip-example\", new Aws.LB.TargetGroupArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n TargetType = \"ip\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"ip-example\", \u0026lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tTargetType: pulumi.String(\"ip\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Lambda Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda_example = new aws.lb.TargetGroup(\"lambda-example\", {\n targetType: \"lambda\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_example = aws.lb.TargetGroup(\"lambda-example\", target_type=\"lambda\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lambda_example = new Aws.LB.TargetGroup(\"lambda-example\", new Aws.LB.TargetGroupArgs\n {\n TargetType = \"lambda\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lb.NewTargetGroup(ctx, \"lambda-example\", \u0026lb.TargetGroupArgs{\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Target Group (matches `id`)\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:lb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:lb/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "required": [ "arn", "arnSuffix", "healthCheck", "loadBalancingAlgorithmType", "name", "stickiness" ], "inputProperties": { "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:lb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:lb/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Target Group (matches `id`)\n" }, "arnSuffix": { "type": "string", "description": "The ARN suffix for use with CloudWatch Metrics.\n" }, "deregistrationDelay": { "type": "integer", "description": "The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:lb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "A Health Check block. Health Check blocks are documented below.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n" }, "name": { "type": "string", "description": "The name of the target group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Should be one of \"TCP\", \"TLS\", \"UDP\", \"TCP_UDP\", \"HTTP\" or \"HTTPS\". Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information.\n" }, "slowStart": { "type": "integer", "description": "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:lb/TargetGroupStickiness:TargetGroupStickiness", "description": "A Stickiness block. Stickiness blocks are documented below. `stickiness` is only valid if used with Load Balancers of type `Application`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetType": { "type": "string", "description": "The type of target that you must specify when registering targets with this target group.\nThe possible values are `instance` (targets are specified by instance ID) or `ip` (targets are specified by IP address) or `lambda` (targets are specified by lambda arn).\nThe default is `instance`. Note that you can't specify targets for a target group using both instance IDs and IP addresses.\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group,\nthe RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10).\nYou can't specify publicly routable IP addresses.\n" }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the target group. Required when `target_type` is `instance` or `ip`. Does not apply when `target_type` is `lambda`.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/targetGroup:TargetGroup" } ] }, "aws:lb/targetGroupAttachment:TargetGroupAttachment": { "description": "Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the `aws.elb.Attachment` resource.\n\n\u003e **Note:** `aws.alb.TargetGroupAttachment` is known as `aws.lb.TargetGroupAttachment`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {});\nconst testInstance = new aws.ec2.Instance(\"test\", {});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n port: 80,\n targetGroupArn: testTargetGroup.arn,\n targetId: testInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"testTargetGroup\")\ntest_instance = aws.ec2.Instance(\"testInstance\")\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"testTargetGroupAttachment\",\n port=80,\n target_group_arn=test_target_group.arn,\n target_id=test_instance.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testTargetGroup = new Aws.LB.TargetGroup(\"testTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n var testInstance = new Aws.Ec2.Instance(\"testInstance\", new Aws.Ec2.InstanceArgs\n {\n });\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"testTargetGroupAttachment\", new Aws.LB.TargetGroupAttachmentArgs\n {\n Port = 80,\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testInstance.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"testTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := ec2.NewInstance(ctx, \"testInstance\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"testTargetGroupAttachment\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testInstance.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Usage with lambda\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {\n targetType: \"lambda\",\n});\nconst testFunction = new aws.lambda.Function(\"test\", {});\nconst withLb = new aws.lambda.Permission(\"with_lb\", {\n action: \"lambda:InvokeFunction\",\n function: testFunction.arn,\n principal: \"elasticloadbalancing.amazonaws.com\",\n sourceArn: testTargetGroup.arn,\n});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: testTargetGroup.arn,\n targetId: testFunction.arn,\n}, { dependsOn: [withLb] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"testTargetGroup\", target_type=\"lambda\")\ntest_function = aws.lambda_.Function(\"testFunction\")\nwith_lb = aws.lambda_.Permission(\"withLb\",\n action=\"lambda:InvokeFunction\",\n function=test_function.arn,\n principal=\"elasticloadbalancing.amazonaws.com\",\n source_arn=test_target_group.arn)\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"testTargetGroupAttachment\",\n target_group_arn=test_target_group.arn,\n target_id=test_function.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testTargetGroup = new Aws.LB.TargetGroup(\"testTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n TargetType = \"lambda\",\n });\n var testFunction = new Aws.Lambda.Function(\"testFunction\", new Aws.Lambda.FunctionArgs\n {\n });\n var withLb = new Aws.Lambda.Permission(\"withLb\", new Aws.Lambda.PermissionArgs\n {\n Action = \"lambda:InvokeFunction\",\n Function = testFunction.Arn,\n Principal = \"elasticloadbalancing.amazonaws.com\",\n SourceArn = testTargetGroup.Arn,\n });\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"testTargetGroupAttachment\", new Aws.LB.TargetGroupAttachmentArgs\n {\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testFunction.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"testTargetGroup\", \u0026lb.TargetGroupArgs{\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestFunction, err := lambda.NewFunction(ctx, \"testFunction\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"withLb\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testFunction.Arn,\n\t\t\tPrincipal: pulumi.String(\"elasticloadbalancing.amazonaws.com\"),\n\t\t\tSourceArn: testTargetGroup.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"testTargetGroupAttachment\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testFunction.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "required": [ "targetGroupArn", "targetId" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "requiredInputs": [ "targetGroupArn", "targetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroupAttachment resources.\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/targetGroupAttachment:TargetGroupAttachment" } ] }, "aws:licensemanager/association:Association": { "description": "Provides a License Manager association.\n\n\u003e **Note:** License configurations can also be associated with launch templates by specifying the `license_specifications` block for an `aws.ec2.LaunchTemplate`.\n", "properties": { "licenseConfigurationArn": { "type": "string", "description": "ARN of the license configuration.\n" }, "resourceArn": { "type": "string", "description": "ARN of the resource associated with the license configuration.\n" } }, "required": [ "licenseConfigurationArn", "resourceArn" ], "inputProperties": { "licenseConfigurationArn": { "type": "string", "description": "ARN of the license configuration.\n" }, "resourceArn": { "type": "string", "description": "ARN of the resource associated with the license configuration.\n" } }, "requiredInputs": [ "licenseConfigurationArn", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Association resources.\n", "properties": { "licenseConfigurationArn": { "type": "string", "description": "ARN of the license configuration.\n" }, "resourceArn": { "type": "string", "description": "ARN of the resource associated with the license configuration.\n" } }, "type": "object" } }, "aws:licensemanager/licenseConfiguration:LicenseConfiguration": { "description": "Provides a License Manager license configuration resource.\n\n\u003e **Note:** Removing the `license_count` attribute is not supported by the License Manager API - recreate the resource instead.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.licensemanager.LicenseConfiguration(\"example\", {\n description: \"Example\",\n licenseCount: 10,\n licenseCountHardLimit: true,\n licenseCountingType: \"Socket\",\n licenseRules: [\"#minimumSockets=2\"],\n tags: {\n foo: \"barr\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.licensemanager.LicenseConfiguration(\"example\",\n description=\"Example\",\n license_count=10,\n license_count_hard_limit=True,\n license_counting_type=\"Socket\",\n license_rules=[\"#minimumSockets=2\"],\n tags={\n \"foo\": \"barr\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.LicenseManager.LicenseConfiguration(\"example\", new Aws.LicenseManager.LicenseConfigurationArgs\n {\n Description = \"Example\",\n LicenseCount = 10,\n LicenseCountHardLimit = true,\n LicenseCountingType = \"Socket\",\n LicenseRules = \n {\n \"#minimumSockets=2\",\n },\n Tags = \n {\n { \"foo\", \"barr\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/licensemanager\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = licensemanager.NewLicenseConfiguration(ctx, \"example\", \u0026licensemanager.LicenseConfigurationArgs{\n\t\t\tDescription: pulumi.String(\"Example\"),\n\t\t\tLicenseCount: pulumi.Int(10),\n\t\t\tLicenseCountHardLimit: pulumi.Bool(true),\n\t\t\tLicenseCountingType: pulumi.String(\"Socket\"),\n\t\t\tLicenseRules: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"#minimumSockets=2\"),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"foo\": pulumi.String(\"barr\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Rules\n\nLicense rules should be in the format of `#RuleType=RuleValue`. Supported rule types:\n\n* `minimumVcpus` - Resource must have minimum vCPU count in order to use the license. Default: 1\n* `maximumVcpus` - Resource must have maximum vCPU count in order to use the license. Default: unbounded, limit: 10000\n* `minimumCores` - Resource must have minimum core count in order to use the license. Default: 1\n* `maximumCores` - Resource must have maximum core count in order to use the license. Default: unbounded, limit: 10000\n* `minimumSockets` - Resource must have minimum socket count in order to use the license. Default: 1\n* `maximumSockets` - Resource must have maximum socket count in order to use the license. Default: unbounded, limit: 10000\n* `allowedTenancy` - Defines where the license can be used. If set, restricts license usage to selected tenancies. Specify a comma delimited list of `EC2-Default`, `EC2-DedicatedHost`, `EC2-DedicatedInstance`\n", "properties": { "description": { "type": "string", "description": "Description of the license configuration.\n" }, "licenseCount": { "type": "integer", "description": "Number of licenses managed by the license configuration.\n" }, "licenseCountHardLimit": { "type": "boolean", "description": "Sets the number of available licenses as a hard limit.\n" }, "licenseCountingType": { "type": "string", "description": "Dimension to use to track license inventory. Specify either `vCPU`, `Instance`, `Core` or `Socket`.\n" }, "licenseRules": { "type": "array", "items": { "type": "string" }, "description": "Array of configured License Manager rules.\n" }, "name": { "type": "string", "description": "Name of the license configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "licenseCountingType", "name" ], "inputProperties": { "description": { "type": "string", "description": "Description of the license configuration.\n" }, "licenseCount": { "type": "integer", "description": "Number of licenses managed by the license configuration.\n" }, "licenseCountHardLimit": { "type": "boolean", "description": "Sets the number of available licenses as a hard limit.\n" }, "licenseCountingType": { "type": "string", "description": "Dimension to use to track license inventory. Specify either `vCPU`, `Instance`, `Core` or `Socket`.\n" }, "licenseRules": { "type": "array", "items": { "type": "string" }, "description": "Array of configured License Manager rules.\n" }, "name": { "type": "string", "description": "Name of the license configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "licenseCountingType" ], "stateInputs": { "description": "Input properties used for looking up and filtering LicenseConfiguration resources.\n", "properties": { "description": { "type": "string", "description": "Description of the license configuration.\n" }, "licenseCount": { "type": "integer", "description": "Number of licenses managed by the license configuration.\n" }, "licenseCountHardLimit": { "type": "boolean", "description": "Sets the number of available licenses as a hard limit.\n" }, "licenseCountingType": { "type": "string", "description": "Dimension to use to track license inventory. Specify either `vCPU`, `Instance`, `Core` or `Socket`.\n" }, "licenseRules": { "type": "array", "items": { "type": "string" }, "description": "Array of configured License Manager rules.\n" }, "name": { "type": "string", "description": "Name of the license configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:lightsail/domain:Domain": { "description": "Creates a domain resource for the specified domain (e.g., example.com).\nYou cannot register a new domain name using Lightsail. You must register\na domain name using Amazon Route 53 or another domain name registrar.\nIf you have already registered your domain, you can enter its name in\nthis parameter to manage the DNS records for that domain.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Creating A New Domain\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst domainTest = new aws.lightsail.Domain(\"domain_test\", {\n domainName: \"mydomain.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndomain_test = aws.lightsail.Domain(\"domainTest\", domain_name=\"mydomain.com\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var domainTest = new Aws.LightSail.Domain(\"domainTest\", new Aws.LightSail.DomainArgs\n {\n DomainName = \"mydomain.com\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lightsail.NewDomain(ctx, \"domainTest\", \u0026lightsail.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"mydomain.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail domain\n" }, "domainName": { "type": "string", "description": "The name of the Lightsail domain to manage\n" } }, "required": [ "arn", "domainName" ], "inputProperties": { "domainName": { "type": "string", "description": "The name of the Lightsail domain to manage\n" } }, "requiredInputs": [ "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail domain\n" }, "domainName": { "type": "string", "description": "The name of the Lightsail domain to manage\n" } }, "type": "object" } }, "aws:lightsail/instance:Instance": { "description": "Provides a Lightsail Instance. Amazon Lightsail is a service to provide easy virtual private servers\nwith custom software already setup. See [What is Amazon Lightsail?](https://lightsail.aws.amazon.com/ls/docs/getting-started/article/what-is-amazon-lightsail)\nfor more information.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new GitLab Lightsail Instance\nconst gitlabTest = new aws.lightsail.Instance(\"gitlab_test\", {\n availabilityZone: \"us-east-1b\",\n blueprintId: \"string\",\n bundleId: \"string\",\n keyPairName: \"some_key_name\",\n tags: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new GitLab Lightsail Instance\ngitlab_test = aws.lightsail.Instance(\"gitlabTest\",\n availability_zone=\"us-east-1b\",\n blueprint_id=\"string\",\n bundle_id=\"string\",\n key_pair_name=\"some_key_name\",\n tags={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new GitLab Lightsail Instance\n var gitlabTest = new Aws.LightSail.Instance(\"gitlabTest\", new Aws.LightSail.InstanceArgs\n {\n AvailabilityZone = \"us-east-1b\",\n BlueprintId = \"string\",\n BundleId = \"string\",\n KeyPairName = \"some_key_name\",\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lightsail.NewInstance(ctx, \"gitlabTest\", \u0026lightsail.InstanceArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1b\"),\n\t\t\tBlueprintId: pulumi.String(\"string\"),\n\t\t\tBundleId: pulumi.String(\"string\"),\n\t\t\tKeyPairName: pulumi.String(\"some_key_name\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Availability Zones\n\nLightsail currently supports the following Availability Zones (e.g. `us-east-1a`):\n\n- `ap-northeast-1{a,c,d}`\n- `ap-northeast-2{a,c}`\n- `ap-south-1{a,b}`\n- `ap-southeast-1{a,b,c}`\n- `ap-southeast-2{a,b,c}`\n- `ca-central-1{a,b}`\n- `eu-central-1{a,b,c}`\n- `eu-west-1{a,b,c}`\n- `eu-west-2{a,b,c}`\n- `eu-west-3{a,b,c}`\n- `us-east-1{a,b,c,d,e,f}`\n- `us-east-2{a,b,c}`\n- `us-west-2{a,b,c}`\n\n## Blueprints\n\nLightsail currently supports the following Blueprint IDs:\n\n### OS Only\n\n- `amazon_linux_2018_03_0_2`\n- `centos_7_1901_01`\n- `debian_8_7`\n- `debian_9_5`\n- `freebsd_11_1`\n- `opensuse_42_2`\n- `ubuntu_16_04_2`\n- `ubuntu_18_04`\n\n### Apps and OS\n\n- `drupal_8_5_6`\n- `gitlab_11_1_4_1`\n- `joomla_3_8_11`\n- `lamp_5_6_37_2`\n- `lamp_7_1_20_1`\n- `magento_2_2_5`\n- `mean_4_0_1`\n- `nginx_1_14_0_1`\n- `nodejs_10_8_0`\n- `plesk_ubuntu_17_8_11_1`\n- `redmine_3_4_6`\n- `wordpress_4_9_8`\n- `wordpress_multisite_4_9_8`\n\n## Bundles\n\nLightsail currently supports the following Bundle IDs (e.g. an instance in `ap-northeast-1` would use `small_2_0`):\n\n### Prefix\n\nA Bundle ID starts with one of the below size prefixes:\n\n- `nano_`\n- `micro_`\n- `small_`\n- `medium_`\n- `large_`\n- `xlarge_`\n- `2xlarge_`\n\n### Suffix\n\nA Bundle ID ends with one of the following suffixes depending on Availability Zone:\n\n- ap-northeast-1: `2_0`\n- ap-northeast-2: `2_0`\n- ap-south-1: `2_1`\n- ap-southeast-1: `2_0`\n- ap-southeast-2: `2_2`\n- ca-central-1: `2_0`\n- eu-central-1: `2_0`\n- eu-west-1: `2_0`\n- eu-west-2: `2_0`\n- eu-west-3: `2_0`\n- us-east-1: `2_0`\n- us-east-2: `2_0`\n- us-west-2: `2_0`\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail instance (matches `id`).\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your\ninstance (see list below)\n" }, "blueprintId": { "type": "string", "description": "The ID for a virtual private server image\n(see list below)\n" }, "bundleId": { "type": "string", "description": "The bundle of specification information (see list below)\n" }, "cpuCount": { "type": "integer" }, "createdAt": { "type": "string", "description": "The timestamp when the instance was created.\n* `availability_zone`\n* `blueprint_id`\n* `bundle_id`\n* `key_pair_name`\n* `user_data`\n" }, "ipv6Address": { "type": "string" }, "isStaticIp": { "type": "boolean" }, "keyPairName": { "type": "string", "description": "The name of your key pair. Created in the\nLightsail console (cannot use `aws.ec2.KeyPair` at this time)\n" }, "name": { "type": "string", "description": "The name of the Lightsail Instance. Names be unique within each AWS Region in your Lightsail account.\n" }, "privateIpAddress": { "type": "string" }, "publicIpAddress": { "type": "string" }, "ramSize": { "type": "number" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "userData": { "type": "string", "description": "launch script to configure server with additional user data\n" }, "username": { "type": "string" } }, "required": [ "arn", "availabilityZone", "blueprintId", "bundleId", "cpuCount", "createdAt", "ipv6Address", "isStaticIp", "name", "privateIpAddress", "publicIpAddress", "ramSize", "username" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your\ninstance (see list below)\n" }, "blueprintId": { "type": "string", "description": "The ID for a virtual private server image\n(see list below)\n" }, "bundleId": { "type": "string", "description": "The bundle of specification information (see list below)\n" }, "keyPairName": { "type": "string", "description": "The name of your key pair. Created in the\nLightsail console (cannot use `aws.ec2.KeyPair` at this time)\n" }, "name": { "type": "string", "description": "The name of the Lightsail Instance. Names be unique within each AWS Region in your Lightsail account.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "userData": { "type": "string", "description": "launch script to configure server with additional user data\n" } }, "requiredInputs": [ "availabilityZone", "blueprintId", "bundleId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail instance (matches `id`).\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your\ninstance (see list below)\n" }, "blueprintId": { "type": "string", "description": "The ID for a virtual private server image\n(see list below)\n" }, "bundleId": { "type": "string", "description": "The bundle of specification information (see list below)\n" }, "cpuCount": { "type": "integer" }, "createdAt": { "type": "string", "description": "The timestamp when the instance was created.\n* `availability_zone`\n* `blueprint_id`\n* `bundle_id`\n* `key_pair_name`\n* `user_data`\n" }, "ipv6Address": { "type": "string" }, "isStaticIp": { "type": "boolean" }, "keyPairName": { "type": "string", "description": "The name of your key pair. Created in the\nLightsail console (cannot use `aws.ec2.KeyPair` at this time)\n" }, "name": { "type": "string", "description": "The name of the Lightsail Instance. Names be unique within each AWS Region in your Lightsail account.\n" }, "privateIpAddress": { "type": "string" }, "publicIpAddress": { "type": "string" }, "ramSize": { "type": "number" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "userData": { "type": "string", "description": "launch script to configure server with additional user data\n" }, "username": { "type": "string" } }, "type": "object" } }, "aws:lightsail/keyPair:KeyPair": { "description": "Provides a Lightsail Key Pair, for use with Lightsail Instances. These key pairs\nare separate from EC2 Key Pairs, and must be created or imported for use with\nLightsail.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Creating A New Key Pair\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new Lightsail Key Pair\nconst lgKeyPair = new aws.lightsail.KeyPair(\"lg_key_pair\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new Lightsail Key Pair\nlg_key_pair = aws.lightsail.KeyPair(\"lgKeyPair\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Create a new Lightsail Key Pair\n var lgKeyPair = new Aws.LightSail.KeyPair(\"lgKeyPair\", new Aws.LightSail.KeyPairArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lightsail.NewKeyPair(ctx, \"lgKeyPair\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Create new Key Pair, encrypting the private key with a PGP Key\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lgKeyPair = new aws.lightsail.KeyPair(\"lg_key_pair\", {\n pgpKey: \"keybase:keybaseusername\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlg_key_pair = aws.lightsail.KeyPair(\"lgKeyPair\", pgp_key=\"keybase:keybaseusername\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lgKeyPair = new Aws.LightSail.KeyPair(\"lgKeyPair\", new Aws.LightSail.KeyPairArgs\n {\n PgpKey = \"keybase:keybaseusername\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lightsail.NewKeyPair(ctx, \"lgKeyPair\", \u0026lightsail.KeyPairArgs{\n\t\t\tPgpKey: pulumi.String(\"keybase:keybaseusername\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail key pair\n" }, "encryptedFingerprint": { "type": "string", "description": "The MD5 public key fingerprint for the encrypted\nprivate key\n" }, "encryptedPrivateKey": { "type": "string", "description": "the private key material, base 64 encoded and\nencrypted with the given `pgp_key`. This is only populated when creating a new\nkey and `pgp_key` is supplied\n" }, "fingerprint": { "type": "string", "description": "The MD5 public key fingerprint as specified in section 4 of RFC 4716.\n" }, "name": { "type": "string", "description": "The name of the Lightsail Key Pair. If omitted, a unique\nname will be generated by this provider\n" }, "namePrefix": { "type": "string" }, "pgpKey": { "type": "string", "description": "An optional PGP key to encrypt the resulting private\nkey material. Only used when creating a new key pair\n" }, "privateKey": { "type": "string", "description": "the private key, base64 encoded. This is only populated\nwhen creating a new key, and when no `pgp_key` is provided\n" }, "publicKey": { "type": "string", "description": "The public key material. This public key will be\nimported into Lightsail\n" } }, "required": [ "arn", "encryptedFingerprint", "encryptedPrivateKey", "fingerprint", "name", "privateKey", "publicKey" ], "inputProperties": { "name": { "type": "string", "description": "The name of the Lightsail Key Pair. If omitted, a unique\nname will be generated by this provider\n" }, "namePrefix": { "type": "string" }, "pgpKey": { "type": "string", "description": "An optional PGP key to encrypt the resulting private\nkey material. Only used when creating a new key pair\n" }, "publicKey": { "type": "string", "description": "The public key material. This public key will be\nimported into Lightsail\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering KeyPair resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail key pair\n" }, "encryptedFingerprint": { "type": "string", "description": "The MD5 public key fingerprint for the encrypted\nprivate key\n" }, "encryptedPrivateKey": { "type": "string", "description": "the private key material, base 64 encoded and\nencrypted with the given `pgp_key`. This is only populated when creating a new\nkey and `pgp_key` is supplied\n" }, "fingerprint": { "type": "string", "description": "The MD5 public key fingerprint as specified in section 4 of RFC 4716.\n" }, "name": { "type": "string", "description": "The name of the Lightsail Key Pair. If omitted, a unique\nname will be generated by this provider\n" }, "namePrefix": { "type": "string" }, "pgpKey": { "type": "string", "description": "An optional PGP key to encrypt the resulting private\nkey material. Only used when creating a new key pair\n" }, "privateKey": { "type": "string", "description": "the private key, base64 encoded. This is only populated\nwhen creating a new key, and when no `pgp_key` is provided\n" }, "publicKey": { "type": "string", "description": "The public key material. This public key will be\nimported into Lightsail\n" } }, "type": "object" } }, "aws:lightsail/staticIp:StaticIp": { "description": "Allocates a static IP address.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.StaticIp(\"test\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.StaticIp(\"test\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.LightSail.StaticIp(\"test\", new Aws.LightSail.StaticIpArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = lightsail.NewStaticIp(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail static IP\n" }, "ipAddress": { "type": "string", "description": "The allocated static IP address\n" }, "name": { "type": "string", "description": "The name for the allocated static IP\n" }, "supportCode": { "type": "string", "description": "The support code.\n" } }, "required": [ "arn", "ipAddress", "name", "supportCode" ], "inputProperties": { "name": { "type": "string", "description": "The name for the allocated static IP\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering StaticIp resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail static IP\n" }, "ipAddress": { "type": "string", "description": "The allocated static IP address\n" }, "name": { "type": "string", "description": "The name for the allocated static IP\n" }, "supportCode": { "type": "string", "description": "The support code.\n" } }, "type": "object" } }, "aws:lightsail/staticIpAttachment:StaticIpAttachment": { "description": "Provides a static IP address attachment - relationship between a Lightsail static IP \u0026 Lightsail instance.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStaticIp = new aws.lightsail.StaticIp(\"test\", {});\nconst testInstance = new aws.lightsail.Instance(\"test\", {\n availabilityZone: \"us-east-1b\",\n blueprintId: \"string\",\n bundleId: \"string\",\n keyPairName: \"some_key_name\",\n});\nconst testStaticIpAttachment = new aws.lightsail.StaticIpAttachment(\"test\", {\n instanceName: testInstance.id,\n staticIpName: testStaticIp.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_static_ip = aws.lightsail.StaticIp(\"testStaticIp\")\ntest_instance = aws.lightsail.Instance(\"testInstance\",\n availability_zone=\"us-east-1b\",\n blueprint_id=\"string\",\n bundle_id=\"string\",\n key_pair_name=\"some_key_name\")\ntest_static_ip_attachment = aws.lightsail.StaticIpAttachment(\"testStaticIpAttachment\",\n instance_name=test_instance.id,\n static_ip_name=test_static_ip.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testStaticIp = new Aws.LightSail.StaticIp(\"testStaticIp\", new Aws.LightSail.StaticIpArgs\n {\n });\n var testInstance = new Aws.LightSail.Instance(\"testInstance\", new Aws.LightSail.InstanceArgs\n {\n AvailabilityZone = \"us-east-1b\",\n BlueprintId = \"string\",\n BundleId = \"string\",\n KeyPairName = \"some_key_name\",\n });\n var testStaticIpAttachment = new Aws.LightSail.StaticIpAttachment(\"testStaticIpAttachment\", new Aws.LightSail.StaticIpAttachmentArgs\n {\n InstanceName = testInstance.Id,\n StaticIpName = testStaticIp.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestStaticIp, err := lightsail.NewStaticIp(ctx, \"testStaticIp\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := lightsail.NewInstance(ctx, \"testInstance\", \u0026lightsail.InstanceArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1b\"),\n\t\t\tBlueprintId: pulumi.String(\"string\"),\n\t\t\tBundleId: pulumi.String(\"string\"),\n\t\t\tKeyPairName: pulumi.String(\"some_key_name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewStaticIpAttachment(ctx, \"testStaticIpAttachment\", \u0026lightsail.StaticIpAttachmentArgs{\n\t\t\tInstanceName: testInstance.ID(),\n\t\t\tStaticIpName: testStaticIp.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "instanceName": { "type": "string", "description": "The name of the Lightsail instance to attach the IP to\n" }, "ipAddress": { "type": "string", "description": "The allocated static IP address\n" }, "staticIpName": { "type": "string", "description": "The name of the allocated static IP\n" } }, "required": [ "instanceName", "ipAddress", "staticIpName" ], "inputProperties": { "instanceName": { "type": "string", "description": "The name of the Lightsail instance to attach the IP to\n" }, "staticIpName": { "type": "string", "description": "The name of the allocated static IP\n" } }, "requiredInputs": [ "instanceName", "staticIpName" ], "stateInputs": { "description": "Input properties used for looking up and filtering StaticIpAttachment resources.\n", "properties": { "instanceName": { "type": "string", "description": "The name of the Lightsail instance to attach the IP to\n" }, "ipAddress": { "type": "string", "description": "The allocated static IP address\n" }, "staticIpName": { "type": "string", "description": "The name of the allocated static IP\n" } }, "type": "object" } }, "aws:macie/memberAccountAssociation:MemberAccountAssociation": { "description": "\u003e **NOTE:** This resource interacts with [Amazon Macie Classic](https://docs.aws.amazon.com/macie/latest/userguide/what-is-macie.html). Macie Classic cannot be activated in new accounts. See the [FAQ](https://aws.amazon.com/macie/classic-faqs/) for more details.\n\nAssociates an AWS account with Amazon Macie as a member account.\n\n\u003e **NOTE:** Before using Amazon Macie for the first time it must be enabled manually. Instructions are [here](https://docs.aws.amazon.com/macie/latest/userguide/macie-setting-up.html#macie-setting-up-enable).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie.MemberAccountAssociation(\"example\", {\n memberAccountId: \"123456789012\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie.MemberAccountAssociation(\"example\", member_account_id=\"123456789012\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Macie.MemberAccountAssociation(\"example\", new Aws.Macie.MemberAccountAssociationArgs\n {\n MemberAccountId = \"123456789012\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/macie\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = macie.NewMemberAccountAssociation(ctx, \"example\", \u0026macie.MemberAccountAssociationArgs{\n\t\t\tMemberAccountId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "memberAccountId": { "type": "string", "description": "The ID of the AWS account that you want to associate with Amazon Macie as a member account.\n" } }, "required": [ "memberAccountId" ], "inputProperties": { "memberAccountId": { "type": "string", "description": "The ID of the AWS account that you want to associate with Amazon Macie as a member account.\n" } }, "requiredInputs": [ "memberAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MemberAccountAssociation resources.\n", "properties": { "memberAccountId": { "type": "string", "description": "The ID of the AWS account that you want to associate with Amazon Macie as a member account.\n" } }, "type": "object" } }, "aws:macie/s3BucketAssociation:S3BucketAssociation": { "description": "\u003e **NOTE:** This resource interacts with [Amazon Macie Classic](https://docs.aws.amazon.com/macie/latest/userguide/what-is-macie.html). Macie Classic cannot be activated in new accounts. See the [FAQ](https://aws.amazon.com/macie/classic-faqs/) for more details.\n\nAssociates an S3 resource with Amazon Macie for monitoring and data classification.\n\n\u003e **NOTE:** Before using Amazon Macie for the first time it must be enabled manually. Instructions are [here](https://docs.aws.amazon.com/macie/latest/userguide/macie-setting-up.html#macie-setting-up-enable).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie.S3BucketAssociation(\"example\", {\n bucketName: \"tf-macie-example\",\n classificationType: {\n oneTime: \"FULL\",\n },\n prefix: \"data\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie.S3BucketAssociation(\"example\",\n bucket_name=\"tf-macie-example\",\n classification_type={\n \"oneTime\": \"FULL\",\n },\n prefix=\"data\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Macie.S3BucketAssociation(\"example\", new Aws.Macie.S3BucketAssociationArgs\n {\n BucketName = \"tf-macie-example\",\n ClassificationType = new Aws.Macie.Inputs.S3BucketAssociationClassificationTypeArgs\n {\n OneTime = \"FULL\",\n },\n Prefix = \"data\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/macie\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = macie.NewS3BucketAssociation(ctx, \"example\", \u0026macie.S3BucketAssociationArgs{\n\t\t\tBucketName: pulumi.String(\"tf-macie-example\"),\n\t\t\tClassificationType: \u0026macie.S3BucketAssociationClassificationTypeArgs{\n\t\t\t\tOneTime: pulumi.String(\"FULL\"),\n\t\t\t},\n\t\t\tPrefix: pulumi.String(\"data\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "bucketName": { "type": "string", "description": "The name of the S3 bucket that you want to associate with Amazon Macie.\n" }, "classificationType": { "$ref": "#/types/aws:macie/S3BucketAssociationClassificationType:S3BucketAssociationClassificationType", "description": "The configuration of how Amazon Macie classifies the S3 objects.\n" }, "memberAccountId": { "type": "string", "description": "The ID of the Amazon Macie member account whose S3 resources you want to associate with Macie. If `member_account_id` isn't specified, the action associates specified S3 resources with Macie for the current master account.\n" }, "prefix": { "type": "string", "description": "Object key prefix identifying one or more S3 objects to which the association applies.\n" } }, "required": [ "bucketName", "classificationType" ], "inputProperties": { "bucketName": { "type": "string", "description": "The name of the S3 bucket that you want to associate with Amazon Macie.\n" }, "classificationType": { "$ref": "#/types/aws:macie/S3BucketAssociationClassificationType:S3BucketAssociationClassificationType", "description": "The configuration of how Amazon Macie classifies the S3 objects.\n" }, "memberAccountId": { "type": "string", "description": "The ID of the Amazon Macie member account whose S3 resources you want to associate with Macie. If `member_account_id` isn't specified, the action associates specified S3 resources with Macie for the current master account.\n" }, "prefix": { "type": "string", "description": "Object key prefix identifying one or more S3 objects to which the association applies.\n" } }, "requiredInputs": [ "bucketName" ], "stateInputs": { "description": "Input properties used for looking up and filtering S3BucketAssociation resources.\n", "properties": { "bucketName": { "type": "string", "description": "The name of the S3 bucket that you want to associate with Amazon Macie.\n" }, "classificationType": { "$ref": "#/types/aws:macie/S3BucketAssociationClassificationType:S3BucketAssociationClassificationType", "description": "The configuration of how Amazon Macie classifies the S3 objects.\n" }, "memberAccountId": { "type": "string", "description": "The ID of the Amazon Macie member account whose S3 resources you want to associate with Macie. If `member_account_id` isn't specified, the action associates specified S3 resources with Macie for the current master account.\n" }, "prefix": { "type": "string", "description": "Object key prefix identifying one or more S3 objects to which the association applies.\n" } }, "type": "object" } }, "aws:mediaconvert/queue:Queue": { "description": "Provides an AWS Elemental MediaConvert Queue.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.mediaconvert.Queue(\"test\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.mediaconvert.Queue(\"test\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.MediaConvert.Queue(\"test\", new Aws.MediaConvert.QueueArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/mediaconvert\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = mediaconvert.NewQueue(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Arn of the queue\n" }, "description": { "type": "string", "description": "A description of the queue\n" }, "name": { "type": "string", "description": "A unique identifier describing the queue\n" }, "pricingPlan": { "type": "string", "description": "Specifies whether the pricing plan for the queue is on-demand or reserved. Valid values are `ON_DEMAND` or `RESERVED`. Default to `ON_DEMAND`.\n" }, "reservationPlanSettings": { "$ref": "#/types/aws:mediaconvert/QueueReservationPlanSettings:QueueReservationPlanSettings", "description": "A detail pricing plan of the reserved queue. See below.\n" }, "status": { "type": "string", "description": "A status of the queue. Valid values are `ACTIVE` or `RESERVED`. Default to `PAUSED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "name", "reservationPlanSettings" ], "inputProperties": { "description": { "type": "string", "description": "A description of the queue\n" }, "name": { "type": "string", "description": "A unique identifier describing the queue\n" }, "pricingPlan": { "type": "string", "description": "Specifies whether the pricing plan for the queue is on-demand or reserved. Valid values are `ON_DEMAND` or `RESERVED`. Default to `ON_DEMAND`.\n" }, "reservationPlanSettings": { "$ref": "#/types/aws:mediaconvert/QueueReservationPlanSettings:QueueReservationPlanSettings", "description": "A detail pricing plan of the reserved queue. See below.\n" }, "status": { "type": "string", "description": "A status of the queue. Valid values are `ACTIVE` or `RESERVED`. Default to `PAUSED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Queue resources.\n", "properties": { "arn": { "type": "string", "description": "The Arn of the queue\n" }, "description": { "type": "string", "description": "A description of the queue\n" }, "name": { "type": "string", "description": "A unique identifier describing the queue\n" }, "pricingPlan": { "type": "string", "description": "Specifies whether the pricing plan for the queue is on-demand or reserved. Valid values are `ON_DEMAND` or `RESERVED`. Default to `ON_DEMAND`.\n" }, "reservationPlanSettings": { "$ref": "#/types/aws:mediaconvert/QueueReservationPlanSettings:QueueReservationPlanSettings", "description": "A detail pricing plan of the reserved queue. See below.\n" }, "status": { "type": "string", "description": "A status of the queue. Valid values are `ACTIVE` or `RESERVED`. Default to `PAUSED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:mediapackage/channel:Channel": { "description": "Provides an AWS Elemental MediaPackage Channel.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst kittens = new aws.mediapackage.Channel(\"kittens\", {\n channelId: \"kitten-channel\",\n description: \"A channel dedicated to amusing videos of kittens.\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nkittens = aws.mediapackage.Channel(\"kittens\",\n channel_id=\"kitten-channel\",\n description=\"A channel dedicated to amusing videos of kittens.\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var kittens = new Aws.MediaPackage.Channel(\"kittens\", new Aws.MediaPackage.ChannelArgs\n {\n ChannelId = \"kitten-channel\",\n Description = \"A channel dedicated to amusing videos of kittens.\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/mediapackage\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = mediapackage.NewChannel(ctx, \"kittens\", \u0026mediapackage.ChannelArgs{\n\t\t\tChannelId: pulumi.String(\"kitten-channel\"),\n\t\t\tDescription: pulumi.String(\"A channel dedicated to amusing videos of kittens.\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the channel\n" }, "channelId": { "type": "string", "description": "A unique identifier describing the channel\n" }, "description": { "type": "string", "description": "A description of the channel\n", "default": "Managed by Pulumi" }, "hlsIngests": { "type": "array", "items": { "$ref": "#/types/aws:mediapackage/ChannelHlsIngest:ChannelHlsIngest" }, "description": "A single item list of HLS ingest information\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "channelId", "description", "hlsIngests" ], "inputProperties": { "channelId": { "type": "string", "description": "A unique identifier describing the channel\n" }, "description": { "type": "string", "description": "A description of the channel\n", "default": "Managed by Pulumi" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "channelId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Channel resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the channel\n" }, "channelId": { "type": "string", "description": "A unique identifier describing the channel\n" }, "description": { "type": "string", "description": "A description of the channel\n", "default": "Managed by Pulumi" }, "hlsIngests": { "type": "array", "items": { "$ref": "#/types/aws:mediapackage/ChannelHlsIngest:ChannelHlsIngest" }, "description": "A single item list of HLS ingest information\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:mediastore/container:Container": { "description": "Provides a MediaStore Container.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mediastore.Container(\"example\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mediastore.Container(\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.MediaStore.Container(\"example\", new Aws.MediaStore.ContainerArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/mediastore\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = mediastore.NewContainer(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the container.\n" }, "endpoint": { "type": "string", "description": "The DNS endpoint of the container.\n" }, "name": { "type": "string", "description": "The name of the container. Must contain alphanumeric characters or underscores.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "endpoint", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the container. Must contain alphanumeric characters or underscores.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Container resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the container.\n" }, "endpoint": { "type": "string", "description": "The DNS endpoint of the container.\n" }, "name": { "type": "string", "description": "The name of the container. Must contain alphanumeric characters or underscores.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:mediastore/containerPolicy:ContainerPolicy": { "description": "Provides a MediaStore Container Policy.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst currentRegion = pulumi.output(aws.getRegion({ async: true }));\nconst currentCallerIdentity = pulumi.output(aws.getCallerIdentity({ async: true }));\nconst exampleContainer = new aws.mediastore.Container(\"example\", {});\nconst exampleContainerPolicy = new aws.mediastore.ContainerPolicy(\"example\", {\n containerName: exampleContainer.name,\n policy: pulumi.interpolate`{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [{\n\t\t\"Sid\": \"MediaStoreFullAccess\",\n\t\t\"Action\": [ \"mediastore:*\" ],\n\t\t\"Principal\": {\"AWS\" : \"arn:aws:iam::${currentCallerIdentity.accountId}:root\"},\n\t\t\"Effect\": \"Allow\",\n\t\t\"Resource\": \"arn:aws:mediastore:${currentRegion.name!}:${currentCallerIdentity.accountId}:container/${exampleContainer.name}/*\",\n\t\t\"Condition\": {\n\t\t\t\"Bool\": { \"aws:SecureTransport\": \"true\" }\n\t\t}\n\t}]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent_region = aws.get_region()\ncurrent_caller_identity = aws.get_caller_identity()\nexample_container = aws.mediastore.Container(\"exampleContainer\")\nexample_container_policy = aws.mediastore.ContainerPolicy(\"exampleContainerPolicy\",\n container_name=example_container.name,\n policy=example_container.name.apply(lambda name: f\"\"\"{{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [{{\n\t\t\"Sid\": \"MediaStoreFullAccess\",\n\t\t\"Action\": [ \"mediastore:*\" ],\n\t\t\"Principal\": {{\"AWS\" : \"arn:aws:iam::{current_caller_identity.account_id}:root\"}},\n\t\t\"Effect\": \"Allow\",\n\t\t\"Resource\": \"arn:aws:mediastore:{current_region.name}:{current_caller_identity.account_id}:container/{name}/*\",\n\t\t\"Condition\": {{\n\t\t\t\"Bool\": {{ \"aws:SecureTransport\": \"true\" }}\n\t\t}}\n\t}}]\n}}\n\n\"\"\"))\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var currentRegion = Output.Create(Aws.GetRegion.InvokeAsync());\n var currentCallerIdentity = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n var exampleContainer = new Aws.MediaStore.Container(\"exampleContainer\", new Aws.MediaStore.ContainerArgs\n {\n });\n var exampleContainerPolicy = new Aws.MediaStore.ContainerPolicy(\"exampleContainerPolicy\", new Aws.MediaStore.ContainerPolicyArgs\n {\n ContainerName = exampleContainer.Name,\n Policy = Output.Tuple(currentCallerIdentity, currentRegion, currentCallerIdentity, exampleContainer.Name).Apply(values =\u003e\n {\n var currentCallerIdentity = values.Item1;\n var currentRegion = values.Item2;\n var currentCallerIdentity1 = values.Item3;\n var name = values.Item4;\n return @$\"{{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [{{\n\t\t\"\"Sid\"\": \"\"MediaStoreFullAccess\"\",\n\t\t\"\"Action\"\": [ \"\"mediastore:*\"\" ],\n\t\t\"\"Principal\"\": {{\"\"AWS\"\" : \"\"arn:aws:iam::{currentCallerIdentity.AccountId}:root\"\"}},\n\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\"\"Resource\"\": \"\"arn:aws:mediastore:{currentRegion.Name}:{currentCallerIdentity1.AccountId}:container/{name}/*\"\",\n\t\t\"\"Condition\"\": {{\n\t\t\t\"\"Bool\"\": {{ \"\"aws:SecureTransport\"\": \"\"true\"\" }}\n\t\t}}\n\t}}]\n}}\n\n\";\n }),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/mediastore\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrentRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleContainer, err := mediastore.NewContainer(ctx, \"exampleContainer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mediastore.NewContainerPolicy(ctx, \"exampleContainerPolicy\", \u0026mediastore.ContainerPolicyArgs{\n\t\t\tContainerName: exampleContainer.Name,\n\t\t\tPolicy: exampleContainer.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \"\t\\\"Version\\\": \\\"2012-10-17\\\",\\n\", \"\t\\\"Statement\\\": [{\\n\", \"\t\t\\\"Sid\\\": \\\"MediaStoreFullAccess\\\",\\n\", \"\t\t\\\"Action\\\": [ \\\"mediastore:*\\\" ],\\n\", \"\t\t\\\"Principal\\\": {\\\"AWS\\\" : \\\"arn:aws:iam::\", currentCallerIdentity.AccountId, \":root\\\"},\\n\", \"\t\t\\\"Effect\\\": \\\"Allow\\\",\\n\", \"\t\t\\\"Resource\\\": \\\"arn:aws:mediastore:\", currentRegion.Name, \":\", currentCallerIdentity.AccountId, \":container/\", name, \"/*\\\",\\n\", \"\t\t\\\"Condition\\\": {\\n\", \"\t\t\t\\\"Bool\\\": { \\\"aws:SecureTransport\\\": \\\"true\\\" }\\n\", \"\t\t}\\n\", \"\t}]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "containerName": { "type": "string", "description": "The name of the container.\n" }, "policy": { "type": "string", "description": "The contents of the policy.\n" } }, "required": [ "containerName", "policy" ], "inputProperties": { "containerName": { "type": "string", "description": "The name of the container.\n" }, "policy": { "type": "string", "description": "The contents of the policy.\n" } }, "requiredInputs": [ "containerName", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContainerPolicy resources.\n", "properties": { "containerName": { "type": "string", "description": "The name of the container.\n" }, "policy": { "type": "string", "description": "The contents of the policy.\n" } }, "type": "object" } }, "aws:mq/broker:Broker": { "description": "Provides an MQ Broker Resource. This resources also manages users for the broker.\n\nFor more information on Amazon MQ, see [Amazon MQ documentation](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/welcome.html).\n\nChanges to an MQ Broker can occur when you change a\nparameter, such as `configuration` or `user`, and are reflected in the next maintenance\nwindow. Because of this, this provider may report a difference in its planning\nphase because a modification has not yet taken place. You can use the\n`apply_immediately` flag to instruct the service to apply the change immediately\n(see documentation below).\n\n\u003e **Note:** using `apply_immediately` can result in a\nbrief downtime as the broker reboots.\n\n\u003e **Note:** All arguments including the username and password will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mq.Broker(\"example\", {\n brokerName: \"example\",\n configuration: {\n id: aws_mq_configuration_test.id,\n revision: aws_mq_configuration_test.latestRevision,\n },\n engineType: \"ActiveMQ\",\n engineVersion: \"5.15.0\",\n hostInstanceType: \"mq.t2.micro\",\n securityGroups: [aws_security_group_test.id],\n users: [{\n password: \"MindTheGap\",\n username: \"ExampleUser\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mq.Broker(\"example\",\n broker_name=\"example\",\n configuration={\n \"id\": aws_mq_configuration[\"test\"][\"id\"],\n \"revision\": aws_mq_configuration[\"test\"][\"latest_revision\"],\n },\n engine_type=\"ActiveMQ\",\n engine_version=\"5.15.0\",\n host_instance_type=\"mq.t2.micro\",\n security_groups=[aws_security_group[\"test\"][\"id\"]],\n users=[{\n \"password\": \"MindTheGap\",\n \"username\": \"ExampleUser\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Mq.Broker(\"example\", new Aws.Mq.BrokerArgs\n {\n BrokerName = \"example\",\n Configuration = new Aws.Mq.Inputs.BrokerConfigurationArgs\n {\n Id = aws_mq_configuration.Test.Id,\n Revision = aws_mq_configuration.Test.Latest_revision,\n },\n EngineType = \"ActiveMQ\",\n EngineVersion = \"5.15.0\",\n HostInstanceType = \"mq.t2.micro\",\n SecurityGroups = \n {\n aws_security_group.Test.Id,\n },\n Users = \n {\n new Aws.Mq.Inputs.BrokerUserArgs\n {\n Password = \"MindTheGap\",\n Username = \"ExampleUser\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = mq.NewBroker(ctx, \"example\", \u0026mq.BrokerArgs{\n\t\t\tBrokerName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026mq.BrokerConfigurationArgs{\n\t\t\t\tId: pulumi.String(aws_mq_configuration.Test.Id),\n\t\t\t\tRevision: pulumi.String(aws_mq_configuration.Test.Latest_revision),\n\t\t\t},\n\t\t\tEngineType: pulumi.String(\"ActiveMQ\"),\n\t\t\tEngineVersion: pulumi.String(\"5.15.0\"),\n\t\t\tHostInstanceType: pulumi.String(\"mq.t2.micro\"),\n\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_security_group.Test.Id),\n\t\t\t},\n\t\t\tUsers: mq.BrokerUserArray{\n\t\t\t\t\u0026mq.BrokerUserArgs{\n\t\t\t\t\tPassword: pulumi.String(\"MindTheGap\"),\n\t\t\t\t\tUsername: pulumi.String(\"ExampleUser\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any broker modifications\nare applied immediately, or during the next maintenance window. Default is `false`.\n" }, "arn": { "type": "string", "description": "The ARN of the broker.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Enables automatic upgrades to new minor versions for brokers, as Apache releases the versions.\n" }, "brokerName": { "type": "string", "description": "The name of the broker.\n" }, "configuration": { "$ref": "#/types/aws:mq/BrokerConfiguration:BrokerConfiguration", "description": "Configuration of the broker. See below.\n" }, "deploymentMode": { "type": "string", "description": "The deployment mode of the broker. Supported: `SINGLE_INSTANCE` and `ACTIVE_STANDBY_MULTI_AZ`. Defaults to `SINGLE_INSTANCE`.\n" }, "encryptionOptions": { "$ref": "#/types/aws:mq/BrokerEncryptionOptions:BrokerEncryptionOptions", "description": "Configuration block containing encryption options. See below.\n" }, "engineType": { "type": "string", "description": "The type of broker engine. Currently, Amazon MQ supports only `ActiveMQ`.\n" }, "engineVersion": { "type": "string", "description": "The version of the broker engine. See the [AmazonMQ Broker Engine docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html) for supported versions.\n" }, "hostInstanceType": { "type": "string", "description": "The broker's instance type. e.g. `mq.t2.micro` or `mq.m4.large`\n" }, "instances": { "type": "array", "items": { "$ref": "#/types/aws:mq/BrokerInstance:BrokerInstance" }, "description": "A list of information about allocated brokers (both active \u0026 standby).\n* `instances.0.console_url` - The URL of the broker's [ActiveMQ Web Console](http://activemq.apache.org/web-console.html).\n* `instances.0.ip_address` - The IP Address of the broker.\n* `instances.0.endpoints` - The broker's wire-level protocol endpoints in the following order \u0026 format referenceable e.g. as `instances.0.endpoints.0` (SSL):\n* `ssl://broker-id.mq.us-west-2.amazonaws.com:61617`\n* `amqp+ssl://broker-id.mq.us-west-2.amazonaws.com:5671`\n* `stomp+ssl://broker-id.mq.us-west-2.amazonaws.com:61614`\n* `mqtt+ssl://broker-id.mq.us-west-2.amazonaws.com:8883`\n* `wss://broker-id.mq.us-west-2.amazonaws.com:61619`\n" }, "logs": { "$ref": "#/types/aws:mq/BrokerLogs:BrokerLogs", "description": "Logging configuration of the broker. See below.\n" }, "maintenanceWindowStartTime": { "$ref": "#/types/aws:mq/BrokerMaintenanceWindowStartTime:BrokerMaintenanceWindowStartTime", "description": "Maintenance window start time. See below.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Whether to enable connections from applications outside of the VPC that hosts the broker's subnets.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The list of security group IDs assigned to the broker.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The list of subnet IDs in which to launch the broker. A `SINGLE_INSTANCE` deployment requires one subnet. An `ACTIVE_STANDBY_MULTI_AZ` deployment requires two subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "users": { "type": "array", "items": { "$ref": "#/types/aws:mq/BrokerUser:BrokerUser" }, "description": "The list of all ActiveMQ usernames for the specified broker. See below.\n" } }, "required": [ "arn", "brokerName", "configuration", "engineType", "engineVersion", "hostInstanceType", "instances", "maintenanceWindowStartTime", "securityGroups", "subnetIds", "users" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any broker modifications\nare applied immediately, or during the next maintenance window. Default is `false`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Enables automatic upgrades to new minor versions for brokers, as Apache releases the versions.\n" }, "brokerName": { "type": "string", "description": "The name of the broker.\n" }, "configuration": { "$ref": "#/types/aws:mq/BrokerConfiguration:BrokerConfiguration", "description": "Configuration of the broker. See below.\n" }, "deploymentMode": { "type": "string", "description": "The deployment mode of the broker. Supported: `SINGLE_INSTANCE` and `ACTIVE_STANDBY_MULTI_AZ`. Defaults to `SINGLE_INSTANCE`.\n" }, "encryptionOptions": { "$ref": "#/types/aws:mq/BrokerEncryptionOptions:BrokerEncryptionOptions", "description": "Configuration block containing encryption options. See below.\n" }, "engineType": { "type": "string", "description": "The type of broker engine. Currently, Amazon MQ supports only `ActiveMQ`.\n" }, "engineVersion": { "type": "string", "description": "The version of the broker engine. See the [AmazonMQ Broker Engine docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html) for supported versions.\n" }, "hostInstanceType": { "type": "string", "description": "The broker's instance type. e.g. `mq.t2.micro` or `mq.m4.large`\n" }, "logs": { "$ref": "#/types/aws:mq/BrokerLogs:BrokerLogs", "description": "Logging configuration of the broker. See below.\n" }, "maintenanceWindowStartTime": { "$ref": "#/types/aws:mq/BrokerMaintenanceWindowStartTime:BrokerMaintenanceWindowStartTime", "description": "Maintenance window start time. See below.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Whether to enable connections from applications outside of the VPC that hosts the broker's subnets.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The list of security group IDs assigned to the broker.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The list of subnet IDs in which to launch the broker. A `SINGLE_INSTANCE` deployment requires one subnet. An `ACTIVE_STANDBY_MULTI_AZ` deployment requires two subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "users": { "type": "array", "items": { "$ref": "#/types/aws:mq/BrokerUser:BrokerUser" }, "description": "The list of all ActiveMQ usernames for the specified broker. See below.\n" } }, "requiredInputs": [ "brokerName", "engineType", "engineVersion", "hostInstanceType", "securityGroups", "users" ], "stateInputs": { "description": "Input properties used for looking up and filtering Broker resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any broker modifications\nare applied immediately, or during the next maintenance window. Default is `false`.\n" }, "arn": { "type": "string", "description": "The ARN of the broker.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Enables automatic upgrades to new minor versions for brokers, as Apache releases the versions.\n" }, "brokerName": { "type": "string", "description": "The name of the broker.\n" }, "configuration": { "$ref": "#/types/aws:mq/BrokerConfiguration:BrokerConfiguration", "description": "Configuration of the broker. See below.\n" }, "deploymentMode": { "type": "string", "description": "The deployment mode of the broker. Supported: `SINGLE_INSTANCE` and `ACTIVE_STANDBY_MULTI_AZ`. Defaults to `SINGLE_INSTANCE`.\n" }, "encryptionOptions": { "$ref": "#/types/aws:mq/BrokerEncryptionOptions:BrokerEncryptionOptions", "description": "Configuration block containing encryption options. See below.\n" }, "engineType": { "type": "string", "description": "The type of broker engine. Currently, Amazon MQ supports only `ActiveMQ`.\n" }, "engineVersion": { "type": "string", "description": "The version of the broker engine. See the [AmazonMQ Broker Engine docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html) for supported versions.\n" }, "hostInstanceType": { "type": "string", "description": "The broker's instance type. e.g. `mq.t2.micro` or `mq.m4.large`\n" }, "instances": { "type": "array", "items": { "$ref": "#/types/aws:mq/BrokerInstance:BrokerInstance" }, "description": "A list of information about allocated brokers (both active \u0026 standby).\n* `instances.0.console_url` - The URL of the broker's [ActiveMQ Web Console](http://activemq.apache.org/web-console.html).\n* `instances.0.ip_address` - The IP Address of the broker.\n* `instances.0.endpoints` - The broker's wire-level protocol endpoints in the following order \u0026 format referenceable e.g. as `instances.0.endpoints.0` (SSL):\n* `ssl://broker-id.mq.us-west-2.amazonaws.com:61617`\n* `amqp+ssl://broker-id.mq.us-west-2.amazonaws.com:5671`\n* `stomp+ssl://broker-id.mq.us-west-2.amazonaws.com:61614`\n* `mqtt+ssl://broker-id.mq.us-west-2.amazonaws.com:8883`\n* `wss://broker-id.mq.us-west-2.amazonaws.com:61619`\n" }, "logs": { "$ref": "#/types/aws:mq/BrokerLogs:BrokerLogs", "description": "Logging configuration of the broker. See below.\n" }, "maintenanceWindowStartTime": { "$ref": "#/types/aws:mq/BrokerMaintenanceWindowStartTime:BrokerMaintenanceWindowStartTime", "description": "Maintenance window start time. See below.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Whether to enable connections from applications outside of the VPC that hosts the broker's subnets.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The list of security group IDs assigned to the broker.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The list of subnet IDs in which to launch the broker. A `SINGLE_INSTANCE` deployment requires one subnet. An `ACTIVE_STANDBY_MULTI_AZ` deployment requires two subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "users": { "type": "array", "items": { "$ref": "#/types/aws:mq/BrokerUser:BrokerUser" }, "description": "The list of all ActiveMQ usernames for the specified broker. See below.\n" } }, "type": "object" } }, "aws:mq/configuration:Configuration": { "description": "Provides an MQ Configuration Resource. \n\nFor more information on Amazon MQ, see [Amazon MQ documentation](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/welcome.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mq.Configuration(\"example\", {\n data: `\u003c?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?\u003e\n\u003cbroker xmlns=\"http://activemq.apache.org/schema/core\"\u003e\n \u003cplugins\u003e\n \u003cforcePersistencyModeBrokerPlugin persistenceFlag=\"true\"/\u003e\n \u003cstatisticsBrokerPlugin/\u003e\n \u003ctimeStampingBrokerPlugin ttlCeiling=\"86400000\" zeroExpirationOverride=\"86400000\"/\u003e\n \u003c/plugins\u003e\n\u003c/broker\u003e\n`,\n description: \"Example Configuration\",\n engineType: \"ActiveMQ\",\n engineVersion: \"5.15.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mq.Configuration(\"example\",\n data=\"\"\"\u003c?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?\u003e\n\u003cbroker xmlns=\"http://activemq.apache.org/schema/core\"\u003e\n \u003cplugins\u003e\n \u003cforcePersistencyModeBrokerPlugin persistenceFlag=\"true\"/\u003e\n \u003cstatisticsBrokerPlugin/\u003e\n \u003ctimeStampingBrokerPlugin ttlCeiling=\"86400000\" zeroExpirationOverride=\"86400000\"/\u003e\n \u003c/plugins\u003e\n\u003c/broker\u003e\n\n\"\"\",\n description=\"Example Configuration\",\n engine_type=\"ActiveMQ\",\n engine_version=\"5.15.0\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Mq.Configuration(\"example\", new Aws.Mq.ConfigurationArgs\n {\n Data = @\"\u003c?xml version=\"\"1.0\"\" encoding=\"\"UTF-8\"\" standalone=\"\"yes\"\"?\u003e\n\u003cbroker xmlns=\"\"http://activemq.apache.org/schema/core\"\"\u003e\n \u003cplugins\u003e\n \u003cforcePersistencyModeBrokerPlugin persistenceFlag=\"\"true\"\"/\u003e\n \u003cstatisticsBrokerPlugin/\u003e\n \u003ctimeStampingBrokerPlugin ttlCeiling=\"\"86400000\"\" zeroExpirationOverride=\"\"86400000\"\"/\u003e\n \u003c/plugins\u003e\n\u003c/broker\u003e\n\n\",\n Description = \"Example Configuration\",\n EngineType = \"ActiveMQ\",\n EngineVersion = \"5.15.0\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = mq.NewConfiguration(ctx, \"example\", \u0026mq.ConfigurationArgs{\n\t\t\tData: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v\", \"\u003c?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\" standalone=\\\"yes\\\"?\u003e\\n\", \"\u003cbroker xmlns=\\\"http://activemq.apache.org/schema/core\\\"\u003e\\n\", \" \u003cplugins\u003e\\n\", \" \u003cforcePersistencyModeBrokerPlugin persistenceFlag=\\\"true\\\"/\u003e\\n\", \" \u003cstatisticsBrokerPlugin/\u003e\\n\", \" \u003ctimeStampingBrokerPlugin ttlCeiling=\\\"86400000\\\" zeroExpirationOverride=\\\"86400000\\\"/\u003e\\n\", \" \u003c/plugins\u003e\\n\", \"\u003c/broker\u003e\\n\", \"\\n\")),\n\t\t\tDescription: pulumi.String(\"Example Configuration\"),\n\t\t\tEngineType: pulumi.String(\"ActiveMQ\"),\n\t\t\tEngineVersion: pulumi.String(\"5.15.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the configuration.\n" }, "data": { "type": "string", "description": "The broker configuration in XML format.\nSee [official docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/amazon-mq-broker-configuration-parameters.html)\nfor supported parameters and format of the XML.\n" }, "description": { "type": "string", "description": "The description of the configuration.\n" }, "engineType": { "type": "string", "description": "The type of broker engine.\n" }, "engineVersion": { "type": "string", "description": "The version of the broker engine.\n" }, "latestRevision": { "type": "integer", "description": "The latest revision of the configuration.\n" }, "name": { "type": "string", "description": "The name of the configuration\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "data", "engineType", "engineVersion", "latestRevision", "name" ], "inputProperties": { "data": { "type": "string", "description": "The broker configuration in XML format.\nSee [official docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/amazon-mq-broker-configuration-parameters.html)\nfor supported parameters and format of the XML.\n" }, "description": { "type": "string", "description": "The description of the configuration.\n" }, "engineType": { "type": "string", "description": "The type of broker engine.\n" }, "engineVersion": { "type": "string", "description": "The version of the broker engine.\n" }, "name": { "type": "string", "description": "The name of the configuration\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "data", "engineType", "engineVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering Configuration resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the configuration.\n" }, "data": { "type": "string", "description": "The broker configuration in XML format.\nSee [official docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/amazon-mq-broker-configuration-parameters.html)\nfor supported parameters and format of the XML.\n" }, "description": { "type": "string", "description": "The description of the configuration.\n" }, "engineType": { "type": "string", "description": "The type of broker engine.\n" }, "engineVersion": { "type": "string", "description": "The version of the broker engine.\n" }, "latestRevision": { "type": "integer", "description": "The latest revision of the configuration.\n" }, "name": { "type": "string", "description": "The name of the configuration\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:msk/cluster:Cluster": { "description": "Manages AWS Managed Streaming for Kafka cluster\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the MSK Configuration to use in the cluster.\n" }, "bootstrapBrokers": { "type": "string", "description": "A comma separated list of one or more hostname:port pairs of kafka brokers suitable to boostrap connectivity to the kafka cluster. Only contains value if `client_broker` encryption in transit is set to `PLAINTEXT` or `TLS_PLAINTEXT`.\n" }, "bootstrapBrokersTls": { "type": "string", "description": "A comma separated list of one or more DNS names (or IPs) and TLS port pairs kafka brokers suitable to boostrap connectivity to the kafka cluster. Only contains value if `client_broker` encryption in transit is set to `TLS_PLAINTEXT` or `TLS`.\n" }, "brokerNodeGroupInfo": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfo:ClusterBrokerNodeGroupInfo", "description": "Configuration block for the broker nodes of the Kafka cluster.\n" }, "clientAuthentication": { "$ref": "#/types/aws:msk/ClusterClientAuthentication:ClusterClientAuthentication", "description": "Configuration block for specifying a client authentication. See below.\n" }, "clusterName": { "type": "string", "description": "Name of the MSK cluster.\n" }, "configurationInfo": { "$ref": "#/types/aws:msk/ClusterConfigurationInfo:ClusterConfigurationInfo", "description": "Configuration block for specifying a MSK Configuration to attach to Kafka brokers. See below.\n" }, "currentVersion": { "type": "string", "description": "Current version of the MSK Cluster used for updates, e.g. `K13V1IB3VIYZZH`\n* `encryption_info.0.encryption_at_rest_kms_key_arn` - The ARN of the KMS key used for encryption at rest of the broker data volumes.\n" }, "encryptionInfo": { "$ref": "#/types/aws:msk/ClusterEncryptionInfo:ClusterEncryptionInfo", "description": "Configuration block for specifying encryption. See below.\n" }, "enhancedMonitoring": { "type": "string", "description": "Specify the desired enhanced MSK CloudWatch monitoring level. See [Monitoring Amazon MSK with Amazon CloudWatch](https://docs.aws.amazon.com/msk/latest/developerguide/monitoring.html)\n" }, "kafkaVersion": { "type": "string", "description": "Specify the desired Kafka software version.\n" }, "loggingInfo": { "$ref": "#/types/aws:msk/ClusterLoggingInfo:ClusterLoggingInfo", "description": "Configuration block for streaming broker logs to Cloudwatch/S3/Kinesis Firehose. See below.\n" }, "numberOfBrokerNodes": { "type": "integer", "description": "The desired total number of broker nodes in the kafka cluster. It must be a multiple of the number of specified client subnets.\n" }, "openMonitoring": { "$ref": "#/types/aws:msk/ClusterOpenMonitoring:ClusterOpenMonitoring", "description": "Configuration block for JMX and Node monitoring for the MSK cluster. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" }, "zookeeperConnectString": { "type": "string", "description": "A comma separated list of one or more hostname:port pairs to use to connect to the Apache Zookeeper cluster.\n" } }, "required": [ "arn", "bootstrapBrokers", "bootstrapBrokersTls", "brokerNodeGroupInfo", "clusterName", "currentVersion", "kafkaVersion", "numberOfBrokerNodes", "zookeeperConnectString" ], "inputProperties": { "brokerNodeGroupInfo": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfo:ClusterBrokerNodeGroupInfo", "description": "Configuration block for the broker nodes of the Kafka cluster.\n" }, "clientAuthentication": { "$ref": "#/types/aws:msk/ClusterClientAuthentication:ClusterClientAuthentication", "description": "Configuration block for specifying a client authentication. See below.\n" }, "clusterName": { "type": "string", "description": "Name of the MSK cluster.\n" }, "configurationInfo": { "$ref": "#/types/aws:msk/ClusterConfigurationInfo:ClusterConfigurationInfo", "description": "Configuration block for specifying a MSK Configuration to attach to Kafka brokers. See below.\n" }, "encryptionInfo": { "$ref": "#/types/aws:msk/ClusterEncryptionInfo:ClusterEncryptionInfo", "description": "Configuration block for specifying encryption. See below.\n" }, "enhancedMonitoring": { "type": "string", "description": "Specify the desired enhanced MSK CloudWatch monitoring level. See [Monitoring Amazon MSK with Amazon CloudWatch](https://docs.aws.amazon.com/msk/latest/developerguide/monitoring.html)\n" }, "kafkaVersion": { "type": "string", "description": "Specify the desired Kafka software version.\n" }, "loggingInfo": { "$ref": "#/types/aws:msk/ClusterLoggingInfo:ClusterLoggingInfo", "description": "Configuration block for streaming broker logs to Cloudwatch/S3/Kinesis Firehose. See below.\n" }, "numberOfBrokerNodes": { "type": "integer", "description": "The desired total number of broker nodes in the kafka cluster. It must be a multiple of the number of specified client subnets.\n" }, "openMonitoring": { "$ref": "#/types/aws:msk/ClusterOpenMonitoring:ClusterOpenMonitoring", "description": "Configuration block for JMX and Node monitoring for the MSK cluster. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" } }, "requiredInputs": [ "brokerNodeGroupInfo", "clusterName", "kafkaVersion", "numberOfBrokerNodes" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the MSK Configuration to use in the cluster.\n" }, "bootstrapBrokers": { "type": "string", "description": "A comma separated list of one or more hostname:port pairs of kafka brokers suitable to boostrap connectivity to the kafka cluster. Only contains value if `client_broker` encryption in transit is set to `PLAINTEXT` or `TLS_PLAINTEXT`.\n" }, "bootstrapBrokersTls": { "type": "string", "description": "A comma separated list of one or more DNS names (or IPs) and TLS port pairs kafka brokers suitable to boostrap connectivity to the kafka cluster. Only contains value if `client_broker` encryption in transit is set to `TLS_PLAINTEXT` or `TLS`.\n" }, "brokerNodeGroupInfo": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfo:ClusterBrokerNodeGroupInfo", "description": "Configuration block for the broker nodes of the Kafka cluster.\n" }, "clientAuthentication": { "$ref": "#/types/aws:msk/ClusterClientAuthentication:ClusterClientAuthentication", "description": "Configuration block for specifying a client authentication. See below.\n" }, "clusterName": { "type": "string", "description": "Name of the MSK cluster.\n" }, "configurationInfo": { "$ref": "#/types/aws:msk/ClusterConfigurationInfo:ClusterConfigurationInfo", "description": "Configuration block for specifying a MSK Configuration to attach to Kafka brokers. See below.\n" }, "currentVersion": { "type": "string", "description": "Current version of the MSK Cluster used for updates, e.g. `K13V1IB3VIYZZH`\n* `encryption_info.0.encryption_at_rest_kms_key_arn` - The ARN of the KMS key used for encryption at rest of the broker data volumes.\n" }, "encryptionInfo": { "$ref": "#/types/aws:msk/ClusterEncryptionInfo:ClusterEncryptionInfo", "description": "Configuration block for specifying encryption. See below.\n" }, "enhancedMonitoring": { "type": "string", "description": "Specify the desired enhanced MSK CloudWatch monitoring level. See [Monitoring Amazon MSK with Amazon CloudWatch](https://docs.aws.amazon.com/msk/latest/developerguide/monitoring.html)\n" }, "kafkaVersion": { "type": "string", "description": "Specify the desired Kafka software version.\n" }, "loggingInfo": { "$ref": "#/types/aws:msk/ClusterLoggingInfo:ClusterLoggingInfo", "description": "Configuration block for streaming broker logs to Cloudwatch/S3/Kinesis Firehose. See below.\n" }, "numberOfBrokerNodes": { "type": "integer", "description": "The desired total number of broker nodes in the kafka cluster. It must be a multiple of the number of specified client subnets.\n" }, "openMonitoring": { "$ref": "#/types/aws:msk/ClusterOpenMonitoring:ClusterOpenMonitoring", "description": "Configuration block for JMX and Node monitoring for the MSK cluster. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource\n" }, "zookeeperConnectString": { "type": "string", "description": "A comma separated list of one or more hostname:port pairs to use to connect to the Apache Zookeeper cluster.\n" } }, "type": "object" } }, "aws:msk/configuration:Configuration": { "description": "Manages an Amazon Managed Streaming for Kafka configuration. More information can be found on the [MSK Developer Guide](https://docs.aws.amazon.com/msk/latest/developerguide/msk-configuration.html).\n\n\u003e **NOTE:** The API does not support deleting MSK configurations. Removing this resource will only remove the this provider state for it.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.msk.Configuration(\"example\", {\n kafkaVersions: [\"2.1.0\"],\n serverProperties: `auto.create.topics.enable = true\ndelete.topic.enable = true\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.Configuration(\"example\",\n kafka_versions=[\"2.1.0\"],\n server_properties=\"\"\"auto.create.topics.enable = true\ndelete.topic.enable = true\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Msk.Configuration(\"example\", new Aws.Msk.ConfigurationArgs\n {\n KafkaVersions = \n {\n \"2.1.0\",\n },\n ServerProperties = @\"auto.create.topics.enable = true\ndelete.topic.enable = true\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = msk.NewConfiguration(ctx, \"example\", \u0026msk.ConfigurationArgs{\n\t\t\tKafkaVersions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"2.1.0\"),\n\t\t\t},\n\t\t\tServerProperties: pulumi.String(fmt.Sprintf(\"%v%v%v\", \"auto.create.topics.enable = true\\n\", \"delete.topic.enable = true\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the configuration.\n" }, "description": { "type": "string", "description": "Description of the configuration.\n" }, "kafkaVersions": { "type": "array", "items": { "type": "string" }, "description": "List of Apache Kafka versions which can use this configuration.\n" }, "latestRevision": { "type": "integer", "description": "Latest revision of the configuration.\n" }, "name": { "type": "string", "description": "Name of the configuration.\n" }, "serverProperties": { "type": "string", "description": "Contents of the server.properties file. Supported properties are documented in the [MSK Developer Guide](https://docs.aws.amazon.com/msk/latest/developerguide/msk-configuration-properties.html).\n" } }, "required": [ "arn", "kafkaVersions", "latestRevision", "name", "serverProperties" ], "inputProperties": { "description": { "type": "string", "description": "Description of the configuration.\n" }, "kafkaVersions": { "type": "array", "items": { "type": "string" }, "description": "List of Apache Kafka versions which can use this configuration.\n" }, "name": { "type": "string", "description": "Name of the configuration.\n" }, "serverProperties": { "type": "string", "description": "Contents of the server.properties file. Supported properties are documented in the [MSK Developer Guide](https://docs.aws.amazon.com/msk/latest/developerguide/msk-configuration-properties.html).\n" } }, "requiredInputs": [ "kafkaVersions", "serverProperties" ], "stateInputs": { "description": "Input properties used for looking up and filtering Configuration resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the configuration.\n" }, "description": { "type": "string", "description": "Description of the configuration.\n" }, "kafkaVersions": { "type": "array", "items": { "type": "string" }, "description": "List of Apache Kafka versions which can use this configuration.\n" }, "latestRevision": { "type": "integer", "description": "Latest revision of the configuration.\n" }, "name": { "type": "string", "description": "Name of the configuration.\n" }, "serverProperties": { "type": "string", "description": "Contents of the server.properties file. Supported properties are documented in the [MSK Developer Guide](https://docs.aws.amazon.com/msk/latest/developerguide/msk-configuration-properties.html).\n" } }, "type": "object" } }, "aws:neptune/cluster:Cluster": { "description": "Provides an Neptune Cluster Resource. A Cluster Resource defines attributes that are\napplied to the entire cluster of Neptune Cluster Instances.\n\nChanges to a Neptune Cluster can occur when you manually change a\nparameter, such as `backup_retention_period`, and are reflected in the next maintenance\nwindow. Because of this, this provider may report a difference in its planning\nphase because a modification has not yet taken place. You can use the\n`apply_immediately` flag to instruct the service to apply the change immediately\n(see documentation below).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.neptune.Cluster(\"default\", {\n applyImmediately: true,\n backupRetentionPeriod: 5,\n clusterIdentifier: \"neptune-cluster-demo\",\n engine: \"neptune\",\n iamDatabaseAuthenticationEnabled: true,\n preferredBackupWindow: \"07:00-09:00\",\n skipFinalSnapshot: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.neptune.Cluster(\"default\",\n apply_immediately=True,\n backup_retention_period=5,\n cluster_identifier=\"neptune-cluster-demo\",\n engine=\"neptune\",\n iam_database_authentication_enabled=True,\n preferred_backup_window=\"07:00-09:00\",\n skip_final_snapshot=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Neptune.Cluster(\"default\", new Aws.Neptune.ClusterArgs\n {\n ApplyImmediately = true,\n BackupRetentionPeriod = 5,\n ClusterIdentifier = \"neptune-cluster-demo\",\n Engine = \"neptune\",\n IamDatabaseAuthenticationEnabled = true,\n PreferredBackupWindow = \"07:00-09:00\",\n SkipFinalSnapshot = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = neptune.NewCluster(ctx, \"default\", \u0026neptune.ClusterArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tClusterIdentifier: pulumi.String(\"neptune-cluster-demo\"),\n\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\tIamDatabaseAuthenticationEnabled: pulumi.Bool(true),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n\u003e **Note:** AWS Neptune does not support user name/password–based access control.\nSee the AWS [Docs](https://docs.aws.amazon.com/neptune/latest/userguide/limits.html) for more information.\n{{% /example %}}\n{{% /examples %}}", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "arn": { "type": "string", "description": "The Neptune Cluster Amazon Resource Name (ARN)\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that instances in the Neptune cluster can be created in.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of Neptune Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "The Neptune Cluster Resource ID\n" }, "deletionProtection": { "type": "boolean", "description": "A value that indicates whether the DB cluster has deletion protection enabled.The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n" }, "enableCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "A list of the log types this DB cluster is configured to export to Cloudwatch Logs. Currently only supports `audit`.\n" }, "endpoint": { "type": "string", "description": "The DNS address of the Neptune instance\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this Neptune cluster. Defaults to `neptune`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final Neptune snapshot when this Neptune cluster is deleted. If omitted, no final snapshot will be made.\n" }, "hostedZoneId": { "type": "string", "description": "The Route53 Hosted Zone ID of the endpoint\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A List of ARNs for the IAM roles to associate to the Neptune Cluster.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_arn`, `storage_encrypted` needs to be set to true.\n" }, "neptuneClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A Neptune subnet group to associate with this Neptune instance.\n" }, "port": { "type": "integer", "description": "The port on which the Neptune accepts connections. Default is `8182`.\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter. Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g. wed:04:00-wed:04:30\n" }, "readerEndpoint": { "type": "string", "description": "A read-only endpoint for the Neptune cluster, automatically load-balanced across replicas\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source Neptune cluster or Neptune instance if this Neptune cluster is to be created as a Read Replica.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final Neptune snapshot is created before the Neptune cluster is deleted. If true is specified, no Neptune snapshot is created. If false is specified, a Neptune snapshot is created before the Neptune cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a Neptune cluster snapshot, or the ARN when specifying a Neptune snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the Neptune cluster is encrypted. The default is `false` if not specified.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Neptune cluster.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "required": [ "applyImmediately", "arn", "availabilityZones", "clusterIdentifier", "clusterIdentifierPrefix", "clusterMembers", "clusterResourceId", "endpoint", "engineVersion", "hostedZoneId", "kmsKeyArn", "neptuneSubnetGroupName", "preferredBackupWindow", "preferredMaintenanceWindow", "readerEndpoint", "vpcSecurityGroupIds" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that instances in the Neptune cluster can be created in.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n" }, "deletionProtection": { "type": "boolean", "description": "A value that indicates whether the DB cluster has deletion protection enabled.The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n" }, "enableCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "A list of the log types this DB cluster is configured to export to Cloudwatch Logs. Currently only supports `audit`.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this Neptune cluster. Defaults to `neptune`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final Neptune snapshot when this Neptune cluster is deleted. If omitted, no final snapshot will be made.\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A List of ARNs for the IAM roles to associate to the Neptune Cluster.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_arn`, `storage_encrypted` needs to be set to true.\n" }, "neptuneClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A Neptune subnet group to associate with this Neptune instance.\n" }, "port": { "type": "integer", "description": "The port on which the Neptune accepts connections. Default is `8182`.\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter. Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g. wed:04:00-wed:04:30\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source Neptune cluster or Neptune instance if this Neptune cluster is to be created as a Read Replica.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final Neptune snapshot is created before the Neptune cluster is deleted. If true is specified, no Neptune snapshot is created. If false is specified, a Neptune snapshot is created before the Neptune cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a Neptune cluster snapshot, or the ARN when specifying a Neptune snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the Neptune cluster is encrypted. The default is `false` if not specified.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Neptune cluster.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "arn": { "type": "string", "description": "The Neptune Cluster Amazon Resource Name (ARN)\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that instances in the Neptune cluster can be created in.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of Neptune Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "The Neptune Cluster Resource ID\n" }, "deletionProtection": { "type": "boolean", "description": "A value that indicates whether the DB cluster has deletion protection enabled.The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n" }, "enableCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "A list of the log types this DB cluster is configured to export to Cloudwatch Logs. Currently only supports `audit`.\n" }, "endpoint": { "type": "string", "description": "The DNS address of the Neptune instance\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this Neptune cluster. Defaults to `neptune`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final Neptune snapshot when this Neptune cluster is deleted. If omitted, no final snapshot will be made.\n" }, "hostedZoneId": { "type": "string", "description": "The Route53 Hosted Zone ID of the endpoint\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A List of ARNs for the IAM roles to associate to the Neptune Cluster.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_arn`, `storage_encrypted` needs to be set to true.\n" }, "neptuneClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A Neptune subnet group to associate with this Neptune instance.\n" }, "port": { "type": "integer", "description": "The port on which the Neptune accepts connections. Default is `8182`.\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter. Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g. wed:04:00-wed:04:30\n" }, "readerEndpoint": { "type": "string", "description": "A read-only endpoint for the Neptune cluster, automatically load-balanced across replicas\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source Neptune cluster or Neptune instance if this Neptune cluster is to be created as a Read Replica.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final Neptune snapshot is created before the Neptune cluster is deleted. If true is specified, no Neptune snapshot is created. If false is specified, a Neptune snapshot is created before the Neptune cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a Neptune cluster snapshot, or the ARN when specifying a Neptune snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the Neptune cluster is encrypted. The default is `false` if not specified.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Neptune cluster.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "type": "object" } }, "aws:neptune/clusterInstance:ClusterInstance": { "description": "A Cluster Instance Resource defines attributes that are specific to a single instance in a Neptune Cluster.\n\nYou can simply add neptune instances and Neptune manages the replication. You can use the [count](https://www.terraform.io/docs/configuration/resources.html#count)\nmeta-parameter to make multiple instances and join them all to the same Neptune Cluster, or you may specify different Cluster Instance resources with various `instance_class` sizes.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example will create a neptune cluster with two neptune instances(one writer and one reader).\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.neptune.Cluster(\"default\", {\n applyImmediately: true,\n backupRetentionPeriod: 5,\n clusterIdentifier: \"neptune-cluster-demo\",\n engine: \"neptune\",\n iamDatabaseAuthenticationEnabled: true,\n preferredBackupWindow: \"07:00-09:00\",\n skipFinalSnapshot: true,\n});\nconst example: aws.neptune.ClusterInstance[] = [];\nfor (let i = 0; i \u003c 2; i++) {\n example.push(new aws.neptune.ClusterInstance(`example-${i}`, {\n applyImmediately: true,\n clusterIdentifier: defaultCluster.id,\n engine: \"neptune\",\n instanceClass: \"db.r4.large\",\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.neptune.Cluster(\"default\",\n apply_immediately=True,\n backup_retention_period=5,\n cluster_identifier=\"neptune-cluster-demo\",\n engine=\"neptune\",\n iam_database_authentication_enabled=True,\n preferred_backup_window=\"07:00-09:00\",\n skip_final_snapshot=True)\nexample = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n example.append(aws.neptune.ClusterInstance(f\"example-{range['value']}\",\n apply_immediately=True,\n cluster_identifier=default.id,\n engine=\"neptune\",\n instance_class=\"db.r4.large\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Neptune.Cluster(\"default\", new Aws.Neptune.ClusterArgs\n {\n ApplyImmediately = true,\n BackupRetentionPeriod = 5,\n ClusterIdentifier = \"neptune-cluster-demo\",\n Engine = \"neptune\",\n IamDatabaseAuthenticationEnabled = true,\n PreferredBackupWindow = \"07:00-09:00\",\n SkipFinalSnapshot = true,\n });\n var example = new List\u003cAws.Neptune.ClusterInstance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Neptune.ClusterInstance($\"example-{range.Value}\", new Aws.Neptune.ClusterInstanceArgs\n {\n ApplyImmediately = true,\n ClusterIdentifier = @default.Id,\n Engine = \"neptune\",\n InstanceClass = \"db.r4.large\",\n }));\n }\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "address": { "type": "string", "description": "The hostname of the instance. See also `endpoint` and `port`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any instance modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of neptune instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the instance during the maintenance window. Default is `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the neptune instance is created in.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.neptune.Cluster` in which to launch this instance.\n" }, "dbiResourceId": { "type": "string", "description": "The region-unique, immutable identifier for the neptune instance.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint in `address:port` format.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the neptune instance. Defaults to `neptune`. Valid Values: `neptune`.\n" }, "engineVersion": { "type": "string", "description": "The neptune engine version.\n" }, "identifier": { "type": "string", "description": "The indentifier for the neptune instance, if omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "description": "The instance class to use.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key if one is set to the neptune cluster.\n" }, "neptuneParameterGroupName": { "type": "string", "description": "The name of the neptune parameter group to associate with this instance.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A subnet group to associate with this neptune instance. **NOTE:** This must match the `neptune_subnet_group_name` of the attached `aws.neptune.Cluster`.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections. Defaults to `8182`.\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled. Eg: \"04:00-09:00\"\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible. Default is `false`.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the neptune cluster is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance.\n" }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "required": [ "address", "applyImmediately", "arn", "availabilityZone", "clusterIdentifier", "dbiResourceId", "endpoint", "engineVersion", "identifier", "identifierPrefix", "instanceClass", "kmsKeyArn", "neptuneSubnetGroupName", "preferredBackupWindow", "preferredMaintenanceWindow", "storageEncrypted", "writer" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any instance modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the instance during the maintenance window. Default is `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the neptune instance is created in.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.neptune.Cluster` in which to launch this instance.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the neptune instance. Defaults to `neptune`. Valid Values: `neptune`.\n" }, "engineVersion": { "type": "string", "description": "The neptune engine version.\n" }, "identifier": { "type": "string", "description": "The indentifier for the neptune instance, if omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "description": "The instance class to use.\n" }, "neptuneParameterGroupName": { "type": "string", "description": "The name of the neptune parameter group to associate with this instance.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A subnet group to associate with this neptune instance. **NOTE:** This must match the `neptune_subnet_group_name` of the attached `aws.neptune.Cluster`.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections. Defaults to `8182`.\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled. Eg: \"04:00-09:00\"\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible. Default is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance.\n" } }, "requiredInputs": [ "clusterIdentifier", "instanceClass" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterInstance resources.\n", "properties": { "address": { "type": "string", "description": "The hostname of the instance. See also `endpoint` and `port`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any instance modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of neptune instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the instance during the maintenance window. Default is `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the neptune instance is created in.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.neptune.Cluster` in which to launch this instance.\n" }, "dbiResourceId": { "type": "string", "description": "The region-unique, immutable identifier for the neptune instance.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint in `address:port` format.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the neptune instance. Defaults to `neptune`. Valid Values: `neptune`.\n" }, "engineVersion": { "type": "string", "description": "The neptune engine version.\n" }, "identifier": { "type": "string", "description": "The indentifier for the neptune instance, if omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "description": "The instance class to use.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key if one is set to the neptune cluster.\n" }, "neptuneParameterGroupName": { "type": "string", "description": "The name of the neptune parameter group to associate with this instance.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A subnet group to associate with this neptune instance. **NOTE:** This must match the `neptune_subnet_group_name` of the attached `aws.neptune.Cluster`.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections. Defaults to `8182`.\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled. Eg: \"04:00-09:00\"\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible. Default is `false`.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the neptune cluster is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance.\n" }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "type": "object" } }, "aws:neptune/clusterParameterGroup:ClusterParameterGroup": { "description": "Manages a Neptune Cluster Parameter Group\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.ClusterParameterGroup(\"example\", {\n description: \"neptune cluster parameter group\",\n family: \"neptune1\",\n parameters: [{\n name: \"neptune_enable_audit_log\",\n value: \"1\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.ClusterParameterGroup(\"example\",\n description=\"neptune cluster parameter group\",\n family=\"neptune1\",\n parameters=[{\n \"name\": \"neptune_enable_audit_log\",\n \"value\": 1,\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Neptune.ClusterParameterGroup(\"example\", new Aws.Neptune.ClusterParameterGroupArgs\n {\n Description = \"neptune cluster parameter group\",\n Family = \"neptune1\",\n Parameters = \n {\n new Aws.Neptune.Inputs.ClusterParameterGroupParameterArgs\n {\n Name = \"neptune_enable_audit_log\",\n Value = \"1\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = neptune.NewClusterParameterGroup(ctx, \"example\", \u0026neptune.ClusterParameterGroupArgs{\n\t\t\tDescription: pulumi.String(\"neptune cluster parameter group\"),\n\t\t\tFamily: pulumi.String(\"neptune1\"),\n\t\t\tParameters: neptune.ClusterParameterGroupParameterArray{\n\t\t\t\t\u0026neptune.ClusterParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"neptune_enable_audit_log\"),\n\t\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the neptune cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the neptune cluster parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the neptune cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the neptune parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "family", "name", "namePrefix" ], "inputProperties": { "description": { "type": "string", "description": "The description of the neptune cluster parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the neptune cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the neptune parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the neptune cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the neptune cluster parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the neptune cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the neptune parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:neptune/clusterSnapshot:ClusterSnapshot": { "description": "Manages a Neptune database cluster snapshot.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.ClusterSnapshot(\"example\", {\n dbClusterIdentifier: aws_neptune_cluster_example.id,\n dbClusterSnapshotIdentifier: \"resourcetestsnapshot1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.ClusterSnapshot(\"example\",\n db_cluster_identifier=aws_neptune_cluster[\"example\"][\"id\"],\n db_cluster_snapshot_identifier=\"resourcetestsnapshot1234\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Neptune.ClusterSnapshot(\"example\", new Aws.Neptune.ClusterSnapshotArgs\n {\n DbClusterIdentifier = aws_neptune_cluster.Example.Id,\n DbClusterSnapshotIdentifier = \"resourcetestsnapshot1234\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = neptune.NewClusterSnapshot(ctx, \"example\", \u0026neptune.ClusterSnapshotArgs{\n\t\t\tDbClusterIdentifier: pulumi.String(aws_neptune_cluster.Example.Id),\n\t\t\tDbClusterSnapshotIdentifier: pulumi.String(\"resourcetestsnapshot1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DB cluster snapshot.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB cluster.\n" }, "port": { "type": "integer", "description": "Port that the DB cluster was listening on at the time of the snapshot.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster snapshot is encrypted.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DB cluster snapshot.\n" } }, "required": [ "allocatedStorage", "availabilityZones", "dbClusterIdentifier", "dbClusterSnapshotArn", "dbClusterSnapshotIdentifier", "engine", "engineVersion", "kmsKeyId", "licenseModel", "port", "snapshotType", "sourceDbClusterSnapshotArn", "status", "storageEncrypted", "vpcId" ], "inputProperties": { "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" } }, "requiredInputs": [ "dbClusterIdentifier", "dbClusterSnapshotIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterSnapshot resources.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DB cluster snapshot.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB cluster.\n" }, "port": { "type": "integer", "description": "Port that the DB cluster was listening on at the time of the snapshot.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster snapshot is encrypted.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DB cluster snapshot.\n" } }, "type": "object" } }, "aws:neptune/eventSubscription:EventSubscription": { "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.neptune.Cluster(\"default\", {\n applyImmediately: true,\n backupRetentionPeriod: 5,\n clusterIdentifier: \"neptune-cluster-demo\",\n engine: \"neptune\",\n iamDatabaseAuthenticationEnabled: true,\n preferredBackupWindow: \"07:00-09:00\",\n skipFinalSnapshot: true,\n});\nconst example = new aws.neptune.ClusterInstance(\"example\", {\n applyImmediately: true,\n clusterIdentifier: defaultCluster.id,\n engine: \"neptune\",\n instanceClass: \"db.r4.large\",\n});\nconst defaultTopic = new aws.sns.Topic(\"default\", {});\nconst defaultEventSubscription = new aws.neptune.EventSubscription(\"default\", {\n eventCategories: [\n \"maintenance\",\n \"availability\",\n \"creation\",\n \"backup\",\n \"restoration\",\n \"recovery\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"notification\",\n \"configuration change\",\n \"read replica\",\n ],\n snsTopicArn: defaultTopic.arn,\n sourceIds: [example.id],\n sourceType: \"db-instance\",\n tags: {\n env: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_cluster = aws.neptune.Cluster(\"defaultCluster\",\n apply_immediately=\"true\",\n backup_retention_period=5,\n cluster_identifier=\"neptune-cluster-demo\",\n engine=\"neptune\",\n iam_database_authentication_enabled=\"true\",\n preferred_backup_window=\"07:00-09:00\",\n skip_final_snapshot=True)\nexample = aws.neptune.ClusterInstance(\"example\",\n apply_immediately=\"true\",\n cluster_identifier=default_cluster.id,\n engine=\"neptune\",\n instance_class=\"db.r4.large\")\ndefault_topic = aws.sns.Topic(\"defaultTopic\")\ndefault_event_subscription = aws.neptune.EventSubscription(\"defaultEventSubscription\",\n event_categories=[\n \"maintenance\",\n \"availability\",\n \"creation\",\n \"backup\",\n \"restoration\",\n \"recovery\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"notification\",\n \"configuration change\",\n \"read replica\",\n ],\n sns_topic_arn=default_topic.arn,\n source_ids=[example.id],\n source_type=\"db-instance\",\n tags={\n \"env\": \"test\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var defaultCluster = new Aws.Neptune.Cluster(\"defaultCluster\", new Aws.Neptune.ClusterArgs\n {\n ApplyImmediately = true,\n BackupRetentionPeriod = 5,\n ClusterIdentifier = \"neptune-cluster-demo\",\n Engine = \"neptune\",\n IamDatabaseAuthenticationEnabled = true,\n PreferredBackupWindow = \"07:00-09:00\",\n SkipFinalSnapshot = true,\n });\n var example = new Aws.Neptune.ClusterInstance(\"example\", new Aws.Neptune.ClusterInstanceArgs\n {\n ApplyImmediately = true,\n ClusterIdentifier = defaultCluster.Id,\n Engine = \"neptune\",\n InstanceClass = \"db.r4.large\",\n });\n var defaultTopic = new Aws.Sns.Topic(\"defaultTopic\", new Aws.Sns.TopicArgs\n {\n });\n var defaultEventSubscription = new Aws.Neptune.EventSubscription(\"defaultEventSubscription\", new Aws.Neptune.EventSubscriptionArgs\n {\n EventCategories = \n {\n \"maintenance\",\n \"availability\",\n \"creation\",\n \"backup\",\n \"restoration\",\n \"recovery\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"notification\",\n \"configuration change\",\n \"read replica\",\n },\n SnsTopicArn = defaultTopic.Arn,\n SourceIds = \n {\n example.Id,\n },\n SourceType = \"db-instance\",\n Tags = \n {\n { \"env\", \"test\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultCluster, err := neptune.NewCluster(ctx, \"defaultCluster\", \u0026neptune.ClusterArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tClusterIdentifier: pulumi.String(\"neptune-cluster-demo\"),\n\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\tIamDatabaseAuthenticationEnabled: pulumi.Bool(true),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := neptune.NewClusterInstance(ctx, \"example\", \u0026neptune.ClusterInstanceArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tClusterIdentifier: defaultCluster.ID(),\n\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\tInstanceClass: pulumi.String(\"db.r4.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultTopic, err := sns.NewTopic(ctx, \"defaultTopic\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = neptune.NewEventSubscription(ctx, \"defaultEventSubscription\", \u0026neptune.EventSubscriptionArgs{\n\t\t\tEventCategories: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"maintenance\"),\n\t\t\t\tpulumi.String(\"availability\"),\n\t\t\t\tpulumi.String(\"creation\"),\n\t\t\t\tpulumi.String(\"backup\"),\n\t\t\t\tpulumi.String(\"restoration\"),\n\t\t\t\tpulumi.String(\"recovery\"),\n\t\t\t\tpulumi.String(\"deletion\"),\n\t\t\t\tpulumi.String(\"failover\"),\n\t\t\t\tpulumi.String(\"failure\"),\n\t\t\t\tpulumi.String(\"notification\"),\n\t\t\t\tpulumi.String(\"configuration change\"),\n\t\t\t\tpulumi.String(\"read replica\"),\n\t\t\t},\n\t\t\tSnsTopicArn: defaultTopic.Arn,\n\t\t\tSourceIds: pulumi.StringArray{\n\t\t\t\texample.ID(),\n\t\t\t},\n\t\t\tSourceType: pulumi.String(\"db-instance\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"env\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Attributes\n\nThe following additional atttributes are provided:\n\n* `id` - The name of the Neptune event notification subscription.\n* `arn` - The Amazon Resource Name of the Neptune event notification subscription.\n* `customer_aws_id` - The AWS customer account associated with the Neptune event notification subscription.\n", "properties": { "arn": { "type": "string" }, "customerAwsId": { "type": "string" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a `source_type` that you want to subscribe to. Run `aws neptune describe-event-categories` to find all the event categories.\n" }, "name": { "type": "string", "description": "The name of the Neptune event subscription. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name of the Neptune event subscription. Conflicts with `name`.\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a `source_type` must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster` or `db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "customerAwsId", "name", "namePrefix", "snsTopicArn" ], "inputProperties": { "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a `source_type` that you want to subscribe to. Run `aws neptune describe-event-categories` to find all the event categories.\n" }, "name": { "type": "string", "description": "The name of the Neptune event subscription. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name of the Neptune event subscription. Conflicts with `name`.\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a `source_type` must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster` or `db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "snsTopicArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSubscription resources.\n", "properties": { "arn": { "type": "string" }, "customerAwsId": { "type": "string" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a `source_type` that you want to subscribe to. Run `aws neptune describe-event-categories` to find all the event categories.\n" }, "name": { "type": "string", "description": "The name of the Neptune event subscription. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name of the Neptune event subscription. Conflicts with `name`.\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a `source_type` must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster` or `db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:neptune/parameterGroup:ParameterGroup": { "description": "Manages a Neptune Parameter Group\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.ParameterGroup(\"example\", {\n family: \"neptune1\",\n parameters: [{\n name: \"neptune_query_timeout\",\n value: \"25\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.ParameterGroup(\"example\",\n family=\"neptune1\",\n parameters=[{\n \"name\": \"neptune_query_timeout\",\n \"value\": \"25\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Neptune.ParameterGroup(\"example\", new Aws.Neptune.ParameterGroupArgs\n {\n Family = \"neptune1\",\n Parameters = \n {\n new Aws.Neptune.Inputs.ParameterGroupParameterArgs\n {\n Name = \"neptune_query_timeout\",\n Value = \"25\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = neptune.NewParameterGroup(ctx, \"example\", \u0026neptune.ParameterGroupArgs{\n\t\t\tFamily: pulumi.String(\"neptune1\"),\n\t\t\tParameters: neptune.ParameterGroupParameterArray{\n\t\t\t\t\u0026neptune.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"neptune_query_timeout\"),\n\t\t\t\t\tValue: pulumi.String(\"25\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Neptune parameter group Amazon Resource Name (ARN).\n" }, "description": { "type": "string", "description": "The description of the Neptune parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the Neptune parameter group.\n" }, "name": { "type": "string", "description": "The name of the Neptune parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "family", "name" ], "inputProperties": { "description": { "type": "string", "description": "The description of the Neptune parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the Neptune parameter group.\n" }, "name": { "type": "string", "description": "The name of the Neptune parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Neptune parameter group Amazon Resource Name (ARN).\n" }, "description": { "type": "string", "description": "The description of the Neptune parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the Neptune parameter group.\n" }, "name": { "type": "string", "description": "The name of the Neptune parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:neptune/subnetGroup:SubnetGroup": { "description": "Provides an Neptune subnet group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultSubnetGroup = new aws.neptune.SubnetGroup(\"default\", {\n subnetIds: [\n aws_subnet_frontend.id,\n aws_subnet_backend.id,\n ],\n tags: {\n Name: \"My neptune subnet group\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.neptune.SubnetGroup(\"default\",\n subnet_ids=[\n aws_subnet[\"frontend\"][\"id\"],\n aws_subnet[\"backend\"][\"id\"],\n ],\n tags={\n \"Name\": \"My neptune subnet group\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Neptune.SubnetGroup(\"default\", new Aws.Neptune.SubnetGroupArgs\n {\n SubnetIds = \n {\n aws_subnet.Frontend.Id,\n aws_subnet.Backend.Id,\n },\n Tags = \n {\n { \"Name\", \"My neptune subnet group\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = neptune.NewSubnetGroup(ctx, \"default\", \u0026neptune.SubnetGroupArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_subnet.Frontend.Id),\n\t\t\t\tpulumi.String(aws_subnet.Backend.Id),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"My neptune subnet group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the neptune subnet group.\n" }, "description": { "type": "string", "description": "The description of the neptune subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the neptune subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "description", "name", "namePrefix", "subnetIds" ], "inputProperties": { "description": { "type": "string", "description": "The description of the neptune subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the neptune subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the neptune subnet group.\n" }, "description": { "type": "string", "description": "The description of the neptune subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the neptune subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:opsworks/application:Application": { "description": "Provides an OpsWorks application resource.\n", "properties": { "appSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationAppSource:ApplicationAppSource" }, "description": "SCM configuration of the app as described below.\n" }, "autoBundleOnDeploy": { "type": "string", "description": "Run bundle install when deploying for application of type `rails`.\n" }, "awsFlowRubySettings": { "type": "string", "description": "Specify activity and workflow workers for your app using the aws-flow gem.\n" }, "dataSourceArn": { "type": "string", "description": "The data source's ARN.\n" }, "dataSourceDatabaseName": { "type": "string", "description": "The database name.\n" }, "dataSourceType": { "type": "string", "description": "The data source's type one of `AutoSelectOpsworksMysqlInstance`, `OpsworksMysqlInstance`, or `RdsDbInstance`.\n" }, "description": { "type": "string", "description": "A description of the app.\n" }, "documentRoot": { "type": "string", "description": "Subfolder for the document root for application of type `rails`.\n" }, "domains": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual host alias.\n" }, "enableSsl": { "type": "boolean", "description": "Whether to enable SSL for the app. This must be set in order to let `ssl_configuration.private_key`, `ssl_configuration.certificate` and `ssl_configuration.chain` take effect.\n" }, "environments": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationEnvironment:ApplicationEnvironment" }, "description": "Object to define environment variables. Object is described below.\n" }, "name": { "type": "string", "description": "A human-readable name for the application.\n" }, "railsEnv": { "type": "string", "description": "The name of the Rails environment for application of type `rails`.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the application. This can only be defined on resource creation and ignored on resource update.\n" }, "sslConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationSslConfiguration:ApplicationSslConfiguration" }, "description": "The SSL configuration of the app. Object is described below.\n" }, "stackId": { "type": "string", "description": "The id of the stack the application will belong to.\n" }, "type": { "type": "string", "description": "Opsworks application type. One of `aws-flow-ruby`, `java`, `rails`, `php`, `nodejs`, `static` or `other`.\n" } }, "required": [ "appSources", "name", "shortName", "stackId", "type" ], "inputProperties": { "appSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationAppSource:ApplicationAppSource" }, "description": "SCM configuration of the app as described below.\n" }, "autoBundleOnDeploy": { "type": "string", "description": "Run bundle install when deploying for application of type `rails`.\n" }, "awsFlowRubySettings": { "type": "string", "description": "Specify activity and workflow workers for your app using the aws-flow gem.\n" }, "dataSourceArn": { "type": "string", "description": "The data source's ARN.\n" }, "dataSourceDatabaseName": { "type": "string", "description": "The database name.\n" }, "dataSourceType": { "type": "string", "description": "The data source's type one of `AutoSelectOpsworksMysqlInstance`, `OpsworksMysqlInstance`, or `RdsDbInstance`.\n" }, "description": { "type": "string", "description": "A description of the app.\n" }, "documentRoot": { "type": "string", "description": "Subfolder for the document root for application of type `rails`.\n" }, "domains": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual host alias.\n" }, "enableSsl": { "type": "boolean", "description": "Whether to enable SSL for the app. This must be set in order to let `ssl_configuration.private_key`, `ssl_configuration.certificate` and `ssl_configuration.chain` take effect.\n" }, "environments": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationEnvironment:ApplicationEnvironment" }, "description": "Object to define environment variables. Object is described below.\n" }, "name": { "type": "string", "description": "A human-readable name for the application.\n" }, "railsEnv": { "type": "string", "description": "The name of the Rails environment for application of type `rails`.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the application. This can only be defined on resource creation and ignored on resource update.\n" }, "sslConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationSslConfiguration:ApplicationSslConfiguration" }, "description": "The SSL configuration of the app. Object is described below.\n" }, "stackId": { "type": "string", "description": "The id of the stack the application will belong to.\n" }, "type": { "type": "string", "description": "Opsworks application type. One of `aws-flow-ruby`, `java`, `rails`, `php`, `nodejs`, `static` or `other`.\n" } }, "requiredInputs": [ "stackId", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "appSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationAppSource:ApplicationAppSource" }, "description": "SCM configuration of the app as described below.\n" }, "autoBundleOnDeploy": { "type": "string", "description": "Run bundle install when deploying for application of type `rails`.\n" }, "awsFlowRubySettings": { "type": "string", "description": "Specify activity and workflow workers for your app using the aws-flow gem.\n" }, "dataSourceArn": { "type": "string", "description": "The data source's ARN.\n" }, "dataSourceDatabaseName": { "type": "string", "description": "The database name.\n" }, "dataSourceType": { "type": "string", "description": "The data source's type one of `AutoSelectOpsworksMysqlInstance`, `OpsworksMysqlInstance`, or `RdsDbInstance`.\n" }, "description": { "type": "string", "description": "A description of the app.\n" }, "documentRoot": { "type": "string", "description": "Subfolder for the document root for application of type `rails`.\n" }, "domains": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual host alias.\n" }, "enableSsl": { "type": "boolean", "description": "Whether to enable SSL for the app. This must be set in order to let `ssl_configuration.private_key`, `ssl_configuration.certificate` and `ssl_configuration.chain` take effect.\n" }, "environments": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationEnvironment:ApplicationEnvironment" }, "description": "Object to define environment variables. Object is described below.\n" }, "name": { "type": "string", "description": "A human-readable name for the application.\n" }, "railsEnv": { "type": "string", "description": "The name of the Rails environment for application of type `rails`.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the application. This can only be defined on resource creation and ignored on resource update.\n" }, "sslConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationSslConfiguration:ApplicationSslConfiguration" }, "description": "The SSL configuration of the app. Object is described below.\n" }, "stackId": { "type": "string", "description": "The id of the stack the application will belong to.\n" }, "type": { "type": "string", "description": "Opsworks application type. One of `aws-flow-ruby`, `java`, `rails`, `php`, `nodejs`, `static` or `other`.\n" } }, "type": "object" } }, "aws:opsworks/customLayer:CustomLayer": { "description": "Provides an OpsWorks custom layer resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst custlayer = new aws.opsworks.CustomLayer(\"custlayer\", {\n shortName: \"awesome\",\n stackId: aws_opsworks_stack_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncustlayer = aws.opsworks.CustomLayer(\"custlayer\",\n short_name=\"awesome\",\n stack_id=aws_opsworks_stack[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var custlayer = new Aws.OpsWorks.CustomLayer(\"custlayer\", new Aws.OpsWorks.CustomLayerArgs\n {\n ShortName = \"awesome\",\n StackId = aws_opsworks_stack.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewCustomLayer(ctx, \"custlayer\", \u0026opsworks.CustomLayerArgs{\n\t\t\tShortName: pulumi.String(\"awesome\"),\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/CustomLayerEbsVolume:CustomLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the layer, which will be used to identify it in the Chef node JSON.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "name", "shortName", "stackId" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/CustomLayerEbsVolume:CustomLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the layer, which will be used to identify it in the Chef node JSON.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "shortName", "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/CustomLayerEbsVolume:CustomLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the layer, which will be used to identify it in the Chef node JSON.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/gangliaLayer:GangliaLayer": { "description": "Provides an OpsWorks Ganglia layer resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst monitor = new aws.opsworks.GangliaLayer(\"monitor\", {\n password: \"foobarbaz\",\n stackId: aws_opsworks_stack_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmonitor = aws.opsworks.GangliaLayer(\"monitor\",\n password=\"foobarbaz\",\n stack_id=aws_opsworks_stack[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var monitor = new Aws.OpsWorks.GangliaLayer(\"monitor\", new Aws.OpsWorks.GangliaLayerArgs\n {\n Password = \"foobarbaz\",\n StackId = aws_opsworks_stack.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewGangliaLayer(ctx, \"monitor\", \u0026opsworks.GangliaLayerArgs{\n\t\t\tPassword: pulumi.String(\"foobarbaz\"),\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/GangliaLayerEbsVolume:GangliaLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "password": { "type": "string", "description": "The password to use for Ganglia.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "url": { "type": "string", "description": "The URL path to use for Ganglia. Defaults to \"/ganglia\".\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" }, "username": { "type": "string", "description": "The username to use for Ganglia. Defaults to \"opsworks\".\n" } }, "required": [ "arn", "name", "password", "stackId" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/GangliaLayerEbsVolume:GangliaLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "password": { "type": "string", "description": "The password to use for Ganglia.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "url": { "type": "string", "description": "The URL path to use for Ganglia. Defaults to \"/ganglia\".\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" }, "username": { "type": "string", "description": "The username to use for Ganglia. Defaults to \"opsworks\".\n" } }, "requiredInputs": [ "password", "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering GangliaLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/GangliaLayerEbsVolume:GangliaLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "password": { "type": "string", "description": "The password to use for Ganglia.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "url": { "type": "string", "description": "The URL path to use for Ganglia. Defaults to \"/ganglia\".\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" }, "username": { "type": "string", "description": "The username to use for Ganglia. Defaults to \"opsworks\".\n" } }, "type": "object" } }, "aws:opsworks/haproxyLayer:HaproxyLayer": { "description": "Provides an OpsWorks haproxy layer resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.opsworks.HaproxyLayer(\"lb\", {\n stackId: aws_opsworks_stack_main.id,\n statsPassword: \"foobarbaz\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.opsworks.HaproxyLayer(\"lb\",\n stack_id=aws_opsworks_stack[\"main\"][\"id\"],\n stats_password=\"foobarbaz\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lb = new Aws.OpsWorks.HaproxyLayer(\"lb\", new Aws.OpsWorks.HaproxyLayerArgs\n {\n StackId = aws_opsworks_stack.Main.Id,\n StatsPassword = \"foobarbaz\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewHaproxyLayer(ctx, \"lb\", \u0026opsworks.HaproxyLayerArgs{\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t\tStatsPassword: pulumi.String(\"foobarbaz\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/HaproxyLayerEbsVolume:HaproxyLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "healthcheckMethod": { "type": "string", "description": "HTTP method to use for instance healthchecks. Defaults to \"OPTIONS\".\n" }, "healthcheckUrl": { "type": "string", "description": "URL path to use for instance healthchecks. Defaults to \"/\".\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "statsEnabled": { "type": "boolean", "description": "Whether to enable HAProxy stats.\n" }, "statsPassword": { "type": "string", "description": "The password to use for HAProxy stats.\n" }, "statsUrl": { "type": "string", "description": "The HAProxy stats URL. Defaults to \"/haproxy?stats\".\n" }, "statsUser": { "type": "string", "description": "The username for HAProxy stats. Defaults to \"opsworks\".\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "name", "stackId", "statsPassword" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/HaproxyLayerEbsVolume:HaproxyLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "healthcheckMethod": { "type": "string", "description": "HTTP method to use for instance healthchecks. Defaults to \"OPTIONS\".\n" }, "healthcheckUrl": { "type": "string", "description": "URL path to use for instance healthchecks. Defaults to \"/\".\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "statsEnabled": { "type": "boolean", "description": "Whether to enable HAProxy stats.\n" }, "statsPassword": { "type": "string", "description": "The password to use for HAProxy stats.\n" }, "statsUrl": { "type": "string", "description": "The HAProxy stats URL. Defaults to \"/haproxy?stats\".\n" }, "statsUser": { "type": "string", "description": "The username for HAProxy stats. Defaults to \"opsworks\".\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId", "statsPassword" ], "stateInputs": { "description": "Input properties used for looking up and filtering HaproxyLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/HaproxyLayerEbsVolume:HaproxyLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "healthcheckMethod": { "type": "string", "description": "HTTP method to use for instance healthchecks. Defaults to \"OPTIONS\".\n" }, "healthcheckUrl": { "type": "string", "description": "URL path to use for instance healthchecks. Defaults to \"/\".\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "statsEnabled": { "type": "boolean", "description": "Whether to enable HAProxy stats.\n" }, "statsPassword": { "type": "string", "description": "The password to use for HAProxy stats.\n" }, "statsUrl": { "type": "string", "description": "The HAProxy stats URL. Defaults to \"/haproxy?stats\".\n" }, "statsUser": { "type": "string", "description": "The username for HAProxy stats. Defaults to \"opsworks\".\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/instance:Instance": { "description": "Provides an OpsWorks instance resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst my_instance = new aws.opsworks.Instance(\"my-instance\", {\n instanceType: \"t2.micro\",\n layerIds: [aws_opsworks_custom_layer_my_layer.id],\n os: \"Amazon Linux 2015.09\",\n stackId: aws_opsworks_stack_main.id,\n state: \"stopped\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_instance = aws.opsworks.Instance(\"my-instance\",\n instance_type=\"t2.micro\",\n layer_ids=[aws_opsworks_custom_layer[\"my-layer\"][\"id\"]],\n os=\"Amazon Linux 2015.09\",\n stack_id=aws_opsworks_stack[\"main\"][\"id\"],\n state=\"stopped\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var my_instance = new Aws.OpsWorks.Instance(\"my-instance\", new Aws.OpsWorks.InstanceArgs\n {\n InstanceType = \"t2.micro\",\n LayerIds = \n {\n aws_opsworks_custom_layer.My_layer.Id,\n },\n Os = \"Amazon Linux 2015.09\",\n StackId = aws_opsworks_stack.Main.Id,\n State = \"stopped\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewInstance(ctx, \"my-instance\", \u0026opsworks.InstanceArgs{\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tLayerIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_opsworks_custom_layer.My - layer.Id),\n\t\t\t},\n\t\t\tOs: pulumi.String(\"Amazon Linux 2015.09\"),\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t\tState: pulumi.String(\"stopped\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Block devices\n\nEach of the `*_block_device` attributes controls a portion of the AWS\nInstance's \"Block Device Mapping\". It's a good idea to familiarize yourself with [AWS's Block Device\nMapping docs](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html)\nto understand the implications of using these attributes.\n\nThe `root_block_device` mapping supports the following:\n\n* `volume_type` - (Optional) The type of volume. Can be `\"standard\"`, `\"gp2\"`,\n or `\"io1\"`. (Default: `\"standard\"`).\n* `volume_size` - (Optional) The size of the volume in gigabytes.\n* `iops` - (Optional) The amount of provisioned\n [IOPS](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html).\n This must be set with a `volume_type` of `\"io1\"`.\n* `delete_on_termination` - (Optional) Whether the volume should be destroyed\n on instance termination (Default: `true`).\n\nModifying any of the `root_block_device` settings requires resource\nreplacement.\n\nEach `ebs_block_device` supports the following:\n\n* `device_name` - The name of the device to mount.\n* `snapshot_id` - (Optional) The Snapshot ID to mount.\n* `volume_type` - (Optional) The type of volume. Can be `\"standard\"`, `\"gp2\"`,\n or `\"io1\"`. (Default: `\"standard\"`).\n* `volume_size` - (Optional) The size of the volume in gigabytes.\n* `iops` - (Optional) The amount of provisioned\n [IOPS](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html).\n This must be set with a `volume_type` of `\"io1\"`.\n* `delete_on_termination` - (Optional) Whether the volume should be destroyed\n on instance termination (Default: `true`).\n\nModifying any `ebs_block_device` currently requires resource replacement.\n\nEach `ephemeral_block_device` supports the following:\n\n* `device_name` - The name of the block device to mount on the instance.\n* `virtual_name` - The [Instance Store Device\n Name](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames)\n (e.g. `\"ephemeral0\"`)\n\nEach AWS Instance type has a different set of Instance Store block devices\navailable for attachment. AWS [publishes a\nlist](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#StorageOnInstanceTypes)\nof which ephemeral devices are available on each type. The devices are always\nidentified by the `virtual_name` in the format `\"ephemeral{0..N}\"`.\n\n\u003e **NOTE:** Currently, changes to `*_block_device` configuration of _existing_\nresources cannot be automatically detected by this provider. After making updates\nto block device configuration, resource recreation can be manually triggered by\nusing the [`up` command with the --replace argument](https://www.pulumi.com/docs/reference/cli/pulumi_up/).\n", "properties": { "agentVersion": { "type": "string", "description": "The AWS OpsWorks agent to install. Defaults to `\"INHERIT\"`.\n" }, "amiId": { "type": "string", "description": "The AMI to use for the instance. If an AMI is specified, `os` must be `\"Custom\"`.\n" }, "architecture": { "type": "string", "description": "Machine architecture for created instances. Can be either `\"x86_64\"` (the default) or `\"i386\"`\n" }, "autoScalingType": { "type": "string", "description": "Creates load-based or time-based instances. If set, can be either: `\"load\"` or `\"timer\"`.\n" }, "availabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created\nby default.\n" }, "createdAt": { "type": "string" }, "deleteEbs": { "type": "boolean" }, "deleteEip": { "type": "boolean" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. See Block Devices below for details.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\n" }, "ec2InstanceId": { "type": "string", "description": "EC2 instance ID\n" }, "ecsClusterArn": { "type": "string" }, "elasticIp": { "type": "string" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "hostname": { "type": "string", "description": "The instance's host name.\n" }, "infrastructureClass": { "type": "string" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Controls where to install OS and package updates when the instance boots. Defaults to `true`.\n" }, "instanceProfileArn": { "type": "string" }, "instanceType": { "type": "string", "description": "The type of instance to start\n" }, "lastServiceErrorId": { "type": "string" }, "layerIds": { "type": "array", "items": { "type": "string" }, "description": "The ids of the layers the instance will belong to.\n" }, "os": { "type": "string", "description": "Name of operating system that will be installed.\n" }, "platform": { "type": "string" }, "privateDns": { "type": "string", "description": "The private DNS name assigned to the instance. Can only be\nused inside the Amazon EC2, and only available if you've enabled DNS hostnames\nfor your VPC\n" }, "privateIp": { "type": "string", "description": "The private IP address assigned to the instance\n" }, "publicDns": { "type": "string", "description": "The public DNS name assigned to the instance. For EC2-VPC, this\nis only available if you've enabled DNS hostnames for your VPC\n" }, "publicIp": { "type": "string", "description": "The public IP address assigned to the instance, if applicable.\n" }, "registeredBy": { "type": "string" }, "reportedAgentVersion": { "type": "string" }, "reportedOsFamily": { "type": "string" }, "reportedOsName": { "type": "string" }, "reportedOsVersion": { "type": "string" }, "rootBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceRootBlockDevice:InstanceRootBlockDevice" }, "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "rootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default. Can be either `\"ebs\"` or `\"instance-store\"`\n" }, "rootDeviceVolumeId": { "type": "string" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups.\n" }, "sshHostDsaKeyFingerprint": { "type": "string" }, "sshHostRsaKeyFingerprint": { "type": "string" }, "sshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "stackId": { "type": "string", "description": "The id of the stack the instance will belong to.\n" }, "state": { "type": "string", "description": "The desired state of the instance. Can be either `\"running\"` or `\"stopped\"`.\n" }, "status": { "type": "string" }, "subnetId": { "type": "string", "description": "Subnet ID to attach to\n" }, "tenancy": { "type": "string", "description": "Instance tenancy to use. Can be one of `\"default\"`, `\"dedicated\"` or `\"host\"`\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either `\"paravirtual\"` or `\"hvm\"`.\n" } }, "required": [ "amiId", "availabilityZone", "createdAt", "ebsBlockDevices", "ec2InstanceId", "ecsClusterArn", "elasticIp", "ephemeralBlockDevices", "hostname", "infrastructureClass", "instanceProfileArn", "lastServiceErrorId", "layerIds", "os", "platform", "privateDns", "privateIp", "publicDns", "publicIp", "registeredBy", "reportedAgentVersion", "reportedOsFamily", "reportedOsName", "reportedOsVersion", "rootBlockDevices", "rootDeviceType", "rootDeviceVolumeId", "securityGroupIds", "sshHostDsaKeyFingerprint", "sshHostRsaKeyFingerprint", "sshKeyName", "stackId", "status", "subnetId", "tenancy", "virtualizationType" ], "inputProperties": { "agentVersion": { "type": "string", "description": "The AWS OpsWorks agent to install. Defaults to `\"INHERIT\"`.\n" }, "amiId": { "type": "string", "description": "The AMI to use for the instance. If an AMI is specified, `os` must be `\"Custom\"`.\n" }, "architecture": { "type": "string", "description": "Machine architecture for created instances. Can be either `\"x86_64\"` (the default) or `\"i386\"`\n" }, "autoScalingType": { "type": "string", "description": "Creates load-based or time-based instances. If set, can be either: `\"load\"` or `\"timer\"`.\n" }, "availabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created\nby default.\n" }, "createdAt": { "type": "string" }, "deleteEbs": { "type": "boolean" }, "deleteEip": { "type": "boolean" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. See Block Devices below for details.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\n" }, "ecsClusterArn": { "type": "string" }, "elasticIp": { "type": "string" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "hostname": { "type": "string", "description": "The instance's host name.\n" }, "infrastructureClass": { "type": "string" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Controls where to install OS and package updates when the instance boots. Defaults to `true`.\n" }, "instanceProfileArn": { "type": "string" }, "instanceType": { "type": "string", "description": "The type of instance to start\n" }, "lastServiceErrorId": { "type": "string" }, "layerIds": { "type": "array", "items": { "type": "string" }, "description": "The ids of the layers the instance will belong to.\n" }, "os": { "type": "string", "description": "Name of operating system that will be installed.\n" }, "platform": { "type": "string" }, "privateDns": { "type": "string", "description": "The private DNS name assigned to the instance. Can only be\nused inside the Amazon EC2, and only available if you've enabled DNS hostnames\nfor your VPC\n" }, "privateIp": { "type": "string", "description": "The private IP address assigned to the instance\n" }, "publicDns": { "type": "string", "description": "The public DNS name assigned to the instance. For EC2-VPC, this\nis only available if you've enabled DNS hostnames for your VPC\n" }, "publicIp": { "type": "string", "description": "The public IP address assigned to the instance, if applicable.\n" }, "registeredBy": { "type": "string" }, "reportedAgentVersion": { "type": "string" }, "reportedOsFamily": { "type": "string" }, "reportedOsName": { "type": "string" }, "reportedOsVersion": { "type": "string" }, "rootBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceRootBlockDevice:InstanceRootBlockDevice" }, "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "rootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default. Can be either `\"ebs\"` or `\"instance-store\"`\n" }, "rootDeviceVolumeId": { "type": "string" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups.\n" }, "sshHostDsaKeyFingerprint": { "type": "string" }, "sshHostRsaKeyFingerprint": { "type": "string" }, "sshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "stackId": { "type": "string", "description": "The id of the stack the instance will belong to.\n" }, "state": { "type": "string", "description": "The desired state of the instance. Can be either `\"running\"` or `\"stopped\"`.\n" }, "status": { "type": "string" }, "subnetId": { "type": "string", "description": "Subnet ID to attach to\n" }, "tenancy": { "type": "string", "description": "Instance tenancy to use. Can be one of `\"default\"`, `\"dedicated\"` or `\"host\"`\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either `\"paravirtual\"` or `\"hvm\"`.\n" } }, "requiredInputs": [ "layerIds", "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "agentVersion": { "type": "string", "description": "The AWS OpsWorks agent to install. Defaults to `\"INHERIT\"`.\n" }, "amiId": { "type": "string", "description": "The AMI to use for the instance. If an AMI is specified, `os` must be `\"Custom\"`.\n" }, "architecture": { "type": "string", "description": "Machine architecture for created instances. Can be either `\"x86_64\"` (the default) or `\"i386\"`\n" }, "autoScalingType": { "type": "string", "description": "Creates load-based or time-based instances. If set, can be either: `\"load\"` or `\"timer\"`.\n" }, "availabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created\nby default.\n" }, "createdAt": { "type": "string" }, "deleteEbs": { "type": "boolean" }, "deleteEip": { "type": "boolean" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the\ninstance. See Block Devices below for details.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\n" }, "ec2InstanceId": { "type": "string", "description": "EC2 instance ID\n" }, "ecsClusterArn": { "type": "string" }, "elasticIp": { "type": "string" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as\n\"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "hostname": { "type": "string", "description": "The instance's host name.\n" }, "infrastructureClass": { "type": "string" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Controls where to install OS and package updates when the instance boots. Defaults to `true`.\n" }, "instanceProfileArn": { "type": "string" }, "instanceType": { "type": "string", "description": "The type of instance to start\n" }, "lastServiceErrorId": { "type": "string" }, "layerIds": { "type": "array", "items": { "type": "string" }, "description": "The ids of the layers the instance will belong to.\n" }, "os": { "type": "string", "description": "Name of operating system that will be installed.\n" }, "platform": { "type": "string" }, "privateDns": { "type": "string", "description": "The private DNS name assigned to the instance. Can only be\nused inside the Amazon EC2, and only available if you've enabled DNS hostnames\nfor your VPC\n" }, "privateIp": { "type": "string", "description": "The private IP address assigned to the instance\n" }, "publicDns": { "type": "string", "description": "The public DNS name assigned to the instance. For EC2-VPC, this\nis only available if you've enabled DNS hostnames for your VPC\n" }, "publicIp": { "type": "string", "description": "The public IP address assigned to the instance, if applicable.\n" }, "registeredBy": { "type": "string" }, "reportedAgentVersion": { "type": "string" }, "reportedOsFamily": { "type": "string" }, "reportedOsName": { "type": "string" }, "reportedOsVersion": { "type": "string" }, "rootBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceRootBlockDevice:InstanceRootBlockDevice" }, "description": "Customize details about the root block\ndevice of the instance. See Block Devices below for details.\n" }, "rootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default. Can be either `\"ebs\"` or `\"instance-store\"`\n" }, "rootDeviceVolumeId": { "type": "string" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups.\n" }, "sshHostDsaKeyFingerprint": { "type": "string" }, "sshHostRsaKeyFingerprint": { "type": "string" }, "sshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "stackId": { "type": "string", "description": "The id of the stack the instance will belong to.\n" }, "state": { "type": "string", "description": "The desired state of the instance. Can be either `\"running\"` or `\"stopped\"`.\n" }, "status": { "type": "string" }, "subnetId": { "type": "string", "description": "Subnet ID to attach to\n" }, "tenancy": { "type": "string", "description": "Instance tenancy to use. Can be one of `\"default\"`, `\"dedicated\"` or `\"host\"`\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either `\"paravirtual\"` or `\"hvm\"`.\n" } }, "type": "object" } }, "aws:opsworks/javaAppLayer:JavaAppLayer": { "description": "Provides an OpsWorks Java application layer resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.opsworks.JavaAppLayer(\"app\", {\n stackId: aws_opsworks_stack_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.opsworks.JavaAppLayer(\"app\", stack_id=aws_opsworks_stack[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var app = new Aws.OpsWorks.JavaAppLayer(\"app\", new Aws.OpsWorks.JavaAppLayerArgs\n {\n StackId = aws_opsworks_stack.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewJavaAppLayer(ctx, \"app\", \u0026opsworks.JavaAppLayerArgs{\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "appServer": { "type": "string", "description": "Keyword for the application container to use. Defaults to \"tomcat\".\n" }, "appServerVersion": { "type": "string", "description": "Version of the selected application container to use. Defaults to \"7\".\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/JavaAppLayerEbsVolume:JavaAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "jvmOptions": { "type": "string", "description": "Options to set for the JVM.\n" }, "jvmType": { "type": "string", "description": "Keyword for the type of JVM to use. Defaults to `openjdk`.\n" }, "jvmVersion": { "type": "string", "description": "Version of JVM to use. Defaults to \"7\".\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "name", "stackId" ], "inputProperties": { "appServer": { "type": "string", "description": "Keyword for the application container to use. Defaults to \"tomcat\".\n" }, "appServerVersion": { "type": "string", "description": "Version of the selected application container to use. Defaults to \"7\".\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/JavaAppLayerEbsVolume:JavaAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "jvmOptions": { "type": "string", "description": "Options to set for the JVM.\n" }, "jvmType": { "type": "string", "description": "Keyword for the type of JVM to use. Defaults to `openjdk`.\n" }, "jvmVersion": { "type": "string", "description": "Version of JVM to use. Defaults to \"7\".\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering JavaAppLayer resources.\n", "properties": { "appServer": { "type": "string", "description": "Keyword for the application container to use. Defaults to \"tomcat\".\n" }, "appServerVersion": { "type": "string", "description": "Version of the selected application container to use. Defaults to \"7\".\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/JavaAppLayerEbsVolume:JavaAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "jvmOptions": { "type": "string", "description": "Options to set for the JVM.\n" }, "jvmType": { "type": "string", "description": "Keyword for the type of JVM to use. Defaults to `openjdk`.\n" }, "jvmVersion": { "type": "string", "description": "Version of JVM to use. Defaults to \"7\".\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/memcachedLayer:MemcachedLayer": { "description": "Provides an OpsWorks memcached layer resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cache = new aws.opsworks.MemcachedLayer(\"cache\", {\n stackId: aws_opsworks_stack_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncache = aws.opsworks.MemcachedLayer(\"cache\", stack_id=aws_opsworks_stack[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var cache = new Aws.OpsWorks.MemcachedLayer(\"cache\", new Aws.OpsWorks.MemcachedLayerArgs\n {\n StackId = aws_opsworks_stack.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewMemcachedLayer(ctx, \"cache\", \u0026opsworks.MemcachedLayerArgs{\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allocatedMemory": { "type": "integer", "description": "Amount of memory to allocate for the cache on each instance, in megabytes. Defaults to 512MB.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MemcachedLayerEbsVolume:MemcachedLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "name", "stackId" ], "inputProperties": { "allocatedMemory": { "type": "integer", "description": "Amount of memory to allocate for the cache on each instance, in megabytes. Defaults to 512MB.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MemcachedLayerEbsVolume:MemcachedLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MemcachedLayer resources.\n", "properties": { "allocatedMemory": { "type": "integer", "description": "Amount of memory to allocate for the cache on each instance, in megabytes. Defaults to 512MB.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MemcachedLayerEbsVolume:MemcachedLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/mysqlLayer:MysqlLayer": { "description": "Provides an OpsWorks MySQL layer resource.\n\n\u003e **Note:** All arguments including the root password will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst db = new aws.opsworks.MysqlLayer(\"db\", {\n stackId: aws_opsworks_stack_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndb = aws.opsworks.MysqlLayer(\"db\", stack_id=aws_opsworks_stack[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var db = new Aws.OpsWorks.MysqlLayer(\"db\", new Aws.OpsWorks.MysqlLayerArgs\n {\n StackId = aws_opsworks_stack.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewMysqlLayer(ctx, \"db\", \u0026opsworks.MysqlLayerArgs{\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MysqlLayerEbsVolume:MysqlLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "rootPassword": { "type": "string", "description": "Root password to use for MySQL.\n" }, "rootPasswordOnAllInstances": { "type": "boolean", "description": "Whether to set the root user password to all instances in the stack so they can access the instances in this layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "name", "stackId" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MysqlLayerEbsVolume:MysqlLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "rootPassword": { "type": "string", "description": "Root password to use for MySQL.\n" }, "rootPasswordOnAllInstances": { "type": "boolean", "description": "Whether to set the root user password to all instances in the stack so they can access the instances in this layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MysqlLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MysqlLayerEbsVolume:MysqlLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "rootPassword": { "type": "string", "description": "Root password to use for MySQL.\n" }, "rootPasswordOnAllInstances": { "type": "boolean", "description": "Whether to set the root user password to all instances in the stack so they can access the instances in this layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/nodejsAppLayer:NodejsAppLayer": { "description": "Provides an OpsWorks NodeJS application layer resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.opsworks.NodejsAppLayer(\"app\", {\n stackId: aws_opsworks_stack_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.opsworks.NodejsAppLayer(\"app\", stack_id=aws_opsworks_stack[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var app = new Aws.OpsWorks.NodejsAppLayer(\"app\", new Aws.OpsWorks.NodejsAppLayerArgs\n {\n StackId = aws_opsworks_stack.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewNodejsAppLayer(ctx, \"app\", \u0026opsworks.NodejsAppLayerArgs{\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/NodejsAppLayerEbsVolume:NodejsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "nodejsVersion": { "type": "string", "description": "The version of NodeJS to use. Defaults to \"0.10.38\".\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "name", "stackId" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/NodejsAppLayerEbsVolume:NodejsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "nodejsVersion": { "type": "string", "description": "The version of NodeJS to use. Defaults to \"0.10.38\".\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NodejsAppLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/NodejsAppLayerEbsVolume:NodejsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "nodejsVersion": { "type": "string", "description": "The version of NodeJS to use. Defaults to \"0.10.38\".\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/permission:Permission": { "description": "Provides an OpsWorks permission resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myStackPermission = new aws.opsworks.Permission(\"my_stack_permission\", {\n allowSsh: true,\n allowSudo: true,\n level: \"iam_only\",\n stackId: aws_opsworks_stack_stack.id,\n userArn: aws_iam_user_user.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_stack_permission = aws.opsworks.Permission(\"myStackPermission\",\n allow_ssh=True,\n allow_sudo=True,\n level=\"iam_only\",\n stack_id=aws_opsworks_stack[\"stack\"][\"id\"],\n user_arn=aws_iam_user[\"user\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myStackPermission = new Aws.OpsWorks.Permission(\"myStackPermission\", new Aws.OpsWorks.PermissionArgs\n {\n AllowSsh = true,\n AllowSudo = true,\n Level = \"iam_only\",\n StackId = aws_opsworks_stack.Stack.Id,\n UserArn = aws_iam_user.User.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewPermission(ctx, \"myStackPermission\", \u0026opsworks.PermissionArgs{\n\t\t\tAllowSsh: pulumi.Bool(true),\n\t\t\tAllowSudo: pulumi.Bool(true),\n\t\t\tLevel: pulumi.String(\"iam_only\"),\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Stack.Id),\n\t\t\tUserArn: pulumi.String(aws_iam_user.User.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowSsh": { "type": "boolean", "description": "Whether the user is allowed to use SSH to communicate with the instance\n" }, "allowSudo": { "type": "boolean", "description": "Whether the user is allowed to use sudo to elevate privileges\n" }, "level": { "type": "string", "description": "The users permission level. Mus be one of `deny`, `show`, `deploy`, `manage`, `iam_only`\n" }, "stackId": { "type": "string", "description": "The stack to set the permissions for\n" }, "userArn": { "type": "string", "description": "The user's IAM ARN to set permissions for\n" } }, "required": [ "allowSsh", "allowSudo", "level", "stackId", "userArn" ], "inputProperties": { "allowSsh": { "type": "boolean", "description": "Whether the user is allowed to use SSH to communicate with the instance\n" }, "allowSudo": { "type": "boolean", "description": "Whether the user is allowed to use sudo to elevate privileges\n" }, "level": { "type": "string", "description": "The users permission level. Mus be one of `deny`, `show`, `deploy`, `manage`, `iam_only`\n" }, "stackId": { "type": "string", "description": "The stack to set the permissions for\n" }, "userArn": { "type": "string", "description": "The user's IAM ARN to set permissions for\n" } }, "requiredInputs": [ "userArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Permission resources.\n", "properties": { "allowSsh": { "type": "boolean", "description": "Whether the user is allowed to use SSH to communicate with the instance\n" }, "allowSudo": { "type": "boolean", "description": "Whether the user is allowed to use sudo to elevate privileges\n" }, "level": { "type": "string", "description": "The users permission level. Mus be one of `deny`, `show`, `deploy`, `manage`, `iam_only`\n" }, "stackId": { "type": "string", "description": "The stack to set the permissions for\n" }, "userArn": { "type": "string", "description": "The user's IAM ARN to set permissions for\n" } }, "type": "object" } }, "aws:opsworks/phpAppLayer:PhpAppLayer": { "description": "Provides an OpsWorks PHP application layer resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.opsworks.PhpAppLayer(\"app\", {\n stackId: aws_opsworks_stack_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.opsworks.PhpAppLayer(\"app\", stack_id=aws_opsworks_stack[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var app = new Aws.OpsWorks.PhpAppLayer(\"app\", new Aws.OpsWorks.PhpAppLayerArgs\n {\n StackId = aws_opsworks_stack.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewPhpAppLayer(ctx, \"app\", \u0026opsworks.PhpAppLayerArgs{\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/PhpAppLayerEbsVolume:PhpAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "name", "stackId" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/PhpAppLayerEbsVolume:PhpAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PhpAppLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/PhpAppLayerEbsVolume:PhpAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/railsAppLayer:RailsAppLayer": { "description": "Provides an OpsWorks Ruby on Rails application layer resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.opsworks.RailsAppLayer(\"app\", {\n stackId: aws_opsworks_stack_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.opsworks.RailsAppLayer(\"app\", stack_id=aws_opsworks_stack[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var app = new Aws.OpsWorks.RailsAppLayer(\"app\", new Aws.OpsWorks.RailsAppLayerArgs\n {\n StackId = aws_opsworks_stack.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewRailsAppLayer(ctx, \"app\", \u0026opsworks.RailsAppLayerArgs{\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "appServer": { "type": "string", "description": "Keyword for the app server to use. Defaults to \"apache_passenger\".\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "bundlerVersion": { "type": "string", "description": "When OpsWorks is managing Bundler, which version to use. Defaults to \"1.5.3\".\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/RailsAppLayerEbsVolume:RailsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "manageBundler": { "type": "boolean", "description": "Whether OpsWorks should manage bundler. On by default.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "passengerVersion": { "type": "string", "description": "The version of Passenger to use. Defaults to \"4.0.46\".\n" }, "rubyVersion": { "type": "string", "description": "The version of Ruby to use. Defaults to \"2.0.0\".\n" }, "rubygemsVersion": { "type": "string", "description": "The version of RubyGems to use. Defaults to \"2.2.2\".\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "name", "stackId" ], "inputProperties": { "appServer": { "type": "string", "description": "Keyword for the app server to use. Defaults to \"apache_passenger\".\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "bundlerVersion": { "type": "string", "description": "When OpsWorks is managing Bundler, which version to use. Defaults to \"1.5.3\".\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/RailsAppLayerEbsVolume:RailsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "manageBundler": { "type": "boolean", "description": "Whether OpsWorks should manage bundler. On by default.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "passengerVersion": { "type": "string", "description": "The version of Passenger to use. Defaults to \"4.0.46\".\n" }, "rubyVersion": { "type": "string", "description": "The version of Ruby to use. Defaults to \"2.0.0\".\n" }, "rubygemsVersion": { "type": "string", "description": "The version of RubyGems to use. Defaults to \"2.2.2\".\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RailsAppLayer resources.\n", "properties": { "appServer": { "type": "string", "description": "Keyword for the app server to use. Defaults to \"apache_passenger\".\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "bundlerVersion": { "type": "string", "description": "When OpsWorks is managing Bundler, which version to use. Defaults to \"1.5.3\".\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/RailsAppLayerEbsVolume:RailsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "manageBundler": { "type": "boolean", "description": "Whether OpsWorks should manage bundler. On by default.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "passengerVersion": { "type": "string", "description": "The version of Passenger to use. Defaults to \"4.0.46\".\n" }, "rubyVersion": { "type": "string", "description": "The version of Ruby to use. Defaults to \"2.0.0\".\n" }, "rubygemsVersion": { "type": "string", "description": "The version of RubyGems to use. Defaults to \"2.2.2\".\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/rdsDbInstance:RdsDbInstance": { "description": "Provides an OpsWorks RDS DB Instance resource.\n\n\u003e **Note:** All arguments including the username and password will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myInstance = new aws.opsworks.RdsDbInstance(\"my_instance\", {\n dbPassword: \"somePass\",\n dbUser: \"someUser\",\n rdsDbInstanceArn: aws_db_instance_my_instance.arn,\n stackId: aws_opsworks_stack_my_stack.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_instance = aws.opsworks.RdsDbInstance(\"myInstance\",\n db_password=\"somePass\",\n db_user=\"someUser\",\n rds_db_instance_arn=aws_db_instance[\"my_instance\"][\"arn\"],\n stack_id=aws_opsworks_stack[\"my_stack\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myInstance = new Aws.OpsWorks.RdsDbInstance(\"myInstance\", new Aws.OpsWorks.RdsDbInstanceArgs\n {\n DbPassword = \"somePass\",\n DbUser = \"someUser\",\n RdsDbInstanceArn = aws_db_instance.My_instance.Arn,\n StackId = aws_opsworks_stack.My_stack.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewRdsDbInstance(ctx, \"myInstance\", \u0026opsworks.RdsDbInstanceArgs{\n\t\t\tDbPassword: pulumi.String(\"somePass\"),\n\t\t\tDbUser: pulumi.String(\"someUser\"),\n\t\t\tRdsDbInstanceArn: pulumi.String(aws_db_instance.My_instance.Arn),\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.My_stack.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "dbPassword": { "type": "string", "description": "A db password\n" }, "dbUser": { "type": "string", "description": "A db username\n" }, "rdsDbInstanceArn": { "type": "string", "description": "The db instance to register for this stack. Changing this will force a new resource.\n" }, "stackId": { "type": "string", "description": "The stack to register a db instance for. Changing this will force a new resource.\n" } }, "required": [ "dbPassword", "dbUser", "rdsDbInstanceArn", "stackId" ], "inputProperties": { "dbPassword": { "type": "string", "description": "A db password\n" }, "dbUser": { "type": "string", "description": "A db username\n" }, "rdsDbInstanceArn": { "type": "string", "description": "The db instance to register for this stack. Changing this will force a new resource.\n" }, "stackId": { "type": "string", "description": "The stack to register a db instance for. Changing this will force a new resource.\n" } }, "requiredInputs": [ "dbPassword", "dbUser", "rdsDbInstanceArn", "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RdsDbInstance resources.\n", "properties": { "dbPassword": { "type": "string", "description": "A db password\n" }, "dbUser": { "type": "string", "description": "A db username\n" }, "rdsDbInstanceArn": { "type": "string", "description": "The db instance to register for this stack. Changing this will force a new resource.\n" }, "stackId": { "type": "string", "description": "The stack to register a db instance for. Changing this will force a new resource.\n" } }, "type": "object" } }, "aws:opsworks/stack:Stack": { "description": "Provides an OpsWorks stack resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.opsworks.Stack(\"main\", {\n customJson: `{\n \"foobar\": {\n \"version\": \"1.0.0\"\n }\n}\n`,\n defaultInstanceProfileArn: aws_iam_instance_profile_opsworks.arn,\n region: \"us-west-1\",\n serviceRoleArn: aws_iam_role_opsworks.arn,\n tags: {\n Name: \"foobar-stack\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.opsworks.Stack(\"main\",\n custom_json=\"\"\"{\n \"foobar\": {\n \"version\": \"1.0.0\"\n }\n}\n\n\"\"\",\n default_instance_profile_arn=aws_iam_instance_profile[\"opsworks\"][\"arn\"],\n region=\"us-west-1\",\n service_role_arn=aws_iam_role[\"opsworks\"][\"arn\"],\n tags={\n \"Name\": \"foobar-stack\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.OpsWorks.Stack(\"main\", new Aws.OpsWorks.StackArgs\n {\n CustomJson = @\"{\n \"\"foobar\"\": {\n \"\"version\"\": \"\"1.0.0\"\"\n }\n}\n\n\",\n DefaultInstanceProfileArn = aws_iam_instance_profile.Opsworks.Arn,\n Region = \"us-west-1\",\n ServiceRoleArn = aws_iam_role.Opsworks.Arn,\n Tags = \n {\n { \"Name\", \"foobar-stack\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewStack(ctx, \"main\", \u0026opsworks.StackArgs{\n\t\t\tCustomJson: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v\", \"{\\n\", \" \\\"foobar\\\": {\\n\", \" \\\"version\\\": \\\"1.0.0\\\"\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t\tDefaultInstanceProfileArn: pulumi.String(aws_iam_instance_profile.Opsworks.Arn),\n\t\t\tRegion: pulumi.String(\"us-west-1\"),\n\t\t\tServiceRoleArn: pulumi.String(aws_iam_role.Opsworks.Arn),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"foobar-stack\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "agentVersion": { "type": "string", "description": "If set to `\"LATEST\"`, OpsWorks will automatically install the latest version.\n" }, "arn": { "type": "string" }, "berkshelfVersion": { "type": "string", "description": "If `manage_berkshelf` is enabled, the version of Berkshelf to use.\n" }, "color": { "type": "string", "description": "Color to paint next to the stack's resources in the OpsWorks console.\n" }, "configurationManagerName": { "type": "string", "description": "Name of the configuration manager to use. Defaults to \"Chef\".\n" }, "configurationManagerVersion": { "type": "string", "description": "Version of the configuration manager to use. Defaults to \"11.4\".\n" }, "customCookbooksSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StackCustomCookbooksSource:StackCustomCookbooksSource" }, "description": "When `use_custom_cookbooks` is set, provide this sub-object as\ndescribed below.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the entire stack.\n" }, "defaultAvailabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created\nby default. This is required unless you set `vpc_id`.\n" }, "defaultInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM Instance Profile that created instances\nwill have by default.\n" }, "defaultOs": { "type": "string", "description": "Name of OS that will be installed on instances by default.\n" }, "defaultRootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default.\n" }, "defaultSshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "defaultSubnetId": { "type": "string", "description": "Id of the subnet in which instances will be created by default. Mandatory\nif `vpc_id` is set, and forbidden if it isn't.\n" }, "hostnameTheme": { "type": "string", "description": "Keyword representing the naming scheme that will be used for instance hostnames\nwithin this stack.\n" }, "manageBerkshelf": { "type": "boolean", "description": "Boolean value controlling whether Opsworks will run Berkshelf for this stack.\n" }, "name": { "type": "string", "description": "The name of the stack.\n" }, "region": { "type": "string", "description": "The name of the region where the stack will exist.\n" }, "serviceRoleArn": { "type": "string", "description": "The ARN of an IAM role that the OpsWorks service will act as.\n" }, "stackEndpoint": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useCustomCookbooks": { "type": "boolean", "description": "Boolean value controlling whether the custom cookbook settings are\nenabled.\n" }, "useOpsworksSecurityGroups": { "type": "boolean", "description": "Boolean value controlling whether the standard OpsWorks\nsecurity groups apply to created instances.\n" }, "vpcId": { "type": "string", "description": "The id of the VPC that this stack belongs to.\n" } }, "required": [ "agentVersion", "arn", "customCookbooksSources", "defaultAvailabilityZone", "defaultInstanceProfileArn", "defaultSubnetId", "name", "region", "serviceRoleArn", "stackEndpoint", "vpcId" ], "inputProperties": { "agentVersion": { "type": "string", "description": "If set to `\"LATEST\"`, OpsWorks will automatically install the latest version.\n" }, "berkshelfVersion": { "type": "string", "description": "If `manage_berkshelf` is enabled, the version of Berkshelf to use.\n" }, "color": { "type": "string", "description": "Color to paint next to the stack's resources in the OpsWorks console.\n" }, "configurationManagerName": { "type": "string", "description": "Name of the configuration manager to use. Defaults to \"Chef\".\n" }, "configurationManagerVersion": { "type": "string", "description": "Version of the configuration manager to use. Defaults to \"11.4\".\n" }, "customCookbooksSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StackCustomCookbooksSource:StackCustomCookbooksSource" }, "description": "When `use_custom_cookbooks` is set, provide this sub-object as\ndescribed below.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the entire stack.\n" }, "defaultAvailabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created\nby default. This is required unless you set `vpc_id`.\n" }, "defaultInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM Instance Profile that created instances\nwill have by default.\n" }, "defaultOs": { "type": "string", "description": "Name of OS that will be installed on instances by default.\n" }, "defaultRootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default.\n" }, "defaultSshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "defaultSubnetId": { "type": "string", "description": "Id of the subnet in which instances will be created by default. Mandatory\nif `vpc_id` is set, and forbidden if it isn't.\n" }, "hostnameTheme": { "type": "string", "description": "Keyword representing the naming scheme that will be used for instance hostnames\nwithin this stack.\n" }, "manageBerkshelf": { "type": "boolean", "description": "Boolean value controlling whether Opsworks will run Berkshelf for this stack.\n" }, "name": { "type": "string", "description": "The name of the stack.\n" }, "region": { "type": "string", "description": "The name of the region where the stack will exist.\n" }, "serviceRoleArn": { "type": "string", "description": "The ARN of an IAM role that the OpsWorks service will act as.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useCustomCookbooks": { "type": "boolean", "description": "Boolean value controlling whether the custom cookbook settings are\nenabled.\n" }, "useOpsworksSecurityGroups": { "type": "boolean", "description": "Boolean value controlling whether the standard OpsWorks\nsecurity groups apply to created instances.\n" }, "vpcId": { "type": "string", "description": "The id of the VPC that this stack belongs to.\n" } }, "requiredInputs": [ "defaultInstanceProfileArn", "region", "serviceRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Stack resources.\n", "properties": { "agentVersion": { "type": "string", "description": "If set to `\"LATEST\"`, OpsWorks will automatically install the latest version.\n" }, "arn": { "type": "string" }, "berkshelfVersion": { "type": "string", "description": "If `manage_berkshelf` is enabled, the version of Berkshelf to use.\n" }, "color": { "type": "string", "description": "Color to paint next to the stack's resources in the OpsWorks console.\n" }, "configurationManagerName": { "type": "string", "description": "Name of the configuration manager to use. Defaults to \"Chef\".\n" }, "configurationManagerVersion": { "type": "string", "description": "Version of the configuration manager to use. Defaults to \"11.4\".\n" }, "customCookbooksSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StackCustomCookbooksSource:StackCustomCookbooksSource" }, "description": "When `use_custom_cookbooks` is set, provide this sub-object as\ndescribed below.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the entire stack.\n" }, "defaultAvailabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created\nby default. This is required unless you set `vpc_id`.\n" }, "defaultInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM Instance Profile that created instances\nwill have by default.\n" }, "defaultOs": { "type": "string", "description": "Name of OS that will be installed on instances by default.\n" }, "defaultRootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default.\n" }, "defaultSshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "defaultSubnetId": { "type": "string", "description": "Id of the subnet in which instances will be created by default. Mandatory\nif `vpc_id` is set, and forbidden if it isn't.\n" }, "hostnameTheme": { "type": "string", "description": "Keyword representing the naming scheme that will be used for instance hostnames\nwithin this stack.\n" }, "manageBerkshelf": { "type": "boolean", "description": "Boolean value controlling whether Opsworks will run Berkshelf for this stack.\n" }, "name": { "type": "string", "description": "The name of the stack.\n" }, "region": { "type": "string", "description": "The name of the region where the stack will exist.\n" }, "serviceRoleArn": { "type": "string", "description": "The ARN of an IAM role that the OpsWorks service will act as.\n" }, "stackEndpoint": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useCustomCookbooks": { "type": "boolean", "description": "Boolean value controlling whether the custom cookbook settings are\nenabled.\n" }, "useOpsworksSecurityGroups": { "type": "boolean", "description": "Boolean value controlling whether the standard OpsWorks\nsecurity groups apply to created instances.\n" }, "vpcId": { "type": "string", "description": "The id of the VPC that this stack belongs to.\n" } }, "type": "object" } }, "aws:opsworks/staticWebLayer:StaticWebLayer": { "description": "Provides an OpsWorks static web server layer resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst web = new aws.opsworks.StaticWebLayer(\"web\", {\n stackId: aws_opsworks_stack_main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nweb = aws.opsworks.StaticWebLayer(\"web\", stack_id=aws_opsworks_stack[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var web = new Aws.OpsWorks.StaticWebLayer(\"web\", new Aws.OpsWorks.StaticWebLayerArgs\n {\n StackId = aws_opsworks_stack.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewStaticWebLayer(ctx, \"web\", \u0026opsworks.StaticWebLayerArgs{\n\t\t\tStackId: pulumi.String(aws_opsworks_stack.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StaticWebLayerEbsVolume:StaticWebLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "name", "stackId" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StaticWebLayerEbsVolume:StaticWebLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering StaticWebLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StaticWebLayerEbsVolume:StaticWebLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "The id of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/userProfile:UserProfile": { "description": "Provides an OpsWorks User Profile resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myProfile = new aws.opsworks.UserProfile(\"my_profile\", {\n sshUsername: \"my_user\",\n userArn: aws_iam_user_user.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_profile = aws.opsworks.UserProfile(\"myProfile\",\n ssh_username=\"my_user\",\n user_arn=aws_iam_user[\"user\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myProfile = new Aws.OpsWorks.UserProfile(\"myProfile\", new Aws.OpsWorks.UserProfileArgs\n {\n SshUsername = \"my_user\",\n UserArn = aws_iam_user.User.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = opsworks.NewUserProfile(ctx, \"myProfile\", \u0026opsworks.UserProfileArgs{\n\t\t\tSshUsername: pulumi.String(\"my_user\"),\n\t\t\tUserArn: pulumi.String(aws_iam_user.User.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowSelfManagement": { "type": "boolean", "description": "Whether users can specify their own SSH public key through the My Settings page\n" }, "sshPublicKey": { "type": "string", "description": "The users public key\n" }, "sshUsername": { "type": "string", "description": "The ssh username, with witch this user wants to log in\n" }, "userArn": { "type": "string", "description": "The user's IAM ARN\n" } }, "required": [ "sshUsername", "userArn" ], "inputProperties": { "allowSelfManagement": { "type": "boolean", "description": "Whether users can specify their own SSH public key through the My Settings page\n" }, "sshPublicKey": { "type": "string", "description": "The users public key\n" }, "sshUsername": { "type": "string", "description": "The ssh username, with witch this user wants to log in\n" }, "userArn": { "type": "string", "description": "The user's IAM ARN\n" } }, "requiredInputs": [ "sshUsername", "userArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserProfile resources.\n", "properties": { "allowSelfManagement": { "type": "boolean", "description": "Whether users can specify their own SSH public key through the My Settings page\n" }, "sshPublicKey": { "type": "string", "description": "The users public key\n" }, "sshUsername": { "type": "string", "description": "The ssh username, with witch this user wants to log in\n" }, "userArn": { "type": "string", "description": "The user's IAM ARN\n" } }, "type": "object" } }, "aws:organizations/account:Account": { "description": "Provides a resource to create a member account in the current organization.\n\n\u003e **Note:** Account management must be done from the organization's master account.\n\n!\u003e **WARNING:** Deleting this resource will only remove an AWS account from an organization. This provider will not close the account. The member account must be prepared to be a standalone account beforehand. See the [AWS Organizations documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html) for more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst account = new aws.organizations.Account(\"account\", {\n email: \"john@doe.org\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccount = aws.organizations.Account(\"account\", email=\"john@doe.org\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var account = new Aws.Organizations.Account(\"account\", new Aws.Organizations.AccountArgs\n {\n Email = \"john@doe.org\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = organizations.NewAccount(ctx, \"account\", \u0026organizations.AccountArgs{\n\t\t\tEmail: pulumi.String(\"john@doe.org\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN for this account.\n" }, "email": { "type": "string", "description": "The email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.\n" }, "iamUserAccessToBilling": { "type": "string", "description": "If set to `ALLOW`, the new account enables IAM users to access account billing information if they have the required permissions. If set to `DENY`, then only the root user of the new account can access account billing information.\n" }, "joinedMethod": { "type": "string" }, "joinedTimestamp": { "type": "string" }, "name": { "type": "string", "description": "A friendly name for the member account.\n" }, "parentId": { "type": "string", "description": "Parent Organizational Unit ID or Root ID for the account. Defaults to the Organization default Root ID. A configuration must be present for this argument to perform drift detection.\n" }, "roleName": { "type": "string", "description": "The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the master account, allowing users in the master account to assume the role, as permitted by the master account administrator. The role has administrator permissions in the new member account. The Organizations API provides no method for reading this information after account creation, so this provider cannot perform drift detection on its value and will always show a difference for a configured value after import unless [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) is used.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" } }, "required": [ "arn", "email", "joinedMethod", "joinedTimestamp", "name", "parentId", "status" ], "inputProperties": { "email": { "type": "string", "description": "The email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.\n" }, "iamUserAccessToBilling": { "type": "string", "description": "If set to `ALLOW`, the new account enables IAM users to access account billing information if they have the required permissions. If set to `DENY`, then only the root user of the new account can access account billing information.\n" }, "name": { "type": "string", "description": "A friendly name for the member account.\n" }, "parentId": { "type": "string", "description": "Parent Organizational Unit ID or Root ID for the account. Defaults to the Organization default Root ID. A configuration must be present for this argument to perform drift detection.\n" }, "roleName": { "type": "string", "description": "The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the master account, allowing users in the master account to assume the role, as permitted by the master account administrator. The role has administrator permissions in the new member account. The Organizations API provides no method for reading this information after account creation, so this provider cannot perform drift detection on its value and will always show a difference for a configured value after import unless [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) is used.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" } }, "requiredInputs": [ "email" ], "stateInputs": { "description": "Input properties used for looking up and filtering Account resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN for this account.\n" }, "email": { "type": "string", "description": "The email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.\n" }, "iamUserAccessToBilling": { "type": "string", "description": "If set to `ALLOW`, the new account enables IAM users to access account billing information if they have the required permissions. If set to `DENY`, then only the root user of the new account can access account billing information.\n" }, "joinedMethod": { "type": "string" }, "joinedTimestamp": { "type": "string" }, "name": { "type": "string", "description": "A friendly name for the member account.\n" }, "parentId": { "type": "string", "description": "Parent Organizational Unit ID or Root ID for the account. Defaults to the Organization default Root ID. A configuration must be present for this argument to perform drift detection.\n" }, "roleName": { "type": "string", "description": "The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the master account, allowing users in the master account to assume the role, as permitted by the master account administrator. The role has administrator permissions in the new member account. The Organizations API provides no method for reading this information after account creation, so this provider cannot perform drift detection on its value and will always show a difference for a configured value after import unless [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) is used.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" } }, "type": "object" } }, "aws:organizations/organization:Organization": { "description": "Provides a resource to create an organization.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst org = new aws.organizations.Organization(\"org\", {\n awsServiceAccessPrincipals: [\n \"cloudtrail.amazonaws.com\",\n \"config.amazonaws.com\",\n ],\n featureSet: \"ALL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norg = aws.organizations.Organization(\"org\",\n aws_service_access_principals=[\n \"cloudtrail.amazonaws.com\",\n \"config.amazonaws.com\",\n ],\n feature_set=\"ALL\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var org = new Aws.Organizations.Organization(\"org\", new Aws.Organizations.OrganizationArgs\n {\n AwsServiceAccessPrincipals = \n {\n \"cloudtrail.amazonaws.com\",\n \"config.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = organizations.NewOrganization(ctx, \"org\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"cloudtrail.amazonaws.com\"),\n\t\t\t\tpulumi.String(\"config.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationAccount:OrganizationAccount" }, "description": "List of organization accounts including the master account. For a list excluding the master account, see the `non_master_accounts` attribute. All elements have these attributes:\n" }, "arn": { "type": "string", "description": "ARN of the root\n" }, "awsServiceAccessPrincipals": { "type": "array", "items": { "type": "string" }, "description": "List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `feature_set` set to `ALL`. For additional information, see the [AWS Organizations User Guide](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html).\n" }, "enabledPolicyTypes": { "type": "array", "items": { "type": "string" }, "description": "List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g. `SERVICE_CONTROL_POLICY` and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n" }, "featureSet": { "type": "string", "description": "Specify \"ALL\" (default) or \"CONSOLIDATED_BILLING\".\n" }, "masterAccountArn": { "type": "string", "description": "ARN of the master account\n" }, "masterAccountEmail": { "type": "string", "description": "Email address of the master account\n" }, "masterAccountId": { "type": "string", "description": "Identifier of the master account\n" }, "nonMasterAccounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationNonMasterAccount:OrganizationNonMasterAccount" }, "description": "List of organization accounts excluding the master account. For a list including the master account, see the `accounts` attribute. All elements have these attributes:\n" }, "roots": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationRoot:OrganizationRoot" }, "description": "List of organization roots. All elements have these attributes:\n" } }, "required": [ "accounts", "arn", "masterAccountArn", "masterAccountEmail", "masterAccountId", "nonMasterAccounts", "roots" ], "inputProperties": { "awsServiceAccessPrincipals": { "type": "array", "items": { "type": "string" }, "description": "List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `feature_set` set to `ALL`. For additional information, see the [AWS Organizations User Guide](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html).\n" }, "enabledPolicyTypes": { "type": "array", "items": { "type": "string" }, "description": "List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g. `SERVICE_CONTROL_POLICY` and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n" }, "featureSet": { "type": "string", "description": "Specify \"ALL\" (default) or \"CONSOLIDATED_BILLING\".\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Organization resources.\n", "properties": { "accounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationAccount:OrganizationAccount" }, "description": "List of organization accounts including the master account. For a list excluding the master account, see the `non_master_accounts` attribute. All elements have these attributes:\n" }, "arn": { "type": "string", "description": "ARN of the root\n" }, "awsServiceAccessPrincipals": { "type": "array", "items": { "type": "string" }, "description": "List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `feature_set` set to `ALL`. For additional information, see the [AWS Organizations User Guide](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html).\n" }, "enabledPolicyTypes": { "type": "array", "items": { "type": "string" }, "description": "List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g. `SERVICE_CONTROL_POLICY` and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n" }, "featureSet": { "type": "string", "description": "Specify \"ALL\" (default) or \"CONSOLIDATED_BILLING\".\n" }, "masterAccountArn": { "type": "string", "description": "ARN of the master account\n" }, "masterAccountEmail": { "type": "string", "description": "Email address of the master account\n" }, "masterAccountId": { "type": "string", "description": "Identifier of the master account\n" }, "nonMasterAccounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationNonMasterAccount:OrganizationNonMasterAccount" }, "description": "List of organization accounts excluding the master account. For a list including the master account, see the `accounts` attribute. All elements have these attributes:\n" }, "roots": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationRoot:OrganizationRoot" }, "description": "List of organization roots. All elements have these attributes:\n" } }, "type": "object" } }, "aws:organizations/organizationalUnit:OrganizationalUnit": { "description": "Provides a resource to create an organizational unit.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.OrganizationalUnit(\"example\", {\n parentId: aws_organizations_organization_example.roots.0.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.OrganizationalUnit(\"example\", parent_id=aws_organizations_organization[\"example\"][\"roots\"][0][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Organizations.OrganizationalUnit(\"example\", new Aws.Organizations.OrganizationalUnitArgs\n {\n ParentId = aws_organizations_organization.Example.Roots[0].Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = organizations.NewOrganizationalUnit(ctx, \"example\", \u0026organizations.OrganizationalUnitArgs{\n\t\t\tParentId: pulumi.String(aws_organizations_organization.Example.Roots[0].Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationalUnitAccount:OrganizationalUnitAccount" }, "description": "List of child accounts for this Organizational Unit. Does not return account information for child Organizational Units. All elements have these attributes:\n" }, "arn": { "type": "string", "description": "ARN of the organizational unit\n" }, "name": { "type": "string", "description": "The name for the organizational unit\n" }, "parentId": { "type": "string", "description": "ID of the parent organizational unit, which may be the root\n" } }, "required": [ "accounts", "arn", "name", "parentId" ], "inputProperties": { "name": { "type": "string", "description": "The name for the organizational unit\n" }, "parentId": { "type": "string", "description": "ID of the parent organizational unit, which may be the root\n" } }, "requiredInputs": [ "parentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationalUnit resources.\n", "properties": { "accounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationalUnitAccount:OrganizationalUnitAccount" }, "description": "List of child accounts for this Organizational Unit. Does not return account information for child Organizational Units. All elements have these attributes:\n" }, "arn": { "type": "string", "description": "ARN of the organizational unit\n" }, "name": { "type": "string", "description": "The name for the organizational unit\n" }, "parentId": { "type": "string", "description": "ID of the parent organizational unit, which may be the root\n" } }, "type": "object" } }, "aws:organizations/policy:Policy": { "description": "Provides a resource to manage an [AWS Organizations policy](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Policy(\"example\", {\n content: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": {\n \"Effect\": \"Allow\",\n \"Action\": \"*\",\n \"Resource\": \"*\"\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Policy(\"example\", content=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": {\n \"Effect\": \"Allow\",\n \"Action\": \"*\",\n \"Resource\": \"*\"\n }\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Organizations.Policy(\"example\", new Aws.Organizations.PolicyArgs\n {\n Content = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": \"\"*\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = organizations.NewPolicy(ctx, \"example\", \u0026organizations.PolicyArgs{\n\t\t\tContent: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Action\\\": \\\"*\\\",\\n\", \" \\\"Resource\\\": \\\"*\\\"\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the policy.\n" }, "content": { "type": "string", "description": "The policy content to add to the new policy. For example, if you create a [service control policy (SCP)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the [Service Control Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) and for more information on the Tag Policy syntax, see the [Tag Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_example-tag-policies.html).\n" }, "description": { "type": "string", "description": "A description to assign to the policy.\n" }, "name": { "type": "string", "description": "The friendly name to assign to the policy.\n" }, "type": { "type": "string", "description": "The type of policy to create. Currently, the only valid values are `SERVICE_CONTROL_POLICY` (SCP) and `TAG_POLICY`. Defaults to `SERVICE_CONTROL_POLICY`.\n" } }, "required": [ "arn", "content", "name" ], "inputProperties": { "content": { "type": "string", "description": "The policy content to add to the new policy. For example, if you create a [service control policy (SCP)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the [Service Control Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) and for more information on the Tag Policy syntax, see the [Tag Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_example-tag-policies.html).\n" }, "description": { "type": "string", "description": "A description to assign to the policy.\n" }, "name": { "type": "string", "description": "The friendly name to assign to the policy.\n" }, "type": { "type": "string", "description": "The type of policy to create. Currently, the only valid values are `SERVICE_CONTROL_POLICY` (SCP) and `TAG_POLICY`. Defaults to `SERVICE_CONTROL_POLICY`.\n" } }, "requiredInputs": [ "content" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the policy.\n" }, "content": { "type": "string", "description": "The policy content to add to the new policy. For example, if you create a [service control policy (SCP)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the [Service Control Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) and for more information on the Tag Policy syntax, see the [Tag Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_example-tag-policies.html).\n" }, "description": { "type": "string", "description": "A description to assign to the policy.\n" }, "name": { "type": "string", "description": "The friendly name to assign to the policy.\n" }, "type": { "type": "string", "description": "The type of policy to create. Currently, the only valid values are `SERVICE_CONTROL_POLICY` (SCP) and `TAG_POLICY`. Defaults to `SERVICE_CONTROL_POLICY`.\n" } }, "type": "object" } }, "aws:organizations/policyAttachment:PolicyAttachment": { "description": "Provides a resource to attach an AWS Organizations policy to an organization account, root, or unit.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Organization Account\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst account = new aws.organizations.PolicyAttachment(\"account\", {\n policyId: aws_organizations_policy_example.id,\n targetId: \"123456789012\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccount = aws.organizations.PolicyAttachment(\"account\",\n policy_id=aws_organizations_policy[\"example\"][\"id\"],\n target_id=\"123456789012\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var account = new Aws.Organizations.PolicyAttachment(\"account\", new Aws.Organizations.PolicyAttachmentArgs\n {\n PolicyId = aws_organizations_policy.Example.Id,\n TargetId = \"123456789012\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = organizations.NewPolicyAttachment(ctx, \"account\", \u0026organizations.PolicyAttachmentArgs{\n\t\t\tPolicyId: pulumi.String(aws_organizations_policy.Example.Id),\n\t\t\tTargetId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Organization Root\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst root = new aws.organizations.PolicyAttachment(\"root\", {\n policyId: aws_organizations_policy_example.id,\n targetId: aws_organizations_organization_example.roots.0.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroot = aws.organizations.PolicyAttachment(\"root\",\n policy_id=aws_organizations_policy[\"example\"][\"id\"],\n target_id=aws_organizations_organization[\"example\"][\"roots\"][0][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var root = new Aws.Organizations.PolicyAttachment(\"root\", new Aws.Organizations.PolicyAttachmentArgs\n {\n PolicyId = aws_organizations_policy.Example.Id,\n TargetId = aws_organizations_organization.Example.Roots[0].Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = organizations.NewPolicyAttachment(ctx, \"root\", \u0026organizations.PolicyAttachmentArgs{\n\t\t\tPolicyId: pulumi.String(aws_organizations_policy.Example.Id),\n\t\t\tTargetId: pulumi.String(aws_organizations_organization.Example.Roots[0].Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Organization Unit\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst unit = new aws.organizations.PolicyAttachment(\"unit\", {\n policyId: aws_organizations_policy_example.id,\n targetId: aws_organizations_organizational_unit_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nunit = aws.organizations.PolicyAttachment(\"unit\",\n policy_id=aws_organizations_policy[\"example\"][\"id\"],\n target_id=aws_organizations_organizational_unit[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var unit = new Aws.Organizations.PolicyAttachment(\"unit\", new Aws.Organizations.PolicyAttachmentArgs\n {\n PolicyId = aws_organizations_policy.Example.Id,\n TargetId = aws_organizations_organizational_unit.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = organizations.NewPolicyAttachment(ctx, \"unit\", \u0026organizations.PolicyAttachmentArgs{\n\t\t\tPolicyId: pulumi.String(aws_organizations_policy.Example.Id),\n\t\t\tTargetId: pulumi.String(aws_organizations_organizational_unit.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "policyId": { "type": "string", "description": "The unique identifier (ID) of the policy that you want to attach to the target.\n" }, "targetId": { "type": "string", "description": "The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.\n" } }, "required": [ "policyId", "targetId" ], "inputProperties": { "policyId": { "type": "string", "description": "The unique identifier (ID) of the policy that you want to attach to the target.\n" }, "targetId": { "type": "string", "description": "The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.\n" } }, "requiredInputs": [ "policyId", "targetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PolicyAttachment resources.\n", "properties": { "policyId": { "type": "string", "description": "The unique identifier (ID) of the policy that you want to attach to the target.\n" }, "targetId": { "type": "string", "description": "The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.\n" } }, "type": "object" } }, "aws:pinpoint/admChannel:AdmChannel": { "description": "Provides a Pinpoint ADM (Amazon Device Messaging) Channel resource.\n\n\u003e **Note:** All arguments including the Client ID and Client Secret will be stored in the raw state as plain-text.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst channel = new aws.pinpoint.AdmChannel(\"channel\", {\n applicationId: app.applicationId,\n clientId: \"\",\n clientSecret: \"\",\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\nchannel = aws.pinpoint.AdmChannel(\"channel\",\n application_id=app.application_id,\n client_id=\"\",\n client_secret=\"\",\n enabled=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var app = new Aws.Pinpoint.App(\"app\", new Aws.Pinpoint.AppArgs\n {\n });\n var channel = new Aws.Pinpoint.AdmChannel(\"channel\", new Aws.Pinpoint.AdmChannelArgs\n {\n ApplicationId = app.ApplicationId,\n ClientId = \"\",\n ClientSecret = \"\",\n Enabled = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewAdmChannel(ctx, \"channel\", \u0026pinpoint.AdmChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tClientId: pulumi.String(\"\"),\n\t\t\tClientSecret: pulumi.String(\"\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "clientId": { "type": "string", "description": "Client ID (part of OAuth Credentials) obtained via Amazon Developer Account.\n" }, "clientSecret": { "type": "string", "description": "Client Secret (part of OAuth Credentials) obtained via Amazon Developer Account.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" } }, "required": [ "applicationId", "clientId", "clientSecret" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "clientId": { "type": "string", "description": "Client ID (part of OAuth Credentials) obtained via Amazon Developer Account.\n" }, "clientSecret": { "type": "string", "description": "Client Secret (part of OAuth Credentials) obtained via Amazon Developer Account.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" } }, "requiredInputs": [ "applicationId", "clientId", "clientSecret" ], "stateInputs": { "description": "Input properties used for looking up and filtering AdmChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "clientId": { "type": "string", "description": "Client ID (part of OAuth Credentials) obtained via Amazon Developer Account.\n" }, "clientSecret": { "type": "string", "description": "Client Secret (part of OAuth Credentials) obtained via Amazon Developer Account.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" } }, "type": "object" } }, "aws:pinpoint/apnsChannel:ApnsChannel": { "description": "Provides a Pinpoint APNs Channel resource.\n\n\u003e **Note:** All arguments, including certificates and tokens, will be stored in the raw state as plain-text.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "required": [ "applicationId" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApnsChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "type": "object" } }, "aws:pinpoint/apnsSandboxChannel:ApnsSandboxChannel": { "description": "Provides a Pinpoint APNs Sandbox Channel resource.\n\n\u003e **Note:** All arguments, including certificates and tokens, will be stored in the raw state as plain-text.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs Sandbox. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "required": [ "applicationId" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs Sandbox. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApnsSandboxChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs Sandbox. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "type": "object" } }, "aws:pinpoint/apnsVoipChannel:ApnsVoipChannel": { "description": "Provides a Pinpoint APNs VoIP Channel resource.\n\n\u003e **Note:** All arguments, including certificates and tokens, will be stored in the raw state as plain-text.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "required": [ "applicationId" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApnsVoipChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "type": "object" } }, "aws:pinpoint/apnsVoipSandboxChannel:ApnsVoipSandboxChannel": { "description": "Provides a Pinpoint APNs VoIP Sandbox Channel resource.\n\n\u003e **Note:** All arguments, including certificates and tokens, will be stored in the raw state as plain-text.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "required": [ "applicationId" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApnsVoipSandboxChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n" }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n" }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs. \n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n" }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n" }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n" }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n" } }, "type": "object" } }, "aws:pinpoint/app:App": { "description": "Provides a Pinpoint App resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.pinpoint.App(\"example\", {\n limits: {\n maximumDuration: 600,\n },\n quietTime: {\n end: \"06:00\",\n start: \"00:00\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.pinpoint.App(\"example\",\n limits={\n \"maximumDuration\": 600,\n },\n quiet_time={\n \"end\": \"06:00\",\n \"start\": \"00:00\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Pinpoint.App(\"example\", new Aws.Pinpoint.AppArgs\n {\n Limits = new Aws.Pinpoint.Inputs.AppLimitsArgs\n {\n MaximumDuration = 600,\n },\n QuietTime = new Aws.Pinpoint.Inputs.AppQuietTimeArgs\n {\n End = \"06:00\",\n Start = \"00:00\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = pinpoint.NewApp(ctx, \"example\", \u0026pinpoint.AppArgs{\n\t\t\tLimits: \u0026pinpoint.AppLimitsArgs{\n\t\t\t\tMaximumDuration: pulumi.Int(600),\n\t\t\t},\n\t\t\tQuietTime: \u0026pinpoint.AppQuietTimeArgs{\n\t\t\t\tEnd: pulumi.String(\"06:00\"),\n\t\t\t\tStart: pulumi.String(\"00:00\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applicationId": { "type": "string", "description": "The Application ID of the Pinpoint App.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the PinPoint Application\n" }, "campaignHook": { "$ref": "#/types/aws:pinpoint/AppCampaignHook:AppCampaignHook", "description": "The default campaign limits for the app. These limits apply to each campaign for the app, unless the campaign overrides the default with limits of its own\n" }, "limits": { "$ref": "#/types/aws:pinpoint/AppLimits:AppLimits", "description": "The default campaign limits for the app. These limits apply to each campaign for the app, unless the campaign overrides the default with limits of its own\n" }, "name": { "type": "string", "description": "The application name. By default generated by this provider\n" }, "namePrefix": { "type": "string", "description": "The name of the Pinpoint application. Conflicts with `name`\n" }, "quietTime": { "$ref": "#/types/aws:pinpoint/AppQuietTime:AppQuietTime", "description": "The default quiet time for the app. Each campaign for this app sends no messages during this time unless the campaign overrides the default with a quiet time of its own\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "applicationId", "arn", "name" ], "inputProperties": { "campaignHook": { "$ref": "#/types/aws:pinpoint/AppCampaignHook:AppCampaignHook", "description": "The default campaign limits for the app. These limits apply to each campaign for the app, unless the campaign overrides the default with limits of its own\n" }, "limits": { "$ref": "#/types/aws:pinpoint/AppLimits:AppLimits", "description": "The default campaign limits for the app. These limits apply to each campaign for the app, unless the campaign overrides the default with limits of its own\n" }, "name": { "type": "string", "description": "The application name. By default generated by this provider\n" }, "namePrefix": { "type": "string", "description": "The name of the Pinpoint application. Conflicts with `name`\n" }, "quietTime": { "$ref": "#/types/aws:pinpoint/AppQuietTime:AppQuietTime", "description": "The default quiet time for the app. Each campaign for this app sends no messages during this time unless the campaign overrides the default with a quiet time of its own\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering App resources.\n", "properties": { "applicationId": { "type": "string", "description": "The Application ID of the Pinpoint App.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the PinPoint Application\n" }, "campaignHook": { "$ref": "#/types/aws:pinpoint/AppCampaignHook:AppCampaignHook", "description": "The default campaign limits for the app. These limits apply to each campaign for the app, unless the campaign overrides the default with limits of its own\n" }, "limits": { "$ref": "#/types/aws:pinpoint/AppLimits:AppLimits", "description": "The default campaign limits for the app. These limits apply to each campaign for the app, unless the campaign overrides the default with limits of its own\n" }, "name": { "type": "string", "description": "The application name. By default generated by this provider\n" }, "namePrefix": { "type": "string", "description": "The name of the Pinpoint application. Conflicts with `name`\n" }, "quietTime": { "$ref": "#/types/aws:pinpoint/AppQuietTime:AppQuietTime", "description": "The default quiet time for the app. Each campaign for this app sends no messages during this time unless the campaign overrides the default with a quiet time of its own\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:pinpoint/baiduChannel:BaiduChannel": { "description": "Provides a Pinpoint Baidu Channel resource.\n\n\u003e **Note:** All arguments including the Api Key and Secret Key will be stored in the raw state as plain-text.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst channel = new aws.pinpoint.BaiduChannel(\"channel\", {\n apiKey: \"\",\n applicationId: app.applicationId,\n secretKey: \"\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\nchannel = aws.pinpoint.BaiduChannel(\"channel\",\n api_key=\"\",\n application_id=app.application_id,\n secret_key=\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var app = new Aws.Pinpoint.App(\"app\", new Aws.Pinpoint.AppArgs\n {\n });\n var channel = new Aws.Pinpoint.BaiduChannel(\"channel\", new Aws.Pinpoint.BaiduChannelArgs\n {\n ApiKey = \"\",\n ApplicationId = app.ApplicationId,\n SecretKey = \"\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewBaiduChannel(ctx, \"channel\", \u0026pinpoint.BaiduChannelArgs{\n\t\t\tApiKey: pulumi.String(\"\"),\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tSecretKey: pulumi.String(\"\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiKey": { "type": "string", "description": "Platform credential API key from Baidu.\n" }, "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" }, "secretKey": { "type": "string", "description": "Platform credential Secret key from Baidu.\n" } }, "required": [ "apiKey", "applicationId", "secretKey" ], "inputProperties": { "apiKey": { "type": "string", "description": "Platform credential API key from Baidu.\n" }, "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" }, "secretKey": { "type": "string", "description": "Platform credential Secret key from Baidu.\n" } }, "requiredInputs": [ "apiKey", "applicationId", "secretKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering BaiduChannel resources.\n", "properties": { "apiKey": { "type": "string", "description": "Platform credential API key from Baidu.\n" }, "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" }, "secretKey": { "type": "string", "description": "Platform credential Secret key from Baidu.\n" } }, "type": "object" } }, "aws:pinpoint/emailChannel:EmailChannel": { "description": "Provides a Pinpoint Email Channel resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst identity = new aws.ses.DomainIdentity(\"identity\", {\n domain: \"example.com\",\n});\nconst role = new aws.iam.Role(\"role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"pinpoint.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst email = new aws.pinpoint.EmailChannel(\"email\", {\n applicationId: app.applicationId,\n fromAddress: \"user@example.com\",\n identity: identity.arn,\n roleArn: role.arn,\n});\nconst rolePolicy = new aws.iam.RolePolicy(\"role_policy\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": {\n \"Action\": [\n \"mobileanalytics:PutEvents\",\n \"mobileanalytics:PutItems\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"*\"\n ]\n }\n}\n`,\n role: role.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\nidentity = aws.ses.DomainIdentity(\"identity\", domain=\"example.com\")\nrole = aws.iam.Role(\"role\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"pinpoint.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\nemail = aws.pinpoint.EmailChannel(\"email\",\n application_id=app.application_id,\n from_address=\"user@example.com\",\n identity=identity.arn,\n role_arn=role.arn)\nrole_policy = aws.iam.RolePolicy(\"rolePolicy\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": {\n \"Action\": [\n \"mobileanalytics:PutEvents\",\n \"mobileanalytics:PutItems\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"*\"\n ]\n }\n}\n\n\"\"\",\n role=role.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var app = new Aws.Pinpoint.App(\"app\", new Aws.Pinpoint.AppArgs\n {\n });\n var identity = new Aws.Ses.DomainIdentity(\"identity\", new Aws.Ses.DomainIdentityArgs\n {\n Domain = \"example.com\",\n });\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"pinpoint.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var email = new Aws.Pinpoint.EmailChannel(\"email\", new Aws.Pinpoint.EmailChannelArgs\n {\n ApplicationId = app.ApplicationId,\n FromAddress = \"user@example.com\",\n Identity = identity.Arn,\n RoleArn = role.Arn,\n });\n var rolePolicy = new Aws.Iam.RolePolicy(\"rolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": {\n \"\"Action\"\": [\n \"\"mobileanalytics:PutEvents\"\",\n \"\"mobileanalytics:PutItems\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": [\n \"\"*\"\"\n ]\n }\n}\n\n\",\n Role = role.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tidentity, err := ses.NewDomainIdentity(ctx, \"identity\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"pinpoint.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewEmailChannel(ctx, \"email\", \u0026pinpoint.EmailChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tFromAddress: pulumi.String(\"user@example.com\"),\n\t\t\tIdentity: identity.Arn,\n\t\t\tRoleArn: role.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"rolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"mobileanalytics:PutEvents\\\",\\n\", \" \\\"mobileanalytics:PutItems\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": [\\n\", \" \\\"*\\\"\\n\", \" ]\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRole: role.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "fromAddress": { "type": "string", "description": "The email address used to send emails from.\n" }, "identity": { "type": "string", "description": "The ARN of an identity verified with SES.\n" }, "messagesPerSecond": { "type": "integer", "description": "Messages per second that can be sent.\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM Role used to submit events to Mobile Analytics' event ingestion service.\n" } }, "required": [ "applicationId", "fromAddress", "identity", "messagesPerSecond", "roleArn" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "fromAddress": { "type": "string", "description": "The email address used to send emails from.\n" }, "identity": { "type": "string", "description": "The ARN of an identity verified with SES.\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM Role used to submit events to Mobile Analytics' event ingestion service.\n" } }, "requiredInputs": [ "applicationId", "fromAddress", "identity", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EmailChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "fromAddress": { "type": "string", "description": "The email address used to send emails from.\n" }, "identity": { "type": "string", "description": "The ARN of an identity verified with SES.\n" }, "messagesPerSecond": { "type": "integer", "description": "Messages per second that can be sent.\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM Role used to submit events to Mobile Analytics' event ingestion service.\n" } }, "type": "object" } }, "aws:pinpoint/eventStream:EventStream": { "description": "Provides a Pinpoint Event Stream resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst testStream = new aws.kinesis.Stream(\"test_stream\", {\n shardCount: 1,\n});\nconst testRole = new aws.iam.Role(\"test_role\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"pinpoint.us-east-1.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst stream = new aws.pinpoint.EventStream(\"stream\", {\n applicationId: app.applicationId,\n destinationStreamArn: testStream.arn,\n roleArn: testRole.arn,\n});\nconst testRolePolicy = new aws.iam.RolePolicy(\"test_role_policy\", {\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": {\n \"Action\": [\n \"kinesis:PutRecords\",\n \"kinesis:DescribeStream\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"arn:aws:kinesis:us-east-1:*:*/*\"\n ]\n }\n}\n`,\n role: testRole.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\ntest_stream = aws.kinesis.Stream(\"testStream\", shard_count=1)\ntest_role = aws.iam.Role(\"testRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"pinpoint.us-east-1.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\nstream = aws.pinpoint.EventStream(\"stream\",\n application_id=app.application_id,\n destination_stream_arn=test_stream.arn,\n role_arn=test_role.arn)\ntest_role_policy = aws.iam.RolePolicy(\"testRolePolicy\",\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": {\n \"Action\": [\n \"kinesis:PutRecords\",\n \"kinesis:DescribeStream\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"arn:aws:kinesis:us-east-1:*:*/*\"\n ]\n }\n}\n\n\"\"\",\n role=test_role.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var app = new Aws.Pinpoint.App(\"app\", new Aws.Pinpoint.AppArgs\n {\n });\n var testStream = new Aws.Kinesis.Stream(\"testStream\", new Aws.Kinesis.StreamArgs\n {\n ShardCount = 1,\n });\n var testRole = new Aws.Iam.Role(\"testRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"pinpoint.us-east-1.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var stream = new Aws.Pinpoint.EventStream(\"stream\", new Aws.Pinpoint.EventStreamArgs\n {\n ApplicationId = app.ApplicationId,\n DestinationStreamArn = testStream.Arn,\n RoleArn = testRole.Arn,\n });\n var testRolePolicy = new Aws.Iam.RolePolicy(\"testRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": {\n \"\"Action\"\": [\n \"\"kinesis:PutRecords\"\",\n \"\"kinesis:DescribeStream\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": [\n \"\"arn:aws:kinesis:us-east-1:*:*/*\"\"\n ]\n }\n}\n\n\",\n Role = testRole.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStream, err := kinesis.NewStream(ctx, \"testStream\", \u0026kinesis.StreamArgs{\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRole, err := iam.NewRole(ctx, \"testRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"pinpoint.us-east-1.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Sid\\\": \\\"\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewEventStream(ctx, \"stream\", \u0026pinpoint.EventStreamArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tDestinationStreamArn: testStream.Arn,\n\t\t\tRoleArn: testRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"testRolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"kinesis:PutRecords\\\",\\n\", \" \\\"kinesis:DescribeStream\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": [\\n\", \" \\\"arn:aws:kinesis:us-east-1:*:*/*\\\"\\n\", \" ]\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRole: testRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "destinationStreamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Kinesis stream or Firehose delivery stream to which you want to publish events.\n" }, "roleArn": { "type": "string", "description": "The IAM role that authorizes Amazon Pinpoint to publish events to the stream in your account.\n" } }, "required": [ "applicationId", "destinationStreamArn", "roleArn" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "destinationStreamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Kinesis stream or Firehose delivery stream to which you want to publish events.\n" }, "roleArn": { "type": "string", "description": "The IAM role that authorizes Amazon Pinpoint to publish events to the stream in your account.\n" } }, "requiredInputs": [ "applicationId", "destinationStreamArn", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventStream resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "destinationStreamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Kinesis stream or Firehose delivery stream to which you want to publish events.\n" }, "roleArn": { "type": "string", "description": "The IAM role that authorizes Amazon Pinpoint to publish events to the stream in your account.\n" } }, "type": "object" } }, "aws:pinpoint/gcmChannel:GcmChannel": { "description": "Provides a Pinpoint GCM Channel resource.\n\n\u003e **Note:** Api Key argument will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst gcm = new aws.pinpoint.GcmChannel(\"gcm\", {\n apiKey: \"api_key\",\n applicationId: app.applicationId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\ngcm = aws.pinpoint.GcmChannel(\"gcm\",\n api_key=\"api_key\",\n application_id=app.application_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var app = new Aws.Pinpoint.App(\"app\", new Aws.Pinpoint.AppArgs\n {\n });\n var gcm = new Aws.Pinpoint.GcmChannel(\"gcm\", new Aws.Pinpoint.GcmChannelArgs\n {\n ApiKey = \"api_key\",\n ApplicationId = app.ApplicationId,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewGcmChannel(ctx, \"gcm\", \u0026pinpoint.GcmChannelArgs{\n\t\t\tApiKey: pulumi.String(\"api_key\"),\n\t\t\tApplicationId: app.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "apiKey": { "type": "string", "description": "Platform credential API key from Google.\n" }, "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" } }, "required": [ "apiKey", "applicationId" ], "inputProperties": { "apiKey": { "type": "string", "description": "Platform credential API key from Google.\n" }, "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" } }, "requiredInputs": [ "apiKey", "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering GcmChannel resources.\n", "properties": { "apiKey": { "type": "string", "description": "Platform credential API key from Google.\n" }, "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" } }, "type": "object" } }, "aws:pinpoint/smsChannel:SmsChannel": { "description": "Provides a Pinpoint SMS Channel resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst sms = new aws.pinpoint.SmsChannel(\"sms\", {\n applicationId: app.applicationId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\nsms = aws.pinpoint.SmsChannel(\"sms\", application_id=app.application_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var app = new Aws.Pinpoint.App(\"app\", new Aws.Pinpoint.AppArgs\n {\n });\n var sms = new Aws.Pinpoint.SmsChannel(\"sms\", new Aws.Pinpoint.SmsChannelArgs\n {\n ApplicationId = app.ApplicationId,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewSmsChannel(ctx, \"sms\", \u0026pinpoint.SmsChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "promotionalMessagesPerSecond": { "type": "integer", "description": "Promotional messages per second that can be sent.\n" }, "senderId": { "type": "string", "description": "Sender identifier of your messages.\n" }, "shortCode": { "type": "string", "description": "The Short Code registered with the phone provider.\n" }, "transactionalMessagesPerSecond": { "type": "integer", "description": "Transactional messages per second that can be sent.\n" } }, "required": [ "applicationId", "promotionalMessagesPerSecond", "transactionalMessagesPerSecond" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "senderId": { "type": "string", "description": "Sender identifier of your messages.\n" }, "shortCode": { "type": "string", "description": "The Short Code registered with the phone provider.\n" } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SmsChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "promotionalMessagesPerSecond": { "type": "integer", "description": "Promotional messages per second that can be sent.\n" }, "senderId": { "type": "string", "description": "Sender identifier of your messages.\n" }, "shortCode": { "type": "string", "description": "The Short Code registered with the phone provider.\n" }, "transactionalMessagesPerSecond": { "type": "integer", "description": "Transactional messages per second that can be sent.\n" } }, "type": "object" } }, "aws:qldb/ledger:Ledger": { "description": "Provides an AWS Quantum Ledger Database (QLDB) resource\n\n\u003e **NOTE:** Deletion protection is enabled by default. To successfully delete this resource via this provider, `deletion_protection = false` must be applied before attempting deletion.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sample_ledger = new aws.qldb.Ledger(\"sample-ledger\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsample_ledger = aws.qldb.Ledger(\"sample-ledger\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var sample_ledger = new Aws.Qldb.Ledger(\"sample-ledger\", new Aws.Qldb.LedgerArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/qldb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = qldb.NewLedger(ctx, \"sample-ledger\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the QLDB Ledger\n" }, "deletionProtection": { "type": "boolean", "description": "The deletion protection for the QLDB Ledger instance. By default it is `true`. To delete this resource via this provider, this value must be configured to `false` and applied first before attempting deletion.\n" }, "name": { "type": "string", "description": "The friendly name for the QLDB Ledger instance. This is atuo generated by default.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" } }, "required": [ "arn", "name" ], "inputProperties": { "deletionProtection": { "type": "boolean", "description": "The deletion protection for the QLDB Ledger instance. By default it is `true`. To delete this resource via this provider, this value must be configured to `false` and applied first before attempting deletion.\n" }, "name": { "type": "string", "description": "The friendly name for the QLDB Ledger instance. This is atuo generated by default.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Ledger resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the QLDB Ledger\n" }, "deletionProtection": { "type": "boolean", "description": "The deletion protection for the QLDB Ledger instance. By default it is `true`. To delete this resource via this provider, this value must be configured to `false` and applied first before attempting deletion.\n" }, "name": { "type": "string", "description": "The friendly name for the QLDB Ledger instance. This is atuo generated by default.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" } }, "type": "object" } }, "aws:quicksight/group:Group": { "description": "Resource for managing QuickSight Group\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.Group(\"example\", {\n groupName: \"tf-example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.Group(\"example\", group_name=\"tf-example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Quicksight.Group(\"example\", new Aws.Quicksight.GroupArgs\n {\n GroupName = \"tf-example\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = quicksight.NewGroup(ctx, \"example\", \u0026quicksight.GroupArgs{\n\t\t\tGroupName: pulumi.String(\"tf-example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of group\n" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the group is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n" }, "description": { "type": "string", "description": "A description for the group.\n" }, "groupName": { "type": "string", "description": "A name for the group.\n" }, "namespace": { "type": "string", "description": "The namespace. Currently, you should set this to `default`.\n" } }, "required": [ "arn", "awsAccountId", "groupName" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the group is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n" }, "description": { "type": "string", "description": "A description for the group.\n" }, "groupName": { "type": "string", "description": "A name for the group.\n" }, "namespace": { "type": "string", "description": "The namespace. Currently, you should set this to `default`.\n" } }, "requiredInputs": [ "groupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of group\n" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the group is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n" }, "description": { "type": "string", "description": "A description for the group.\n" }, "groupName": { "type": "string", "description": "A name for the group.\n" }, "namespace": { "type": "string", "description": "The namespace. Currently, you should set this to `default`.\n" } }, "type": "object" } }, "aws:quicksight/user:User": { "description": "Resource for managing QuickSight User\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.User(\"example\", {\n email: \"author@example.com\",\n identityType: \"IAM\",\n userName: \"an-author\",\n userRole: \"AUTHOR\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.User(\"example\",\n email=\"author@example.com\",\n identity_type=\"IAM\",\n user_name=\"an-author\",\n user_role=\"AUTHOR\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Quicksight.User(\"example\", new Aws.Quicksight.UserArgs\n {\n Email = \"author@example.com\",\n IdentityType = \"IAM\",\n UserName = \"an-author\",\n UserRole = \"AUTHOR\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = quicksight.NewUser(ctx, \"example\", \u0026quicksight.UserArgs{\n\t\t\tEmail: pulumi.String(\"author@example.com\"),\n\t\t\tIdentityType: pulumi.String(\"IAM\"),\n\t\t\tUserName: pulumi.String(\"an-author\"),\n\t\t\tUserRole: pulumi.String(\"AUTHOR\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the user\n" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the user is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n" }, "email": { "type": "string", "description": "The email address of the user that you want to register.\n" }, "iamArn": { "type": "string", "description": "The ARN of the IAM user or role that you are registering with Amazon QuickSight.\n" }, "identityType": { "type": "string", "description": "Amazon QuickSight supports several ways of managing the identity of users. This parameter accepts either `IAM` or `QUICKSIGHT`.\n" }, "namespace": { "type": "string", "description": "The namespace. Currently, you should set this to `default`.\n" }, "sessionName": { "type": "string", "description": "The name of the IAM session to use when assuming roles that can embed QuickSight dashboards.\n" }, "userName": { "type": "string", "description": "The Amazon QuickSight user name that you want to create for the user you are registering.\n" }, "userRole": { "type": "string", "description": "The Amazon QuickSight role of the user. The user role can be one of the following: `READER`, `AUTHOR`, or `ADMIN`\n" } }, "required": [ "arn", "awsAccountId", "email", "identityType", "userRole" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the user is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n" }, "email": { "type": "string", "description": "The email address of the user that you want to register.\n" }, "iamArn": { "type": "string", "description": "The ARN of the IAM user or role that you are registering with Amazon QuickSight.\n" }, "identityType": { "type": "string", "description": "Amazon QuickSight supports several ways of managing the identity of users. This parameter accepts either `IAM` or `QUICKSIGHT`.\n" }, "namespace": { "type": "string", "description": "The namespace. Currently, you should set this to `default`.\n" }, "sessionName": { "type": "string", "description": "The name of the IAM session to use when assuming roles that can embed QuickSight dashboards.\n" }, "userName": { "type": "string", "description": "The Amazon QuickSight user name that you want to create for the user you are registering.\n" }, "userRole": { "type": "string", "description": "The Amazon QuickSight role of the user. The user role can be one of the following: `READER`, `AUTHOR`, or `ADMIN`\n" } }, "requiredInputs": [ "email", "identityType", "userRole" ], "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the user\n" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the user is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n" }, "email": { "type": "string", "description": "The email address of the user that you want to register.\n" }, "iamArn": { "type": "string", "description": "The ARN of the IAM user or role that you are registering with Amazon QuickSight.\n" }, "identityType": { "type": "string", "description": "Amazon QuickSight supports several ways of managing the identity of users. This parameter accepts either `IAM` or `QUICKSIGHT`.\n" }, "namespace": { "type": "string", "description": "The namespace. Currently, you should set this to `default`.\n" }, "sessionName": { "type": "string", "description": "The name of the IAM session to use when assuming roles that can embed QuickSight dashboards.\n" }, "userName": { "type": "string", "description": "The Amazon QuickSight user name that you want to create for the user you are registering.\n" }, "userRole": { "type": "string", "description": "The Amazon QuickSight role of the user. The user role can be one of the following: `READER`, `AUTHOR`, or `ADMIN`\n" } }, "type": "object" } }, "aws:ram/principalAssociation:PrincipalAssociation": { "description": "Provides a Resource Access Manager (RAM) principal association. Depending if [RAM Sharing with AWS Organizations is enabled](https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html#getting-started-sharing-orgs), the RAM behavior with different principal types changes.\n\nWhen RAM Sharing with AWS Organizations is enabled:\n\n- For AWS Account ID, Organization, and Organizational Unit principals within the same AWS Organization, no resource share invitation is sent and resources become available automatically after creating the association.\n- For AWS Account ID principals outside the AWS Organization, a resource share invitation is sent and must be accepted before resources become available. See the `aws.ram.ResourceShareAccepter` resource to accept these invitations.\n\nWhen RAM Sharing with AWS Organizations is not enabled:\n\n- Organization and Organizational Unit principals cannot be used.\n- For AWS Account ID principals, a resource share invitation is sent and must be accepted before resources become available. See the `aws.ram.ResourceShareAccepter` resource to accept these invitations.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### AWS Account ID\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleResourceShare = new aws.ram.ResourceShare(\"example\", {\n // ... other configuration ...\n allowExternalPrincipals: true,\n});\nconst examplePrincipalAssociation = new aws.ram.PrincipalAssociation(\"example\", {\n principal: \"111111111111\",\n resourceShareArn: exampleResourceShare.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_resource_share = aws.ram.ResourceShare(\"exampleResourceShare\", allow_external_principals=True)\nexample_principal_association = aws.ram.PrincipalAssociation(\"examplePrincipalAssociation\",\n principal=\"111111111111\",\n resource_share_arn=example_resource_share.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleResourceShare = new Aws.Ram.ResourceShare(\"exampleResourceShare\", new Aws.Ram.ResourceShareArgs\n {\n AllowExternalPrincipals = true,\n });\n var examplePrincipalAssociation = new Aws.Ram.PrincipalAssociation(\"examplePrincipalAssociation\", new Aws.Ram.PrincipalAssociationArgs\n {\n Principal = \"111111111111\",\n ResourceShareArn = exampleResourceShare.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceShare, err := ram.NewResourceShare(ctx, \"exampleResourceShare\", \u0026ram.ResourceShareArgs{\n\t\t\tAllowExternalPrincipals: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ram.NewPrincipalAssociation(ctx, \"examplePrincipalAssociation\", \u0026ram.PrincipalAssociationArgs{\n\t\t\tPrincipal: pulumi.String(\"111111111111\"),\n\t\t\tResourceShareArn: exampleResourceShare.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### AWS Organization\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ram.PrincipalAssociation(\"example\", {\n principal: aws_organizations_organization_example.arn,\n resourceShareArn: aws_ram_resource_share_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ram.PrincipalAssociation(\"example\",\n principal=aws_organizations_organization[\"example\"][\"arn\"],\n resource_share_arn=aws_ram_resource_share[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ram.PrincipalAssociation(\"example\", new Aws.Ram.PrincipalAssociationArgs\n {\n Principal = aws_organizations_organization.Example.Arn,\n ResourceShareArn = aws_ram_resource_share.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ram.NewPrincipalAssociation(ctx, \"example\", \u0026ram.PrincipalAssociationArgs{\n\t\t\tPrincipal: pulumi.String(aws_organizations_organization.Example.Arn),\n\t\t\tResourceShareArn: pulumi.String(aws_ram_resource_share.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "principal": { "type": "string", "description": "The principal to associate with the resource share. Possible values are an AWS account ID, an AWS Organizations Organization ARN, or an AWS Organizations Organization Unit ARN.\n" }, "resourceShareArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n" } }, "required": [ "principal", "resourceShareArn" ], "inputProperties": { "principal": { "type": "string", "description": "The principal to associate with the resource share. Possible values are an AWS account ID, an AWS Organizations Organization ARN, or an AWS Organizations Organization Unit ARN.\n" }, "resourceShareArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n" } }, "requiredInputs": [ "principal", "resourceShareArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering PrincipalAssociation resources.\n", "properties": { "principal": { "type": "string", "description": "The principal to associate with the resource share. Possible values are an AWS account ID, an AWS Organizations Organization ARN, or an AWS Organizations Organization Unit ARN.\n" }, "resourceShareArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n" } }, "type": "object" } }, "aws:ram/resourceAssociation:ResourceAssociation": { "description": "Manages a Resource Access Manager (RAM) Resource Association.\n\n\u003e *NOTE:* Certain AWS resources (e.g. EC2 Subnets) can only be shared in an AWS account that is a member of an AWS Organizations organization with organization-wide Resource Access Manager functionality enabled. See the [Resource Access Manager User Guide](https://docs.aws.amazon.com/ram/latest/userguide/what-is.html) and AWS service specific documentation for additional information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ram.ResourceAssociation(\"example\", {\n resourceArn: aws_subnet_example.arn,\n resourceShareArn: aws_ram_resource_share_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ram.ResourceAssociation(\"example\",\n resource_arn=aws_subnet[\"example\"][\"arn\"],\n resource_share_arn=aws_ram_resource_share[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ram.ResourceAssociation(\"example\", new Aws.Ram.ResourceAssociationArgs\n {\n ResourceArn = aws_subnet.Example.Arn,\n ResourceShareArn = aws_ram_resource_share.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ram.NewResourceAssociation(ctx, \"example\", \u0026ram.ResourceAssociationArgs{\n\t\t\tResourceArn: pulumi.String(aws_subnet.Example.Arn),\n\t\t\tResourceShareArn: pulumi.String(aws_ram_resource_share.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource to associate with the RAM Resource Share.\n" }, "resourceShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the RAM Resource Share.\n" } }, "required": [ "resourceArn", "resourceShareArn" ], "inputProperties": { "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource to associate with the RAM Resource Share.\n" }, "resourceShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the RAM Resource Share.\n" } }, "requiredInputs": [ "resourceArn", "resourceShareArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceAssociation resources.\n", "properties": { "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource to associate with the RAM Resource Share.\n" }, "resourceShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the RAM Resource Share.\n" } }, "type": "object" } }, "aws:ram/resourceShare:ResourceShare": { "description": "Manages a Resource Access Manager (RAM) Resource Share. To associate principals with the share, see the `aws.ram.PrincipalAssociation` resource. To associate resources with the share, see the `aws.ram.ResourceAssociation` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ram.ResourceShare(\"example\", {\n allowExternalPrincipals: true,\n tags: {\n Environment: \"Production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ram.ResourceShare(\"example\",\n allow_external_principals=True,\n tags={\n \"Environment\": \"Production\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ram.ResourceShare(\"example\", new Aws.Ram.ResourceShareArgs\n {\n AllowExternalPrincipals = true,\n Tags = \n {\n { \"Environment\", \"Production\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ram.NewResourceShare(ctx, \"example\", \u0026ram.ResourceShareArgs{\n\t\t\tAllowExternalPrincipals: pulumi.Bool(true),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"Production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowExternalPrincipals": { "type": "boolean", "description": "Indicates whether principals outside your organization can be associated with a resource share.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n" }, "name": { "type": "string", "description": "The name of the resource share.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource share.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "allowExternalPrincipals": { "type": "boolean", "description": "Indicates whether principals outside your organization can be associated with a resource share.\n" }, "name": { "type": "string", "description": "The name of the resource share.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource share.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ResourceShare resources.\n", "properties": { "allowExternalPrincipals": { "type": "boolean", "description": "Indicates whether principals outside your organization can be associated with a resource share.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n" }, "name": { "type": "string", "description": "The name of the resource share.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource share.\n" } }, "type": "object" } }, "aws:ram/resourceShareAccepter:ResourceShareAccepter": { "description": "Manage accepting a Resource Access Manager (RAM) Resource Share invitation. From a _receiver_ AWS account, accept an invitation to share resources that were shared by a _sender_ AWS account. To create a resource share in the _sender_, see the `aws.ram.ResourceShare` resource.\n\n\u003e **Note:** If both AWS accounts are in the same Organization and [RAM Sharing with AWS Organizations is enabled](https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html#getting-started-sharing-orgs), this resource is not necessary as RAM Resource Share invitations are not used.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThis configuration provides an example of using multiple AWS providers to configure two different AWS accounts. In the _sender_ account, the configuration creates a `aws.ram.ResourceShare` and uses a data source in the _receiver_ account to create a `aws.ram.PrincipalAssociation` resource with the _receiver's_ account ID. In the _receiver_ account, the configuration accepts the invitation to share resources with the `aws.ram.ResourceShareAccepter`.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst alternate = new aws.Provider(\"alternate\", {\n profile: \"profile1\",\n});\nconst senderShare = new aws.ram.ResourceShare(\"sender_share\", {\n allowExternalPrincipals: true,\n tags: {\n Name: \"tf-test-resource-share\",\n },\n}, { provider: alternate });\nconst receiver = pulumi.output(aws.getCallerIdentity({ async: true }));\nconst senderInvite = new aws.ram.PrincipalAssociation(\"sender_invite\", {\n principal: receiver.accountId,\n resourceShareArn: senderShare.arn,\n}, { provider: alternate });\nconst receiverAccept = new aws.ram.ResourceShareAccepter(\"receiver_accept\", {\n shareArn: senderInvite.resourceShareArn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\nalternate = pulumi.providers.Aws(\"alternate\", profile=\"profile1\")\nsender_share = aws.ram.ResourceShare(\"senderShare\",\n allow_external_principals=True,\n tags={\n \"Name\": \"tf-test-resource-share\",\n })\nreceiver = aws.get_caller_identity()\nsender_invite = aws.ram.PrincipalAssociation(\"senderInvite\",\n principal=receiver.account_id,\n resource_share_arn=sender_share.arn)\nreceiver_accept = aws.ram.ResourceShareAccepter(\"receiverAccept\", share_arn=sender_invite.resource_share_arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var alternate = new Aws.Provider(\"alternate\", new Aws.ProviderArgs\n {\n Profile = \"profile1\",\n });\n var senderShare = new Aws.Ram.ResourceShare(\"senderShare\", new Aws.Ram.ResourceShareArgs\n {\n AllowExternalPrincipals = true,\n Tags = \n {\n { \"Name\", \"tf-test-resource-share\" },\n },\n });\n var receiver = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n var senderInvite = new Aws.Ram.PrincipalAssociation(\"senderInvite\", new Aws.Ram.PrincipalAssociationArgs\n {\n Principal = receiver.Apply(receiver =\u003e receiver.AccountId),\n ResourceShareArn = senderShare.Arn,\n });\n var receiverAccept = new Aws.Ram.ResourceShareAccepter(\"receiverAccept\", new Aws.Ram.ResourceShareAccepterArgs\n {\n ShareArn = senderInvite.ResourceShareArn,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "invitationArn": { "type": "string", "description": "The ARN of the resource share invitation.\n" }, "receiverAccountId": { "type": "string", "description": "The account ID of the receiver account which accepts the invitation.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of the resource ARNs shared via the resource share.\n" }, "senderAccountId": { "type": "string", "description": "The account ID of the sender account which submits the invitation.\n" }, "shareArn": { "type": "string", "description": "The ARN of the resource share.\n" }, "shareId": { "type": "string", "description": "The ID of the resource share as displayed in the console.\n" }, "shareName": { "type": "string", "description": "The name of the resource share.\n" }, "status": { "type": "string", "description": "The status of the resource share (ACTIVE, PENDING, FAILED, DELETING, DELETED).\n" } }, "required": [ "invitationArn", "receiverAccountId", "resources", "senderAccountId", "shareArn", "shareId", "shareName", "status" ], "inputProperties": { "shareArn": { "type": "string", "description": "The ARN of the resource share.\n" } }, "requiredInputs": [ "shareArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceShareAccepter resources.\n", "properties": { "invitationArn": { "type": "string", "description": "The ARN of the resource share invitation.\n" }, "receiverAccountId": { "type": "string", "description": "The account ID of the receiver account which accepts the invitation.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of the resource ARNs shared via the resource share.\n" }, "senderAccountId": { "type": "string", "description": "The account ID of the sender account which submits the invitation.\n" }, "shareArn": { "type": "string", "description": "The ARN of the resource share.\n" }, "shareId": { "type": "string", "description": "The ID of the resource share as displayed in the console.\n" }, "shareName": { "type": "string", "description": "The name of the resource share.\n" }, "status": { "type": "string", "description": "The status of the resource share (ACTIVE, PENDING, FAILED, DELETING, DELETED).\n" } }, "type": "object" } }, "aws:rds/cluster:Cluster": { "description": "Manages a [RDS Aurora Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Aurora.html). To manage cluster instances that inherit configuration from the cluster (when not running the cluster in `serverless` engine mode), see the `aws.rds.ClusterInstance` resource. To manage non-Aurora databases (e.g. MySQL, PostgreSQL, SQL Server, etc.), see the `aws.rds.Instance` resource.\n\nFor information on the difference between the available Aurora MySQL engines\nsee [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html)\nin the Amazon RDS User Guide.\n\nChanges to an RDS Cluster can occur when you manually change a\nparameter, such as `port`, and are reflected in the next maintenance\nwindow. Because of this, this provider may report a difference in its planning\nphase because a modification has not yet taken place. You can use the\n`apply_immediately` flag to instruct the service to apply the change immediately\n(see documentation below).\n\n\u003e **Note:** using `apply_immediately` can result in a\nbrief downtime as the server reboots. See the AWS Docs on [RDS Maintenance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html)\nfor more information.\n\n\u003e **Note:** All arguments including the username and password will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Aurora MySQL 2.x (MySQL 5.7)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.rds.Cluster(\"default\", {\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n backupRetentionPeriod: 5,\n clusterIdentifier: \"aurora-cluster-demo\",\n databaseName: \"mydb\",\n engine: \"aurora-mysql\",\n engineVersion: \"5.7.mysql_aurora.2.03.2\",\n masterPassword: \"bar\",\n masterUsername: \"foo\",\n preferredBackupWindow: \"07:00-09:00\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n backup_retention_period=5,\n cluster_identifier=\"aurora-cluster-demo\",\n database_name=\"mydb\",\n engine=\"aurora-mysql\",\n engine_version=\"5.7.mysql_aurora.2.03.2\",\n master_password=\"bar\",\n master_username=\"foo\",\n preferred_backup_window=\"07:00-09:00\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Rds.Cluster(\"default\", new Aws.Rds.ClusterArgs\n {\n AvailabilityZones = \n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n BackupRetentionPeriod = 5,\n ClusterIdentifier = \"aurora-cluster-demo\",\n DatabaseName = \"mydb\",\n Engine = \"aurora-mysql\",\n EngineVersion = \"5.7.mysql_aurora.2.03.2\",\n MasterPassword = \"bar\",\n MasterUsername = \"foo\",\n PreferredBackupWindow = \"07:00-09:00\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewCluster(ctx, \"default\", \u0026rds.ClusterArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tEngine: pulumi.String(\"aurora-mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.7.mysql_aurora.2.03.2\"),\n\t\t\tMasterPassword: pulumi.String(\"bar\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Aurora MySQL 1.x (MySQL 5.6)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.rds.Cluster(\"default\", {\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n backupRetentionPeriod: 5,\n clusterIdentifier: \"aurora-cluster-demo\",\n databaseName: \"mydb\",\n masterPassword: \"bar\",\n masterUsername: \"foo\",\n preferredBackupWindow: \"07:00-09:00\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n backup_retention_period=5,\n cluster_identifier=\"aurora-cluster-demo\",\n database_name=\"mydb\",\n master_password=\"bar\",\n master_username=\"foo\",\n preferred_backup_window=\"07:00-09:00\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Rds.Cluster(\"default\", new Aws.Rds.ClusterArgs\n {\n AvailabilityZones = \n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n BackupRetentionPeriod = 5,\n ClusterIdentifier = \"aurora-cluster-demo\",\n DatabaseName = \"mydb\",\n MasterPassword = \"bar\",\n MasterUsername = \"foo\",\n PreferredBackupWindow = \"07:00-09:00\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewCluster(ctx, \"default\", \u0026rds.ClusterArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterPassword: pulumi.String(\"bar\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Aurora with PostgreSQL engine\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst postgresql = new aws.rds.Cluster(\"postgresql\", {\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n backupRetentionPeriod: 5,\n clusterIdentifier: \"aurora-cluster-demo\",\n databaseName: \"mydb\",\n engine: \"aurora-postgresql\",\n masterPassword: \"bar\",\n masterUsername: \"foo\",\n preferredBackupWindow: \"07:00-09:00\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npostgresql = aws.rds.Cluster(\"postgresql\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n backup_retention_period=5,\n cluster_identifier=\"aurora-cluster-demo\",\n database_name=\"mydb\",\n engine=\"aurora-postgresql\",\n master_password=\"bar\",\n master_username=\"foo\",\n preferred_backup_window=\"07:00-09:00\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var postgresql = new Aws.Rds.Cluster(\"postgresql\", new Aws.Rds.ClusterArgs\n {\n AvailabilityZones = \n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n BackupRetentionPeriod = 5,\n ClusterIdentifier = \"aurora-cluster-demo\",\n DatabaseName = \"mydb\",\n Engine = \"aurora-postgresql\",\n MasterPassword = \"bar\",\n MasterUsername = \"foo\",\n PreferredBackupWindow = \"07:00-09:00\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewCluster(ctx, \"postgresql\", \u0026rds.ClusterArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tEngine: pulumi.String(\"aurora-postgresql\"),\n\t\t\tMasterPassword: pulumi.String(\"bar\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Aurora Multi-Master Cluster\n\n\u003e More information about Aurora Multi-Master Clusters can be found in the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html).\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Cluster(\"example\", {\n clusterIdentifier: \"example\",\n dbSubnetGroupName: aws_db_subnet_group_example.name,\n engineMode: \"multimaster\",\n masterPassword: \"barbarbarbar\",\n masterUsername: \"foo\",\n skipFinalSnapshot: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Cluster(\"example\",\n cluster_identifier=\"example\",\n db_subnet_group_name=aws_db_subnet_group[\"example\"][\"name\"],\n engine_mode=\"multimaster\",\n master_password=\"barbarbarbar\",\n master_username=\"foo\",\n skip_final_snapshot=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Rds.Cluster(\"example\", new Aws.Rds.ClusterArgs\n {\n ClusterIdentifier = \"example\",\n DbSubnetGroupName = aws_db_subnet_group.Example.Name,\n EngineMode = \"multimaster\",\n MasterPassword = \"barbarbarbar\",\n MasterUsername = \"foo\",\n SkipFinalSnapshot = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewCluster(ctx, \"example\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tDbSubnetGroupName: pulumi.String(aws_db_subnet_group.Example.Name),\n\t\t\tEngineMode: pulumi.String(\"multimaster\"),\n\t\t\tMasterPassword: pulumi.String(\"barbarbarbar\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon RDS Documentation for more information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created. RDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next provider update. It is recommended to specify 3 AZs or use [the `ignoreChanges` argument](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) if necessary.\n" }, "backtrackWindow": { "type": "integer", "description": "The target backtrack window, in seconds. Only available for `aurora` engine currently. To disable backtracking, set this value to `0`. Defaults to `0`. Must be between `0` and `259200` (72 hours)\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of RDS Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "The RDS Cluster Resource ID\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Cluster `tags` to snapshots. Default is `false`.\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation. There are different naming restrictions per database engine: [RDS Naming Constraints](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` specified on every `aws.rds.ClusterInstance` in the cluster.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "enableHttpEndpoint": { "type": "boolean", "description": "Enable HTTP endpoint (data API). Only valid when `engine_mode` is set to `serverless`.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql` (PostgreSQL).\n" }, "endpoint": { "type": "string", "description": "The DNS address of the RDS instance\n" }, "engine": { "type": "string", "$ref": "#/types/aws:rds/engineType:EngineType", "description": "The name of the database engine to be used for this DB cluster. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql`\n" }, "engineMode": { "type": "string", "$ref": "#/types/aws:rds/engineMode:EngineMode", "description": "The database engine mode. Valid values: `global`, `multimaster`, `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/aurora-serverless.html) for limitations when using `serverless`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version. Updating this argument results in an outage. See the [Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) and [Aurora Postgres](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.html) documentation for your configured engine to determine this value. For example with Aurora MySQL 2, a potential value for this argument is `5.7.mysql_aurora.2.03.2`.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier specified on `aws.rds.GlobalCluster`.\n" }, "hostedZoneId": { "type": "string", "description": "The Route53 Hosted Zone ID of the endpoint\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) for availability and limitations.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A List of ARNs for the IAM roles to associate to the RDS Cluster.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the [RDS Naming Constraints](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user. Please refer to the [RDS Naming Constraints](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). This argument does not support in-place updates and cannot be changed during a restore from snapshot.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g. wed:04:00-wed:04:30\n" }, "readerEndpoint": { "type": "string", "description": "A read-only endpoint for the Aurora cluster, automatically\nload-balanced across replicas\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica.\n" }, "s3Import": { "$ref": "#/types/aws:rds/ClusterS3Import:ClusterS3Import" }, "scalingConfiguration": { "$ref": "#/types/aws:rds/ClusterScalingConfiguration:ClusterScalingConfiguration", "description": "Nested attribute with scaling properties. Only valid when `engine_mode` is set to `serverless`. More details below.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot.\n" }, "sourceRegion": { "type": "string", "description": "The source region for an encrypted replica DB cluster.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` for `provisioned` `engine_mode` and `true` for `serverless` `engine_mode`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "required": [ "applyImmediately", "arn", "availabilityZones", "clusterIdentifier", "clusterIdentifierPrefix", "clusterMembers", "clusterResourceId", "databaseName", "dbClusterParameterGroupName", "dbSubnetGroupName", "endpoint", "engineVersion", "hostedZoneId", "kmsKeyId", "masterUsername", "port", "preferredBackupWindow", "preferredMaintenanceWindow", "readerEndpoint", "vpcSecurityGroupIds" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon RDS Documentation for more information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created. RDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next provider update. It is recommended to specify 3 AZs or use [the `ignoreChanges` argument](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) if necessary.\n" }, "backtrackWindow": { "type": "integer", "description": "The target backtrack window, in seconds. Only available for `aurora` engine currently. To disable backtracking, set this value to `0`. Defaults to `0`. Must be between `0` and `259200` (72 hours)\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of RDS Instances that are a part of this cluster\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Cluster `tags` to snapshots. Default is `false`.\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation. There are different naming restrictions per database engine: [RDS Naming Constraints](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` specified on every `aws.rds.ClusterInstance` in the cluster.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "enableHttpEndpoint": { "type": "boolean", "description": "Enable HTTP endpoint (data API). Only valid when `engine_mode` is set to `serverless`.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql` (PostgreSQL).\n" }, "engine": { "type": "string", "$ref": "#/types/aws:rds/engineType:EngineType", "description": "The name of the database engine to be used for this DB cluster. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql`\n" }, "engineMode": { "type": "string", "$ref": "#/types/aws:rds/engineMode:EngineMode", "description": "The database engine mode. Valid values: `global`, `multimaster`, `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/aurora-serverless.html) for limitations when using `serverless`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version. Updating this argument results in an outage. See the [Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) and [Aurora Postgres](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.html) documentation for your configured engine to determine this value. For example with Aurora MySQL 2, a potential value for this argument is `5.7.mysql_aurora.2.03.2`.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier specified on `aws.rds.GlobalCluster`.\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) for availability and limitations.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A List of ARNs for the IAM roles to associate to the RDS Cluster.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the [RDS Naming Constraints](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user. Please refer to the [RDS Naming Constraints](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). This argument does not support in-place updates and cannot be changed during a restore from snapshot.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g. wed:04:00-wed:04:30\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica.\n" }, "s3Import": { "$ref": "#/types/aws:rds/ClusterS3Import:ClusterS3Import" }, "scalingConfiguration": { "$ref": "#/types/aws:rds/ClusterScalingConfiguration:ClusterScalingConfiguration", "description": "Nested attribute with scaling properties. Only valid when `engine_mode` is set to `serverless`. More details below.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot.\n" }, "sourceRegion": { "type": "string", "description": "The source region for an encrypted replica DB cluster.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` for `provisioned` `engine_mode` and `true` for `serverless` `engine_mode`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon RDS Documentation for more information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created. RDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next provider update. It is recommended to specify 3 AZs or use [the `ignoreChanges` argument](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) if necessary.\n" }, "backtrackWindow": { "type": "integer", "description": "The target backtrack window, in seconds. Only available for `aurora` engine currently. To disable backtracking, set this value to `0`. Defaults to `0`. Must be between `0` and `259200` (72 hours)\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of RDS Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "The RDS Cluster Resource ID\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Cluster `tags` to snapshots. Default is `false`.\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation. There are different naming restrictions per database engine: [RDS Naming Constraints](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` specified on every `aws.rds.ClusterInstance` in the cluster.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "enableHttpEndpoint": { "type": "boolean", "description": "Enable HTTP endpoint (data API). Only valid when `engine_mode` is set to `serverless`.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql` (PostgreSQL).\n" }, "endpoint": { "type": "string", "description": "The DNS address of the RDS instance\n" }, "engine": { "type": "string", "$ref": "#/types/aws:rds/engineType:EngineType", "description": "The name of the database engine to be used for this DB cluster. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql`\n" }, "engineMode": { "type": "string", "$ref": "#/types/aws:rds/engineMode:EngineMode", "description": "The database engine mode. Valid values: `global`, `multimaster`, `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/aurora-serverless.html) for limitations when using `serverless`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version. Updating this argument results in an outage. See the [Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) and [Aurora Postgres](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.html) documentation for your configured engine to determine this value. For example with Aurora MySQL 2, a potential value for this argument is `5.7.mysql_aurora.2.03.2`.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier specified on `aws.rds.GlobalCluster`.\n" }, "hostedZoneId": { "type": "string", "description": "The Route53 Hosted Zone ID of the endpoint\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) for availability and limitations.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A List of ARNs for the IAM roles to associate to the RDS Cluster.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the [RDS Naming Constraints](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user. Please refer to the [RDS Naming Constraints](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). This argument does not support in-place updates and cannot be changed during a restore from snapshot.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g. wed:04:00-wed:04:30\n" }, "readerEndpoint": { "type": "string", "description": "A read-only endpoint for the Aurora cluster, automatically\nload-balanced across replicas\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica.\n" }, "s3Import": { "$ref": "#/types/aws:rds/ClusterS3Import:ClusterS3Import" }, "scalingConfiguration": { "$ref": "#/types/aws:rds/ClusterScalingConfiguration:ClusterScalingConfiguration", "description": "Nested attribute with scaling properties. Only valid when `engine_mode` is set to `serverless`. More details below.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot.\n" }, "sourceRegion": { "type": "string", "description": "The source region for an encrypted replica DB cluster.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` for `provisioned` `engine_mode` and `true` for `serverless` `engine_mode`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "type": "object" } }, "aws:rds/clusterEndpoint:ClusterEndpoint": { "description": "Manages an RDS Aurora Cluster Endpoint.\nYou can refer to the [User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.Endpoints.html#Aurora.Endpoints.Cluster).\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.rds.Cluster(\"default\", {\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n backupRetentionPeriod: 5,\n clusterIdentifier: \"aurora-cluster-demo\",\n databaseName: \"mydb\",\n masterPassword: \"bar\",\n masterUsername: \"foo\",\n preferredBackupWindow: \"07:00-09:00\",\n});\nconst test1 = new aws.rds.ClusterInstance(\"test1\", {\n applyImmediately: true,\n clusterIdentifier: defaultCluster.id,\n identifier: \"test1\",\n instanceClass: \"db.t2.small\",\n});\nconst test2 = new aws.rds.ClusterInstance(\"test2\", {\n applyImmediately: true,\n clusterIdentifier: defaultCluster.id,\n identifier: \"test2\",\n instanceClass: \"db.t2.small\",\n});\nconst test3 = new aws.rds.ClusterInstance(\"test3\", {\n applyImmediately: true,\n clusterIdentifier: defaultCluster.id,\n identifier: \"test3\",\n instanceClass: \"db.t2.small\",\n});\nconst eligible = new aws.rds.ClusterEndpoint(\"eligible\", {\n clusterEndpointIdentifier: \"reader\",\n clusterIdentifier: defaultCluster.id,\n customEndpointType: \"READER\",\n excludedMembers: [\n test1.id,\n test2.id,\n ],\n});\nconst static = new aws.rds.ClusterEndpoint(\"static\", {\n clusterEndpointIdentifier: \"static\",\n clusterIdentifier: defaultCluster.id,\n customEndpointType: \"READER\",\n staticMembers: [\n test1.id,\n test3.id,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n backup_retention_period=5,\n cluster_identifier=\"aurora-cluster-demo\",\n database_name=\"mydb\",\n master_password=\"bar\",\n master_username=\"foo\",\n preferred_backup_window=\"07:00-09:00\")\ntest1 = aws.rds.ClusterInstance(\"test1\",\n apply_immediately=True,\n cluster_identifier=default.id,\n identifier=\"test1\",\n instance_class=\"db.t2.small\")\ntest2 = aws.rds.ClusterInstance(\"test2\",\n apply_immediately=True,\n cluster_identifier=default.id,\n identifier=\"test2\",\n instance_class=\"db.t2.small\")\ntest3 = aws.rds.ClusterInstance(\"test3\",\n apply_immediately=True,\n cluster_identifier=default.id,\n identifier=\"test3\",\n instance_class=\"db.t2.small\")\neligible = aws.rds.ClusterEndpoint(\"eligible\",\n cluster_endpoint_identifier=\"reader\",\n cluster_identifier=default.id,\n custom_endpoint_type=\"READER\",\n excluded_members=[\n test1.id,\n test2.id,\n ])\nstatic = aws.rds.ClusterEndpoint(\"static\",\n cluster_endpoint_identifier=\"static\",\n cluster_identifier=default.id,\n custom_endpoint_type=\"READER\",\n static_members=[\n test1.id,\n test3.id,\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Rds.Cluster(\"default\", new Aws.Rds.ClusterArgs\n {\n AvailabilityZones = \n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n BackupRetentionPeriod = 5,\n ClusterIdentifier = \"aurora-cluster-demo\",\n DatabaseName = \"mydb\",\n MasterPassword = \"bar\",\n MasterUsername = \"foo\",\n PreferredBackupWindow = \"07:00-09:00\",\n });\n var test1 = new Aws.Rds.ClusterInstance(\"test1\", new Aws.Rds.ClusterInstanceArgs\n {\n ApplyImmediately = true,\n ClusterIdentifier = @default.Id,\n Identifier = \"test1\",\n InstanceClass = \"db.t2.small\",\n });\n var test2 = new Aws.Rds.ClusterInstance(\"test2\", new Aws.Rds.ClusterInstanceArgs\n {\n ApplyImmediately = true,\n ClusterIdentifier = @default.Id,\n Identifier = \"test2\",\n InstanceClass = \"db.t2.small\",\n });\n var test3 = new Aws.Rds.ClusterInstance(\"test3\", new Aws.Rds.ClusterInstanceArgs\n {\n ApplyImmediately = true,\n ClusterIdentifier = @default.Id,\n Identifier = \"test3\",\n InstanceClass = \"db.t2.small\",\n });\n var eligible = new Aws.Rds.ClusterEndpoint(\"eligible\", new Aws.Rds.ClusterEndpointArgs\n {\n ClusterEndpointIdentifier = \"reader\",\n ClusterIdentifier = @default.Id,\n CustomEndpointType = \"READER\",\n ExcludedMembers = \n {\n test1.Id,\n test2.Id,\n },\n });\n var @static = new Aws.Rds.ClusterEndpoint(\"static\", new Aws.Rds.ClusterEndpointArgs\n {\n ClusterEndpointIdentifier = \"static\",\n ClusterIdentifier = @default.Id,\n CustomEndpointType = \"READER\",\n StaticMembers = \n {\n test1.Id,\n test3.Id,\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "clusterEndpointIdentifier": { "type": "string", "description": "The identifier to use for the new endpoint. This parameter is stored as a lowercase string.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n" }, "customEndpointType": { "type": "string", "description": "The type of the endpoint. One of: READER , ANY .\n" }, "endpoint": { "type": "string", "description": "A custom endpoint for the Aurora cluster\n" }, "excludedMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that aren't part of the custom endpoint group. All other eligible instances are reachable through the custom endpoint. Only relevant if the list of static members is empty. Conflicts with `static_members`.\n" }, "staticMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that are part of the custom endpoint group. Conflicts with `excluded_members`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "clusterEndpointIdentifier", "clusterIdentifier", "customEndpointType", "endpoint" ], "inputProperties": { "clusterEndpointIdentifier": { "type": "string", "description": "The identifier to use for the new endpoint. This parameter is stored as a lowercase string.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n" }, "customEndpointType": { "type": "string", "description": "The type of the endpoint. One of: READER , ANY .\n" }, "excludedMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that aren't part of the custom endpoint group. All other eligible instances are reachable through the custom endpoint. Only relevant if the list of static members is empty. Conflicts with `static_members`.\n" }, "staticMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that are part of the custom endpoint group. Conflicts with `excluded_members`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "clusterEndpointIdentifier", "clusterIdentifier", "customEndpointType" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterEndpoint resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "clusterEndpointIdentifier": { "type": "string", "description": "The identifier to use for the new endpoint. This parameter is stored as a lowercase string.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n" }, "customEndpointType": { "type": "string", "description": "The type of the endpoint. One of: READER , ANY .\n" }, "endpoint": { "type": "string", "description": "A custom endpoint for the Aurora cluster\n" }, "excludedMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that aren't part of the custom endpoint group. All other eligible instances are reachable through the custom endpoint. Only relevant if the list of static members is empty. Conflicts with `static_members`.\n" }, "staticMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that are part of the custom endpoint group. Conflicts with `excluded_members`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:rds/clusterInstance:ClusterInstance": { "description": "Provides an RDS Cluster Instance Resource. A Cluster Instance Resource defines\nattributes that are specific to a single instance in a [RDS Cluster](https://www.terraform.io/docs/providers/aws/r/rds_cluster.html),\nspecifically running Amazon Aurora.\n\nUnlike other RDS resources that support replication, with Amazon Aurora you do\nnot designate a primary and subsequent replicas. Instead, you simply add RDS\nInstances and Aurora manages the replication. You can use the [count](https://www.terraform.io/docs/configuration/resources.html#count)\nmeta-parameter to make multiple instances and join them all to the same RDS\nCluster, or you may specify different Cluster Instance resources with various\n`instance_class` sizes.\n\nFor more information on Amazon Aurora, see [Aurora on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Aurora.html) in the Amazon RDS User Guide.\n\n\u003e **NOTE:** Deletion Protection from the RDS service can only be enabled at the cluster level, not for individual cluster instances. You can still add the [`protect` CustomResourceOption](https://www.pulumi.com/docs/intro/concepts/programming-model/#protect) to this resource configuration if you desire protection from accidental deletion.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.rds.Cluster(\"default\", {\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n clusterIdentifier: \"aurora-cluster-demo\",\n databaseName: \"mydb\",\n masterPassword: \"barbut8chars\",\n masterUsername: \"foo\",\n});\nconst clusterInstances: aws.rds.ClusterInstance[] = [];\nfor (let i = 0; i \u003c 2; i++) {\n clusterInstances.push(new aws.rds.ClusterInstance(`cluster_instances-${i}`, {\n clusterIdentifier: defaultCluster.id,\n identifier: `aurora-cluster-demo-${i}`,\n instanceClass: \"db.r4.large\",\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n cluster_identifier=\"aurora-cluster-demo\",\n database_name=\"mydb\",\n master_password=\"barbut8chars\",\n master_username=\"foo\")\ncluster_instances = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n cluster_instances.append(aws.rds.ClusterInstance(f\"clusterInstances-{range['value']}\",\n cluster_identifier=default.id,\n identifier=f\"aurora-cluster-demo-{range['value']}\",\n instance_class=\"db.r4.large\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Rds.Cluster(\"default\", new Aws.Rds.ClusterArgs\n {\n AvailabilityZones = \n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n ClusterIdentifier = \"aurora-cluster-demo\",\n DatabaseName = \"mydb\",\n MasterPassword = \"barbut8chars\",\n MasterUsername = \"foo\",\n });\n var clusterInstances = new List\u003cAws.Rds.ClusterInstance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n clusterInstances.Add(new Aws.Rds.ClusterInstance($\"clusterInstances-{range.Value}\", new Aws.Rds.ClusterInstanceArgs\n {\n ClusterIdentifier = @default.Id,\n Identifier = $\"aurora-cluster-demo-{range.Value}\",\n InstanceClass = \"db.r4.large\",\n }));\n }\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) about the details.\n" }, "caCertIdentifier": { "type": "string", "description": "The identifier of the CA certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.rds.Cluster` in which to launch this instance.\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance. Default `false`.\n" }, "dbParameterGroupName": { "type": "string", "description": "The name of the DB parameter group to associate with this instance.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` of the attached `aws.rds.Cluster`.\n" }, "dbiResourceId": { "type": "string", "description": "The region-unique, immutable identifier for the DB instance.\n" }, "endpoint": { "type": "string", "description": "The DNS address for this instance. May not be writable\n" }, "engine": { "type": "string", "$ref": "#/types/aws:rds/engineType:EngineType", "description": "The name of the database engine to be used for the RDS instance. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql`.\nFor information on the difference between the available Aurora MySQL engines\nsee [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html)\nin the Amazon RDS User Guide.\n" }, "engineVersion": { "type": "string", "description": "The database engine version.\n" }, "identifier": { "type": "string", "description": "The indentifier for the RDS instance, if omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "description": "The instance class to use. For details on CPU\nand memory, see [Scaling Aurora DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Aurora.Managing.html). Aurora uses `db.*` instance classes/types. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) for currently available instance classes and complete details.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key if one is set to the cluster.\n" }, "monitoringInterval": { "type": "integer", "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "The ARN for the IAM role that permits RDS to send\nenhanced monitoring metrics to CloudWatch Logs. You can find more information on the [AWS Documentation](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)\nwhat IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights is enabled or not.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true.\n" }, "port": { "type": "integer", "description": "The database port\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled.\nEg: \"04:00-09:00\"\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoted to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible.\nDefault `false`. See the documentation on [Creating DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) for more\ndetails on controlling this property.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance.\n" }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "required": [ "applyImmediately", "arn", "availabilityZone", "caCertIdentifier", "clusterIdentifier", "dbParameterGroupName", "dbSubnetGroupName", "dbiResourceId", "endpoint", "engineVersion", "identifier", "identifierPrefix", "instanceClass", "kmsKeyId", "monitoringRoleArn", "performanceInsightsEnabled", "performanceInsightsKmsKeyId", "port", "preferredBackupWindow", "preferredMaintenanceWindow", "storageEncrypted", "writer" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) about the details.\n" }, "caCertIdentifier": { "type": "string", "description": "The identifier of the CA certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.rds.Cluster` in which to launch this instance.\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance. Default `false`.\n" }, "dbParameterGroupName": { "type": "string", "description": "The name of the DB parameter group to associate with this instance.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` of the attached `aws.rds.Cluster`.\n" }, "engine": { "type": "string", "$ref": "#/types/aws:rds/engineType:EngineType", "description": "The name of the database engine to be used for the RDS instance. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql`.\nFor information on the difference between the available Aurora MySQL engines\nsee [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html)\nin the Amazon RDS User Guide.\n" }, "engineVersion": { "type": "string", "description": "The database engine version.\n" }, "identifier": { "type": "string", "description": "The indentifier for the RDS instance, if omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/instanceType:InstanceType" } ], "description": "The instance class to use. For details on CPU\nand memory, see [Scaling Aurora DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Aurora.Managing.html). Aurora uses `db.*` instance classes/types. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) for currently available instance classes and complete details.\n" }, "monitoringInterval": { "type": "integer", "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "The ARN for the IAM role that permits RDS to send\nenhanced monitoring metrics to CloudWatch Logs. You can find more information on the [AWS Documentation](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)\nwhat IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights is enabled or not.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true.\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled.\nEg: \"04:00-09:00\"\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoted to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible.\nDefault `false`. See the documentation on [Creating DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) for more\ndetails on controlling this property.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance.\n" } }, "requiredInputs": [ "clusterIdentifier", "instanceClass" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterInstance resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) about the details.\n" }, "caCertIdentifier": { "type": "string", "description": "The identifier of the CA certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.rds.Cluster` in which to launch this instance.\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance. Default `false`.\n" }, "dbParameterGroupName": { "type": "string", "description": "The name of the DB parameter group to associate with this instance.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` of the attached `aws.rds.Cluster`.\n" }, "dbiResourceId": { "type": "string", "description": "The region-unique, immutable identifier for the DB instance.\n" }, "endpoint": { "type": "string", "description": "The DNS address for this instance. May not be writable\n" }, "engine": { "type": "string", "$ref": "#/types/aws:rds/engineType:EngineType", "description": "The name of the database engine to be used for the RDS instance. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql`.\nFor information on the difference between the available Aurora MySQL engines\nsee [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html)\nin the Amazon RDS User Guide.\n" }, "engineVersion": { "type": "string", "description": "The database engine version.\n" }, "identifier": { "type": "string", "description": "The indentifier for the RDS instance, if omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/instanceType:InstanceType" } ], "description": "The instance class to use. For details on CPU\nand memory, see [Scaling Aurora DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Aurora.Managing.html). Aurora uses `db.*` instance classes/types. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) for currently available instance classes and complete details.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key if one is set to the cluster.\n" }, "monitoringInterval": { "type": "integer", "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "The ARN for the IAM role that permits RDS to send\nenhanced monitoring metrics to CloudWatch Logs. You can find more information on the [AWS Documentation](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)\nwhat IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights is enabled or not.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true.\n" }, "port": { "type": "integer", "description": "The database port\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled.\nEg: \"04:00-09:00\"\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoted to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible.\nDefault `false`. See the documentation on [Creating DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) for more\ndetails on controlling this property.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance.\n" }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "type": "object" } }, "aws:rds/clusterParameterGroup:ClusterParameterGroup": { "description": "Provides an RDS DB cluster parameter group resource. Documentation of the available parameters for various Aurora engines can be found at:\n\n* [Aurora MySQL Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Reference.html)\n* [Aurora PostgreSQL Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraPostgreSQL.Reference.html)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultClusterParameterGroup = new aws.rds.ClusterParameterGroup(\"default\", {\n description: \"RDS default cluster parameter group\",\n family: \"aurora5.6\",\n parameters: [\n {\n name: \"character_set_server\",\n value: \"utf8\",\n },\n {\n name: \"character_set_client\",\n value: \"utf8\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.ClusterParameterGroup(\"default\",\n description=\"RDS default cluster parameter group\",\n family=\"aurora5.6\",\n parameters=[\n {\n \"name\": \"character_set_server\",\n \"value\": \"utf8\",\n },\n {\n \"name\": \"character_set_client\",\n \"value\": \"utf8\",\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Rds.ClusterParameterGroup(\"default\", new Aws.Rds.ClusterParameterGroupArgs\n {\n Description = \"RDS default cluster parameter group\",\n Family = \"aurora5.6\",\n Parameters = \n {\n new Aws.Rds.Inputs.ClusterParameterGroupParameterArgs\n {\n Name = \"character_set_server\",\n Value = \"utf8\",\n },\n new Aws.Rds.Inputs.ClusterParameterGroupParameterArgs\n {\n Name = \"character_set_client\",\n Value = \"utf8\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewClusterParameterGroup(ctx, \"default\", \u0026rds.ClusterParameterGroupArgs{\n\t\t\tDescription: pulumi.String(\"RDS default cluster parameter group\"),\n\t\t\tFamily: pulumi.String(\"aurora5.6\"),\n\t\t\tParameters: rds.ClusterParameterGroupParameterArray{\n\t\t\t\t\u0026rds.ClusterParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"character_set_server\"),\n\t\t\t\t\tValue: pulumi.String(\"utf8\"),\n\t\t\t\t},\n\t\t\t\t\u0026rds.ClusterParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"character_set_client\"),\n\t\t\t\t\tValue: pulumi.String(\"utf8\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the db cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the DB cluster parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the DB cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the DB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of DB parameters to apply. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-cluster-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-cluster-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "description", "family", "name", "namePrefix" ], "inputProperties": { "description": { "type": "string", "description": "The description of the DB cluster parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the DB cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the DB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of DB parameters to apply. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-cluster-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-cluster-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the db cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the DB cluster parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the DB cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the DB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of DB parameters to apply. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-cluster-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-cluster-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:rds/clusterSnapshot:ClusterSnapshot": { "description": "Manages an RDS database cluster snapshot for Aurora clusters. For managing RDS database instance snapshots, see the `aws.rds.Snapshot` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.ClusterSnapshot(\"example\", {\n dbClusterIdentifier: aws_rds_cluster_example.id,\n dbClusterSnapshotIdentifier: \"resourcetestsnapshot1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.ClusterSnapshot(\"example\",\n db_cluster_identifier=aws_rds_cluster[\"example\"][\"id\"],\n db_cluster_snapshot_identifier=\"resourcetestsnapshot1234\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Rds.ClusterSnapshot(\"example\", new Aws.Rds.ClusterSnapshotArgs\n {\n DbClusterIdentifier = aws_rds_cluster.Example.Id,\n DbClusterSnapshotIdentifier = \"resourcetestsnapshot1234\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewClusterSnapshot(ctx, \"example\", \u0026rds.ClusterSnapshotArgs{\n\t\t\tDbClusterIdentifier: pulumi.String(aws_rds_cluster.Example.Id),\n\t\t\tDbClusterSnapshotIdentifier: pulumi.String(\"resourcetestsnapshot1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DB cluster snapshot.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB cluster.\n" }, "port": { "type": "integer", "description": "Port that the DB cluster was listening on at the time of the snapshot.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster snapshot is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DB cluster snapshot.\n" } }, "required": [ "allocatedStorage", "availabilityZones", "dbClusterIdentifier", "dbClusterSnapshotArn", "dbClusterSnapshotIdentifier", "engine", "engineVersion", "kmsKeyId", "licenseModel", "port", "snapshotType", "sourceDbClusterSnapshotArn", "status", "storageEncrypted", "vpcId" ], "inputProperties": { "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster.\n" } }, "requiredInputs": [ "dbClusterIdentifier", "dbClusterSnapshotIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterSnapshot resources.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DB cluster snapshot.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB cluster.\n" }, "port": { "type": "integer", "description": "Port that the DB cluster was listening on at the time of the snapshot.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster snapshot is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DB cluster snapshot.\n" } }, "type": "object" } }, "aws:rds/eventSubscription:EventSubscription": { "description": "Provides a DB event subscription resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultInstance = new aws.rds.Instance(\"default\", {\n allocatedStorage: 10,\n dbSubnetGroupName: \"my_database_subnet_group\",\n engine: \"mysql\",\n engineVersion: \"5.6.17\",\n instanceClass: \"db.t2.micro\",\n name: \"mydb\",\n parameterGroupName: \"default.mysql5.6\",\n password: \"bar\",\n username: \"foo\",\n});\nconst defaultTopic = new aws.sns.Topic(\"default\", {});\nconst defaultEventSubscription = new aws.rds.EventSubscription(\"default\", {\n eventCategories: [\n \"availability\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"low storage\",\n \"maintenance\",\n \"notification\",\n \"read replica\",\n \"recovery\",\n \"restoration\",\n ],\n snsTopic: defaultTopic.arn,\n sourceIds: [defaultInstance.id],\n sourceType: \"db-instance\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_instance = aws.rds.Instance(\"defaultInstance\",\n allocated_storage=10,\n db_subnet_group_name=\"my_database_subnet_group\",\n engine=\"mysql\",\n engine_version=\"5.6.17\",\n instance_class=\"db.t2.micro\",\n name=\"mydb\",\n parameter_group_name=\"default.mysql5.6\",\n password=\"bar\",\n username=\"foo\")\ndefault_topic = aws.sns.Topic(\"defaultTopic\")\ndefault_event_subscription = aws.rds.EventSubscription(\"defaultEventSubscription\",\n event_categories=[\n \"availability\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"low storage\",\n \"maintenance\",\n \"notification\",\n \"read replica\",\n \"recovery\",\n \"restoration\",\n ],\n sns_topic=default_topic.arn,\n source_ids=[default_instance.id],\n source_type=\"db-instance\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var defaultInstance = new Aws.Rds.Instance(\"defaultInstance\", new Aws.Rds.InstanceArgs\n {\n AllocatedStorage = 10,\n DbSubnetGroupName = \"my_database_subnet_group\",\n Engine = \"mysql\",\n EngineVersion = \"5.6.17\",\n InstanceClass = \"db.t2.micro\",\n Name = \"mydb\",\n ParameterGroupName = \"default.mysql5.6\",\n Password = \"bar\",\n Username = \"foo\",\n });\n var defaultTopic = new Aws.Sns.Topic(\"defaultTopic\", new Aws.Sns.TopicArgs\n {\n });\n var defaultEventSubscription = new Aws.Rds.EventSubscription(\"defaultEventSubscription\", new Aws.Rds.EventSubscriptionArgs\n {\n EventCategories = \n {\n \"availability\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"low storage\",\n \"maintenance\",\n \"notification\",\n \"read replica\",\n \"recovery\",\n \"restoration\",\n },\n SnsTopic = defaultTopic.Arn,\n SourceIds = \n {\n defaultInstance.Id,\n },\n SourceType = \"db-instance\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultInstance, err := rds.NewInstance(ctx, \"defaultInstance\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tDbSubnetGroupName: pulumi.String(\"my_database_subnet_group\"),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.6.17\"),\n\t\t\tInstanceClass: pulumi.String(\"db.t2.micro\"),\n\t\t\tName: pulumi.String(\"mydb\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.6\"),\n\t\t\tPassword: pulumi.String(\"bar\"),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultTopic, err := sns.NewTopic(ctx, \"defaultTopic\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewEventSubscription(ctx, \"defaultEventSubscription\", \u0026rds.EventSubscriptionArgs{\n\t\t\tEventCategories: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"availability\"),\n\t\t\t\tpulumi.String(\"deletion\"),\n\t\t\t\tpulumi.String(\"failover\"),\n\t\t\t\tpulumi.String(\"failure\"),\n\t\t\t\tpulumi.String(\"low storage\"),\n\t\t\t\tpulumi.String(\"maintenance\"),\n\t\t\t\tpulumi.String(\"notification\"),\n\t\t\t\tpulumi.String(\"read replica\"),\n\t\t\t\tpulumi.String(\"recovery\"),\n\t\t\t\tpulumi.String(\"restoration\"),\n\t\t\t},\n\t\t\tSnsTopic: defaultTopic.Arn,\n\t\t\tSourceIds: pulumi.StringArray{\n\t\t\t\tdefaultInstance.ID(),\n\t\t\t},\n\t\t\tSourceType: pulumi.String(\"db-instance\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Attributes\n\nThe following additional atttributes are provided:\n\n* `id` - The name of the RDS event notification subscription\n* `arn` - The Amazon Resource Name of the RDS event notification subscription\n* `customer_aws_id` - The AWS customer account associated with the RDS event notification subscription\n", "properties": { "arn": { "type": "string" }, "customerAwsId": { "type": "string" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.html or run `aws rds describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the DB event subscription. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name of the DB event subscription. Conflicts with `name`.\n" }, "snsTopic": { "type": "string", "description": "The SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster` or `db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "customerAwsId", "name", "snsTopic" ], "inputProperties": { "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.html or run `aws rds describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the DB event subscription. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name of the DB event subscription. Conflicts with `name`.\n" }, "snsTopic": { "type": "string", "description": "The SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster` or `db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "snsTopic" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSubscription resources.\n", "properties": { "arn": { "type": "string" }, "customerAwsId": { "type": "string" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.html or run `aws rds describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the DB event subscription. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name of the DB event subscription. Conflicts with `name`.\n" }, "snsTopic": { "type": "string", "description": "The SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster` or `db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:rds/globalCluster:GlobalCluster": { "description": "Manages an RDS Global Cluster, which is an Aurora global database spread across multiple regions. The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem.\n\nMore information about Aurora global databases can be found in the [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database-creating).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.Provider(\"primary\", {\n region: \"us-east-2\",\n});\nconst secondary = new aws.Provider(\"secondary\", {\n region: \"us-west-2\",\n});\nconst example = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"example\",\n}, { provider: primary });\nconst primaryCluster = new aws.rds.Cluster(\"primary\", {\n // ... other configuration ...\n engineMode: \"global\",\n globalClusterIdentifier: example.id,\n}, { provider: primary });\nconst primaryClusterInstance = new aws.rds.ClusterInstance(\"primary\", {\n // ... other configuration ...\n clusterIdentifier: primaryCluster.id,\n}, { provider: primary });\nconst secondaryCluster = new aws.rds.Cluster(\"secondary\", {\n // ... other configuration ...\n engineMode: \"global\",\n globalClusterIdentifier: example.id,\n}, { provider: secondary, dependsOn: [primaryClusterInstance] });\nconst secondaryClusterInstance = new aws.rds.ClusterInstance(\"secondary\", {\n // ... other configuration ...\n clusterIdentifier: secondaryCluster.id,\n}, { provider: secondary });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\nprimary = pulumi.providers.Aws(\"primary\", region=\"us-east-2\")\nsecondary = pulumi.providers.Aws(\"secondary\", region=\"us-west-2\")\nexample = aws.rds.GlobalCluster(\"example\", global_cluster_identifier=\"example\")\nprimary_cluster = aws.rds.Cluster(\"primaryCluster\",\n engine_mode=\"global\",\n global_cluster_identifier=example.id)\nprimary_cluster_instance = aws.rds.ClusterInstance(\"primaryClusterInstance\", cluster_identifier=primary_cluster.id)\nsecondary_cluster = aws.rds.Cluster(\"secondaryCluster\",\n engine_mode=\"global\",\n global_cluster_identifier=example.id)\nsecondary_cluster_instance = aws.rds.ClusterInstance(\"secondaryClusterInstance\", cluster_identifier=secondary_cluster.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var primary = new Aws.Provider(\"primary\", new Aws.ProviderArgs\n {\n Region = \"us-east-2\",\n });\n var secondary = new Aws.Provider(\"secondary\", new Aws.ProviderArgs\n {\n Region = \"us-west-2\",\n });\n var example = new Aws.Rds.GlobalCluster(\"example\", new Aws.Rds.GlobalClusterArgs\n {\n GlobalClusterIdentifier = \"example\",\n });\n var primaryCluster = new Aws.Rds.Cluster(\"primaryCluster\", new Aws.Rds.ClusterArgs\n {\n EngineMode = \"global\",\n GlobalClusterIdentifier = example.Id,\n });\n var primaryClusterInstance = new Aws.Rds.ClusterInstance(\"primaryClusterInstance\", new Aws.Rds.ClusterInstanceArgs\n {\n ClusterIdentifier = primaryCluster.Id,\n });\n var secondaryCluster = new Aws.Rds.Cluster(\"secondaryCluster\", new Aws.Rds.ClusterArgs\n {\n EngineMode = \"global\",\n GlobalClusterIdentifier = example.Id,\n });\n var secondaryClusterInstance = new Aws.Rds.ClusterInstance(\"secondaryClusterInstance\", new Aws.Rds.ClusterInstanceArgs\n {\n ClusterIdentifier = secondaryCluster.Id,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "RDS Global Cluster Amazon Resource Name (ARN)\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation.\n" }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. Valid values: `aurora`, `aurora-mysql`, `aurora-postgresql`. Defaults to `aurora`.\n" }, "engineVersion": { "type": "string", "description": "Engine version of the Aurora global database.\n* **NOTE:** When the engine is set to `aurora-mysql`, an engine version compatible with global database is required. The earliest available version is `5.7.mysql_aurora.2.06.0`.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier.\n" }, "globalClusterResourceId": { "type": "string", "description": "AWS Region-unique, immutable identifier for the global database cluster. This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB cluster is accessed\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false`.\n" } }, "required": [ "arn", "engineVersion", "globalClusterIdentifier", "globalClusterResourceId" ], "inputProperties": { "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation.\n" }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. Valid values: `aurora`, `aurora-mysql`, `aurora-postgresql`. Defaults to `aurora`.\n" }, "engineVersion": { "type": "string", "description": "Engine version of the Aurora global database.\n* **NOTE:** When the engine is set to `aurora-mysql`, an engine version compatible with global database is required. The earliest available version is `5.7.mysql_aurora.2.06.0`.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false`.\n" } }, "requiredInputs": [ "globalClusterIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering GlobalCluster resources.\n", "properties": { "arn": { "type": "string", "description": "RDS Global Cluster Amazon Resource Name (ARN)\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation.\n" }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. Valid values: `aurora`, `aurora-mysql`, `aurora-postgresql`. Defaults to `aurora`.\n" }, "engineVersion": { "type": "string", "description": "Engine version of the Aurora global database.\n* **NOTE:** When the engine is set to `aurora-mysql`, an engine version compatible with global database is required. The earliest available version is `5.7.mysql_aurora.2.06.0`.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier.\n" }, "globalClusterResourceId": { "type": "string", "description": "AWS Region-unique, immutable identifier for the global database cluster. This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB cluster is accessed\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false`.\n" } }, "type": "object" } }, "aws:rds/instance:Instance": { "description": "Provides an RDS instance resource. A DB instance is an isolated database\nenvironment in the cloud. A DB instance can contain multiple user-created\ndatabases.\n\nChanges to a DB instance can occur when you manually change a parameter, such as\n`allocated_storage`, and are reflected in the next maintenance window. Because\nof this, this provider may report a difference in its planning phase because a\nmodification has not yet taken place. You can use the `apply_immediately` flag\nto instruct the service to apply the change immediately (see documentation\nbelow).\n\nWhen upgrading the major version of an engine, `allow_major_version_upgrade`\nmust be set to `true`.\n\n\u003e **Note:** using `apply_immediately` can result in a brief downtime as the\nserver reboots. See the AWS Docs on [RDS Maintenance][2] for more information.\n\n\u003e **Note:** All arguments including the username and password will be stored in\nthe raw state as plain-text.\n\n## RDS Instance Class Types\n\nAmazon RDS supports three types of instance classes: Standard, Memory Optimized,\nand Burstable Performance. For more information please read the AWS RDS documentation\nabout [DB Instance Class Types](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultInstance = new aws.rds.Instance(\"default\", {\n allocatedStorage: 20,\n engine: \"mysql\",\n engineVersion: \"5.7\",\n instanceClass: \"db.t2.micro\",\n name: \"mydb\",\n parameterGroupName: \"default.mysql5.7\",\n password: \"foobarbaz\",\n storageType: \"gp2\",\n username: \"foo\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Instance(\"default\",\n allocated_storage=20,\n engine=\"mysql\",\n engine_version=\"5.7\",\n instance_class=\"db.t2.micro\",\n name=\"mydb\",\n parameter_group_name=\"default.mysql5.7\",\n password=\"foobarbaz\",\n storage_type=\"gp2\",\n username=\"foo\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Rds.Instance(\"default\", new Aws.Rds.InstanceArgs\n {\n AllocatedStorage = 20,\n Engine = \"mysql\",\n EngineVersion = \"5.7\",\n InstanceClass = \"db.t2.micro\",\n Name = \"mydb\",\n ParameterGroupName = \"default.mysql5.7\",\n Password = \"foobarbaz\",\n StorageType = \"gp2\",\n Username = \"foo\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewInstance(ctx, \"default\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(20),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.7\"),\n\t\t\tInstanceClass: pulumi.String(\"db.t2.micro\"),\n\t\t\tName: pulumi.String(\"mydb\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.7\"),\n\t\t\tPassword: pulumi.String(\"foobarbaz\"),\n\t\t\tStorageType: pulumi.String(\"gp2\"),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Storage Autoscaling\n\nTo enable Storage Autoscaling with instances that support the feature, define the `max_allocated_storage` argument higher than the `allocated_storage` argument. This provider will automatically hide differences with the `allocated_storage` argument value if autoscaling occurs.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Instance(\"example\", {\n allocatedStorage: 50,\n maxAllocatedStorage: 100,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Instance(\"example\",\n allocated_storage=50,\n max_allocated_storage=100)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Rds.Instance(\"example\", new Aws.Rds.InstanceArgs\n {\n AllocatedStorage = 50,\n MaxAllocatedStorage = 100,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewInstance(ctx, \"example\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(50),\n\t\t\tMaxAllocatedStorage: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "address": { "type": "string", "description": "The hostname of the RDS instance. See also `endpoint` and `port`.\n" }, "allocatedStorage": { "type": "integer", "description": "The allocated storage in gibibytes. If `max_allocated_storage` is configured, this argument represents the initial storage allocation and differences from the configuration will be ignored automatically when Storage Autoscaling occurs.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Indicates that major version\nupgrades are allowed. Changing this parameter does not result in an outage and\nthe change is asynchronously applied as soon as possible.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`. See [Amazon RDS Documentation for more\ninformation.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "arn": { "type": "string", "description": "The ARN of the RDS instance.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades\nwill be applied automatically to the DB instance during the maintenance window.\nDefaults to true.\n" }, "availabilityZone": { "type": "string", "description": "The AZ for the RDS instance.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Must be\nbetween `0` and `35`. Must be greater than `0` if the database is used as a source for a Read Replica. [See Read Replica][1].\n" }, "backupWindow": { "type": "string", "description": "The daily time range (in UTC) during which\nautomated backups are created if they are enabled. Example: \"09:46-10:16\". Must\nnot overlap with `maintenance_window`.\n" }, "caCertIdentifier": { "type": "string", "description": "The identifier of the CA certificate for the DB instance.\n" }, "characterSetName": { "type": "string", "description": "The character set name to use for DB\nencoding in Oracle and Microsoft SQL instances (collation). This can't be changed. See [Oracle Character Sets\nSupported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html)\nor [Server-Level Collation for Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.CommonDBATasks.Collation.html) for more information.\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Instance `tags` to snapshots. Default is `false`.\n" }, "dbSubnetGroupName": { "type": "string", "description": "Name of `DB subnet group`. DB instance will\nbe created in the VPC associated with the DB subnet group. If unspecified, will\nbe created in the `default` VPC, or in EC2 Classic, if available. When working\nwith read replicas, it should be specified only if the source database\nspecifies an instance in another AWS Region. See [DBSubnetGroupName in API\naction CreateDBInstanceReadReplica](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html)\nfor additional read replica contraints.\n" }, "deleteAutomatedBackups": { "type": "boolean", "description": "Specifies whether to remove automated backups immediately after the DB instance is deleted. Default is `true`.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "domain": { "type": "string", "description": "The ID of the Directory Service Active Directory domain to create the instance in.\n" }, "domainIamRoleName": { "type": "string", "description": "The name of the IAM role to be used when making API calls to the Directory Service.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on `engine`). MySQL and MariaDB: `audit`, `error`, `general`, `slowquery`. PostgreSQL: `postgresql`, `upgrade`. MSSQL: `agent` , `error`. Oracle: `alert`, `audit`, `listener`, `trace`.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint in `address:port` format.\n" }, "engine": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) The database engine to use. For supported values, see the Engine parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).\nNote that for Amazon Aurora instances the engine must match the `DB cluster`'s engine'.\nFor information on the difference between the available Aurora MySQL engines\nsee [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html)\nin the Amazon RDS User Guide.\n" }, "engineVersion": { "type": "string", "description": "The engine version to use. If `auto_minor_version_upgrade`\nis enabled, you can provide a prefix of the version such as `5.7` (for `5.7.10`) and\nthis attribute will ignore differences in the patch version automatically (e.g. `5.7.17`).\nFor supported values, see the EngineVersion parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).\nNote that for Amazon Aurora instances the engine version must match the `DB cluster`'s engine version'.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB instance is deleted. Must be provided if `skip_final_snapshot` is\nset to `false`.\n" }, "hostedZoneId": { "type": "string", "description": "The canonical hosted zone ID of the DB instance (to be used\nin a Route 53 Alias record).\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or\nmappings of AWS Identity and Access Management (IAM) accounts to database\naccounts is enabled.\n" }, "identifier": { "type": "string", "description": "The name of the RDS instance,\nif omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique\nidentifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "description": "The instance type of the RDS instance.\n" }, "iops": { "type": "integer", "description": "The amount of provisioned IOPS. Setting this implies a\nstorage_type of \"io1\".\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. If creating an\nencrypted replica, set this to the destination KMS ARN.\n" }, "licenseModel": { "type": "string", "description": "(Optional, but required for some DB engines, i.e. Oracle\nSE1) License model information for this DB instance.\n" }, "maintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\". See [RDS\nMaintenance Window\ndocs](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow)\nfor more information.\n" }, "maxAllocatedStorage": { "type": "integer", "description": "When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance. Configuring this will automatically ignore differences to `allocated_storage`. Must be greater than or equal to `allocated_storage` or `0` to disable Storage Autoscaling.\n" }, "monitoringInterval": { "type": "integer", "description": "The interval, in seconds, between points\nwhen Enhanced Monitoring metrics are collected for the DB instance. To disable\ncollecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid\nValues: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "The ARN for the IAM role that permits RDS\nto send enhanced monitoring metrics to CloudWatch Logs. You can find more\ninformation on the [AWS\nDocumentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)\nwhat IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the RDS instance is multi-AZ\n" }, "name": { "type": "string", "description": "The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance. Note that this does not apply for Oracle or SQL Server engines. See the [AWS documentation](http://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) for more details on what applies for those engines.\n" }, "optionGroupName": { "type": "string", "description": "Name of the DB option group to associate.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the DB parameter group to\nassociate.\n" }, "password": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) Password for the master DB user. Note that this may show up in\nlogs, and it will be stored in the state file.\n" }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights are enabled. Defaults to false.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true. Once KMS key is set, it can never be changed.\n" }, "performanceInsightsRetentionPeriod": { "type": "integer", "description": "The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). When specifying `performance_insights_retention_period`, `performance_insights_enabled` needs to be set to true. Defaults to '7'.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly\naccessible. Default is `false`.\n" }, "replicas": { "type": "array", "items": { "type": "string" } }, "replicateSourceDb": { "type": "string", "description": "Specifies that this resource is a Replicate\ndatabase, and to use this value as the source database. This correlates to the\n`identifier` of another Amazon RDS Database to replicate (if replicating within\na single region) or ARN of the Amazon RDS Database to replicate (if replicating\ncross-region). Note that if you are\ncreating a cross-region replica of an encrypted database you will also need to\nspecify a `kms_key_id`. See [DB Instance Replication][1] and [Working with\nPostgreSQL and MySQL Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html)\nfor more information on using Replication.\n" }, "resourceId": { "type": "string", "description": "The RDS Resource ID of this instance.\n" }, "s3Import": { "$ref": "#/types/aws:rds/InstanceS3Import:InstanceS3Import", "description": "Restore from a Percona Xtrabackup in S3. See [Importing Data into an Amazon RDS MySQL DB Instance](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/MySQL.Procedural.Importing.html)\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "List of DB Security Groups to\nassociate. Only used for [DB Instances on the _EC2-Classic_\nPlatform](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html#USER_VPC.FindDefaultVPC).\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is\ncreated before the DB instance is deleted. If true is specified, no DBSnapshot\nis created. If false is specified, a DB snapshot is created before the DB\ninstance is deleted, using the value from `final_snapshot_identifier`. Default\nis `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this\ndatabase from a snapshot. This correlates to the snapshot ID you'd find in the\nRDS console, e.g: rds:production-2015-06-26-06-05.\n" }, "status": { "type": "string", "description": "The RDS instance status.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB instance is\nencrypted. Note that if you are creating a cross-region read replica this field\nis ignored and you should instead declare `kms_key_id` with a valid ARN. The\ndefault is `false` if not specified.\n" }, "storageType": { "type": "string", "description": "One of \"standard\" (magnetic), \"gp2\" (general\npurpose SSD), or \"io1\" (provisioned IOPS SSD). The default is \"io1\" if `iops` is\nspecified, \"gp2\" if not.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "timezone": { "type": "string", "description": "Time zone of the DB instance. `timezone` is currently\nonly supported by Microsoft SQL Server. The `timezone` can only be set on\ncreation. See [MSSQL User\nGuide](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone)\nfor more information.\n" }, "username": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) Username for the master DB user.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to\nassociate.\n" } }, "required": [ "address", "allocatedStorage", "applyImmediately", "arn", "availabilityZone", "backupRetentionPeriod", "backupWindow", "caCertIdentifier", "characterSetName", "dbSubnetGroupName", "endpoint", "engine", "engineVersion", "hostedZoneId", "identifier", "identifierPrefix", "instanceClass", "kmsKeyId", "licenseModel", "maintenanceWindow", "monitoringRoleArn", "multiAz", "name", "optionGroupName", "parameterGroupName", "performanceInsightsKmsKeyId", "performanceInsightsRetentionPeriod", "port", "replicas", "resourceId", "status", "storageType", "timezone", "username", "vpcSecurityGroupIds" ], "inputProperties": { "allocatedStorage": { "type": "integer", "description": "The allocated storage in gibibytes. If `max_allocated_storage` is configured, this argument represents the initial storage allocation and differences from the configuration will be ignored automatically when Storage Autoscaling occurs.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Indicates that major version\nupgrades are allowed. Changing this parameter does not result in an outage and\nthe change is asynchronously applied as soon as possible.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`. See [Amazon RDS Documentation for more\ninformation.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades\nwill be applied automatically to the DB instance during the maintenance window.\nDefaults to true.\n" }, "availabilityZone": { "type": "string", "description": "The AZ for the RDS instance.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Must be\nbetween `0` and `35`. Must be greater than `0` if the database is used as a source for a Read Replica. [See Read Replica][1].\n" }, "backupWindow": { "type": "string", "description": "The daily time range (in UTC) during which\nautomated backups are created if they are enabled. Example: \"09:46-10:16\". Must\nnot overlap with `maintenance_window`.\n" }, "caCertIdentifier": { "type": "string", "description": "The identifier of the CA certificate for the DB instance.\n" }, "characterSetName": { "type": "string", "description": "The character set name to use for DB\nencoding in Oracle and Microsoft SQL instances (collation). This can't be changed. See [Oracle Character Sets\nSupported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html)\nor [Server-Level Collation for Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.CommonDBATasks.Collation.html) for more information.\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Instance `tags` to snapshots. Default is `false`.\n" }, "dbSubnetGroupName": { "type": "string", "description": "Name of `DB subnet group`. DB instance will\nbe created in the VPC associated with the DB subnet group. If unspecified, will\nbe created in the `default` VPC, or in EC2 Classic, if available. When working\nwith read replicas, it should be specified only if the source database\nspecifies an instance in another AWS Region. See [DBSubnetGroupName in API\naction CreateDBInstanceReadReplica](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html)\nfor additional read replica contraints.\n" }, "deleteAutomatedBackups": { "type": "boolean", "description": "Specifies whether to remove automated backups immediately after the DB instance is deleted. Default is `true`.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "domain": { "type": "string", "description": "The ID of the Directory Service Active Directory domain to create the instance in.\n" }, "domainIamRoleName": { "type": "string", "description": "The name of the IAM role to be used when making API calls to the Directory Service.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on `engine`). MySQL and MariaDB: `audit`, `error`, `general`, `slowquery`. PostgreSQL: `postgresql`, `upgrade`. MSSQL: `agent` , `error`. Oracle: `alert`, `audit`, `listener`, `trace`.\n" }, "engine": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) The database engine to use. For supported values, see the Engine parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).\nNote that for Amazon Aurora instances the engine must match the `DB cluster`'s engine'.\nFor information on the difference between the available Aurora MySQL engines\nsee [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html)\nin the Amazon RDS User Guide.\n" }, "engineVersion": { "type": "string", "description": "The engine version to use. If `auto_minor_version_upgrade`\nis enabled, you can provide a prefix of the version such as `5.7` (for `5.7.10`) and\nthis attribute will ignore differences in the patch version automatically (e.g. `5.7.17`).\nFor supported values, see the EngineVersion parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).\nNote that for Amazon Aurora instances the engine version must match the `DB cluster`'s engine version'.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB instance is deleted. Must be provided if `skip_final_snapshot` is\nset to `false`.\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or\nmappings of AWS Identity and Access Management (IAM) accounts to database\naccounts is enabled.\n" }, "identifier": { "type": "string", "description": "The name of the RDS instance,\nif omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique\nidentifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/instanceType:InstanceType" } ], "description": "The instance type of the RDS instance.\n" }, "iops": { "type": "integer", "description": "The amount of provisioned IOPS. Setting this implies a\nstorage_type of \"io1\".\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. If creating an\nencrypted replica, set this to the destination KMS ARN.\n" }, "licenseModel": { "type": "string", "description": "(Optional, but required for some DB engines, i.e. Oracle\nSE1) License model information for this DB instance.\n" }, "maintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\". See [RDS\nMaintenance Window\ndocs](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow)\nfor more information.\n" }, "maxAllocatedStorage": { "type": "integer", "description": "When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance. Configuring this will automatically ignore differences to `allocated_storage`. Must be greater than or equal to `allocated_storage` or `0` to disable Storage Autoscaling.\n" }, "monitoringInterval": { "type": "integer", "description": "The interval, in seconds, between points\nwhen Enhanced Monitoring metrics are collected for the DB instance. To disable\ncollecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid\nValues: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "The ARN for the IAM role that permits RDS\nto send enhanced monitoring metrics to CloudWatch Logs. You can find more\ninformation on the [AWS\nDocumentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)\nwhat IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the RDS instance is multi-AZ\n" }, "name": { "type": "string", "description": "The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance. Note that this does not apply for Oracle or SQL Server engines. See the [AWS documentation](http://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) for more details on what applies for those engines.\n" }, "optionGroupName": { "type": "string", "description": "Name of the DB option group to associate.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the DB parameter group to\nassociate.\n" }, "password": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) Password for the master DB user. Note that this may show up in\nlogs, and it will be stored in the state file.\n" }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights are enabled. Defaults to false.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true. Once KMS key is set, it can never be changed.\n" }, "performanceInsightsRetentionPeriod": { "type": "integer", "description": "The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). When specifying `performance_insights_retention_period`, `performance_insights_enabled` needs to be set to true. Defaults to '7'.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly\naccessible. Default is `false`.\n" }, "replicateSourceDb": { "type": "string", "description": "Specifies that this resource is a Replicate\ndatabase, and to use this value as the source database. This correlates to the\n`identifier` of another Amazon RDS Database to replicate (if replicating within\na single region) or ARN of the Amazon RDS Database to replicate (if replicating\ncross-region). Note that if you are\ncreating a cross-region replica of an encrypted database you will also need to\nspecify a `kms_key_id`. See [DB Instance Replication][1] and [Working with\nPostgreSQL and MySQL Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html)\nfor more information on using Replication.\n" }, "s3Import": { "$ref": "#/types/aws:rds/InstanceS3Import:InstanceS3Import", "description": "Restore from a Percona Xtrabackup in S3. See [Importing Data into an Amazon RDS MySQL DB Instance](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/MySQL.Procedural.Importing.html)\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "List of DB Security Groups to\nassociate. Only used for [DB Instances on the _EC2-Classic_\nPlatform](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html#USER_VPC.FindDefaultVPC).\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is\ncreated before the DB instance is deleted. If true is specified, no DBSnapshot\nis created. If false is specified, a DB snapshot is created before the DB\ninstance is deleted, using the value from `final_snapshot_identifier`. Default\nis `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this\ndatabase from a snapshot. This correlates to the snapshot ID you'd find in the\nRDS console, e.g: rds:production-2015-06-26-06-05.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB instance is\nencrypted. Note that if you are creating a cross-region read replica this field\nis ignored and you should instead declare `kms_key_id` with a valid ARN. The\ndefault is `false` if not specified.\n" }, "storageType": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/storageType:StorageType" } ], "description": "One of \"standard\" (magnetic), \"gp2\" (general\npurpose SSD), or \"io1\" (provisioned IOPS SSD). The default is \"io1\" if `iops` is\nspecified, \"gp2\" if not.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "timezone": { "type": "string", "description": "Time zone of the DB instance. `timezone` is currently\nonly supported by Microsoft SQL Server. The `timezone` can only be set on\ncreation. See [MSSQL User\nGuide](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone)\nfor more information.\n" }, "username": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) Username for the master DB user.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to\nassociate.\n" } }, "requiredInputs": [ "instanceClass" ], "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "address": { "type": "string", "description": "The hostname of the RDS instance. See also `endpoint` and `port`.\n" }, "allocatedStorage": { "type": "integer", "description": "The allocated storage in gibibytes. If `max_allocated_storage` is configured, this argument represents the initial storage allocation and differences from the configuration will be ignored automatically when Storage Autoscaling occurs.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Indicates that major version\nupgrades are allowed. Changing this parameter does not result in an outage and\nthe change is asynchronously applied as soon as possible.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`. See [Amazon RDS Documentation for more\ninformation.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "arn": { "type": "string", "description": "The ARN of the RDS instance.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades\nwill be applied automatically to the DB instance during the maintenance window.\nDefaults to true.\n" }, "availabilityZone": { "type": "string", "description": "The AZ for the RDS instance.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Must be\nbetween `0` and `35`. Must be greater than `0` if the database is used as a source for a Read Replica. [See Read Replica][1].\n" }, "backupWindow": { "type": "string", "description": "The daily time range (in UTC) during which\nautomated backups are created if they are enabled. Example: \"09:46-10:16\". Must\nnot overlap with `maintenance_window`.\n" }, "caCertIdentifier": { "type": "string", "description": "The identifier of the CA certificate for the DB instance.\n" }, "characterSetName": { "type": "string", "description": "The character set name to use for DB\nencoding in Oracle and Microsoft SQL instances (collation). This can't be changed. See [Oracle Character Sets\nSupported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html)\nor [Server-Level Collation for Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.CommonDBATasks.Collation.html) for more information.\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Instance `tags` to snapshots. Default is `false`.\n" }, "dbSubnetGroupName": { "type": "string", "description": "Name of `DB subnet group`. DB instance will\nbe created in the VPC associated with the DB subnet group. If unspecified, will\nbe created in the `default` VPC, or in EC2 Classic, if available. When working\nwith read replicas, it should be specified only if the source database\nspecifies an instance in another AWS Region. See [DBSubnetGroupName in API\naction CreateDBInstanceReadReplica](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html)\nfor additional read replica contraints.\n" }, "deleteAutomatedBackups": { "type": "boolean", "description": "Specifies whether to remove automated backups immediately after the DB instance is deleted. Default is `true`.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "domain": { "type": "string", "description": "The ID of the Directory Service Active Directory domain to create the instance in.\n" }, "domainIamRoleName": { "type": "string", "description": "The name of the IAM role to be used when making API calls to the Directory Service.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on `engine`). MySQL and MariaDB: `audit`, `error`, `general`, `slowquery`. PostgreSQL: `postgresql`, `upgrade`. MSSQL: `agent` , `error`. Oracle: `alert`, `audit`, `listener`, `trace`.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint in `address:port` format.\n" }, "engine": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) The database engine to use. For supported values, see the Engine parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).\nNote that for Amazon Aurora instances the engine must match the `DB cluster`'s engine'.\nFor information on the difference between the available Aurora MySQL engines\nsee [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html)\nin the Amazon RDS User Guide.\n" }, "engineVersion": { "type": "string", "description": "The engine version to use. If `auto_minor_version_upgrade`\nis enabled, you can provide a prefix of the version such as `5.7` (for `5.7.10`) and\nthis attribute will ignore differences in the patch version automatically (e.g. `5.7.17`).\nFor supported values, see the EngineVersion parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).\nNote that for Amazon Aurora instances the engine version must match the `DB cluster`'s engine version'.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB instance is deleted. Must be provided if `skip_final_snapshot` is\nset to `false`.\n" }, "hostedZoneId": { "type": "string", "description": "The canonical hosted zone ID of the DB instance (to be used\nin a Route 53 Alias record).\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or\nmappings of AWS Identity and Access Management (IAM) accounts to database\naccounts is enabled.\n" }, "identifier": { "type": "string", "description": "The name of the RDS instance,\nif omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique\nidentifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/instanceType:InstanceType" } ], "description": "The instance type of the RDS instance.\n" }, "iops": { "type": "integer", "description": "The amount of provisioned IOPS. Setting this implies a\nstorage_type of \"io1\".\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. If creating an\nencrypted replica, set this to the destination KMS ARN.\n" }, "licenseModel": { "type": "string", "description": "(Optional, but required for some DB engines, i.e. Oracle\nSE1) License model information for this DB instance.\n" }, "maintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\". See [RDS\nMaintenance Window\ndocs](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow)\nfor more information.\n" }, "maxAllocatedStorage": { "type": "integer", "description": "When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance. Configuring this will automatically ignore differences to `allocated_storage`. Must be greater than or equal to `allocated_storage` or `0` to disable Storage Autoscaling.\n" }, "monitoringInterval": { "type": "integer", "description": "The interval, in seconds, between points\nwhen Enhanced Monitoring metrics are collected for the DB instance. To disable\ncollecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid\nValues: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "The ARN for the IAM role that permits RDS\nto send enhanced monitoring metrics to CloudWatch Logs. You can find more\ninformation on the [AWS\nDocumentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)\nwhat IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the RDS instance is multi-AZ\n" }, "name": { "type": "string", "description": "The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance. Note that this does not apply for Oracle or SQL Server engines. See the [AWS documentation](http://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) for more details on what applies for those engines.\n" }, "optionGroupName": { "type": "string", "description": "Name of the DB option group to associate.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the DB parameter group to\nassociate.\n" }, "password": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) Password for the master DB user. Note that this may show up in\nlogs, and it will be stored in the state file.\n" }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights are enabled. Defaults to false.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true. Once KMS key is set, it can never be changed.\n" }, "performanceInsightsRetentionPeriod": { "type": "integer", "description": "The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). When specifying `performance_insights_retention_period`, `performance_insights_enabled` needs to be set to true. Defaults to '7'.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly\naccessible. Default is `false`.\n" }, "replicas": { "type": "array", "items": { "type": "string" } }, "replicateSourceDb": { "type": "string", "description": "Specifies that this resource is a Replicate\ndatabase, and to use this value as the source database. This correlates to the\n`identifier` of another Amazon RDS Database to replicate (if replicating within\na single region) or ARN of the Amazon RDS Database to replicate (if replicating\ncross-region). Note that if you are\ncreating a cross-region replica of an encrypted database you will also need to\nspecify a `kms_key_id`. See [DB Instance Replication][1] and [Working with\nPostgreSQL and MySQL Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html)\nfor more information on using Replication.\n" }, "resourceId": { "type": "string", "description": "The RDS Resource ID of this instance.\n" }, "s3Import": { "$ref": "#/types/aws:rds/InstanceS3Import:InstanceS3Import", "description": "Restore from a Percona Xtrabackup in S3. See [Importing Data into an Amazon RDS MySQL DB Instance](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/MySQL.Procedural.Importing.html)\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "List of DB Security Groups to\nassociate. Only used for [DB Instances on the _EC2-Classic_\nPlatform](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html#USER_VPC.FindDefaultVPC).\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is\ncreated before the DB instance is deleted. If true is specified, no DBSnapshot\nis created. If false is specified, a DB snapshot is created before the DB\ninstance is deleted, using the value from `final_snapshot_identifier`. Default\nis `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this\ndatabase from a snapshot. This correlates to the snapshot ID you'd find in the\nRDS console, e.g: rds:production-2015-06-26-06-05.\n" }, "status": { "type": "string", "description": "The RDS instance status.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB instance is\nencrypted. Note that if you are creating a cross-region read replica this field\nis ignored and you should instead declare `kms_key_id` with a valid ARN. The\ndefault is `false` if not specified.\n" }, "storageType": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/storageType:StorageType" } ], "description": "One of \"standard\" (magnetic), \"gp2\" (general\npurpose SSD), or \"io1\" (provisioned IOPS SSD). The default is \"io1\" if `iops` is\nspecified, \"gp2\" if not.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "timezone": { "type": "string", "description": "Time zone of the DB instance. `timezone` is currently\nonly supported by Microsoft SQL Server. The `timezone` can only be set on\ncreation. See [MSSQL User\nGuide](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone)\nfor more information.\n" }, "username": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) Username for the master DB user.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to\nassociate.\n" } }, "type": "object" } }, "aws:rds/optionGroup:OptionGroup": { "description": "Provides an RDS DB option group resource. Documentation of the available options for various RDS engines can be found at:\n\n* [MariaDB Options](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.MariaDB.Options.html)\n* [Microsoft SQL Server Options](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.Options.html)\n* [MySQL Options](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.MySQL.Options.html)\n* [Oracle Options](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.html)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.OptionGroup(\"example\", {\n engineName: \"sqlserver-ee\",\n majorEngineVersion: \"11.00\",\n options: [\n {\n optionName: \"Timezone\",\n optionSettings: [{\n name: \"TIME_ZONE\",\n value: \"UTC\",\n }],\n },\n {\n optionName: \"SQLSERVER_BACKUP_RESTORE\",\n optionSettings: [{\n name: \"IAM_ROLE_ARN\",\n value: aws_iam_role_example.arn,\n }],\n },\n {\n optionName: \"TDE\",\n },\n ],\n optionGroupDescription: \"Option Group\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.OptionGroup(\"example\",\n engine_name=\"sqlserver-ee\",\n major_engine_version=\"11.00\",\n options=[\n {\n \"optionName\": \"Timezone\",\n \"optionSettings\": [{\n \"name\": \"TIME_ZONE\",\n \"value\": \"UTC\",\n }],\n },\n {\n \"optionName\": \"SQLSERVER_BACKUP_RESTORE\",\n \"optionSettings\": [{\n \"name\": \"IAM_ROLE_ARN\",\n \"value\": aws_iam_role[\"example\"][\"arn\"],\n }],\n },\n {\n \"optionName\": \"TDE\",\n },\n ],\n option_group_description=\"Option Group\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Rds.OptionGroup(\"example\", new Aws.Rds.OptionGroupArgs\n {\n EngineName = \"sqlserver-ee\",\n MajorEngineVersion = \"11.00\",\n Options = \n {\n new Aws.Rds.Inputs.OptionGroupOptionArgs\n {\n OptionName = \"Timezone\",\n OptionSettings = \n {\n new Aws.Rds.Inputs.OptionGroupOptionOptionSettingArgs\n {\n Name = \"TIME_ZONE\",\n Value = \"UTC\",\n },\n },\n },\n new Aws.Rds.Inputs.OptionGroupOptionArgs\n {\n OptionName = \"SQLSERVER_BACKUP_RESTORE\",\n OptionSettings = \n {\n new Aws.Rds.Inputs.OptionGroupOptionOptionSettingArgs\n {\n Name = \"IAM_ROLE_ARN\",\n Value = aws_iam_role.Example.Arn,\n },\n },\n },\n new Aws.Rds.Inputs.OptionGroupOptionArgs\n {\n OptionName = \"TDE\",\n },\n },\n OptionGroupDescription = \"Option Group\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewOptionGroup(ctx, \"example\", \u0026rds.OptionGroupArgs{\n\t\t\tEngineName: pulumi.String(\"sqlserver-ee\"),\n\t\t\tMajorEngineVersion: pulumi.String(\"11.00\"),\n\t\t\tOptions: rds.OptionGroupOptionArray{\n\t\t\t\t\u0026rds.OptionGroupOptionArgs{\n\t\t\t\t\tOptionName: pulumi.String(\"Timezone\"),\n\t\t\t\t\tOptionSettings: rds.OptionGroupOptionOptionSettingArray{\n\t\t\t\t\t\t\u0026rds.OptionGroupOptionOptionSettingArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"TIME_ZONE\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"UTC\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026rds.OptionGroupOptionArgs{\n\t\t\t\t\tOptionName: pulumi.String(\"SQLSERVER_BACKUP_RESTORE\"),\n\t\t\t\t\tOptionSettings: rds.OptionGroupOptionOptionSettingArray{\n\t\t\t\t\t\t\u0026rds.OptionGroupOptionOptionSettingArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"IAM_ROLE_ARN\"),\n\t\t\t\t\t\t\tValue: pulumi.String(aws_iam_role.Example.Arn),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026rds.OptionGroupOptionArgs{\n\t\t\t\t\tOptionName: pulumi.String(\"TDE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tOptionGroupDescription: pulumi.String(\"Option Group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n\u003e **Note**: Any modifications to the `db_option_group` are set to happen immediately as we default to applying immediately.\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the db option group.\n" }, "engineName": { "type": "string", "description": "Specifies the name of the engine that this option group should be associated with.\n" }, "majorEngineVersion": { "type": "string", "description": "Specifies the major version of the engine that this option group should be associated with.\n" }, "name": { "type": "string", "description": "The Name of the setting.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Must be lowercase, to match as it is stored in AWS.\n" }, "optionGroupDescription": { "type": "string", "description": "The description of the option group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "options": { "type": "array", "items": { "$ref": "#/types/aws:rds/OptionGroupOption:OptionGroupOption" }, "description": "A list of Options to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "engineName", "majorEngineVersion", "name", "namePrefix", "optionGroupDescription" ], "inputProperties": { "engineName": { "type": "string", "description": "Specifies the name of the engine that this option group should be associated with.\n" }, "majorEngineVersion": { "type": "string", "description": "Specifies the major version of the engine that this option group should be associated with.\n" }, "name": { "type": "string", "description": "The Name of the setting.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Must be lowercase, to match as it is stored in AWS.\n" }, "optionGroupDescription": { "type": "string", "description": "The description of the option group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "options": { "type": "array", "items": { "$ref": "#/types/aws:rds/OptionGroupOption:OptionGroupOption" }, "description": "A list of Options to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "engineName", "majorEngineVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering OptionGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the db option group.\n" }, "engineName": { "type": "string", "description": "Specifies the name of the engine that this option group should be associated with.\n" }, "majorEngineVersion": { "type": "string", "description": "Specifies the major version of the engine that this option group should be associated with.\n" }, "name": { "type": "string", "description": "The Name of the setting.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Must be lowercase, to match as it is stored in AWS.\n" }, "optionGroupDescription": { "type": "string", "description": "The description of the option group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "options": { "type": "array", "items": { "$ref": "#/types/aws:rds/OptionGroupOption:OptionGroupOption" }, "description": "A list of Options to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:rds/parameterGroup:ParameterGroup": { "description": "Provides an RDS DB parameter group resource .Documentation of the available parameters for various RDS engines can be found at:\n\n* [Aurora MySQL Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Reference.html)\n* [Aurora PostgreSQL Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraPostgreSQL.Reference.html)\n* [MariaDB Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.MariaDB.Parameters.html)\n* [Oracle Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ModifyInstance.Oracle.html#USER_ModifyInstance.Oracle.sqlnet)\n* [PostgreSQL Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.PostgreSQL.CommonDBATasks.html#Appendix.PostgreSQL.CommonDBATasks.Parameters)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultParameterGroup = new aws.rds.ParameterGroup(\"default\", {\n family: \"mysql5.6\",\n parameters: [\n {\n name: \"character_set_server\",\n value: \"utf8\",\n },\n {\n name: \"character_set_client\",\n value: \"utf8\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.ParameterGroup(\"default\",\n family=\"mysql5.6\",\n parameters=[\n {\n \"name\": \"character_set_server\",\n \"value\": \"utf8\",\n },\n {\n \"name\": \"character_set_client\",\n \"value\": \"utf8\",\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Rds.ParameterGroup(\"default\", new Aws.Rds.ParameterGroupArgs\n {\n Family = \"mysql5.6\",\n Parameters = \n {\n new Aws.Rds.Inputs.ParameterGroupParameterArgs\n {\n Name = \"character_set_server\",\n Value = \"utf8\",\n },\n new Aws.Rds.Inputs.ParameterGroupParameterArgs\n {\n Name = \"character_set_client\",\n Value = \"utf8\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewParameterGroup(ctx, \"default\", \u0026rds.ParameterGroupArgs{\n\t\t\tFamily: pulumi.String(\"mysql5.6\"),\n\t\t\tParameters: rds.ParameterGroupParameterArray{\n\t\t\t\t\u0026rds.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"character_set_server\"),\n\t\t\t\t\tValue: pulumi.String(\"utf8\"),\n\t\t\t\t},\n\t\t\t\t\u0026rds.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"character_set_client\"),\n\t\t\t\t\tValue: pulumi.String(\"utf8\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the db parameter group.\n" }, "description": { "type": "string", "description": "The description of the DB parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the DB parameter group.\n" }, "name": { "type": "string", "description": "The name of the DB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of DB parameters to apply. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "description", "family", "name", "namePrefix" ], "inputProperties": { "description": { "type": "string", "description": "The description of the DB parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the DB parameter group.\n" }, "name": { "type": "string", "description": "The name of the DB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of DB parameters to apply. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the db parameter group.\n" }, "description": { "type": "string", "description": "The description of the DB parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the DB parameter group.\n" }, "name": { "type": "string", "description": "The name of the DB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of DB parameters to apply. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:rds/roleAssociation:RoleAssociation": { "description": "Manages an RDS DB Instance association with an IAM Role. Example use cases:\n\n* [Amazon RDS Oracle integration with Amazon S3](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html)\n* [Importing Amazon S3 Data into an RDS PostgreSQL DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PostgreSQL.S3Import.html)\n\n\u003e To manage the RDS DB Instance IAM Role for [Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html), see the `aws.rds.Instance` resource `monitoring_role_arn` argument instead.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.RoleAssociation(\"example\", {\n dbInstanceIdentifier: aws_db_instance_example.id,\n featureName: \"S3_INTEGRATION\",\n roleArn: aws_iam_role_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.RoleAssociation(\"example\",\n db_instance_identifier=aws_db_instance[\"example\"][\"id\"],\n feature_name=\"S3_INTEGRATION\",\n role_arn=aws_iam_role[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Rds.RoleAssociation(\"example\", new Aws.Rds.RoleAssociationArgs\n {\n DbInstanceIdentifier = aws_db_instance.Example.Id,\n FeatureName = \"S3_INTEGRATION\",\n RoleArn = aws_iam_role.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewRoleAssociation(ctx, \"example\", \u0026rds.RoleAssociationArgs{\n\t\t\tDbInstanceIdentifier: pulumi.String(aws_db_instance.Example.Id),\n\t\t\tFeatureName: pulumi.String(\"S3_INTEGRATION\"),\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "dbInstanceIdentifier": { "type": "string", "description": "DB Instance Identifier to associate with the IAM Role.\n" }, "featureName": { "type": "string", "description": "Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to associate with the DB Instance.\n" } }, "required": [ "dbInstanceIdentifier", "featureName", "roleArn" ], "inputProperties": { "dbInstanceIdentifier": { "type": "string", "description": "DB Instance Identifier to associate with the IAM Role.\n" }, "featureName": { "type": "string", "description": "Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to associate with the DB Instance.\n" } }, "requiredInputs": [ "dbInstanceIdentifier", "featureName", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering RoleAssociation resources.\n", "properties": { "dbInstanceIdentifier": { "type": "string", "description": "DB Instance Identifier to associate with the IAM Role.\n" }, "featureName": { "type": "string", "description": "Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to associate with the DB Instance.\n" } }, "type": "object" } }, "aws:rds/securityGroup:SecurityGroup": { "description": "Provides an RDS security group resource. This is only for DB instances in the\nEC2-Classic Platform. For instances inside a VPC, use the\n`aws_db_instance.vpc_security_group_ids`\nattribute instead.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultSecurityGroup = new aws.rds.SecurityGroup(\"default\", {\n ingress: [{\n cidr: \"10.0.0.0/24\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.SecurityGroup(\"default\", ingress=[{\n \"cidr\": \"10.0.0.0/24\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Rds.SecurityGroup(\"default\", new Aws.Rds.SecurityGroupArgs\n {\n Ingress = \n {\n new Aws.Rds.Inputs.SecurityGroupIngressArgs\n {\n Cidr = \"10.0.0.0/24\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewSecurityGroup(ctx, \"default\", \u0026rds.SecurityGroupArgs{\n\t\t\tIngress: rds.SecurityGroupIngressArray{\n\t\t\t\t\u0026rds.SecurityGroupIngressArgs{\n\t\t\t\t\tCidr: pulumi.String(\"10.0.0.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The arn of the DB security group.\n" }, "description": { "type": "string", "description": "The description of the DB security group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:rds/SecurityGroupIngress:SecurityGroupIngress" }, "description": "A list of ingress rules.\n" }, "name": { "type": "string", "description": "The name of the DB security group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "description", "ingress", "name" ], "inputProperties": { "description": { "type": "string", "description": "The description of the DB security group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:rds/SecurityGroupIngress:SecurityGroupIngress" }, "description": "A list of ingress rules.\n" }, "name": { "type": "string", "description": "The name of the DB security group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "ingress" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The arn of the DB security group.\n" }, "description": { "type": "string", "description": "The description of the DB security group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:rds/SecurityGroupIngress:SecurityGroupIngress" }, "description": "A list of ingress rules.\n" }, "name": { "type": "string", "description": "The name of the DB security group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:rds/snapshot:Snapshot": { "description": "Manages an RDS database instance snapshot. For managing RDS database cluster snapshots, see the `aws.rds.ClusterSnapshot` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.rds.Instance(\"bar\", {\n allocatedStorage: 10,\n backupRetentionPeriod: 0,\n engine: \"MySQL\",\n engineVersion: \"5.6.21\",\n instanceClass: \"db.t2.micro\",\n maintenanceWindow: \"Fri:09:00-Fri:09:30\",\n name: \"baz\",\n parameterGroupName: \"default.mysql5.6\",\n password: \"barbarbarbar\",\n username: \"foo\",\n});\nconst test = new aws.rds.Snapshot(\"test\", {\n dbInstanceIdentifier: bar.id,\n dbSnapshotIdentifier: \"testsnapshot1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.rds.Instance(\"bar\",\n allocated_storage=10,\n backup_retention_period=0,\n engine=\"MySQL\",\n engine_version=\"5.6.21\",\n instance_class=\"db.t2.micro\",\n maintenance_window=\"Fri:09:00-Fri:09:30\",\n name=\"baz\",\n parameter_group_name=\"default.mysql5.6\",\n password=\"barbarbarbar\",\n username=\"foo\")\ntest = aws.rds.Snapshot(\"test\",\n db_instance_identifier=bar.id,\n db_snapshot_identifier=\"testsnapshot1234\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bar = new Aws.Rds.Instance(\"bar\", new Aws.Rds.InstanceArgs\n {\n AllocatedStorage = 10,\n BackupRetentionPeriod = 0,\n Engine = \"MySQL\",\n EngineVersion = \"5.6.21\",\n InstanceClass = \"db.t2.micro\",\n MaintenanceWindow = \"Fri:09:00-Fri:09:30\",\n Name = \"baz\",\n ParameterGroupName = \"default.mysql5.6\",\n Password = \"barbarbarbar\",\n Username = \"foo\",\n });\n var test = new Aws.Rds.Snapshot(\"test\", new Aws.Rds.SnapshotArgs\n {\n DbInstanceIdentifier = bar.Id,\n DbSnapshotIdentifier = \"testsnapshot1234\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbar, err := rds.NewInstance(ctx, \"bar\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tBackupRetentionPeriod: pulumi.Int(0),\n\t\t\tEngine: pulumi.String(\"MySQL\"),\n\t\t\tEngineVersion: pulumi.String(\"5.6.21\"),\n\t\t\tInstanceClass: pulumi.String(\"db.t2.micro\"),\n\t\t\tMaintenanceWindow: pulumi.String(\"Fri:09:00-Fri:09:30\"),\n\t\t\tName: pulumi.String(\"baz\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.6\"),\n\t\t\tPassword: pulumi.String(\"barbarbarbar\"),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewSnapshot(ctx, \"test\", \u0026rds.SnapshotArgs{\n\t\t\tDbInstanceIdentifier: bar.ID(),\n\t\t\tDbSnapshotIdentifier: pulumi.String(\"testsnapshot1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZone": { "type": "string", "description": "Specifies the name of the Availability Zone the DB instance was located in at the time of the DB snapshot.\n" }, "dbInstanceIdentifier": { "type": "string", "description": "The DB Instance Identifier from which to take the snapshot.\n" }, "dbSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB snapshot.\n" }, "dbSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "encrypted": { "type": "boolean", "description": "Specifies whether the DB snapshot is encrypted.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Specifies the version of the database engine.\n" }, "iops": { "type": "integer", "description": "Specifies the Provisioned IOPS (I/O operations per second) value of the DB instance at the time of the snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB instance.\n" }, "optionGroupName": { "type": "string", "description": "Provides the option group name for the DB snapshot.\n" }, "port": { "type": "integer" }, "snapshotType": { "type": "string" }, "sourceDbSnapshotIdentifier": { "type": "string", "description": "The DB snapshot Arn that the DB snapshot was copied from. It only has value in case of cross customer or cross region copy.\n" }, "sourceRegion": { "type": "string", "description": "The region that the DB snapshot was created in or copied from.\n" }, "status": { "type": "string", "description": "Specifies the status of this DB snapshot.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type associated with DB snapshot.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "vpcId": { "type": "string", "description": "Specifies the storage type associated with DB snapshot.\n" } }, "required": [ "allocatedStorage", "availabilityZone", "dbInstanceIdentifier", "dbSnapshotArn", "dbSnapshotIdentifier", "encrypted", "engine", "engineVersion", "iops", "kmsKeyId", "licenseModel", "optionGroupName", "port", "snapshotType", "sourceDbSnapshotIdentifier", "sourceRegion", "status", "storageType", "vpcId" ], "inputProperties": { "dbInstanceIdentifier": { "type": "string", "description": "The DB Instance Identifier from which to take the snapshot.\n" }, "dbSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "dbInstanceIdentifier", "dbSnapshotIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering Snapshot resources.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZone": { "type": "string", "description": "Specifies the name of the Availability Zone the DB instance was located in at the time of the DB snapshot.\n" }, "dbInstanceIdentifier": { "type": "string", "description": "The DB Instance Identifier from which to take the snapshot.\n" }, "dbSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB snapshot.\n" }, "dbSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "encrypted": { "type": "boolean", "description": "Specifies whether the DB snapshot is encrypted.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Specifies the version of the database engine.\n" }, "iops": { "type": "integer", "description": "Specifies the Provisioned IOPS (I/O operations per second) value of the DB instance at the time of the snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB instance.\n" }, "optionGroupName": { "type": "string", "description": "Provides the option group name for the DB snapshot.\n" }, "port": { "type": "integer" }, "snapshotType": { "type": "string" }, "sourceDbSnapshotIdentifier": { "type": "string", "description": "The DB snapshot Arn that the DB snapshot was copied from. It only has value in case of cross customer or cross region copy.\n" }, "sourceRegion": { "type": "string", "description": "The region that the DB snapshot was created in or copied from.\n" }, "status": { "type": "string", "description": "Specifies the status of this DB snapshot.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type associated with DB snapshot.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "vpcId": { "type": "string", "description": "Specifies the storage type associated with DB snapshot.\n" } }, "type": "object" } }, "aws:rds/subnetGroup:SubnetGroup": { "description": "Provides an RDS DB subnet group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultSubnetGroup = new aws.rds.SubnetGroup(\"default\", {\n subnetIds: [\n aws_subnet_frontend.id,\n aws_subnet_backend.id,\n ],\n tags: {\n Name: \"My DB subnet group\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.SubnetGroup(\"default\",\n subnet_ids=[\n aws_subnet[\"frontend\"][\"id\"],\n aws_subnet[\"backend\"][\"id\"],\n ],\n tags={\n \"Name\": \"My DB subnet group\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Rds.SubnetGroup(\"default\", new Aws.Rds.SubnetGroupArgs\n {\n SubnetIds = \n {\n aws_subnet.Frontend.Id,\n aws_subnet.Backend.Id,\n },\n Tags = \n {\n { \"Name\", \"My DB subnet group\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = rds.NewSubnetGroup(ctx, \"default\", \u0026rds.SubnetGroupArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_subnet.Frontend.Id),\n\t\t\t\tpulumi.String(aws_subnet.Backend.Id),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"My DB subnet group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the db subnet group.\n" }, "description": { "type": "string", "description": "The description of the DB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the DB subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "description", "name", "namePrefix", "subnetIds" ], "inputProperties": { "description": { "type": "string", "description": "The description of the DB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the DB subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the db subnet group.\n" }, "description": { "type": "string", "description": "The description of the DB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the DB subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:redshift/cluster:Cluster": { "description": "Provides a Redshift Cluster Resource.\n\n\u003e **Note:** All arguments including the username and password will be stored in the raw state as plain-text.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.redshift.Cluster(\"default\", {\n clusterIdentifier: \"tf-redshift-cluster\",\n clusterType: \"single-node\",\n databaseName: \"mydb\",\n masterPassword: \"Mustbe8characters\",\n masterUsername: \"foo\",\n nodeType: \"dc1.large\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.redshift.Cluster(\"default\",\n cluster_identifier=\"tf-redshift-cluster\",\n cluster_type=\"single-node\",\n database_name=\"mydb\",\n master_password=\"Mustbe8characters\",\n master_username=\"foo\",\n node_type=\"dc1.large\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.RedShift.Cluster(\"default\", new Aws.RedShift.ClusterArgs\n {\n ClusterIdentifier = \"tf-redshift-cluster\",\n ClusterType = \"single-node\",\n DatabaseName = \"mydb\",\n MasterPassword = \"Mustbe8characters\",\n MasterUsername = \"foo\",\n NodeType = \"dc1.large\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = redshift.NewCluster(ctx, \"default\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"tf-redshift-cluster\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterPassword: pulumi.String(\"Mustbe8characters\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowVersionUpgrade": { "type": "boolean", "description": "If true , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster. Default is true\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "automatedSnapshotRetentionPeriod": { "type": "integer", "description": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with create-cluster-snapshot. Default is 1.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n" }, "clusterIdentifier": { "type": "string", "description": "The Cluster Identifier. Must be a lower case\nstring.\n" }, "clusterParameterGroupName": { "type": "string", "description": "The name of the parameter group to be associated with this cluster.\n" }, "clusterPublicKey": { "type": "string", "description": "The public key for the cluster\n" }, "clusterRevisionNumber": { "type": "string", "description": "The specific revision number of the database in the cluster\n" }, "clusterSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security groups to be associated with this cluster.\n" }, "clusterSubnetGroupName": { "type": "string", "description": "The name of a cluster subnet group to be associated with this cluster. If this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).\n" }, "clusterType": { "type": "string", "description": "The cluster type to use. Either `single-node` or `multi-node`.\n" }, "clusterVersion": { "type": "string", "description": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\nThe version selected runs on all the nodes in the cluster.\n" }, "databaseName": { "type": "string", "description": "The name of the first database to be created when the cluster is created.\nIf you do not provide a name, Amazon Redshift will create a default database called `dev`.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the cluster\n" }, "elasticIp": { "type": "string", "description": "The Elastic IP (EIP) address for the cluster.\n" }, "encrypted": { "type": "boolean", "description": "If true , the data in the cluster is encrypted at rest.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint\n" }, "enhancedVpcRouting": { "type": "boolean", "description": "If true , enhanced VPC routing is enabled.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The identifier of the final snapshot that is to be created immediately before deleting the cluster. If this parameter is provided, `skip_final_snapshot` must be false.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Role ARNs to associate with the cluster. A Maximum of 10 can be associated to the cluster at any time.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true.\n" }, "logging": { "$ref": "#/types/aws:redshift/ClusterLogging:ClusterLogging", "description": "Logging, documented below.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user.\nNote that this may show up in logs, and it will be stored in the state file. Password must contain at least 8 chars and\ncontain at least one uppercase letter, one lowercase letter, and one number.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n" }, "nodeType": { "type": "string", "description": "The node type to be provisioned for the cluster.\n" }, "numberOfNodes": { "type": "integer", "description": "The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node. Default is 1.\n" }, "ownerAccount": { "type": "string", "description": "The AWS customer account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.\n" }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections.\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections. Default port is 5439.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\nFormat: ddd:hh24:mi-ddd:hh24:mi\n" }, "publiclyAccessible": { "type": "boolean", "description": "If true, the cluster can be accessed from a public network. Default is `true`.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final snapshot of the cluster is created before Amazon Redshift deletes the cluster. If true , a final cluster snapshot is not created. If false , a final cluster snapshot is created before the cluster is deleted. Default is false.\n" }, "snapshotClusterIdentifier": { "type": "string", "description": "The name of the cluster the source snapshot was created from.\n" }, "snapshotCopy": { "$ref": "#/types/aws:redshift/ClusterSnapshotCopy:ClusterSnapshotCopy", "description": "Configuration of automatic copy of snapshots from one region to another. Documented below.\n" }, "snapshotIdentifier": { "type": "string", "description": "The name of the snapshot from which to create the new cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n" } }, "required": [ "arn", "availabilityZone", "clusterIdentifier", "clusterParameterGroupName", "clusterPublicKey", "clusterRevisionNumber", "clusterSecurityGroups", "clusterSubnetGroupName", "clusterType", "databaseName", "dnsName", "endpoint", "enhancedVpcRouting", "iamRoles", "kmsKeyId", "nodeType", "preferredMaintenanceWindow", "vpcSecurityGroupIds" ], "inputProperties": { "allowVersionUpgrade": { "type": "boolean", "description": "If true , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster. Default is true\n" }, "automatedSnapshotRetentionPeriod": { "type": "integer", "description": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with create-cluster-snapshot. Default is 1.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n" }, "clusterIdentifier": { "type": "string", "description": "The Cluster Identifier. Must be a lower case\nstring.\n" }, "clusterParameterGroupName": { "type": "string", "description": "The name of the parameter group to be associated with this cluster.\n" }, "clusterPublicKey": { "type": "string", "description": "The public key for the cluster\n" }, "clusterRevisionNumber": { "type": "string", "description": "The specific revision number of the database in the cluster\n" }, "clusterSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security groups to be associated with this cluster.\n" }, "clusterSubnetGroupName": { "type": "string", "description": "The name of a cluster subnet group to be associated with this cluster. If this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).\n" }, "clusterType": { "type": "string", "description": "The cluster type to use. Either `single-node` or `multi-node`.\n" }, "clusterVersion": { "type": "string", "description": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\nThe version selected runs on all the nodes in the cluster.\n" }, "databaseName": { "type": "string", "description": "The name of the first database to be created when the cluster is created.\nIf you do not provide a name, Amazon Redshift will create a default database called `dev`.\n" }, "elasticIp": { "type": "string", "description": "The Elastic IP (EIP) address for the cluster.\n" }, "encrypted": { "type": "boolean", "description": "If true , the data in the cluster is encrypted at rest.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint\n" }, "enhancedVpcRouting": { "type": "boolean", "description": "If true , enhanced VPC routing is enabled.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The identifier of the final snapshot that is to be created immediately before deleting the cluster. If this parameter is provided, `skip_final_snapshot` must be false.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Role ARNs to associate with the cluster. A Maximum of 10 can be associated to the cluster at any time.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true.\n" }, "logging": { "$ref": "#/types/aws:redshift/ClusterLogging:ClusterLogging", "description": "Logging, documented below.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user.\nNote that this may show up in logs, and it will be stored in the state file. Password must contain at least 8 chars and\ncontain at least one uppercase letter, one lowercase letter, and one number.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n" }, "nodeType": { "type": "string", "description": "The node type to be provisioned for the cluster.\n" }, "numberOfNodes": { "type": "integer", "description": "The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node. Default is 1.\n" }, "ownerAccount": { "type": "string", "description": "The AWS customer account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.\n" }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections.\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections. Default port is 5439.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\nFormat: ddd:hh24:mi-ddd:hh24:mi\n" }, "publiclyAccessible": { "type": "boolean", "description": "If true, the cluster can be accessed from a public network. Default is `true`.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final snapshot of the cluster is created before Amazon Redshift deletes the cluster. If true , a final cluster snapshot is not created. If false , a final cluster snapshot is created before the cluster is deleted. Default is false.\n" }, "snapshotClusterIdentifier": { "type": "string", "description": "The name of the cluster the source snapshot was created from.\n" }, "snapshotCopy": { "$ref": "#/types/aws:redshift/ClusterSnapshotCopy:ClusterSnapshotCopy", "description": "Configuration of automatic copy of snapshots from one region to another. Documented below.\n" }, "snapshotIdentifier": { "type": "string", "description": "The name of the snapshot from which to create the new cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n" } }, "requiredInputs": [ "clusterIdentifier", "nodeType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "allowVersionUpgrade": { "type": "boolean", "description": "If true , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster. Default is true\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "automatedSnapshotRetentionPeriod": { "type": "integer", "description": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with create-cluster-snapshot. Default is 1.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n" }, "clusterIdentifier": { "type": "string", "description": "The Cluster Identifier. Must be a lower case\nstring.\n" }, "clusterParameterGroupName": { "type": "string", "description": "The name of the parameter group to be associated with this cluster.\n" }, "clusterPublicKey": { "type": "string", "description": "The public key for the cluster\n" }, "clusterRevisionNumber": { "type": "string", "description": "The specific revision number of the database in the cluster\n" }, "clusterSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security groups to be associated with this cluster.\n" }, "clusterSubnetGroupName": { "type": "string", "description": "The name of a cluster subnet group to be associated with this cluster. If this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).\n" }, "clusterType": { "type": "string", "description": "The cluster type to use. Either `single-node` or `multi-node`.\n" }, "clusterVersion": { "type": "string", "description": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\nThe version selected runs on all the nodes in the cluster.\n" }, "databaseName": { "type": "string", "description": "The name of the first database to be created when the cluster is created.\nIf you do not provide a name, Amazon Redshift will create a default database called `dev`.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the cluster\n" }, "elasticIp": { "type": "string", "description": "The Elastic IP (EIP) address for the cluster.\n" }, "encrypted": { "type": "boolean", "description": "If true , the data in the cluster is encrypted at rest.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint\n" }, "enhancedVpcRouting": { "type": "boolean", "description": "If true , enhanced VPC routing is enabled.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The identifier of the final snapshot that is to be created immediately before deleting the cluster. If this parameter is provided, `skip_final_snapshot` must be false.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Role ARNs to associate with the cluster. A Maximum of 10 can be associated to the cluster at any time.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true.\n" }, "logging": { "$ref": "#/types/aws:redshift/ClusterLogging:ClusterLogging", "description": "Logging, documented below.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user.\nNote that this may show up in logs, and it will be stored in the state file. Password must contain at least 8 chars and\ncontain at least one uppercase letter, one lowercase letter, and one number.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n" }, "nodeType": { "type": "string", "description": "The node type to be provisioned for the cluster.\n" }, "numberOfNodes": { "type": "integer", "description": "The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node. Default is 1.\n" }, "ownerAccount": { "type": "string", "description": "The AWS customer account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.\n" }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections.\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections. Default port is 5439.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\nFormat: ddd:hh24:mi-ddd:hh24:mi\n" }, "publiclyAccessible": { "type": "boolean", "description": "If true, the cluster can be accessed from a public network. Default is `true`.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final snapshot of the cluster is created before Amazon Redshift deletes the cluster. If true , a final cluster snapshot is not created. If false , a final cluster snapshot is created before the cluster is deleted. Default is false.\n" }, "snapshotClusterIdentifier": { "type": "string", "description": "The name of the cluster the source snapshot was created from.\n" }, "snapshotCopy": { "$ref": "#/types/aws:redshift/ClusterSnapshotCopy:ClusterSnapshotCopy", "description": "Configuration of automatic copy of snapshots from one region to another. Documented below.\n" }, "snapshotIdentifier": { "type": "string", "description": "The name of the snapshot from which to create the new cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n" } }, "type": "object" } }, "aws:redshift/eventSubscription:EventSubscription": { "description": "Provides a Redshift event subscription resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.redshift.Cluster(\"default\", {\n clusterIdentifier: \"default\",\n databaseName: \"default\",\n});\nconst defaultTopic = new aws.sns.Topic(\"default\", {});\nconst defaultEventSubscription = new aws.redshift.EventSubscription(\"default\", {\n eventCategories: [\n \"configuration\",\n \"management\",\n \"monitoring\",\n \"security\",\n ],\n severity: \"INFO\",\n snsTopicArn: defaultTopic.arn,\n sourceIds: [defaultCluster.id],\n sourceType: \"cluster\",\n tags: {\n Name: \"default\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_cluster = aws.redshift.Cluster(\"defaultCluster\",\n cluster_identifier=\"default\",\n database_name=\"default\")\ndefault_topic = aws.sns.Topic(\"defaultTopic\")\ndefault_event_subscription = aws.redshift.EventSubscription(\"defaultEventSubscription\",\n event_categories=[\n \"configuration\",\n \"management\",\n \"monitoring\",\n \"security\",\n ],\n severity=\"INFO\",\n sns_topic_arn=default_topic.arn,\n source_ids=[default_cluster.id],\n source_type=\"cluster\",\n tags={\n \"Name\": \"default\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var defaultCluster = new Aws.RedShift.Cluster(\"defaultCluster\", new Aws.RedShift.ClusterArgs\n {\n ClusterIdentifier = \"default\",\n DatabaseName = \"default\",\n });\n var defaultTopic = new Aws.Sns.Topic(\"defaultTopic\", new Aws.Sns.TopicArgs\n {\n });\n var defaultEventSubscription = new Aws.RedShift.EventSubscription(\"defaultEventSubscription\", new Aws.RedShift.EventSubscriptionArgs\n {\n EventCategories = \n {\n \"configuration\",\n \"management\",\n \"monitoring\",\n \"security\",\n },\n Severity = \"INFO\",\n SnsTopicArn = defaultTopic.Arn,\n SourceIds = \n {\n defaultCluster.Id,\n },\n SourceType = \"cluster\",\n Tags = \n {\n { \"Name\", \"default\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultCluster, err := redshift.NewCluster(ctx, \"defaultCluster\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"default\"),\n\t\t\tDatabaseName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultTopic, err := sns.NewTopic(ctx, \"defaultTopic\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshift.NewEventSubscription(ctx, \"defaultEventSubscription\", \u0026redshift.EventSubscriptionArgs{\n\t\t\tEventCategories: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"configuration\"),\n\t\t\t\tpulumi.String(\"management\"),\n\t\t\t\tpulumi.String(\"monitoring\"),\n\t\t\t\tpulumi.String(\"security\"),\n\t\t\t},\n\t\t\tSeverity: pulumi.String(\"INFO\"),\n\t\t\tSnsTopicArn: defaultTopic.Arn,\n\t\t\tSourceIds: pulumi.StringArray{\n\t\t\t\tdefaultCluster.ID(),\n\t\t\t},\n\t\t\tSourceType: pulumi.String(\"cluster\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"default\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Attributes\n\nThe following additional atttributes are provided:\n\n* `arn` - Amazon Resource Name (ARN) of the Redshift event notification subscription\n* `id` - The name of the Redshift event notification subscription\n* `customer_aws_id` - The AWS customer account associated with the Redshift event notification subscription\n", "properties": { "arn": { "type": "string" }, "customerAwsId": { "type": "string" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-event-notifications.html or run `aws redshift describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the Redshift event subscription.\n" }, "severity": { "type": "string", "description": "The event severity to be published by the notification subscription. Valid options are `INFO` or `ERROR`.\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `cluster`, `cluster-parameter-group`, `cluster-security-group`, or `cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "customerAwsId", "name", "snsTopicArn", "status" ], "inputProperties": { "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-event-notifications.html or run `aws redshift describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the Redshift event subscription.\n" }, "severity": { "type": "string", "description": "The event severity to be published by the notification subscription. Valid options are `INFO` or `ERROR`.\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `cluster`, `cluster-parameter-group`, `cluster-security-group`, or `cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "snsTopicArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSubscription resources.\n", "properties": { "arn": { "type": "string" }, "customerAwsId": { "type": "string" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-event-notifications.html or run `aws redshift describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the Redshift event subscription.\n" }, "severity": { "type": "string", "description": "The event severity to be published by the notification subscription. Valid options are `INFO` or `ERROR`.\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `cluster`, `cluster-parameter-group`, `cluster-security-group`, or `cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:redshift/parameterGroup:ParameterGroup": { "description": "Provides a Redshift Cluster parameter group resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.redshift.ParameterGroup(\"bar\", {\n family: \"redshift-1.0\",\n parameters: [\n {\n name: \"require_ssl\",\n value: \"true\",\n },\n {\n name: \"query_group\",\n value: \"example\",\n },\n {\n name: \"enable_user_activity_logging\",\n value: \"true\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.redshift.ParameterGroup(\"bar\",\n family=\"redshift-1.0\",\n parameters=[\n {\n \"name\": \"require_ssl\",\n \"value\": \"true\",\n },\n {\n \"name\": \"query_group\",\n \"value\": \"example\",\n },\n {\n \"name\": \"enable_user_activity_logging\",\n \"value\": \"true\",\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bar = new Aws.RedShift.ParameterGroup(\"bar\", new Aws.RedShift.ParameterGroupArgs\n {\n Family = \"redshift-1.0\",\n Parameters = \n {\n new Aws.RedShift.Inputs.ParameterGroupParameterArgs\n {\n Name = \"require_ssl\",\n Value = \"true\",\n },\n new Aws.RedShift.Inputs.ParameterGroupParameterArgs\n {\n Name = \"query_group\",\n Value = \"example\",\n },\n new Aws.RedShift.Inputs.ParameterGroupParameterArgs\n {\n Name = \"enable_user_activity_logging\",\n Value = \"true\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = redshift.NewParameterGroup(ctx, \"bar\", \u0026redshift.ParameterGroupArgs{\n\t\t\tFamily: pulumi.String(\"redshift-1.0\"),\n\t\t\tParameters: redshift.ParameterGroupParameterArray{\n\t\t\t\t\u0026redshift.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"require_ssl\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026redshift.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"query_group\"),\n\t\t\t\t\tValue: pulumi.String(\"example\"),\n\t\t\t\t},\n\t\t\t\t\u0026redshift.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"enable_user_activity_logging\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of parameter group\n" }, "description": { "type": "string", "description": "The description of the Redshift parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the Redshift parameter group.\n" }, "name": { "type": "string", "description": "The name of the Redshift parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:redshift/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Redshift parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "description", "family", "name" ], "inputProperties": { "description": { "type": "string", "description": "The description of the Redshift parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the Redshift parameter group.\n" }, "name": { "type": "string", "description": "The name of the Redshift parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:redshift/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Redshift parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of parameter group\n" }, "description": { "type": "string", "description": "The description of the Redshift parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the Redshift parameter group.\n" }, "name": { "type": "string", "description": "The name of the Redshift parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:redshift/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Redshift parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:redshift/securityGroup:SecurityGroup": { "description": "Creates a new Amazon Redshift security group. You use security groups to control access to non-VPC clusters\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultSecurityGroup = new aws.redshift.SecurityGroup(\"default\", {\n ingress: [{\n cidr: \"10.0.0.0/24\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.redshift.SecurityGroup(\"default\", ingress=[{\n \"cidr\": \"10.0.0.0/24\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.RedShift.SecurityGroup(\"default\", new Aws.RedShift.SecurityGroupArgs\n {\n Ingress = \n {\n new Aws.RedShift.Inputs.SecurityGroupIngressArgs\n {\n Cidr = \"10.0.0.0/24\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = redshift.NewSecurityGroup(ctx, \"default\", \u0026redshift.SecurityGroupArgs{\n\t\t\tIngress: redshift.SecurityGroupIngressArray{\n\t\t\t\t\u0026redshift.SecurityGroupIngressArgs{\n\t\t\t\t\tCidr: pulumi.String(\"10.0.0.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "The description of the Redshift security group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:redshift/SecurityGroupIngress:SecurityGroupIngress" }, "description": "A list of ingress rules.\n" }, "name": { "type": "string", "description": "The name of the Redshift security group.\n" } }, "required": [ "description", "ingress", "name" ], "inputProperties": { "description": { "type": "string", "description": "The description of the Redshift security group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:redshift/SecurityGroupIngress:SecurityGroupIngress" }, "description": "A list of ingress rules.\n" }, "name": { "type": "string", "description": "The name of the Redshift security group.\n" } }, "requiredInputs": [ "ingress" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityGroup resources.\n", "properties": { "description": { "type": "string", "description": "The description of the Redshift security group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:redshift/SecurityGroupIngress:SecurityGroupIngress" }, "description": "A list of ingress rules.\n" }, "name": { "type": "string", "description": "The name of the Redshift security group.\n" } }, "type": "object" } }, "aws:redshift/snapshotCopyGrant:SnapshotCopyGrant": { "description": "Creates a snapshot copy grant that allows AWS Redshift to encrypt copied snapshots with a customer master key from AWS KMS in a destination region.\n\nNote that the grant must exist in the destination region, and not in the region of the cluster.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testSnapshotCopyGrant = new aws.redshift.SnapshotCopyGrant(\"test\", {\n snapshotCopyGrantName: \"my-grant\",\n});\nconst testCluster = new aws.redshift.Cluster(\"test\", {\n // ... other configuration ...\n snapshotCopy: {\n destinationRegion: \"us-east-2\",\n grantName: testSnapshotCopyGrant.snapshotCopyGrantName,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_snapshot_copy_grant = aws.redshift.SnapshotCopyGrant(\"testSnapshotCopyGrant\", snapshot_copy_grant_name=\"my-grant\")\ntest_cluster = aws.redshift.Cluster(\"testCluster\", snapshot_copy={\n \"destinationRegion\": \"us-east-2\",\n \"grantName\": test_snapshot_copy_grant.snapshot_copy_grant_name,\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testSnapshotCopyGrant = new Aws.RedShift.SnapshotCopyGrant(\"testSnapshotCopyGrant\", new Aws.RedShift.SnapshotCopyGrantArgs\n {\n SnapshotCopyGrantName = \"my-grant\",\n });\n var testCluster = new Aws.RedShift.Cluster(\"testCluster\", new Aws.RedShift.ClusterArgs\n {\n SnapshotCopy = new Aws.RedShift.Inputs.ClusterSnapshotCopyArgs\n {\n DestinationRegion = \"us-east-2\",\n GrantName = testSnapshotCopyGrant.SnapshotCopyGrantName,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestSnapshotCopyGrant, err := redshift.NewSnapshotCopyGrant(ctx, \"testSnapshotCopyGrant\", \u0026redshift.SnapshotCopyGrantArgs{\n\t\t\tSnapshotCopyGrantName: pulumi.String(\"my-grant\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshift.NewCluster(ctx, \"testCluster\", \u0026redshift.ClusterArgs{\n\t\t\tSnapshotCopy: \u0026redshift.ClusterSnapshotCopyArgs{\n\t\t\t\tDestinationRegion: pulumi.String(\"us-east-2\"),\n\t\t\t\tGrantName: testSnapshotCopyGrant.SnapshotCopyGrantName,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of snapshot copy grant\n" }, "kmsKeyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN. If not specified, the default key is used.\n" }, "snapshotCopyGrantName": { "type": "string", "description": "A friendly name for identifying the grant.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "kmsKeyId", "snapshotCopyGrantName" ], "inputProperties": { "kmsKeyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN. If not specified, the default key is used.\n" }, "snapshotCopyGrantName": { "type": "string", "description": "A friendly name for identifying the grant.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "snapshotCopyGrantName" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotCopyGrant resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of snapshot copy grant\n" }, "kmsKeyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN. If not specified, the default key is used.\n" }, "snapshotCopyGrantName": { "type": "string", "description": "A friendly name for identifying the grant.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:redshift/snapshotSchedule:SnapshotSchedule": { "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultSnapshotSchedule = new aws.redshift.SnapshotSchedule(\"default\", {\n definitions: [\"rate(12 hours)\"],\n identifier: \"tf-redshift-snapshot-schedule\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.redshift.SnapshotSchedule(\"default\",\n definitions=[\"rate(12 hours)\"],\n identifier=\"tf-redshift-snapshot-schedule\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.RedShift.SnapshotSchedule(\"default\", new Aws.RedShift.SnapshotScheduleArgs\n {\n Definitions = \n {\n \"rate(12 hours)\",\n },\n Identifier = \"tf-redshift-snapshot-schedule\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = redshift.NewSnapshotSchedule(ctx, \"default\", \u0026redshift.SnapshotScheduleArgs{\n\t\t\tDefinitions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"rate(12 hours)\"),\n\t\t\t},\n\t\t\tIdentifier: pulumi.String(\"tf-redshift-snapshot-schedule\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string" }, "definitions": { "type": "array", "items": { "type": "string" }, "description": "The definition of the snapshot schedule. The definition is made up of schedule expressions, for example `cron(30 12 *)` or `rate(12 hours)`.\n" }, "description": { "type": "string", "description": "The description of the snapshot schedule.\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all associated clusters with this snapshot schedule on deletion. Must be enabled and applied before attempting deletion.\n" }, "identifier": { "type": "string", "description": "The snapshot schedule identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique\nidentifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "definitions", "identifier", "identifierPrefix" ], "inputProperties": { "definitions": { "type": "array", "items": { "type": "string" }, "description": "The definition of the snapshot schedule. The definition is made up of schedule expressions, for example `cron(30 12 *)` or `rate(12 hours)`.\n" }, "description": { "type": "string", "description": "The description of the snapshot schedule.\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all associated clusters with this snapshot schedule on deletion. Must be enabled and applied before attempting deletion.\n" }, "identifier": { "type": "string", "description": "The snapshot schedule identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique\nidentifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "definitions" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotSchedule resources.\n", "properties": { "arn": { "type": "string" }, "definitions": { "type": "array", "items": { "type": "string" }, "description": "The definition of the snapshot schedule. The definition is made up of schedule expressions, for example `cron(30 12 *)` or `rate(12 hours)`.\n" }, "description": { "type": "string", "description": "The description of the snapshot schedule.\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all associated clusters with this snapshot schedule on deletion. Must be enabled and applied before attempting deletion.\n" }, "identifier": { "type": "string", "description": "The snapshot schedule identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique\nidentifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:redshift/snapshotScheduleAssociation:SnapshotScheduleAssociation": { "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCluster = new aws.redshift.Cluster(\"default\", {\n clusterIdentifier: \"tf-redshift-cluster\",\n clusterType: \"single-node\",\n databaseName: \"mydb\",\n masterPassword: \"Mustbe8characters\",\n masterUsername: \"foo\",\n nodeType: \"dc1.large\",\n});\nconst defaultSnapshotSchedule = new aws.redshift.SnapshotSchedule(\"default\", {\n definitions: [\"rate(12 hours)\"],\n identifier: \"tf-redshift-snapshot-schedule\",\n});\nconst defaultSnapshotScheduleAssociation = new aws.redshift.SnapshotScheduleAssociation(\"default\", {\n clusterIdentifier: defaultCluster.id,\n scheduleIdentifier: defaultSnapshotSchedule.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_cluster = aws.redshift.Cluster(\"defaultCluster\",\n cluster_identifier=\"tf-redshift-cluster\",\n cluster_type=\"single-node\",\n database_name=\"mydb\",\n master_password=\"Mustbe8characters\",\n master_username=\"foo\",\n node_type=\"dc1.large\")\ndefault_snapshot_schedule = aws.redshift.SnapshotSchedule(\"defaultSnapshotSchedule\",\n definitions=[\"rate(12 hours)\"],\n identifier=\"tf-redshift-snapshot-schedule\")\ndefault_snapshot_schedule_association = aws.redshift.SnapshotScheduleAssociation(\"defaultSnapshotScheduleAssociation\",\n cluster_identifier=default_cluster.id,\n schedule_identifier=default_snapshot_schedule.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var defaultCluster = new Aws.RedShift.Cluster(\"defaultCluster\", new Aws.RedShift.ClusterArgs\n {\n ClusterIdentifier = \"tf-redshift-cluster\",\n ClusterType = \"single-node\",\n DatabaseName = \"mydb\",\n MasterPassword = \"Mustbe8characters\",\n MasterUsername = \"foo\",\n NodeType = \"dc1.large\",\n });\n var defaultSnapshotSchedule = new Aws.RedShift.SnapshotSchedule(\"defaultSnapshotSchedule\", new Aws.RedShift.SnapshotScheduleArgs\n {\n Definitions = \n {\n \"rate(12 hours)\",\n },\n Identifier = \"tf-redshift-snapshot-schedule\",\n });\n var defaultSnapshotScheduleAssociation = new Aws.RedShift.SnapshotScheduleAssociation(\"defaultSnapshotScheduleAssociation\", new Aws.RedShift.SnapshotScheduleAssociationArgs\n {\n ClusterIdentifier = defaultCluster.Id,\n ScheduleIdentifier = defaultSnapshotSchedule.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultCluster, err := redshift.NewCluster(ctx, \"defaultCluster\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"tf-redshift-cluster\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterPassword: pulumi.String(\"Mustbe8characters\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultSnapshotSchedule, err := redshift.NewSnapshotSchedule(ctx, \"defaultSnapshotSchedule\", \u0026redshift.SnapshotScheduleArgs{\n\t\t\tDefinitions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"rate(12 hours)\"),\n\t\t\t},\n\t\t\tIdentifier: pulumi.String(\"tf-redshift-snapshot-schedule\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshift.NewSnapshotScheduleAssociation(ctx, \"defaultSnapshotScheduleAssociation\", \u0026redshift.SnapshotScheduleAssociationArgs{\n\t\t\tClusterIdentifier: defaultCluster.ID(),\n\t\t\tScheduleIdentifier: defaultSnapshotSchedule.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n" }, "scheduleIdentifier": { "type": "string", "description": "The snapshot schedule identifier.\n" } }, "required": [ "clusterIdentifier", "scheduleIdentifier" ], "inputProperties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n" }, "scheduleIdentifier": { "type": "string", "description": "The snapshot schedule identifier.\n" } }, "requiredInputs": [ "clusterIdentifier", "scheduleIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotScheduleAssociation resources.\n", "properties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n" }, "scheduleIdentifier": { "type": "string", "description": "The snapshot schedule identifier.\n" } }, "type": "object" } }, "aws:redshift/subnetGroup:SubnetGroup": { "description": "Creates a new Amazon Redshift subnet group. You must provide a list of one or more subnets in your existing Amazon Virtual Private Cloud (Amazon VPC) when creating Amazon Redshift subnet group.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooVpc = new aws.ec2.Vpc(\"foo\", {\n cidrBlock: \"10.1.0.0/16\",\n});\nconst fooSubnet = new aws.ec2.Subnet(\"foo\", {\n availabilityZone: \"us-west-2a\",\n cidrBlock: \"10.1.1.0/24\",\n tags: {\n Name: \"tf-dbsubnet-test-1\",\n },\n vpcId: fooVpc.id,\n});\nconst bar = new aws.ec2.Subnet(\"bar\", {\n availabilityZone: \"us-west-2b\",\n cidrBlock: \"10.1.2.0/24\",\n tags: {\n Name: \"tf-dbsubnet-test-2\",\n },\n vpcId: fooVpc.id,\n});\nconst fooSubnetGroup = new aws.redshift.SubnetGroup(\"foo\", {\n subnetIds: [\n fooSubnet.id,\n bar.id,\n ],\n tags: {\n environment: \"Production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_vpc = aws.ec2.Vpc(\"fooVpc\", cidr_block=\"10.1.0.0/16\")\nfoo_subnet = aws.ec2.Subnet(\"fooSubnet\",\n availability_zone=\"us-west-2a\",\n cidr_block=\"10.1.1.0/24\",\n tags={\n \"Name\": \"tf-dbsubnet-test-1\",\n },\n vpc_id=foo_vpc.id)\nbar = aws.ec2.Subnet(\"bar\",\n availability_zone=\"us-west-2b\",\n cidr_block=\"10.1.2.0/24\",\n tags={\n \"Name\": \"tf-dbsubnet-test-2\",\n },\n vpc_id=foo_vpc.id)\nfoo_subnet_group = aws.redshift.SubnetGroup(\"fooSubnetGroup\",\n subnet_ids=[\n foo_subnet.id,\n bar.id,\n ],\n tags={\n \"environment\": \"Production\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooVpc = new Aws.Ec2.Vpc(\"fooVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var fooSubnet = new Aws.Ec2.Subnet(\"fooSubnet\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = \"10.1.1.0/24\",\n Tags = \n {\n { \"Name\", \"tf-dbsubnet-test-1\" },\n },\n VpcId = fooVpc.Id,\n });\n var bar = new Aws.Ec2.Subnet(\"bar\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-west-2b\",\n CidrBlock = \"10.1.2.0/24\",\n Tags = \n {\n { \"Name\", \"tf-dbsubnet-test-2\" },\n },\n VpcId = fooVpc.Id,\n });\n var fooSubnetGroup = new Aws.RedShift.SubnetGroup(\"fooSubnetGroup\", new Aws.RedShift.SubnetGroupArgs\n {\n SubnetIds = \n {\n fooSubnet.Id,\n bar.Id,\n },\n Tags = \n {\n { \"environment\", \"Production\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooVpc, err := ec2.NewVpc(ctx, \"fooVpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooSubnet, err := ec2.NewSubnet(ctx, \"fooSubnet\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.1.1.0/24\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"tf-dbsubnet-test-1\"),\n\t\t\t},\n\t\t\tVpcId: fooVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewSubnet(ctx, \"bar\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2b\"),\n\t\t\tCidrBlock: pulumi.String(\"10.1.2.0/24\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"tf-dbsubnet-test-2\"),\n\t\t\t},\n\t\t\tVpcId: fooVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshift.NewSubnetGroup(ctx, \"fooSubnetGroup\", \u0026redshift.SubnetGroupArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tfooSubnet.ID(),\n\t\t\t\tbar.ID(),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"environment\": pulumi.String(\"Production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Subnet group name\n" }, "description": { "type": "string", "description": "The description of the Redshift Subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the Redshift Subnet group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "description", "name", "subnetIds" ], "inputProperties": { "description": { "type": "string", "description": "The description of the Redshift Subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the Redshift Subnet group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Subnet group name\n" }, "description": { "type": "string", "description": "The description of the Redshift Subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the Redshift Subnet group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:resourcegroups/group:Group": { "description": "Provides a Resource Group.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.resourcegroups.Group(\"test\", {\n resourceQuery: {\n query: `{\n \"ResourceTypeFilters\": [\n \"AWS::EC2::Instance\"\n ],\n \"TagFilters\": [\n {\n \"Key\": \"Stage\",\n \"Values\": [\"Test\"]\n }\n ]\n}\n`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.resourcegroups.Group(\"test\", resource_query={\n \"query\": \"\"\"{\n \"ResourceTypeFilters\": [\n \"AWS::EC2::Instance\"\n ],\n \"TagFilters\": [\n {\n \"Key\": \"Stage\",\n \"Values\": [\"Test\"]\n }\n ]\n}\n\n\"\"\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.ResourceGroups.Group(\"test\", new Aws.ResourceGroups.GroupArgs\n {\n ResourceQuery = new Aws.ResourceGroups.Inputs.GroupResourceQueryArgs\n {\n Query = @\"{\n \"\"ResourceTypeFilters\"\": [\n \"\"AWS::EC2::Instance\"\"\n ],\n \"\"TagFilters\"\": [\n {\n \"\"Key\"\": \"\"Stage\"\",\n \"\"Values\"\": [\"\"Test\"\"]\n }\n ]\n}\n\n\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/resourcegroups\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = resourcegroups.NewGroup(ctx, \"test\", \u0026resourcegroups.GroupArgs{\n\t\t\tResourceQuery: \u0026resourcegroups.GroupResourceQueryArgs{\n\t\t\t\tQuery: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"ResourceTypeFilters\\\": [\\n\", \" \\\"AWS::EC2::Instance\\\"\\n\", \" ],\\n\", \" \\\"TagFilters\\\": [\\n\", \" {\\n\", \" \\\"Key\\\": \\\"Stage\\\",\\n\", \" \\\"Values\\\": [\\\"Test\\\"]\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this resource group.\n" }, "description": { "type": "string", "description": "A description of the resource group.\n" }, "name": { "type": "string", "description": "The resource group's name. A resource group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`.\n" }, "resourceQuery": { "$ref": "#/types/aws:resourcegroups/GroupResourceQuery:GroupResourceQuery", "description": "A `resource_query` block. Resource queries are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "name", "resourceQuery" ], "inputProperties": { "description": { "type": "string", "description": "A description of the resource group.\n" }, "name": { "type": "string", "description": "The resource group's name. A resource group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`.\n" }, "resourceQuery": { "$ref": "#/types/aws:resourcegroups/GroupResourceQuery:GroupResourceQuery", "description": "A `resource_query` block. Resource queries are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "resourceQuery" ], "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this resource group.\n" }, "description": { "type": "string", "description": "A description of the resource group.\n" }, "name": { "type": "string", "description": "The resource group's name. A resource group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`.\n" }, "resourceQuery": { "$ref": "#/types/aws:resourcegroups/GroupResourceQuery:GroupResourceQuery", "description": "A `resource_query` block. Resource queries are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:route53/delegationSet:DelegationSet": { "description": "Provides a [Route53 Delegation Set](https://docs.aws.amazon.com/Route53/latest/APIReference/API-actions-by-function.html#actions-by-function-reusable-delegation-sets) resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.route53.DelegationSet(\"main\", {\n referenceName: \"DynDNS\",\n});\nconst primary = new aws.route53.Zone(\"primary\", {\n delegationSetId: main.id,\n});\nconst secondary = new aws.route53.Zone(\"secondary\", {\n delegationSetId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.route53.DelegationSet(\"main\", reference_name=\"DynDNS\")\nprimary = aws.route53.Zone(\"primary\", delegation_set_id=main.id)\nsecondary = aws.route53.Zone(\"secondary\", delegation_set_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Route53.DelegationSet(\"main\", new Aws.Route53.DelegationSetArgs\n {\n ReferenceName = \"DynDNS\",\n });\n var primary = new Aws.Route53.Zone(\"primary\", new Aws.Route53.ZoneArgs\n {\n DelegationSetId = main.Id,\n });\n var secondary = new Aws.Route53.Zone(\"secondary\", new Aws.Route53.ZoneArgs\n {\n DelegationSetId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := route53.NewDelegationSet(ctx, \"main\", \u0026route53.DelegationSetArgs{\n\t\t\tReferenceName: pulumi.String(\"DynDNS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZone(ctx, \"primary\", \u0026route53.ZoneArgs{\n\t\t\tDelegationSetId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZone(ctx, \"secondary\", \u0026route53.ZoneArgs{\n\t\t\tDelegationSetId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of authoritative name servers for the hosted zone\n(effectively a list of NS records).\n" }, "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single delegation set amongst others)\n" } }, "required": [ "nameServers" ], "inputProperties": { "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single delegation set amongst others)\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering DelegationSet resources.\n", "properties": { "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of authoritative name servers for the hosted zone\n(effectively a list of NS records).\n" }, "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single delegation set amongst others)\n" } }, "type": "object" } }, "aws:route53/healthCheck:HealthCheck": { "description": "Provides a Route53 health check.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Connectivity and HTTP Status Code Check\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.HealthCheck(\"example\", {\n failureThreshold: 5,\n fqdn: \"example.com\",\n port: 80,\n requestInterval: 30,\n resourcePath: \"/\",\n tags: {\n Name: \"tf-test-health-check\",\n },\n type: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.HealthCheck(\"example\",\n failure_threshold=\"5\",\n fqdn=\"example.com\",\n port=80,\n request_interval=\"30\",\n resource_path=\"/\",\n tags={\n \"Name\": \"tf-test-health-check\",\n },\n type=\"HTTP\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Route53.HealthCheck(\"example\", new Aws.Route53.HealthCheckArgs\n {\n FailureThreshold = 5,\n Fqdn = \"example.com\",\n Port = 80,\n RequestInterval = 30,\n ResourcePath = \"/\",\n Tags = \n {\n { \"Name\", \"tf-test-health-check\" },\n },\n Type = \"HTTP\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = route53.NewHealthCheck(ctx, \"example\", \u0026route53.HealthCheckArgs{\n\t\t\tFailureThreshold: pulumi.Int(5),\n\t\t\tFqdn: pulumi.String(\"example.com\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tRequestInterval: pulumi.Int(30),\n\t\t\tResourcePath: pulumi.String(\"/\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"tf-test-health-check\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Connectivity and String Matching Check\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.HealthCheck(\"example\", {\n failureThreshold: 5,\n fqdn: \"example.com\",\n port: 443,\n requestInterval: 30,\n resourcePath: \"/\",\n searchString: \"example\",\n type: \"HTTPS_STR_MATCH\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.HealthCheck(\"example\",\n failure_threshold=\"5\",\n fqdn=\"example.com\",\n port=443,\n request_interval=\"30\",\n resource_path=\"/\",\n search_string=\"example\",\n type=\"HTTPS_STR_MATCH\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Route53.HealthCheck(\"example\", new Aws.Route53.HealthCheckArgs\n {\n FailureThreshold = 5,\n Fqdn = \"example.com\",\n Port = 443,\n RequestInterval = 30,\n ResourcePath = \"/\",\n SearchString = \"example\",\n Type = \"HTTPS_STR_MATCH\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = route53.NewHealthCheck(ctx, \"example\", \u0026route53.HealthCheckArgs{\n\t\t\tFailureThreshold: pulumi.Int(5),\n\t\t\tFqdn: pulumi.String(\"example.com\"),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tRequestInterval: pulumi.Int(30),\n\t\t\tResourcePath: pulumi.String(\"/\"),\n\t\t\tSearchString: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"HTTPS_STR_MATCH\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Aggregate Check\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst parent = new aws.route53.HealthCheck(\"parent\", {\n childHealthThreshold: 1,\n childHealthchecks: [aws_route53_health_check_child.id],\n tags: {\n Name: \"tf-test-calculated-health-check\",\n },\n type: \"CALCULATED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nparent = aws.route53.HealthCheck(\"parent\",\n child_health_threshold=1,\n child_healthchecks=[aws_route53_health_check[\"child\"][\"id\"]],\n tags={\n \"Name\": \"tf-test-calculated-health-check\",\n },\n type=\"CALCULATED\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var parent = new Aws.Route53.HealthCheck(\"parent\", new Aws.Route53.HealthCheckArgs\n {\n ChildHealthThreshold = 1,\n ChildHealthchecks = \n {\n aws_route53_health_check.Child.Id,\n },\n Tags = \n {\n { \"Name\", \"tf-test-calculated-health-check\" },\n },\n Type = \"CALCULATED\",\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### CloudWatch Alarm Check\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobar = new aws.cloudwatch.MetricAlarm(\"foobar\", {\n alarmDescription: \"This metric monitors ec2 cpu utilization\",\n comparisonOperator: \"GreaterThanOrEqualToThreshold\",\n evaluationPeriods: 2,\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n period: 120,\n statistic: \"Average\",\n threshold: 80,\n});\nconst foo = new aws.route53.HealthCheck(\"foo\", {\n cloudwatchAlarmName: foobar.alarmName,\n cloudwatchAlarmRegion: \"us-west-2\",\n insufficientDataHealthStatus: \"Healthy\",\n type: \"CLOUDWATCH_METRIC\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar = aws.cloudwatch.MetricAlarm(\"foobar\",\n alarm_description=\"This metric monitors ec2 cpu utilization\",\n comparison_operator=\"GreaterThanOrEqualToThreshold\",\n evaluation_periods=\"2\",\n metric_name=\"CPUUtilization\",\n namespace=\"AWS/EC2\",\n period=\"120\",\n statistic=\"Average\",\n threshold=\"80\")\nfoo = aws.route53.HealthCheck(\"foo\",\n cloudwatch_alarm_name=foobar.name,\n cloudwatch_alarm_region=\"us-west-2\",\n insufficient_data_health_status=\"Healthy\",\n type=\"CLOUDWATCH_METRIC\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foobar = new Aws.CloudWatch.MetricAlarm(\"foobar\", new Aws.CloudWatch.MetricAlarmArgs\n {\n AlarmDescription = \"This metric monitors ec2 cpu utilization\",\n ComparisonOperator = \"GreaterThanOrEqualToThreshold\",\n EvaluationPeriods = 2,\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n Period = 120,\n Statistic = \"Average\",\n Threshold = 80,\n });\n var foo = new Aws.Route53.HealthCheck(\"foo\", new Aws.Route53.HealthCheckArgs\n {\n CloudwatchAlarmName = foobar.Name,\n CloudwatchAlarmRegion = \"us-west-2\",\n InsufficientDataHealthStatus = \"Healthy\",\n Type = \"CLOUDWATCH_METRIC\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoobar, err := cloudwatch.NewMetricAlarm(ctx, \"foobar\", \u0026cloudwatch.MetricAlarmArgs{\n\t\t\tAlarmDescription: pulumi.String(\"This metric monitors ec2 cpu utilization\"),\n\t\t\tComparisonOperator: pulumi.String(\"GreaterThanOrEqualToThreshold\"),\n\t\t\tEvaluationPeriods: pulumi.Int(2),\n\t\t\tMetricName: pulumi.String(\"CPUUtilization\"),\n\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\tPeriod: pulumi.Int(120),\n\t\t\tStatistic: pulumi.String(\"Average\"),\n\t\t\tThreshold: pulumi.Float64(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHealthCheck(ctx, \"foo\", \u0026route53.HealthCheckArgs{\n\t\t\tCloudwatchAlarmName: foobar.Name,\n\t\t\tCloudwatchAlarmRegion: pulumi.String(\"us-west-2\"),\n\t\t\tInsufficientDataHealthStatus: pulumi.String(\"Healthy\"),\n\t\t\tType: pulumi.String(\"CLOUDWATCH_METRIC\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "childHealthThreshold": { "type": "integer", "description": "The minimum number of child health checks that must be healthy for Route 53 to consider the parent health check to be healthy. Valid values are integers between 0 and 256, inclusive\n" }, "childHealthchecks": { "type": "array", "items": { "type": "string" }, "description": "For a specified parent health check, a list of HealthCheckId values for the associated child health checks.\n" }, "cloudwatchAlarmName": { "type": "string", "description": "The name of the CloudWatch alarm.\n" }, "cloudwatchAlarmRegion": { "type": "string", "description": "The CloudWatchRegion that the CloudWatch alarm was created in.\n" }, "enableSni": { "type": "boolean", "description": "A boolean value that indicates whether Route53 should send the `fqdn` to the endpoint when performing the health check. This defaults to AWS' defaults: when the `type` is \"HTTPS\" `enable_sni` defaults to `true`, when `type` is anything else `enable_sni` defaults to `false`.\n" }, "failureThreshold": { "type": "integer", "description": "The number of consecutive health checks that an endpoint must pass or fail.\n" }, "fqdn": { "type": "string", "description": "The fully qualified domain name of the endpoint to be checked.\n" }, "insufficientDataHealthStatus": { "type": "string", "description": "The status of the health check when CloudWatch has insufficient data about the state of associated alarm. Valid values are `Healthy` , `Unhealthy` and `LastKnownStatus`.\n" }, "invertHealthcheck": { "type": "boolean", "description": "A boolean value that indicates whether the status of health check should be inverted. For example, if a health check is healthy but Inverted is True , then Route 53 considers the health check to be unhealthy.\n" }, "ipAddress": { "type": "string", "description": "The IP address of the endpoint to be checked.\n" }, "measureLatency": { "type": "boolean", "description": "A Boolean value that indicates whether you want Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint and to display CloudWatch latency graphs in the Route 53 console.\n" }, "port": { "type": "integer", "description": "The port of the endpoint to be checked.\n" }, "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single health_check set amongst others)\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "A list of AWS regions that you want Amazon Route 53 health checkers to check the specified endpoint from.\n" }, "requestInterval": { "type": "integer", "description": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.\n" }, "resourcePath": { "type": "string", "description": "The path that you want Amazon Route 53 to request when performing health checks.\n" }, "searchString": { "type": "string", "description": "String searched in the first 5120 bytes of the response body for check to be considered healthy. Only valid with `HTTP_STR_MATCH` and `HTTPS_STR_MATCH`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the health check.\n" }, "type": { "type": "string", "description": "The protocol to use when performing health checks. Valid values are `HTTP`, `HTTPS`, `HTTP_STR_MATCH`, `HTTPS_STR_MATCH`, `TCP`, `CALCULATED` and `CLOUDWATCH_METRIC`.\n" } }, "required": [ "enableSni", "type" ], "inputProperties": { "childHealthThreshold": { "type": "integer", "description": "The minimum number of child health checks that must be healthy for Route 53 to consider the parent health check to be healthy. Valid values are integers between 0 and 256, inclusive\n" }, "childHealthchecks": { "type": "array", "items": { "type": "string" }, "description": "For a specified parent health check, a list of HealthCheckId values for the associated child health checks.\n" }, "cloudwatchAlarmName": { "type": "string", "description": "The name of the CloudWatch alarm.\n" }, "cloudwatchAlarmRegion": { "type": "string", "description": "The CloudWatchRegion that the CloudWatch alarm was created in.\n" }, "enableSni": { "type": "boolean", "description": "A boolean value that indicates whether Route53 should send the `fqdn` to the endpoint when performing the health check. This defaults to AWS' defaults: when the `type` is \"HTTPS\" `enable_sni` defaults to `true`, when `type` is anything else `enable_sni` defaults to `false`.\n" }, "failureThreshold": { "type": "integer", "description": "The number of consecutive health checks that an endpoint must pass or fail.\n" }, "fqdn": { "type": "string", "description": "The fully qualified domain name of the endpoint to be checked.\n" }, "insufficientDataHealthStatus": { "type": "string", "description": "The status of the health check when CloudWatch has insufficient data about the state of associated alarm. Valid values are `Healthy` , `Unhealthy` and `LastKnownStatus`.\n" }, "invertHealthcheck": { "type": "boolean", "description": "A boolean value that indicates whether the status of health check should be inverted. For example, if a health check is healthy but Inverted is True , then Route 53 considers the health check to be unhealthy.\n" }, "ipAddress": { "type": "string", "description": "The IP address of the endpoint to be checked.\n" }, "measureLatency": { "type": "boolean", "description": "A Boolean value that indicates whether you want Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint and to display CloudWatch latency graphs in the Route 53 console.\n" }, "port": { "type": "integer", "description": "The port of the endpoint to be checked.\n" }, "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single health_check set amongst others)\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "A list of AWS regions that you want Amazon Route 53 health checkers to check the specified endpoint from.\n" }, "requestInterval": { "type": "integer", "description": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.\n" }, "resourcePath": { "type": "string", "description": "The path that you want Amazon Route 53 to request when performing health checks.\n" }, "searchString": { "type": "string", "description": "String searched in the first 5120 bytes of the response body for check to be considered healthy. Only valid with `HTTP_STR_MATCH` and `HTTPS_STR_MATCH`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the health check.\n" }, "type": { "type": "string", "description": "The protocol to use when performing health checks. Valid values are `HTTP`, `HTTPS`, `HTTP_STR_MATCH`, `HTTPS_STR_MATCH`, `TCP`, `CALCULATED` and `CLOUDWATCH_METRIC`.\n" } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering HealthCheck resources.\n", "properties": { "childHealthThreshold": { "type": "integer", "description": "The minimum number of child health checks that must be healthy for Route 53 to consider the parent health check to be healthy. Valid values are integers between 0 and 256, inclusive\n" }, "childHealthchecks": { "type": "array", "items": { "type": "string" }, "description": "For a specified parent health check, a list of HealthCheckId values for the associated child health checks.\n" }, "cloudwatchAlarmName": { "type": "string", "description": "The name of the CloudWatch alarm.\n" }, "cloudwatchAlarmRegion": { "type": "string", "description": "The CloudWatchRegion that the CloudWatch alarm was created in.\n" }, "enableSni": { "type": "boolean", "description": "A boolean value that indicates whether Route53 should send the `fqdn` to the endpoint when performing the health check. This defaults to AWS' defaults: when the `type` is \"HTTPS\" `enable_sni` defaults to `true`, when `type` is anything else `enable_sni` defaults to `false`.\n" }, "failureThreshold": { "type": "integer", "description": "The number of consecutive health checks that an endpoint must pass or fail.\n" }, "fqdn": { "type": "string", "description": "The fully qualified domain name of the endpoint to be checked.\n" }, "insufficientDataHealthStatus": { "type": "string", "description": "The status of the health check when CloudWatch has insufficient data about the state of associated alarm. Valid values are `Healthy` , `Unhealthy` and `LastKnownStatus`.\n" }, "invertHealthcheck": { "type": "boolean", "description": "A boolean value that indicates whether the status of health check should be inverted. For example, if a health check is healthy but Inverted is True , then Route 53 considers the health check to be unhealthy.\n" }, "ipAddress": { "type": "string", "description": "The IP address of the endpoint to be checked.\n" }, "measureLatency": { "type": "boolean", "description": "A Boolean value that indicates whether you want Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint and to display CloudWatch latency graphs in the Route 53 console.\n" }, "port": { "type": "integer", "description": "The port of the endpoint to be checked.\n" }, "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single health_check set amongst others)\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "A list of AWS regions that you want Amazon Route 53 health checkers to check the specified endpoint from.\n" }, "requestInterval": { "type": "integer", "description": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.\n" }, "resourcePath": { "type": "string", "description": "The path that you want Amazon Route 53 to request when performing health checks.\n" }, "searchString": { "type": "string", "description": "String searched in the first 5120 bytes of the response body for check to be considered healthy. Only valid with `HTTP_STR_MATCH` and `HTTPS_STR_MATCH`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the health check.\n" }, "type": { "type": "string", "description": "The protocol to use when performing health checks. Valid values are `HTTP`, `HTTPS`, `HTTP_STR_MATCH`, `HTTPS_STR_MATCH`, `TCP`, `CALCULATED` and `CLOUDWATCH_METRIC`.\n" } }, "type": "object" } }, "aws:route53/queryLog:QueryLog": { "description": "Provides a Route53 query logging configuration resource.\n\n\u003e **NOTE:** There are restrictions on the configuration of query logging. Notably,\nthe CloudWatch log group must be in the `us-east-1` region,\na permissive CloudWatch log resource policy must be in place, and\nthe Route53 hosted zone must be public.\nSee [Configuring Logging for DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html?console_help=true#query-logs-configuring) for additional details.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst us_east_1 = new aws.Provider(\"us-east-1\", {\n region: \"us-east-1\",\n});\nconst exampleComZone = new aws.route53.Zone(\"example_com\", {});\nconst awsRoute53ExampleCom = new aws.cloudwatch.LogGroup(\"aws_route53_example_com\", {\n retentionInDays: 30,\n}, { provider: us_east_1 });\nconst route53_query_logging_policyPolicyDocument = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n principals: [{\n identifiers: [\"route53.amazonaws.com\"],\n type: \"Service\",\n }],\n resources: [\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n }],\n}, { async: true }));\nconst route53_query_logging_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policy\", {\n policyDocument: route53_query_logging_policyPolicyDocument.json,\n policyName: \"route53-query-logging-policy\",\n}, { provider: us_east_1 });\nconst exampleComQueryLog = new aws.route53.QueryLog(\"example_com\", {\n cloudwatchLogGroupArn: awsRoute53ExampleCom.arn,\n zoneId: exampleComZone.zoneId,\n}, { dependsOn: [route53_query_logging_policyLogResourcePolicy] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\nus_east_1 = pulumi.providers.Aws(\"us-east-1\", region=\"us-east-1\")\naws_route53_example_com = aws.cloudwatch.LogGroup(\"awsRoute53ExampleCom\", retention_in_days=30)\nroute53_query_logging_policy_policy_document = aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n \"principals\": [{\n \"identifiers\": [\"route53.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n \"resources\": [\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n}])\nroute53_query_logging_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policyLogResourcePolicy\",\n policy_document=route53_query_logging_policy_policy_document.json,\n policy_name=\"route53-query-logging-policy\")\nexample_com_zone = aws.route53.Zone(\"exampleComZone\")\nexample_com_query_log = aws.route53.QueryLog(\"exampleComQueryLog\",\n cloudwatch_log_group_arn=aws_route53_example_com.arn,\n zone_id=example_com_zone.zone_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var us_east_1 = new Aws.Provider(\"us-east-1\", new Aws.ProviderArgs\n {\n Region = \"us-east-1\",\n });\n var awsRoute53ExampleCom = new Aws.CloudWatch.LogGroup(\"awsRoute53ExampleCom\", new Aws.CloudWatch.LogGroupArgs\n {\n RetentionInDays = 30,\n });\n var route53_query_logging_policyPolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"route53.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n Resources = \n {\n \"arn:aws:logs:*:*:log-group:/aws/route53/*\",\n },\n },\n },\n }));\n var route53_query_logging_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"route53-query-logging-policyLogResourcePolicy\", new Aws.CloudWatch.LogResourcePolicyArgs\n {\n PolicyDocument = route53_query_logging_policyPolicyDocument.Apply(route53_query_logging_policyPolicyDocument =\u003e route53_query_logging_policyPolicyDocument.Json),\n PolicyName = \"route53-query-logging-policy\",\n });\n var exampleComZone = new Aws.Route53.Zone(\"exampleComZone\", new Aws.Route53.ZoneArgs\n {\n });\n var exampleComQueryLog = new Aws.Route53.QueryLog(\"exampleComQueryLog\", new Aws.Route53.QueryLogArgs\n {\n CloudwatchLogGroupArn = awsRoute53ExampleCom.Arn,\n ZoneId = exampleComZone.ZoneId,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "cloudwatchLogGroupArn": { "type": "string", "description": "CloudWatch log group ARN to send query logs.\n" }, "zoneId": { "type": "string", "description": "Route53 hosted zone ID to enable query logs.\n" } }, "required": [ "cloudwatchLogGroupArn", "zoneId" ], "inputProperties": { "cloudwatchLogGroupArn": { "type": "string", "description": "CloudWatch log group ARN to send query logs.\n" }, "zoneId": { "type": "string", "description": "Route53 hosted zone ID to enable query logs.\n" } }, "requiredInputs": [ "cloudwatchLogGroupArn", "zoneId" ], "stateInputs": { "description": "Input properties used for looking up and filtering QueryLog resources.\n", "properties": { "cloudwatchLogGroupArn": { "type": "string", "description": "CloudWatch log group ARN to send query logs.\n" }, "zoneId": { "type": "string", "description": "Route53 hosted zone ID to enable query logs.\n" } }, "type": "object" } }, "aws:route53/record:Record": { "description": "Provides a Route53 record resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Simple routing policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst www = new aws.route53.Record(\"www\", {\n name: \"www.example.com\",\n records: [aws_eip_lb.publicIp],\n ttl: 300,\n type: \"A\",\n zoneId: aws_route53_zone_primary.zoneId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwww = aws.route53.Record(\"www\",\n name=\"www.example.com\",\n records=[aws_eip[\"lb\"][\"public_ip\"]],\n ttl=\"300\",\n type=\"A\",\n zone_id=aws_route53_zone[\"primary\"][\"zone_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var www = new Aws.Route53.Record(\"www\", new Aws.Route53.RecordArgs\n {\n Name = \"www.example.com\",\n Records = \n {\n aws_eip.Lb.Public_ip,\n },\n Ttl = 300,\n Type = \"A\",\n ZoneId = aws_route53_zone.Primary.Zone_id,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Weighted routing policy\nOther routing policies are configured similarly. See [AWS Route53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) for details.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst www_dev = new aws.route53.Record(\"www-dev\", {\n name: \"www\",\n records: [\"dev.example.com\"],\n setIdentifier: \"dev\",\n ttl: 5,\n type: \"CNAME\",\n weightedRoutingPolicies: [{\n weight: 10,\n }],\n zoneId: aws_route53_zone_primary.zoneId,\n});\nconst www_live = new aws.route53.Record(\"www-live\", {\n name: \"www\",\n records: [\"live.example.com\"],\n setIdentifier: \"live\",\n ttl: 5,\n type: \"CNAME\",\n weightedRoutingPolicies: [{\n weight: 90,\n }],\n zoneId: aws_route53_zone_primary.zoneId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwww_dev = aws.route53.Record(\"www-dev\",\n name=\"www\",\n records=[\"dev.example.com\"],\n set_identifier=\"dev\",\n ttl=\"5\",\n type=\"CNAME\",\n weighted_routing_policies=[{\n \"weight\": 10,\n }],\n zone_id=aws_route53_zone[\"primary\"][\"zone_id\"])\nwww_live = aws.route53.Record(\"www-live\",\n name=\"www\",\n records=[\"live.example.com\"],\n set_identifier=\"live\",\n ttl=\"5\",\n type=\"CNAME\",\n weighted_routing_policies=[{\n \"weight\": 90,\n }],\n zone_id=aws_route53_zone[\"primary\"][\"zone_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var www_dev = new Aws.Route53.Record(\"www-dev\", new Aws.Route53.RecordArgs\n {\n Name = \"www\",\n Records = \n {\n \"dev.example.com\",\n },\n SetIdentifier = \"dev\",\n Ttl = 5,\n Type = \"CNAME\",\n WeightedRoutingPolicies = \n {\n new Aws.Route53.Inputs.RecordWeightedRoutingPolicyArgs\n {\n Weight = 10,\n },\n },\n ZoneId = aws_route53_zone.Primary.Zone_id,\n });\n var www_live = new Aws.Route53.Record(\"www-live\", new Aws.Route53.RecordArgs\n {\n Name = \"www\",\n Records = \n {\n \"live.example.com\",\n },\n SetIdentifier = \"live\",\n Ttl = 5,\n Type = \"CNAME\",\n WeightedRoutingPolicies = \n {\n new Aws.Route53.Inputs.RecordWeightedRoutingPolicyArgs\n {\n Weight = 90,\n },\n },\n ZoneId = aws_route53_zone.Primary.Zone_id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = route53.NewRecord(ctx, \"www-dev\", \u0026route53.RecordArgs{\n\t\t\tName: pulumi.String(\"www\"),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev.example.com\"),\n\t\t\t},\n\t\t\tSetIdentifier: pulumi.String(\"dev\"),\n\t\t\tTtl: pulumi.Int(5),\n\t\t\tType: pulumi.String(\"CNAME\"),\n\t\t\tWeightedRoutingPolicies: route53.RecordWeightedRoutingPolicyArray{\n\t\t\t\t\u0026route53.RecordWeightedRoutingPolicyArgs{\n\t\t\t\t\tWeight: pulumi.Int(10),\n\t\t\t\t},\n\t\t\t},\n\t\t\tZoneId: pulumi.String(aws_route53_zone.Primary.Zone_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www-live\", \u0026route53.RecordArgs{\n\t\t\tName: pulumi.String(\"www\"),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"live.example.com\"),\n\t\t\t},\n\t\t\tSetIdentifier: pulumi.String(\"live\"),\n\t\t\tTtl: pulumi.Int(5),\n\t\t\tType: pulumi.String(\"CNAME\"),\n\t\t\tWeightedRoutingPolicies: route53.RecordWeightedRoutingPolicyArray{\n\t\t\t\t\u0026route53.RecordWeightedRoutingPolicyArgs{\n\t\t\t\t\tWeight: pulumi.Int(90),\n\t\t\t\t},\n\t\t\t},\n\t\t\tZoneId: pulumi.String(aws_route53_zone.Primary.Zone_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Alias record\nSee [related part of AWS Route53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-choosing-alias-non-alias.html)\nto understand differences between alias and non-alias records.\n\nTTL for all alias records is [60 seconds](https://aws.amazon.com/route53/faqs/#dns_failover_do_i_need_to_adjust),\nyou cannot change this, therefore `ttl` has to be omitted in alias records.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.elb.LoadBalancer(\"main\", {\n availabilityZones: [\"us-east-1c\"],\n listeners: [{\n instancePort: 80,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\nconst www = new aws.route53.Record(\"www\", {\n aliases: [{\n evaluateTargetHealth: true,\n name: main.dnsName,\n zoneId: main.zoneId,\n }],\n name: \"example.com\",\n type: \"A\",\n zoneId: aws_route53_zone_primary.zoneId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.elb.LoadBalancer(\"main\",\n availability_zones=[\"us-east-1c\"],\n listeners=[{\n \"instance_port\": 80,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 80,\n \"lbProtocol\": \"http\",\n }])\nwww = aws.route53.Record(\"www\",\n aliases=[{\n \"evaluateTargetHealth\": True,\n \"name\": main.dns_name,\n \"zone_id\": main.zone_id,\n }],\n name=\"example.com\",\n type=\"A\",\n zone_id=aws_route53_zone[\"primary\"][\"zone_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Elb.LoadBalancer(\"main\", new Aws.Elb.LoadBalancerArgs\n {\n AvailabilityZones = \n {\n \"us-east-1c\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 80,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n var www = new Aws.Route53.Record(\"www\", new Aws.Route53.RecordArgs\n {\n Aliases = \n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n EvaluateTargetHealth = true,\n Name = main.DnsName,\n ZoneId = main.ZoneId,\n },\n },\n Name = \"example.com\",\n Type = \"A\",\n ZoneId = aws_route53_zone.Primary.Zone_id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := elb.NewLoadBalancer(ctx, \"main\", \u0026elb.LoadBalancerArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1c\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(80),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t\tName: main.DnsName,\n\t\t\t\t\tZoneId: main.ZoneId,\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t\tType: pulumi.String(\"A\"),\n\t\t\tZoneId: pulumi.String(aws_route53_zone.Primary.Zone_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### NS and SOA Record Management\n\nWhen creating Route 53 zones, the `NS` and `SOA` records for the zone are automatically created. Enabling the `allow_overwrite` argument will allow managing these records in a single deployment without the requirement for `import`.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleZone = new aws.route53.Zone(\"example\", {});\nconst exampleRecord = new aws.route53.Record(\"example\", {\n allowOverwrite: true,\n name: \"test.example.com\",\n records: [\n exampleZone.nameServers[0],\n exampleZone.nameServers[1],\n exampleZone.nameServers[2],\n exampleZone.nameServers[3],\n ],\n ttl: 30,\n type: \"NS\",\n zoneId: exampleZone.zoneId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_zone = aws.route53.Zone(\"exampleZone\")\nexample_record = aws.route53.Record(\"exampleRecord\",\n allow_overwrite=True,\n name=\"test.example.com\",\n records=[\n example_zone.name_servers[0],\n example_zone.name_servers[1],\n example_zone.name_servers[2],\n example_zone.name_servers[3],\n ],\n ttl=30,\n type=\"NS\",\n zone_id=example_zone.zone_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleZone = new Aws.Route53.Zone(\"exampleZone\", new Aws.Route53.ZoneArgs\n {\n });\n var exampleRecord = new Aws.Route53.Record(\"exampleRecord\", new Aws.Route53.RecordArgs\n {\n AllowOverwrite = true,\n Name = \"test.example.com\",\n Records = \n {\n exampleZone.NameServers.Apply(nameServers =\u003e nameServers[0]),\n exampleZone.NameServers.Apply(nameServers =\u003e nameServers[1]),\n exampleZone.NameServers.Apply(nameServers =\u003e nameServers[2]),\n exampleZone.NameServers.Apply(nameServers =\u003e nameServers[3]),\n },\n Ttl = 30,\n Type = \"NS\",\n ZoneId = exampleZone.ZoneId,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleZone, err := route53.NewZone(ctx, \"exampleZone\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"exampleRecord\", \u0026route53.RecordArgs{\n\t\t\tAllowOverwrite: pulumi.Bool(true),\n\t\t\tName: pulumi.String(\"test.example.com\"),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\texampleZone.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[0], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\texampleZone.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[1], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\texampleZone.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[2], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\texampleZone.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[3], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t\tTtl: pulumi.Int(30),\n\t\t\tType: pulumi.String(\"NS\"),\n\t\t\tZoneId: exampleZone.ZoneId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "aliases": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordAlias:RecordAlias" }, "description": "An alias block. Conflicts with `ttl` \u0026 `records`.\nAlias record documented below.\n" }, "allowOverwrite": { "type": "boolean", "description": "Allow creation of this record to overwrite an existing record, if any. This does not affect the ability to update the record using this provider and does not prevent other resources within this provider or manual Route 53 changes outside this provider from overwriting this record. `false` by default. This configuration is not recommended for most environments.\n" }, "failoverRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordFailoverRoutingPolicy:RecordFailoverRoutingPolicy" }, "description": "A block indicating the routing behavior when associated health check fails. Conflicts with any other routing policy. Documented below.\n" }, "fqdn": { "type": "string", "description": "[FQDN](https://en.wikipedia.org/wiki/Fully_qualified_domain_name) built using the zone domain and `name`.\n" }, "geolocationRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordGeolocationRoutingPolicy:RecordGeolocationRoutingPolicy" }, "description": "A block indicating a routing policy based on the geolocation of the requestor. Conflicts with any other routing policy. Documented below.\n" }, "healthCheckId": { "type": "string", "description": "The health check the record should be associated with.\n" }, "latencyRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordLatencyRoutingPolicy:RecordLatencyRoutingPolicy" }, "description": "A block indicating a routing policy based on the latency between the requestor and an AWS region. Conflicts with any other routing policy. Documented below.\n" }, "multivalueAnswerRoutingPolicy": { "type": "boolean", "description": "Set to `true` to indicate a multivalue answer routing policy. Conflicts with any other routing policy.\n" }, "name": { "type": "string", "description": "DNS domain name for a CloudFront distribution, S3 bucket, ELB, or another resource record set in this hosted zone.\n" }, "records": { "type": "array", "items": { "type": "string" }, "description": "A string list of records. To specify a single record value longer than 255 characters such as a TXT record for DKIM, add `\\\"\\\"` inside the configuration string (e.g. `\"first255characters\\\"\\\"morecharacters\"`).\n" }, "setIdentifier": { "type": "string", "description": "Unique identifier to differentiate records with routing policies from one another. Required if using `failover`, `geolocation`, `latency`, or `weighted` routing policies documented below.\n" }, "ttl": { "type": "integer", "description": "The TTL of the record.\n" }, "type": { "type": "string", "description": "`PRIMARY` or `SECONDARY`. A `PRIMARY` record will be served if its healthcheck is passing, otherwise the `SECONDARY` will be served. See http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html#dns-failover-failover-rrsets\n" }, "weightedRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordWeightedRoutingPolicy:RecordWeightedRoutingPolicy" }, "description": "A block indicating a weighted routing policy. Conflicts with any other routing policy. Documented below.\n" }, "zoneId": { "type": "string", "description": "Hosted zone ID for a CloudFront distribution, S3 bucket, ELB, or Route 53 hosted zone. See `resource_elb.zone_id` for example.\n" } }, "required": [ "allowOverwrite", "fqdn", "name", "type", "zoneId" ], "inputProperties": { "aliases": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordAlias:RecordAlias" }, "description": "An alias block. Conflicts with `ttl` \u0026 `records`.\nAlias record documented below.\n" }, "allowOverwrite": { "type": "boolean", "description": "Allow creation of this record to overwrite an existing record, if any. This does not affect the ability to update the record using this provider and does not prevent other resources within this provider or manual Route 53 changes outside this provider from overwriting this record. `false` by default. This configuration is not recommended for most environments.\n" }, "failoverRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordFailoverRoutingPolicy:RecordFailoverRoutingPolicy" }, "description": "A block indicating the routing behavior when associated health check fails. Conflicts with any other routing policy. Documented below.\n" }, "geolocationRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordGeolocationRoutingPolicy:RecordGeolocationRoutingPolicy" }, "description": "A block indicating a routing policy based on the geolocation of the requestor. Conflicts with any other routing policy. Documented below.\n" }, "healthCheckId": { "type": "string", "description": "The health check the record should be associated with.\n" }, "latencyRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordLatencyRoutingPolicy:RecordLatencyRoutingPolicy" }, "description": "A block indicating a routing policy based on the latency between the requestor and an AWS region. Conflicts with any other routing policy. Documented below.\n" }, "multivalueAnswerRoutingPolicy": { "type": "boolean", "description": "Set to `true` to indicate a multivalue answer routing policy. Conflicts with any other routing policy.\n" }, "name": { "type": "string", "description": "DNS domain name for a CloudFront distribution, S3 bucket, ELB, or another resource record set in this hosted zone.\n" }, "records": { "type": "array", "items": { "type": "string" }, "description": "A string list of records. To specify a single record value longer than 255 characters such as a TXT record for DKIM, add `\\\"\\\"` inside the configuration string (e.g. `\"first255characters\\\"\\\"morecharacters\"`).\n" }, "setIdentifier": { "type": "string", "description": "Unique identifier to differentiate records with routing policies from one another. Required if using `failover`, `geolocation`, `latency`, or `weighted` routing policies documented below.\n" }, "ttl": { "type": "integer", "description": "The TTL of the record.\n" }, "type": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:route53/recordType:RecordType" } ], "description": "`PRIMARY` or `SECONDARY`. A `PRIMARY` record will be served if its healthcheck is passing, otherwise the `SECONDARY` will be served. See http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html#dns-failover-failover-rrsets\n" }, "weightedRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordWeightedRoutingPolicy:RecordWeightedRoutingPolicy" }, "description": "A block indicating a weighted routing policy. Conflicts with any other routing policy. Documented below.\n" }, "zoneId": { "type": "string", "description": "Hosted zone ID for a CloudFront distribution, S3 bucket, ELB, or Route 53 hosted zone. See `resource_elb.zone_id` for example.\n" } }, "requiredInputs": [ "name", "type", "zoneId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Record resources.\n", "properties": { "aliases": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordAlias:RecordAlias" }, "description": "An alias block. Conflicts with `ttl` \u0026 `records`.\nAlias record documented below.\n" }, "allowOverwrite": { "type": "boolean", "description": "Allow creation of this record to overwrite an existing record, if any. This does not affect the ability to update the record using this provider and does not prevent other resources within this provider or manual Route 53 changes outside this provider from overwriting this record. `false` by default. This configuration is not recommended for most environments.\n" }, "failoverRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordFailoverRoutingPolicy:RecordFailoverRoutingPolicy" }, "description": "A block indicating the routing behavior when associated health check fails. Conflicts with any other routing policy. Documented below.\n" }, "fqdn": { "type": "string", "description": "[FQDN](https://en.wikipedia.org/wiki/Fully_qualified_domain_name) built using the zone domain and `name`.\n" }, "geolocationRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordGeolocationRoutingPolicy:RecordGeolocationRoutingPolicy" }, "description": "A block indicating a routing policy based on the geolocation of the requestor. Conflicts with any other routing policy. Documented below.\n" }, "healthCheckId": { "type": "string", "description": "The health check the record should be associated with.\n" }, "latencyRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordLatencyRoutingPolicy:RecordLatencyRoutingPolicy" }, "description": "A block indicating a routing policy based on the latency between the requestor and an AWS region. Conflicts with any other routing policy. Documented below.\n" }, "multivalueAnswerRoutingPolicy": { "type": "boolean", "description": "Set to `true` to indicate a multivalue answer routing policy. Conflicts with any other routing policy.\n" }, "name": { "type": "string", "description": "DNS domain name for a CloudFront distribution, S3 bucket, ELB, or another resource record set in this hosted zone.\n" }, "records": { "type": "array", "items": { "type": "string" }, "description": "A string list of records. To specify a single record value longer than 255 characters such as a TXT record for DKIM, add `\\\"\\\"` inside the configuration string (e.g. `\"first255characters\\\"\\\"morecharacters\"`).\n" }, "setIdentifier": { "type": "string", "description": "Unique identifier to differentiate records with routing policies from one another. Required if using `failover`, `geolocation`, `latency`, or `weighted` routing policies documented below.\n" }, "ttl": { "type": "integer", "description": "The TTL of the record.\n" }, "type": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:route53/recordType:RecordType" } ], "description": "`PRIMARY` or `SECONDARY`. A `PRIMARY` record will be served if its healthcheck is passing, otherwise the `SECONDARY` will be served. See http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html#dns-failover-failover-rrsets\n" }, "weightedRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordWeightedRoutingPolicy:RecordWeightedRoutingPolicy" }, "description": "A block indicating a weighted routing policy. Conflicts with any other routing policy. Documented below.\n" }, "zoneId": { "type": "string", "description": "Hosted zone ID for a CloudFront distribution, S3 bucket, ELB, or Route 53 hosted zone. See `resource_elb.zone_id` for example.\n" } }, "type": "object" } }, "aws:route53/resolverEndpoint:ResolverEndpoint": { "description": "Provides a Route 53 Resolver endpoint resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.route53.ResolverEndpoint(\"foo\", {\n direction: \"INBOUND\",\n ipAddresses: [\n {\n subnetId: aws_subnet_sn1.id,\n },\n {\n ip: \"10.0.64.4\",\n subnetId: aws_subnet_sn2.id,\n },\n ],\n securityGroupIds: [\n aws_security_group_sg1.id,\n aws_security_group_sg2.id,\n ],\n tags: {\n Environment: \"Prod\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.route53.ResolverEndpoint(\"foo\",\n direction=\"INBOUND\",\n ip_addresses=[\n {\n \"subnet_id\": aws_subnet[\"sn1\"][\"id\"],\n },\n {\n \"ip\": \"10.0.64.4\",\n \"subnet_id\": aws_subnet[\"sn2\"][\"id\"],\n },\n ],\n security_group_ids=[\n aws_security_group[\"sg1\"][\"id\"],\n aws_security_group[\"sg2\"][\"id\"],\n ],\n tags={\n \"Environment\": \"Prod\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Route53.ResolverEndpoint(\"foo\", new Aws.Route53.ResolverEndpointArgs\n {\n Direction = \"INBOUND\",\n IpAddresses = \n {\n new Aws.Route53.Inputs.ResolverEndpointIpAddressArgs\n {\n SubnetId = aws_subnet.Sn1.Id,\n },\n new Aws.Route53.Inputs.ResolverEndpointIpAddressArgs\n {\n Ip = \"10.0.64.4\",\n SubnetId = aws_subnet.Sn2.Id,\n },\n },\n SecurityGroupIds = \n {\n aws_security_group.Sg1.Id,\n aws_security_group.Sg2.Id,\n },\n Tags = \n {\n { \"Environment\", \"Prod\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = route53.NewResolverEndpoint(ctx, \"foo\", \u0026route53.ResolverEndpointArgs{\n\t\t\tDirection: pulumi.String(\"INBOUND\"),\n\t\t\tIpAddresses: route53.ResolverEndpointIpAddressArray{\n\t\t\t\t\u0026route53.ResolverEndpointIpAddressArgs{\n\t\t\t\t\tSubnetId: pulumi.String(aws_subnet.Sn1.Id),\n\t\t\t\t},\n\t\t\t\t\u0026route53.ResolverEndpointIpAddressArgs{\n\t\t\t\t\tIp: pulumi.String(\"10.0.64.4\"),\n\t\t\t\t\tSubnetId: pulumi.String(aws_subnet.Sn2.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(aws_security_group.Sg1.Id),\n\t\t\t\tpulumi.String(aws_security_group.Sg2.Id),\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"Prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the Route 53 Resolver endpoint.\n" }, "direction": { "type": "string", "description": "The direction of DNS queries to or from the Route 53 Resolver endpoint.\nValid values are `INBOUND` (resolver forwards DNS queries to the DNS service for a VPC from your network or another VPC)\nor `OUTBOUND` (resolver forwards DNS queries from the DNS service for a VPC to your network or another VPC).\n" }, "hostVpcId": { "type": "string", "description": "The ID of the VPC that you want to create the resolver endpoint in.\n" }, "ipAddresses": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverEndpointIpAddress:ResolverEndpointIpAddress" }, "description": "The subnets and IP addresses in your VPC that you want DNS queries to pass through on the way from your VPCs\nto your network (for outbound endpoints) or on the way from your network to your VPCs (for inbound endpoints). Described below.\n" }, "name": { "type": "string", "description": "The friendly name of the Route 53 Resolver endpoint.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups that you want to use to control access to this VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "direction", "hostVpcId", "ipAddresses", "name", "securityGroupIds" ], "inputProperties": { "direction": { "type": "string", "description": "The direction of DNS queries to or from the Route 53 Resolver endpoint.\nValid values are `INBOUND` (resolver forwards DNS queries to the DNS service for a VPC from your network or another VPC)\nor `OUTBOUND` (resolver forwards DNS queries from the DNS service for a VPC to your network or another VPC).\n" }, "ipAddresses": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverEndpointIpAddress:ResolverEndpointIpAddress" }, "description": "The subnets and IP addresses in your VPC that you want DNS queries to pass through on the way from your VPCs\nto your network (for outbound endpoints) or on the way from your network to your VPCs (for inbound endpoints). Described below.\n" }, "name": { "type": "string", "description": "The friendly name of the Route 53 Resolver endpoint.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups that you want to use to control access to this VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "direction", "ipAddresses", "securityGroupIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverEndpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Route 53 Resolver endpoint.\n" }, "direction": { "type": "string", "description": "The direction of DNS queries to or from the Route 53 Resolver endpoint.\nValid values are `INBOUND` (resolver forwards DNS queries to the DNS service for a VPC from your network or another VPC)\nor `OUTBOUND` (resolver forwards DNS queries from the DNS service for a VPC to your network or another VPC).\n" }, "hostVpcId": { "type": "string", "description": "The ID of the VPC that you want to create the resolver endpoint in.\n" }, "ipAddresses": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverEndpointIpAddress:ResolverEndpointIpAddress" }, "description": "The subnets and IP addresses in your VPC that you want DNS queries to pass through on the way from your VPCs\nto your network (for outbound endpoints) or on the way from your network to your VPCs (for inbound endpoints). Described below.\n" }, "name": { "type": "string", "description": "The friendly name of the Route 53 Resolver endpoint.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups that you want to use to control access to this VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:route53/resolverRule:ResolverRule": { "description": "Provides a Route53 Resolver rule.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### System rule\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sys = new aws.route53.ResolverRule(\"sys\", {\n domainName: \"subdomain.example.com\",\n ruleType: \"SYSTEM\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsys = aws.route53.ResolverRule(\"sys\",\n domain_name=\"subdomain.example.com\",\n rule_type=\"SYSTEM\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var sys = new Aws.Route53.ResolverRule(\"sys\", new Aws.Route53.ResolverRuleArgs\n {\n DomainName = \"subdomain.example.com\",\n RuleType = \"SYSTEM\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = route53.NewResolverRule(ctx, \"sys\", \u0026route53.ResolverRuleArgs{\n\t\t\tDomainName: pulumi.String(\"subdomain.example.com\"),\n\t\t\tRuleType: pulumi.String(\"SYSTEM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Forward rule\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fwd = new aws.route53.ResolverRule(\"fwd\", {\n domainName: \"example.com\",\n resolverEndpointId: aws_route53_resolver_endpoint_foo.id,\n ruleType: \"FORWARD\",\n tags: {\n Environment: \"Prod\",\n },\n targetIps: [{\n ip: \"123.45.67.89\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfwd = aws.route53.ResolverRule(\"fwd\",\n domain_name=\"example.com\",\n resolver_endpoint_id=aws_route53_resolver_endpoint[\"foo\"][\"id\"],\n rule_type=\"FORWARD\",\n tags={\n \"Environment\": \"Prod\",\n },\n target_ips=[{\n \"ip\": \"123.45.67.89\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fwd = new Aws.Route53.ResolverRule(\"fwd\", new Aws.Route53.ResolverRuleArgs\n {\n DomainName = \"example.com\",\n ResolverEndpointId = aws_route53_resolver_endpoint.Foo.Id,\n RuleType = \"FORWARD\",\n Tags = \n {\n { \"Environment\", \"Prod\" },\n },\n TargetIps = \n {\n new Aws.Route53.Inputs.ResolverRuleTargetIpArgs\n {\n Ip = \"123.45.67.89\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = route53.NewResolverRule(ctx, \"fwd\", \u0026route53.ResolverRuleArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tResolverEndpointId: pulumi.String(aws_route53_resolver_endpoint.Foo.Id),\n\t\t\tRuleType: pulumi.String(\"FORWARD\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"Prod\"),\n\t\t\t},\n\t\t\tTargetIps: route53.ResolverRuleTargetIpArray{\n\t\t\t\t\u0026route53.ResolverRuleTargetIpArgs{\n\t\t\t\t\tIp: pulumi.String(\"123.45.67.89\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) for the resolver rule.\n" }, "domainName": { "type": "string", "description": "DNS queries for this domain name are forwarded to the IP addresses that are specified using `target_ip`.\n" }, "name": { "type": "string", "description": "A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console.\n" }, "ownerId": { "type": "string", "description": "When a rule is shared with another AWS account, the account ID of the account that the rule is shared with.\n" }, "resolverEndpointId": { "type": "string", "description": "The ID of the outbound resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify using `target_ip`.\nThis argument should only be specified for `FORWARD` type rules.\n" }, "ruleType": { "type": "string", "description": "The rule type. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`.\n" }, "shareStatus": { "type": "string", "description": "Whether the rules is shared and, if so, whether the current account is sharing the rule with another account, or another account is sharing the rule with the current account.\nValues are `NOT_SHARED`, `SHARED_BY_ME` or `SHARED_WITH_ME`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetIps": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverRuleTargetIp:ResolverRuleTargetIp" }, "description": "Configuration block(s) indicating the IPs that you want Resolver to forward DNS queries to (documented below).\nThis argument should only be specified for `FORWARD` type rules.\n" } }, "required": [ "arn", "domainName", "name", "ownerId", "ruleType", "shareStatus" ], "inputProperties": { "domainName": { "type": "string", "description": "DNS queries for this domain name are forwarded to the IP addresses that are specified using `target_ip`.\n" }, "name": { "type": "string", "description": "A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console.\n" }, "resolverEndpointId": { "type": "string", "description": "The ID of the outbound resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify using `target_ip`.\nThis argument should only be specified for `FORWARD` type rules.\n" }, "ruleType": { "type": "string", "description": "The rule type. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetIps": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverRuleTargetIp:ResolverRuleTargetIp" }, "description": "Configuration block(s) indicating the IPs that you want Resolver to forward DNS queries to (documented below).\nThis argument should only be specified for `FORWARD` type rules.\n" } }, "requiredInputs": [ "domainName", "ruleType" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverRule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) for the resolver rule.\n" }, "domainName": { "type": "string", "description": "DNS queries for this domain name are forwarded to the IP addresses that are specified using `target_ip`.\n" }, "name": { "type": "string", "description": "A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console.\n" }, "ownerId": { "type": "string", "description": "When a rule is shared with another AWS account, the account ID of the account that the rule is shared with.\n" }, "resolverEndpointId": { "type": "string", "description": "The ID of the outbound resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify using `target_ip`.\nThis argument should only be specified for `FORWARD` type rules.\n" }, "ruleType": { "type": "string", "description": "The rule type. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`.\n" }, "shareStatus": { "type": "string", "description": "Whether the rules is shared and, if so, whether the current account is sharing the rule with another account, or another account is sharing the rule with the current account.\nValues are `NOT_SHARED`, `SHARED_BY_ME` or `SHARED_WITH_ME`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "targetIps": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverRuleTargetIp:ResolverRuleTargetIp" }, "description": "Configuration block(s) indicating the IPs that you want Resolver to forward DNS queries to (documented below).\nThis argument should only be specified for `FORWARD` type rules.\n" } }, "type": "object" } }, "aws:route53/resolverRuleAssociation:ResolverRuleAssociation": { "description": "Provides a Route53 Resolver rule association.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.ResolverRuleAssociation(\"example\", {\n resolverRuleId: aws_route53_resolver_rule_sys.id,\n vpcId: aws_vpc_foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.ResolverRuleAssociation(\"example\",\n resolver_rule_id=aws_route53_resolver_rule[\"sys\"][\"id\"],\n vpc_id=aws_vpc[\"foo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Route53.ResolverRuleAssociation(\"example\", new Aws.Route53.ResolverRuleAssociationArgs\n {\n ResolverRuleId = aws_route53_resolver_rule.Sys.Id,\n VpcId = aws_vpc.Foo.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = route53.NewResolverRuleAssociation(ctx, \"example\", \u0026route53.ResolverRuleAssociationArgs{\n\t\t\tResolverRuleId: pulumi.String(aws_route53_resolver_rule.Sys.Id),\n\t\t\tVpcId: pulumi.String(aws_vpc.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "A name for the association that you're creating between a resolver rule and a VPC.\n" }, "resolverRuleId": { "type": "string", "description": "The ID of the resolver rule that you want to associate with the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC that you want to associate the resolver rule with.\n" } }, "required": [ "name", "resolverRuleId", "vpcId" ], "inputProperties": { "name": { "type": "string", "description": "A name for the association that you're creating between a resolver rule and a VPC.\n" }, "resolverRuleId": { "type": "string", "description": "The ID of the resolver rule that you want to associate with the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC that you want to associate the resolver rule with.\n" } }, "requiredInputs": [ "resolverRuleId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverRuleAssociation resources.\n", "properties": { "name": { "type": "string", "description": "A name for the association that you're creating between a resolver rule and a VPC.\n" }, "resolverRuleId": { "type": "string", "description": "The ID of the resolver rule that you want to associate with the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC that you want to associate the resolver rule with.\n" } }, "type": "object" } }, "aws:route53/zone:Zone": { "description": "Manages a Route53 Hosted Zone.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Public Zone\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.route53.Zone(\"primary\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.route53.Zone(\"primary\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var primary = new Aws.Route53.Zone(\"primary\", new Aws.Route53.ZoneArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = route53.NewZone(ctx, \"primary\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Public Subdomain Zone\n\nFor use in subdomains, note that you need to create a\n`aws.route53.Record` of type `NS` as well as the subdomain\nzone.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.route53.Zone(\"main\", {});\nconst dev = new aws.route53.Zone(\"dev\", {\n tags: {\n Environment: \"dev\",\n },\n});\nconst dev_ns = new aws.route53.Record(\"dev-ns\", {\n name: \"dev.example.com\",\n records: [\n dev.nameServers[0],\n dev.nameServers[1],\n dev.nameServers[2],\n dev.nameServers[3],\n ],\n ttl: 30,\n type: \"NS\",\n zoneId: main.zoneId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.route53.Zone(\"main\")\ndev = aws.route53.Zone(\"dev\", tags={\n \"Environment\": \"dev\",\n})\ndev_ns = aws.route53.Record(\"dev-ns\",\n name=\"dev.example.com\",\n records=[\n dev.name_servers[0],\n dev.name_servers[1],\n dev.name_servers[2],\n dev.name_servers[3],\n ],\n ttl=\"30\",\n type=\"NS\",\n zone_id=main.zone_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Route53.Zone(\"main\", new Aws.Route53.ZoneArgs\n {\n });\n var dev = new Aws.Route53.Zone(\"dev\", new Aws.Route53.ZoneArgs\n {\n Tags = \n {\n { \"Environment\", \"dev\" },\n },\n });\n var dev_ns = new Aws.Route53.Record(\"dev-ns\", new Aws.Route53.RecordArgs\n {\n Name = \"dev.example.com\",\n Records = \n {\n dev.NameServers.Apply(nameServers =\u003e nameServers[0]),\n dev.NameServers.Apply(nameServers =\u003e nameServers[1]),\n dev.NameServers.Apply(nameServers =\u003e nameServers[2]),\n dev.NameServers.Apply(nameServers =\u003e nameServers[3]),\n },\n Ttl = 30,\n Type = \"NS\",\n ZoneId = main.ZoneId,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := route53.NewZone(ctx, \"main\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdev, err := route53.NewZone(ctx, \"dev\", \u0026route53.ZoneArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"dev\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"dev-ns\", \u0026route53.RecordArgs{\n\t\t\tName: pulumi.String(\"dev.example.com\"),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tdev.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[0], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tdev.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[1], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tdev.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[2], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tdev.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[3], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t\tTtl: pulumi.Int(30),\n\t\t\tType: pulumi.String(\"NS\"),\n\t\t\tZoneId: main.ZoneId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Private Zone\n\n\u003e **NOTE:** This provider provides both exclusive VPC associations defined in-line in this resource via `vpc` configuration blocks and a separate `Zone VPC Association resource. At this time, you cannot use in-line VPC associations in conjunction with any `aws.route53.ZoneAssociation` resources with the same zone ID otherwise it will cause a perpetual difference in plan output. You can optionally use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) to manage additional associations via the `aws.route53.ZoneAssociation` resource.\n\n\u003e **NOTE:** Private zones require at least one VPC association at all times.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst privateZone = new aws.route53.Zone(\"private\", {\n vpcs: [{\n vpcId: aws_vpc_example.id,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprivate = aws.route53.Zone(\"private\", vpcs=[{\n \"vpc_id\": aws_vpc[\"example\"][\"id\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @private = new Aws.Route53.Zone(\"private\", new Aws.Route53.ZoneArgs\n {\n Vpcs = \n {\n new Aws.Route53.Inputs.ZoneVpcArgs\n {\n VpcId = aws_vpc.Example.Id,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = route53.NewZone(ctx, \"private\", \u0026route53.ZoneArgs{\n\t\t\tVpcs: route53.ZoneVpcArray{\n\t\t\t\t\u0026route53.ZoneVpcArgs{\n\t\t\t\t\tVpcId: pulumi.String(aws_vpc.Example.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "comment": { "type": "string", "description": "A comment for the hosted zone. Defaults to 'Managed by Pulumi'.\n", "default": "Managed by Pulumi" }, "delegationSetId": { "type": "string", "description": "The ID of the reusable delegation set whose NS records you want to assign to the hosted zone. Conflicts with `vpc` as delegation sets can only be used for public zones.\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all records (possibly managed outside of this provider) in the zone when destroying the zone.\n" }, "name": { "type": "string", "description": "This is the name of the hosted zone.\n" }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers in associated (or default) delegation set.\nFind more about delegation sets in [AWS docs](https://docs.aws.amazon.com/Route53/latest/APIReference/actions-on-reusable-delegation-sets.html).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the zone.\n" }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:route53/ZoneVpc:ZoneVpc" }, "description": "Configuration block(s) specifying VPC(s) to associate with a private hosted zone. Conflicts with the `delegation_set_id` argument in this resource and any `aws.route53.ZoneAssociation` resource specifying the same zone ID. Detailed below.\n" }, "zoneId": { "type": "string", "description": "The Hosted Zone ID. This can be referenced by zone records.\n" } }, "required": [ "comment", "name", "nameServers", "zoneId" ], "inputProperties": { "comment": { "type": "string", "description": "A comment for the hosted zone. Defaults to 'Managed by Pulumi'.\n", "default": "Managed by Pulumi" }, "delegationSetId": { "type": "string", "description": "The ID of the reusable delegation set whose NS records you want to assign to the hosted zone. Conflicts with `vpc` as delegation sets can only be used for public zones.\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all records (possibly managed outside of this provider) in the zone when destroying the zone.\n" }, "name": { "type": "string", "description": "This is the name of the hosted zone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the zone.\n" }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:route53/ZoneVpc:ZoneVpc" }, "description": "Configuration block(s) specifying VPC(s) to associate with a private hosted zone. Conflicts with the `delegation_set_id` argument in this resource and any `aws.route53.ZoneAssociation` resource specifying the same zone ID. Detailed below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Zone resources.\n", "properties": { "comment": { "type": "string", "description": "A comment for the hosted zone. Defaults to 'Managed by Pulumi'.\n", "default": "Managed by Pulumi" }, "delegationSetId": { "type": "string", "description": "The ID of the reusable delegation set whose NS records you want to assign to the hosted zone. Conflicts with `vpc` as delegation sets can only be used for public zones.\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all records (possibly managed outside of this provider) in the zone when destroying the zone.\n" }, "name": { "type": "string", "description": "This is the name of the hosted zone.\n" }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers in associated (or default) delegation set.\nFind more about delegation sets in [AWS docs](https://docs.aws.amazon.com/Route53/latest/APIReference/actions-on-reusable-delegation-sets.html).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the zone.\n" }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:route53/ZoneVpc:ZoneVpc" }, "description": "Configuration block(s) specifying VPC(s) to associate with a private hosted zone. Conflicts with the `delegation_set_id` argument in this resource and any `aws.route53.ZoneAssociation` resource specifying the same zone ID. Detailed below.\n" }, "zoneId": { "type": "string", "description": "The Hosted Zone ID. This can be referenced by zone records.\n" } }, "type": "object" } }, "aws:route53/zoneAssociation:ZoneAssociation": { "description": "Manages a Route53 Hosted Zone VPC association. VPC associations can only be made on private zones.\n\n\u003e **NOTE:** Unless explicit association ordering is required (e.g. a separate cross-account association authorization), usage of this resource is not recommended. Use the `vpc` configuration blocks available within the `aws.route53.Zone` resource instead.\n\n\u003e **NOTE:** This provider provides both this standalone Zone VPC Association resource and exclusive VPC associations defined in-line in the `aws.route53.Zone` resource via `vpc` configuration blocks. At this time, you cannot use those in-line VPC associations in conjunction with this resource and the same zone ID otherwise it will cause a perpetual difference in plan output. You can optionally use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) in the `aws.route53.Zone` resource to manage additional associations via this resource.\n", "properties": { "vpcId": { "type": "string", "description": "The VPC to associate with the private hosted zone.\n" }, "vpcRegion": { "type": "string", "description": "The VPC's region. Defaults to the region of the AWS provider.\n" }, "zoneId": { "type": "string", "description": "The private hosted zone to associate.\n" } }, "required": [ "vpcId", "vpcRegion", "zoneId" ], "inputProperties": { "vpcId": { "type": "string", "description": "The VPC to associate with the private hosted zone.\n" }, "vpcRegion": { "type": "string", "description": "The VPC's region. Defaults to the region of the AWS provider.\n" }, "zoneId": { "type": "string", "description": "The private hosted zone to associate.\n" } }, "requiredInputs": [ "vpcId", "zoneId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ZoneAssociation resources.\n", "properties": { "vpcId": { "type": "string", "description": "The VPC to associate with the private hosted zone.\n" }, "vpcRegion": { "type": "string", "description": "The VPC's region. Defaults to the region of the AWS provider.\n" }, "zoneId": { "type": "string", "description": "The private hosted zone to associate.\n" } }, "type": "object" } }, "aws:s3/accessPoint:AccessPoint": { "description": "Provides a resource to manage an S3 Access Point.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucket = new aws.s3.Bucket(\"exampleBucket\", {});\nconst exampleAccessPoint = new aws.s3.AccessPoint(\"exampleAccessPoint\", {bucket: exampleBucket.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket = aws.s3.Bucket(\"exampleBucket\")\nexample_access_point = aws.s3.AccessPoint(\"exampleAccessPoint\", bucket=example_bucket.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleBucket = new Aws.S3.Bucket(\"exampleBucket\", new Aws.S3.BucketArgs\n {\n });\n var exampleAccessPoint = new Aws.S3.AccessPoint(\"exampleAccessPoint\", new Aws.S3.AccessPointArgs\n {\n Bucket = exampleBucket.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucket, err := s3.NewBucket(ctx, \"exampleBucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewAccessPoint(ctx, \"exampleAccessPoint\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: exampleBucket.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the bucket for which you want to create an access point. Defaults to automatically determined account ID of the provider.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the S3 Access Point.\n" }, "bucket": { "type": "string", "description": "The name of the bucket that you want to associate this access point with.\n" }, "domainName": { "type": "string", "description": "The DNS domain name of the S3 Access Point in the format _`name`_-_`account_id`_.s3-accesspoint._region_.amazonaws.com.\nNote: S3 access points only support secure access by HTTPS. HTTP isn't supported.\n" }, "hasPublicAccessPolicy": { "type": "boolean", "description": "Indicates whether this access point currently has a policy that allows public access.\n" }, "name": { "type": "string", "description": "The name you want to assign to this access point.\n" }, "networkOrigin": { "type": "string", "description": "Indicates whether this access point allows access from the public Internet. Values are `VPC` (the access point doesn't allow access from the public Internet) and `Internet` (the access point allows access from the public Internet, subject to the access point and bucket access policies).\n" }, "policy": { "type": "string", "description": "A valid JSON document that specifies the policy that you want to apply to this access point.\n" }, "publicAccessBlockConfiguration": { "$ref": "#/types/aws:s3/AccessPointPublicAccessBlockConfiguration:AccessPointPublicAccessBlockConfiguration", "description": "Configuration block to manage the `PublicAccessBlock` configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. Detailed below.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:s3/AccessPointVpcConfiguration:AccessPointVpcConfiguration", "description": "Configuration block to restrict access to this access point to requests from the specified Virtual Private Cloud (VPC). Detailed below.\n" } }, "required": [ "accountId", "arn", "bucket", "domainName", "hasPublicAccessPolicy", "name", "networkOrigin" ], "inputProperties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the bucket for which you want to create an access point. Defaults to automatically determined account ID of the provider.\n" }, "bucket": { "type": "string", "description": "The name of the bucket that you want to associate this access point with.\n" }, "name": { "type": "string", "description": "The name you want to assign to this access point.\n" }, "policy": { "type": "string", "description": "A valid JSON document that specifies the policy that you want to apply to this access point.\n" }, "publicAccessBlockConfiguration": { "$ref": "#/types/aws:s3/AccessPointPublicAccessBlockConfiguration:AccessPointPublicAccessBlockConfiguration", "description": "Configuration block to manage the `PublicAccessBlock` configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. Detailed below.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:s3/AccessPointVpcConfiguration:AccessPointVpcConfiguration", "description": "Configuration block to restrict access to this access point to requests from the specified Virtual Private Cloud (VPC). Detailed below.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessPoint resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the bucket for which you want to create an access point. Defaults to automatically determined account ID of the provider.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the S3 Access Point.\n" }, "bucket": { "type": "string", "description": "The name of the bucket that you want to associate this access point with.\n" }, "domainName": { "type": "string", "description": "The DNS domain name of the S3 Access Point in the format _`name`_-_`account_id`_.s3-accesspoint._region_.amazonaws.com.\nNote: S3 access points only support secure access by HTTPS. HTTP isn't supported.\n" }, "hasPublicAccessPolicy": { "type": "boolean", "description": "Indicates whether this access point currently has a policy that allows public access.\n" }, "name": { "type": "string", "description": "The name you want to assign to this access point.\n" }, "networkOrigin": { "type": "string", "description": "Indicates whether this access point allows access from the public Internet. Values are `VPC` (the access point doesn't allow access from the public Internet) and `Internet` (the access point allows access from the public Internet, subject to the access point and bucket access policies).\n" }, "policy": { "type": "string", "description": "A valid JSON document that specifies the policy that you want to apply to this access point.\n" }, "publicAccessBlockConfiguration": { "$ref": "#/types/aws:s3/AccessPointPublicAccessBlockConfiguration:AccessPointPublicAccessBlockConfiguration", "description": "Configuration block to manage the `PublicAccessBlock` configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. Detailed below.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:s3/AccessPointVpcConfiguration:AccessPointVpcConfiguration", "description": "Configuration block to restrict access to this access point to requests from the specified Virtual Private Cloud (VPC). Detailed below.\n" } }, "type": "object" } }, "aws:s3/accountPublicAccessBlock:AccountPublicAccessBlock": { "description": "Manages S3 account-level Public Access Block configuration. For more information about these settings, see the [AWS S3 Block Public Access documentation](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html).\n\n\u003e **NOTE:** Each AWS account may only have one S3 Public Access Block configuration. Multiple configurations of the resource against the same AWS account will cause a perpetual difference.\n\n\u003e Advanced usage: To use a custom API endpoint for this resource, use the `s3control` endpoint provider configuration, not the `s3` endpoint provider configuration.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.AccountPublicAccessBlock(\"example\", {\n blockPublicAcls: true,\n blockPublicPolicy: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.AccountPublicAccessBlock(\"example\",\n block_public_acls=True,\n block_public_policy=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.S3.AccountPublicAccessBlock(\"example\", new Aws.S3.AccountPublicAccessBlockArgs\n {\n BlockPublicAcls = true,\n BlockPublicPolicy = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = s3.NewAccountPublicAccessBlock(ctx, \"example\", \u0026s3.AccountPublicAccessBlockArgs{\n\t\t\tBlockPublicAcls: pulumi.Bool(true),\n\t\t\tBlockPublicPolicy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "AWS account ID to configure. Defaults to automatically determined account ID of the this provider AWS provider.\n" }, "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls will fail if the request includes an object ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing bucket policies. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore all public ACLs on buckets in this account and any objects that they contain.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access buckets with public policies.\n" } }, "required": [ "accountId" ], "inputProperties": { "accountId": { "type": "string", "description": "AWS account ID to configure. Defaults to automatically determined account ID of the this provider AWS provider.\n" }, "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls will fail if the request includes an object ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing bucket policies. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore all public ACLs on buckets in this account and any objects that they contain.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access buckets with public policies.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AccountPublicAccessBlock resources.\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID to configure. Defaults to automatically determined account ID of the this provider AWS provider.\n" }, "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls will fail if the request includes an object ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing bucket policies. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore all public ACLs on buckets in this account and any objects that they contain.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access buckets with public policies.\n" } }, "type": "object" } }, "aws:s3/analyticsConfiguration:AnalyticsConfiguration": { "description": "Provides a S3 bucket [analytics configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html) resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Add analytics configuration with S3 bucket object filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.Bucket(\"example\", {});\nconst example_filtered = new aws.s3.AnalyticsConfiguration(\"example-filtered\", {\n bucket: example.bucket,\n filter: {\n prefix: \"documents/\",\n tags: {\n priority: \"high\",\n \"class\": \"blue\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.Bucket(\"example\")\nexample_filtered = aws.s3.AnalyticsConfiguration(\"example-filtered\",\n bucket=example.bucket,\n filter={\n \"prefix\": \"documents/\",\n \"tags\": {\n \"priority\": \"high\",\n \"class\": \"blue\",\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.S3.Bucket(\"example\", new Aws.S3.BucketArgs\n {\n });\n var example_filtered = new Aws.S3.AnalyticsConfiguration(\"example-filtered\", new Aws.S3.AnalyticsConfigurationArgs\n {\n Bucket = example.BucketName,\n Filter = new Aws.S3.Inputs.AnalyticsConfigurationFilterArgs\n {\n Prefix = \"documents/\",\n Tags = \n {\n { \"priority\", \"high\" },\n { \"class\", \"blue\" },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucket(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewAnalyticsConfiguration(ctx, \"example-filtered\", \u0026s3.AnalyticsConfigurationArgs{\n\t\t\tBucket: example.Bucket,\n\t\t\tFilter: \u0026s3.AnalyticsConfigurationFilterArgs{\n\t\t\t\tPrefix: pulumi.String(\"documents/\"),\n\t\t\t\tTags: pulumi.Map{\n\t\t\t\t\t\"priority\": pulumi.String(\"high\"),\n\t\t\t\t\t\"class\": pulumi.String(\"blue\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "bucket": { "type": "string", "description": "The name of the bucket this analytics configuration is associated with.\n" }, "filter": { "$ref": "#/types/aws:s3/AnalyticsConfigurationFilter:AnalyticsConfigurationFilter", "description": "Object filtering that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the analytics configuration for the bucket.\n" }, "storageClassAnalysis": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysis:AnalyticsConfigurationStorageClassAnalysis", "description": "Configuration for the analytics data export (documented below).\n" } }, "required": [ "bucket", "name" ], "inputProperties": { "bucket": { "type": "string", "description": "The name of the bucket this analytics configuration is associated with.\n" }, "filter": { "$ref": "#/types/aws:s3/AnalyticsConfigurationFilter:AnalyticsConfigurationFilter", "description": "Object filtering that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the analytics configuration for the bucket.\n" }, "storageClassAnalysis": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysis:AnalyticsConfigurationStorageClassAnalysis", "description": "Configuration for the analytics data export (documented below).\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering AnalyticsConfiguration resources.\n", "properties": { "bucket": { "type": "string", "description": "The name of the bucket this analytics configuration is associated with.\n" }, "filter": { "$ref": "#/types/aws:s3/AnalyticsConfigurationFilter:AnalyticsConfigurationFilter", "description": "Object filtering that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the analytics configuration for the bucket.\n" }, "storageClassAnalysis": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysis:AnalyticsConfigurationStorageClassAnalysis", "description": "Configuration for the analytics data export (documented below).\n" } }, "type": "object" } }, "aws:s3/bucket:Bucket": { "description": "Provides a S3 bucket resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Private Bucket w/ Tags\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"b\", {\n acl: \"private\",\n tags: {\n Environment: \"Dev\",\n Name: \"My bucket\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\",\n acl=\"private\",\n tags={\n \"Environment\": \"Dev\",\n \"Name\": \"My bucket\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n Tags = \n {\n { \"Environment\", \"Dev\" },\n { \"Name\", \"My bucket\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"Dev\"),\n\t\t\t\t\"Name\": pulumi.String(\"My bucket\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Using CORS\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"b\", {\n acl: \"public-read\",\n corsRules: [{\n allowedHeaders: [\"*\"],\n allowedMethods: [\n \"PUT\",\n \"POST\",\n ],\n allowedOrigins: [\"https://s3-website-test.mydomain.com\"],\n exposeHeaders: [\"ETag\"],\n maxAgeSeconds: 3000,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\",\n acl=\"public-read\",\n cors_rules=[{\n \"allowedHeaders\": [\"*\"],\n \"allowedMethods\": [\n \"PUT\",\n \"POST\",\n ],\n \"allowedOrigins\": [\"https://s3-website-test.mydomain.com\"],\n \"exposeHeaders\": [\"ETag\"],\n \"maxAgeSeconds\": 3000,\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Acl = \"public-read\",\n CorsRules = \n {\n new Aws.S3.Inputs.BucketCorsRuleArgs\n {\n AllowedHeaders = \n {\n \"*\",\n },\n AllowedMethods = \n {\n \"PUT\",\n \"POST\",\n },\n AllowedOrigins = \n {\n \"https://s3-website-test.mydomain.com\",\n },\n ExposeHeaders = \n {\n \"ETag\",\n },\n MaxAgeSeconds = 3000,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"public-read\"),\n\t\t\tCorsRules: s3.BucketCorsRuleArray{\n\t\t\t\t\u0026s3.BucketCorsRuleArgs{\n\t\t\t\t\tAllowedHeaders: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t\tAllowedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"PUT\"),\n\t\t\t\t\t\tpulumi.String(\"POST\"),\n\t\t\t\t\t},\n\t\t\t\t\tAllowedOrigins: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"https://s3-website-test.mydomain.com\"),\n\t\t\t\t\t},\n\t\t\t\t\tExposeHeaders: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ETag\"),\n\t\t\t\t\t},\n\t\t\t\t\tMaxAgeSeconds: pulumi.Int(3000),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Using versioning\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"b\", {\n acl: \"private\",\n versioning: {\n enabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\",\n acl=\"private\",\n versioning={\n \"enabled\": True,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n Versioning = new Aws.S3.Inputs.BucketVersioningArgs\n {\n Enabled = true,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t\tVersioning: \u0026s3.BucketVersioningArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Enable Logging\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst logBucket = new aws.s3.Bucket(\"log_bucket\", {\n acl: \"log-delivery-write\",\n});\nconst bucket = new aws.s3.Bucket(\"b\", {\n acl: \"private\",\n loggings: [{\n targetBucket: logBucket.id,\n targetPrefix: \"log/\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlog_bucket = aws.s3.Bucket(\"logBucket\", acl=\"log-delivery-write\")\nbucket = aws.s3.Bucket(\"bucket\",\n acl=\"private\",\n loggings=[{\n \"targetBucket\": log_bucket.id,\n \"targetPrefix\": \"log/\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var logBucket = new Aws.S3.Bucket(\"logBucket\", new Aws.S3.BucketArgs\n {\n Acl = \"log-delivery-write\",\n });\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n Loggings = \n {\n new Aws.S3.Inputs.BucketLoggingArgs\n {\n TargetBucket = logBucket.Id,\n TargetPrefix = \"log/\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlogBucket, err := s3.NewBucket(ctx, \"logBucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"log-delivery-write\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t\tLoggings: s3.BucketLoggingArray{\n\t\t\t\t\u0026s3.BucketLoggingArgs{\n\t\t\t\t\tTargetBucket: logBucket.ID(),\n\t\t\t\t\tTargetPrefix: pulumi.String(\"log/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Using object lifecycle\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"bucket\", {\n acl: \"private\",\n lifecycleRules: [\n {\n enabled: true,\n expiration: {\n days: 90,\n },\n id: \"log\",\n prefix: \"log/\",\n tags: {\n autoclean: \"true\",\n rule: \"log\",\n },\n transitions: [\n {\n days: 30,\n storageClass: \"STANDARD_IA\", // or \"ONEZONE_IA\"\n },\n {\n days: 60,\n storageClass: \"GLACIER\",\n },\n ],\n },\n {\n enabled: true,\n expiration: {\n date: \"2016-01-12\",\n },\n id: \"tmp\",\n prefix: \"tmp/\",\n },\n ],\n});\nconst versioningBucket = new aws.s3.Bucket(\"versioning_bucket\", {\n acl: \"private\",\n lifecycleRules: [{\n enabled: true,\n noncurrentVersionExpiration: {\n days: 90,\n },\n noncurrentVersionTransitions: [\n {\n days: 30,\n storageClass: \"STANDARD_IA\",\n },\n {\n days: 60,\n storageClass: \"GLACIER\",\n },\n ],\n prefix: \"config/\",\n }],\n versioning: {\n enabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\",\n acl=\"private\",\n lifecycle_rules=[\n {\n \"enabled\": True,\n \"expiration\": {\n \"days\": 90,\n },\n \"id\": \"log\",\n \"prefix\": \"log/\",\n \"tags\": {\n \"autoclean\": \"true\",\n \"rule\": \"log\",\n },\n \"transition\": [\n {\n \"days\": 30,\n \"storage_class\": \"STANDARD_IA\",\n },\n {\n \"days\": 60,\n \"storage_class\": \"GLACIER\",\n },\n ],\n },\n {\n \"enabled\": True,\n \"expiration\": {\n \"date\": \"2016-01-12\",\n },\n \"id\": \"tmp\",\n \"prefix\": \"tmp/\",\n },\n ])\nversioning_bucket = aws.s3.Bucket(\"versioningBucket\",\n acl=\"private\",\n lifecycle_rules=[{\n \"enabled\": True,\n \"noncurrentVersionExpiration\": {\n \"days\": 90,\n },\n \"noncurrentVersionTransition\": [\n {\n \"days\": 30,\n \"storage_class\": \"STANDARD_IA\",\n },\n {\n \"days\": 60,\n \"storage_class\": \"GLACIER\",\n },\n ],\n \"prefix\": \"config/\",\n }],\n versioning={\n \"enabled\": True,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n LifecycleRules = \n {\n new Aws.S3.Inputs.BucketLifecycleRuleArgs\n {\n Enabled = true,\n Expiration = new Aws.S3.Inputs.BucketLifecycleRuleExpirationArgs\n {\n Days = 90,\n },\n Id = \"log\",\n Prefix = \"log/\",\n Tags = \n {\n { \"autoclean\", \"true\" },\n { \"rule\", \"log\" },\n },\n Transition = \n {\n \n {\n { \"days\", 30 },\n { \"storageClass\", \"STANDARD_IA\" },\n },\n \n {\n { \"days\", 60 },\n { \"storageClass\", \"GLACIER\" },\n },\n },\n },\n new Aws.S3.Inputs.BucketLifecycleRuleArgs\n {\n Enabled = true,\n Expiration = new Aws.S3.Inputs.BucketLifecycleRuleExpirationArgs\n {\n Date = \"2016-01-12\",\n },\n Id = \"tmp\",\n Prefix = \"tmp/\",\n },\n },\n });\n var versioningBucket = new Aws.S3.Bucket(\"versioningBucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n LifecycleRules = \n {\n new Aws.S3.Inputs.BucketLifecycleRuleArgs\n {\n Enabled = true,\n NoncurrentVersionExpiration = new Aws.S3.Inputs.BucketLifecycleRuleNoncurrentVersionExpirationArgs\n {\n Days = 90,\n },\n NoncurrentVersionTransition = \n {\n \n {\n { \"days\", 30 },\n { \"storageClass\", \"STANDARD_IA\" },\n },\n \n {\n { \"days\", 60 },\n { \"storageClass\", \"GLACIER\" },\n },\n },\n Prefix = \"config/\",\n },\n },\n Versioning = new Aws.S3.Inputs.BucketVersioningArgs\n {\n Enabled = true,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t\tLifecycleRules: s3.BucketLifecycleRuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleRuleArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tExpiration: \u0026s3.BucketLifecycleRuleExpirationArgs{\n\t\t\t\t\t\tDays: pulumi.Int(90),\n\t\t\t\t\t},\n\t\t\t\t\tId: pulumi.String(\"log\"),\n\t\t\t\t\tPrefix: pulumi.String(\"log/\"),\n\t\t\t\t\tTags: pulumi.Map{\n\t\t\t\t\t\t\"autoclean\": pulumi.String(\"true\"),\n\t\t\t\t\t\t\"rule\": pulumi.String(\"log\"),\n\t\t\t\t\t},\n\t\t\t\t\tTransition: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"days\": pulumi.Float64(30),\n\t\t\t\t\t\t\t\"storageClass\": pulumi.String(\"STANDARD_IA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"days\": pulumi.Float64(60),\n\t\t\t\t\t\t\t\"storageClass\": pulumi.String(\"GLACIER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketLifecycleRuleArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tExpiration: \u0026s3.BucketLifecycleRuleExpirationArgs{\n\t\t\t\t\t\tDate: pulumi.String(\"2016-01-12\"),\n\t\t\t\t\t},\n\t\t\t\t\tId: pulumi.String(\"tmp\"),\n\t\t\t\t\tPrefix: pulumi.String(\"tmp/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucket(ctx, \"versioningBucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t\tLifecycleRules: s3.BucketLifecycleRuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleRuleArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tNoncurrentVersionExpiration: \u0026s3.BucketLifecycleRuleNoncurrentVersionExpirationArgs{\n\t\t\t\t\t\tDays: pulumi.Int(90),\n\t\t\t\t\t},\n\t\t\t\t\tNoncurrentVersionTransition: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"days\": pulumi.Float64(30),\n\t\t\t\t\t\t\t\"storageClass\": pulumi.String(\"STANDARD_IA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"days\": pulumi.Float64(60),\n\t\t\t\t\t\t\t\"storageClass\": pulumi.String(\"GLACIER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tPrefix: pulumi.String(\"config/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tVersioning: \u0026s3.BucketVersioningArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Using replication configuration\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst central = new aws.Provider(\"central\", {\n region: \"eu-central-1\",\n});\nconst replicationRole = new aws.iam.Role(\"replication\", {\n assumeRolePolicy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"s3.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n`,\n});\nconst destination = new aws.s3.Bucket(\"destination\", {\n region: \"eu-west-1\",\n versioning: {\n enabled: true,\n },\n});\nconst bucket = new aws.s3.Bucket(\"bucket\", {\n acl: \"private\",\n region: \"eu-central-1\",\n replicationConfiguration: {\n role: replicationRole.arn,\n rules: [{\n destination: {\n bucket: destination.arn,\n storageClass: \"STANDARD\",\n },\n id: \"foobar\",\n prefix: \"foo\",\n status: \"Enabled\",\n }],\n },\n versioning: {\n enabled: true,\n },\n}, { provider: central });\nconst replicationPolicy = new aws.iam.Policy(\"replication\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"${bucket.arn}\"\n ]\n },\n {\n \"Action\": [\n \"s3:GetObjectVersion\",\n \"s3:GetObjectVersionAcl\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"${bucket.arn}/*\"\n ]\n },\n {\n \"Action\": [\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"${destination.arn}/*\"\n }\n ]\n}\n`,\n});\nconst replicationRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"replication\", {\n policyArn: replicationPolicy.arn,\n role: replicationRole.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_pulumi as pulumi\n\ncentral = pulumi.providers.Aws(\"central\", region=\"eu-central-1\")\nreplication_role = aws.iam.Role(\"replicationRole\", assume_role_policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"s3.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n\n\"\"\")\ndestination = aws.s3.Bucket(\"destination\",\n region=\"eu-west-1\",\n versioning={\n \"enabled\": True,\n })\nbucket = aws.s3.Bucket(\"bucket\",\n acl=\"private\",\n region=\"eu-central-1\",\n replication_configuration={\n \"role\": replication_role.arn,\n \"rules\": [{\n \"destination\": {\n \"bucket\": destination.arn,\n \"storage_class\": \"STANDARD\",\n },\n \"id\": \"foobar\",\n \"prefix\": \"foo\",\n \"status\": \"Enabled\",\n }],\n },\n versioning={\n \"enabled\": True,\n })\nreplication_policy = aws.iam.Policy(\"replicationPolicy\", policy=pulumi.Output.all(bucket.arn, bucket.arn, destination.arn).apply(lambda bucketArn, bucketArn1, destinationArn: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": [\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"{bucket_arn}\"\n ]\n }},\n {{\n \"Action\": [\n \"s3:GetObjectVersion\",\n \"s3:GetObjectVersionAcl\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"{bucket_arn1}/*\"\n ]\n }},\n {{\n \"Action\": [\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"{destination_arn}/*\"\n }}\n ]\n}}\n\n\"\"\"))\nreplication_role_policy_attachment = aws.iam.RolePolicyAttachment(\"replicationRolePolicyAttachment\",\n policy_arn=replication_policy.arn,\n role=replication_role.name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var central = new Aws.Provider(\"central\", new Aws.ProviderArgs\n {\n Region = \"eu-central-1\",\n });\n var replicationRole = new Aws.Iam.Role(\"replicationRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Action\"\": \"\"sts:AssumeRole\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"s3.amazonaws.com\"\"\n },\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Sid\"\": \"\"\"\"\n }\n ]\n}\n\n\",\n });\n var destination = new Aws.S3.Bucket(\"destination\", new Aws.S3.BucketArgs\n {\n Region = \"eu-west-1\",\n Versioning = new Aws.S3.Inputs.BucketVersioningArgs\n {\n Enabled = true,\n },\n });\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n Region = \"eu-central-1\",\n ReplicationConfiguration = new Aws.S3.Inputs.BucketReplicationConfigurationArgs\n {\n Role = replicationRole.Arn,\n Rules = \n {\n new Aws.S3.Inputs.BucketReplicationConfigurationRuleArgs\n {\n Destination = new Aws.S3.Inputs.BucketReplicationConfigurationRuleDestinationArgs\n {\n Bucket = destination.Arn,\n StorageClass = \"STANDARD\",\n },\n Id = \"foobar\",\n Prefix = \"foo\",\n Status = \"Enabled\",\n },\n },\n },\n Versioning = new Aws.S3.Inputs.BucketVersioningArgs\n {\n Enabled = true,\n },\n });\n var replicationPolicy = new Aws.Iam.Policy(\"replicationPolicy\", new Aws.Iam.PolicyArgs\n {\n Policy = Output.Tuple(bucket.Arn, bucket.Arn, destination.Arn).Apply(values =\u003e\n {\n var bucketArn = values.Item1;\n var bucketArn1 = values.Item2;\n var destinationArn = values.Item3;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": [\n \"\"s3:GetReplicationConfiguration\"\",\n \"\"s3:ListBucket\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": [\n \"\"{bucketArn}\"\"\n ]\n }},\n {{\n \"\"Action\"\": [\n \"\"s3:GetObjectVersion\"\",\n \"\"s3:GetObjectVersionAcl\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": [\n \"\"{bucketArn1}/*\"\"\n ]\n }},\n {{\n \"\"Action\"\": [\n \"\"s3:ReplicateObject\"\",\n \"\"s3:ReplicateDelete\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"{destinationArn}/*\"\"\n }}\n ]\n}}\n\n\";\n }),\n });\n var replicationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"replicationRolePolicyAttachment\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = replicationPolicy.Arn,\n Role = replicationRole.Name,\n });\n }\n\n}\n```\n{{% /example %}}\n{{% example %}}\n### Enable Default Server Side Encryption\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mykey = new aws.kms.Key(\"mykey\", {\n deletionWindowInDays: 10,\n description: \"This key is used to encrypt bucket objects\",\n});\nconst mybucket = new aws.s3.Bucket(\"mybucket\", {\n serverSideEncryptionConfiguration: {\n rule: {\n applyServerSideEncryptionByDefault: {\n kmsMasterKeyId: mykey.arn,\n sseAlgorithm: \"aws:kms\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmykey = aws.kms.Key(\"mykey\",\n deletion_window_in_days=10,\n description=\"This key is used to encrypt bucket objects\")\nmybucket = aws.s3.Bucket(\"mybucket\", server_side_encryption_configuration={\n \"rule\": {\n \"applyServerSideEncryptionByDefault\": {\n \"kms_master_key_id\": mykey.arn,\n \"sseAlgorithm\": \"aws:kms\",\n },\n },\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mykey = new Aws.Kms.Key(\"mykey\", new Aws.Kms.KeyArgs\n {\n DeletionWindowInDays = 10,\n Description = \"This key is used to encrypt bucket objects\",\n });\n var mybucket = new Aws.S3.Bucket(\"mybucket\", new Aws.S3.BucketArgs\n {\n ServerSideEncryptionConfiguration = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationArgs\n {\n Rule = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleArgs\n {\n ApplyServerSideEncryptionByDefault = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs\n {\n KmsMasterKeyId = mykey.Arn,\n SseAlgorithm = \"aws:kms\",\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmykey, err := kms.NewKey(ctx, \"mykey\", \u0026kms.KeyArgs{\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t\tDescription: pulumi.String(\"This key is used to encrypt bucket objects\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucket(ctx, \"mybucket\", \u0026s3.BucketArgs{\n\t\t\tServerSideEncryptionConfiguration: \u0026s3.BucketServerSideEncryptionConfigurationArgs{\n\t\t\t\tRule: \u0026s3.BucketServerSideEncryptionConfigurationRuleArgs{\n\t\t\t\t\tApplyServerSideEncryptionByDefault: \u0026s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{\n\t\t\t\t\t\tKmsMasterKeyId: mykey.Arn,\n\t\t\t\t\t\tSseAlgorithm: pulumi.String(\"aws:kms\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Using ACL policy grants\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst currentUser = pulumi.output(aws.getCanonicalUserId({ async: true }));\nconst bucket = new aws.s3.Bucket(\"bucket\", {\n grants: [\n {\n id: currentUser.id,\n permissions: [\"FULL_CONTROL\"],\n type: \"CanonicalUser\",\n },\n {\n permissions: [\n \"READ\",\n \"WRITE\",\n ],\n type: \"Group\",\n uri: \"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent_user = aws.get_canonical_user_id()\nbucket = aws.s3.Bucket(\"bucket\", grants=[\n {\n \"id\": current_user.id,\n \"permissions\": [\"FULL_CONTROL\"],\n \"type\": \"CanonicalUser\",\n },\n {\n \"permissions\": [\n \"READ\",\n \"WRITE\",\n ],\n \"type\": \"Group\",\n \"uri\": \"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var currentUser = Output.Create(Aws.GetCanonicalUserId.InvokeAsync());\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n Grants = \n {\n new Aws.S3.Inputs.BucketGrantArgs\n {\n Id = currentUser.Apply(currentUser =\u003e currentUser.Id),\n Permissions = \n {\n \"FULL_CONTROL\",\n },\n Type = \"CanonicalUser\",\n },\n new Aws.S3.Inputs.BucketGrantArgs\n {\n Permissions = \n {\n \"READ\",\n \"WRITE\",\n },\n Type = \"Group\",\n Uri = \"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrentUser, err := aws.GetCanonicalUserId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tGrants: s3.BucketGrantArray{\n\t\t\t\t\u0026s3.BucketGrantArgs{\n\t\t\t\t\tId: pulumi.String(currentUser.Id),\n\t\t\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"FULL_CONTROL\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"CanonicalUser\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketGrantArgs{\n\t\t\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"READ\"),\n\t\t\t\t\t\tpulumi.String(\"WRITE\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"Group\"),\n\t\t\t\t\tUri: pulumi.String(\"http://acs.amazonaws.com/groups/s3/LogDelivery\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accelerationStatus": { "type": "string", "description": "Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`.\n" }, "acl": { "type": "string", "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Defaults to \"private\". Conflicts with `grant`.\n" }, "arn": { "type": "string", "description": "The ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n" }, "bucket": { "type": "string", "description": "The name of the bucket. If omitted, this provider will assign a random, unique name.\n", "language": { "csharp": { "name": "BucketName" } } }, "bucketDomainName": { "type": "string", "description": "The bucket domain name. Will be of format `bucketname.s3.amazonaws.com`.\n" }, "bucketPrefix": { "type": "string", "description": "Creates a unique bucket name beginning with the specified prefix. Conflicts with `bucket`.\n" }, "bucketRegionalDomainName": { "type": "string", "description": "The bucket region-specific domain name. The bucket domain name including the region name, please refer [here](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent [redirect issues](https://forums.aws.amazon.com/thread.jspa?threadID=216814) from CloudFront to S3 Origin URL.\n" }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketCorsRule:BucketCorsRule" }, "description": "A rule of [Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) (documented below).\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all objects (including any [locked objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)) should be deleted from the bucket so that the bucket can be destroyed without error. These objects are *not* recoverable.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketGrant:BucketGrant" }, "description": "An [ACL policy grant](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#sample-acl) (documented below). Conflicts with `acl`.\n" }, "hostedZoneId": { "type": "string", "description": "The [Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n" }, "lifecycleRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleRule:BucketLifecycleRule" }, "description": "A configuration of [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) (documented below).\n" }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLogging:BucketLogging" }, "description": "A settings of [bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html) (documented below).\n" }, "objectLockConfiguration": { "$ref": "#/types/aws:s3/BucketObjectLockConfiguration:BucketObjectLockConfiguration", "description": "A configuration of [S3 object locking](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) (documented below)\n" }, "policy": { "type": "string", "description": "A valid [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html) JSON document. Note that if the policy document is not specific enough (but still valid), the provider may view the policy as constantly changing in a `pulumi up / preview / update`. In this case, please make sure you use the verbose/specific version of the policy.\n" }, "region": { "type": "string", "description": "If specified, the AWS region this bucket should reside in. Otherwise, the region used by the callee.\n" }, "replicationConfiguration": { "$ref": "#/types/aws:s3/BucketReplicationConfiguration:BucketReplicationConfiguration", "description": "A configuration of [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html) (documented below).\n" }, "requestPayer": { "type": "string", "description": "Specifies who should bear the cost of Amazon S3 data transfer.\nCan be either `BucketOwner` or `Requester`. By default, the owner of the S3 bucket would incur\nthe costs of any data transfer. See [Requester Pays Buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html)\ndeveloper guide for more information.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration", "description": "A configuration of [server-side encryption configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) (documented below)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the bucket.\n" }, "versioning": { "$ref": "#/types/aws:s3/BucketVersioning:BucketVersioning", "description": "A state of [versioning](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html) (documented below)\n" }, "website": { "$ref": "#/types/aws:s3/BucketWebsite:BucketWebsite", "description": "A website object (documented below).\n" }, "websiteDomain": { "type": "string", "description": "The domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records.\n" }, "websiteEndpoint": { "type": "string", "description": "The website endpoint, if the bucket is configured with a website. If not, this will be an empty string.\n" } }, "required": [ "accelerationStatus", "arn", "bucket", "bucketDomainName", "bucketRegionalDomainName", "hostedZoneId", "region", "requestPayer", "versioning", "websiteDomain", "websiteEndpoint" ], "inputProperties": { "accelerationStatus": { "type": "string", "description": "Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`.\n" }, "acl": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/cannedAcl:CannedAcl" } ], "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Defaults to \"private\". Conflicts with `grant`.\n" }, "arn": { "type": "string", "description": "The ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n" }, "bucket": { "type": "string", "description": "The name of the bucket. If omitted, this provider will assign a random, unique name.\n", "language": { "csharp": { "name": "BucketName" } } }, "bucketPrefix": { "type": "string", "description": "Creates a unique bucket name beginning with the specified prefix. Conflicts with `bucket`.\n" }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketCorsRule:BucketCorsRule" }, "description": "A rule of [Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) (documented below).\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all objects (including any [locked objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)) should be deleted from the bucket so that the bucket can be destroyed without error. These objects are *not* recoverable.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketGrant:BucketGrant" }, "description": "An [ACL policy grant](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#sample-acl) (documented below). Conflicts with `acl`.\n" }, "hostedZoneId": { "type": "string", "description": "The [Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n" }, "lifecycleRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleRule:BucketLifecycleRule" }, "description": "A configuration of [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) (documented below).\n" }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLogging:BucketLogging" }, "description": "A settings of [bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html) (documented below).\n" }, "objectLockConfiguration": { "$ref": "#/types/aws:s3/BucketObjectLockConfiguration:BucketObjectLockConfiguration", "description": "A configuration of [S3 object locking](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) (documented below)\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "A valid [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html) JSON document. Note that if the policy document is not specific enough (but still valid), the provider may view the policy as constantly changing in a `pulumi up / preview / update`. In this case, please make sure you use the verbose/specific version of the policy.\n" }, "region": { "type": "string", "description": "If specified, the AWS region this bucket should reside in. Otherwise, the region used by the callee.\n" }, "replicationConfiguration": { "$ref": "#/types/aws:s3/BucketReplicationConfiguration:BucketReplicationConfiguration", "description": "A configuration of [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html) (documented below).\n" }, "requestPayer": { "type": "string", "description": "Specifies who should bear the cost of Amazon S3 data transfer.\nCan be either `BucketOwner` or `Requester`. By default, the owner of the S3 bucket would incur\nthe costs of any data transfer. See [Requester Pays Buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html)\ndeveloper guide for more information.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration", "description": "A configuration of [server-side encryption configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) (documented below)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the bucket.\n" }, "versioning": { "$ref": "#/types/aws:s3/BucketVersioning:BucketVersioning", "description": "A state of [versioning](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html) (documented below)\n" }, "website": { "$ref": "#/types/aws:s3/BucketWebsite:BucketWebsite", "description": "A website object (documented below).\n" }, "websiteDomain": { "type": "string", "description": "The domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records.\n" }, "websiteEndpoint": { "type": "string", "description": "The website endpoint, if the bucket is configured with a website. If not, this will be an empty string.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Bucket resources.\n", "properties": { "accelerationStatus": { "type": "string", "description": "Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`.\n" }, "acl": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/cannedAcl:CannedAcl" } ], "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Defaults to \"private\". Conflicts with `grant`.\n" }, "arn": { "type": "string", "description": "The ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n" }, "bucket": { "type": "string", "description": "The name of the bucket. If omitted, this provider will assign a random, unique name.\n", "language": { "csharp": { "name": "BucketName" } } }, "bucketDomainName": { "type": "string", "description": "The bucket domain name. Will be of format `bucketname.s3.amazonaws.com`.\n" }, "bucketPrefix": { "type": "string", "description": "Creates a unique bucket name beginning with the specified prefix. Conflicts with `bucket`.\n" }, "bucketRegionalDomainName": { "type": "string", "description": "The bucket region-specific domain name. The bucket domain name including the region name, please refer [here](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent [redirect issues](https://forums.aws.amazon.com/thread.jspa?threadID=216814) from CloudFront to S3 Origin URL.\n" }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketCorsRule:BucketCorsRule" }, "description": "A rule of [Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) (documented below).\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all objects (including any [locked objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)) should be deleted from the bucket so that the bucket can be destroyed without error. These objects are *not* recoverable.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketGrant:BucketGrant" }, "description": "An [ACL policy grant](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#sample-acl) (documented below). Conflicts with `acl`.\n" }, "hostedZoneId": { "type": "string", "description": "The [Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n" }, "lifecycleRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleRule:BucketLifecycleRule" }, "description": "A configuration of [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) (documented below).\n" }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLogging:BucketLogging" }, "description": "A settings of [bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html) (documented below).\n" }, "objectLockConfiguration": { "$ref": "#/types/aws:s3/BucketObjectLockConfiguration:BucketObjectLockConfiguration", "description": "A configuration of [S3 object locking](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) (documented below)\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "A valid [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html) JSON document. Note that if the policy document is not specific enough (but still valid), the provider may view the policy as constantly changing in a `pulumi up / preview / update`. In this case, please make sure you use the verbose/specific version of the policy.\n" }, "region": { "type": "string", "description": "If specified, the AWS region this bucket should reside in. Otherwise, the region used by the callee.\n" }, "replicationConfiguration": { "$ref": "#/types/aws:s3/BucketReplicationConfiguration:BucketReplicationConfiguration", "description": "A configuration of [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html) (documented below).\n" }, "requestPayer": { "type": "string", "description": "Specifies who should bear the cost of Amazon S3 data transfer.\nCan be either `BucketOwner` or `Requester`. By default, the owner of the S3 bucket would incur\nthe costs of any data transfer. See [Requester Pays Buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html)\ndeveloper guide for more information.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration", "description": "A configuration of [server-side encryption configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) (documented below)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the bucket.\n" }, "versioning": { "$ref": "#/types/aws:s3/BucketVersioning:BucketVersioning", "description": "A state of [versioning](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html) (documented below)\n" }, "website": { "$ref": "#/types/aws:s3/BucketWebsite:BucketWebsite", "description": "A website object (documented below).\n" }, "websiteDomain": { "type": "string", "description": "The domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records.\n" }, "websiteEndpoint": { "type": "string", "description": "The website endpoint, if the bucket is configured with a website. If not, this will be an empty string.\n" } }, "type": "object" } }, "aws:s3/bucketMetric:BucketMetric": { "description": "Provides a S3 bucket [metrics configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/metrics-configurations.html) resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Add metrics configuration for entire S3 bucket\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.Bucket(\"example\", {});\nconst example_entire_bucket = new aws.s3.BucketMetric(\"example-entire-bucket\", {\n bucket: example.bucket,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.Bucket(\"example\")\nexample_entire_bucket = aws.s3.BucketMetric(\"example-entire-bucket\", bucket=example.bucket)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.S3.Bucket(\"example\", new Aws.S3.BucketArgs\n {\n });\n var example_entire_bucket = new Aws.S3.BucketMetric(\"example-entire-bucket\", new Aws.S3.BucketMetricArgs\n {\n Bucket = example.BucketName,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucket(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketMetric(ctx, \"example-entire-bucket\", \u0026s3.BucketMetricArgs{\n\t\t\tBucket: example.Bucket,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Add metrics configuration with S3 bucket object filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.Bucket(\"example\", {});\nconst example_filtered = new aws.s3.BucketMetric(\"example-filtered\", {\n bucket: example.bucket,\n filter: {\n prefix: \"documents/\",\n tags: {\n class: \"blue\",\n priority: \"high\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.Bucket(\"example\")\nexample_filtered = aws.s3.BucketMetric(\"example-filtered\",\n bucket=example.bucket,\n filter={\n \"prefix\": \"documents/\",\n \"tags\": {\n \"class\": \"blue\",\n \"priority\": \"high\",\n },\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.S3.Bucket(\"example\", new Aws.S3.BucketArgs\n {\n });\n var example_filtered = new Aws.S3.BucketMetric(\"example-filtered\", new Aws.S3.BucketMetricArgs\n {\n Bucket = example.BucketName,\n Filter = new Aws.S3.Inputs.BucketMetricFilterArgs\n {\n Prefix = \"documents/\",\n Tags = \n {\n { \"class\", \"blue\" },\n { \"priority\", \"high\" },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucket(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketMetric(ctx, \"example-filtered\", \u0026s3.BucketMetricArgs{\n\t\t\tBucket: example.Bucket,\n\t\t\tFilter: \u0026s3.BucketMetricFilterArgs{\n\t\t\t\tPrefix: pulumi.String(\"documents/\"),\n\t\t\t\tTags: pulumi.Map{\n\t\t\t\t\t\"class\": pulumi.String(\"blue\"),\n\t\t\t\t\t\"priority\": pulumi.String(\"high\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "bucket": { "type": "string", "description": "The name of the bucket to put metric configuration.\n" }, "filter": { "$ref": "#/types/aws:s3/BucketMetricFilter:BucketMetricFilter", "description": "[Object filtering](http://docs.aws.amazon.com/AmazonS3/latest/dev/metrics-configurations.html#metrics-configurations-filter) that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the metrics configuration for the bucket.\n" } }, "required": [ "bucket", "name" ], "inputProperties": { "bucket": { "type": "string", "description": "The name of the bucket to put metric configuration.\n" }, "filter": { "$ref": "#/types/aws:s3/BucketMetricFilter:BucketMetricFilter", "description": "[Object filtering](http://docs.aws.amazon.com/AmazonS3/latest/dev/metrics-configurations.html#metrics-configurations-filter) that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the metrics configuration for the bucket.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketMetric resources.\n", "properties": { "bucket": { "type": "string", "description": "The name of the bucket to put metric configuration.\n" }, "filter": { "$ref": "#/types/aws:s3/BucketMetricFilter:BucketMetricFilter", "description": "[Object filtering](http://docs.aws.amazon.com/AmazonS3/latest/dev/metrics-configurations.html#metrics-configurations-filter) that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the metrics configuration for the bucket.\n" } }, "type": "object" } }, "aws:s3/bucketNotification:BucketNotification": { "description": "Manages a S3 Bucket Notification Configuration. For additional information, see the [Configuring S3 Event Notifications section in the Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html).\n\n\u003e **NOTE:** S3 Buckets only support a single notification configuration. Declaring multiple `aws.s3.BucketNotification` resources to the same S3 Bucket will cause a perpetual difference in configuration. See the example \"Trigger multiple Lambda functions\" for an option.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Add notification configuration to SNS Topic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"bucket\", {});\nconst topic = new aws.sns.Topic(\"topic\", {\n policy: pulumi.interpolate`{\n \"Version\":\"2012-10-17\",\n \"Statement\":[{\n \"Effect\": \"Allow\",\n \"Principal\": {\"AWS\":\"*\"},\n \"Action\": \"SNS:Publish\",\n \"Resource\": \"arn:aws:sns:*:*:s3-event-notification-topic\",\n \"Condition\":{\n \"ArnLike\":{\"aws:SourceArn\":\"${bucket.arn}\"}\n }\n }]\n}\n`,\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n topics: [{\n events: [\"s3:ObjectCreated:*\"],\n filterSuffix: \".log\",\n topicArn: topic.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\")\ntopic = aws.sns.Topic(\"topic\", policy=bucket.arn.apply(lambda arn: f\"\"\"{{\n \"Version\":\"2012-10-17\",\n \"Statement\":[{{\n \"Effect\": \"Allow\",\n \"Principal\": {{\"AWS\":\"*\"}},\n \"Action\": \"SNS:Publish\",\n \"Resource\": \"arn:aws:sns:*:*:s3-event-notification-topic\",\n \"Condition\":{{\n \"ArnLike\":{{\"aws:SourceArn\":\"{arn}\"}}\n }}\n }}]\n}}\n\n\"\"\"))\nbucket_notification = aws.s3.BucketNotification(\"bucketNotification\",\n bucket=bucket.id,\n topics=[{\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filterSuffix\": \".log\",\n \"topic_arn\": topic.arn,\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n });\n var topic = new Aws.Sns.Topic(\"topic\", new Aws.Sns.TopicArgs\n {\n Policy = bucket.Arn.Apply(arn =\u003e @$\"{{\n \"\"Version\"\":\"\"2012-10-17\"\",\n \"\"Statement\"\":[{{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {{\"\"AWS\"\":\"\"*\"\"}},\n \"\"Action\"\": \"\"SNS:Publish\"\",\n \"\"Resource\"\": \"\"arn:aws:sns:*:*:s3-event-notification-topic\"\",\n \"\"Condition\"\":{{\n \"\"ArnLike\"\":{{\"\"aws:SourceArn\"\":\"\"{arn}\"\"}}\n }}\n }}]\n}}\n\n\"),\n });\n var bucketNotification = new Aws.S3.BucketNotification(\"bucketNotification\", new Aws.S3.BucketNotificationArgs\n {\n Bucket = bucket.Id,\n Topics = \n {\n new Aws.S3.Inputs.BucketNotificationTopicArgs\n {\n Events = \n {\n \"s3:ObjectCreated:*\",\n },\n FilterSuffix = \".log\",\n TopicArn = topic.Arn,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucket(ctx, \"bucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttopic, err := sns.NewTopic(ctx, \"topic\", \u0026sns.TopicArgs{\n\t\t\tPolicy: bucket.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\":\\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\":[{\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\\"AWS\\\":\\\"*\\\"},\\n\", \" \\\"Action\\\": \\\"SNS:Publish\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:sns:*:*:s3-event-notification-topic\\\",\\n\", \" \\\"Condition\\\":{\\n\", \" \\\"ArnLike\\\":{\\\"aws:SourceArn\\\":\\\"\", arn, \"\\\"}\\n\", \" }\\n\", \" }]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucketNotification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tTopics: s3.BucketNotificationTopicArray{\n\t\t\t\t\u0026s3.BucketNotificationTopicArgs{\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t\tTopicArn: topic.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Add notification configuration to SQS Queue\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"bucket\", {});\nconst queue = new aws.sqs.Queue(\"queue\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Action\": \"sqs:SendMessage\",\n\t \"Resource\": \"arn:aws:sqs:*:*:s3-event-notification-queue\",\n \"Condition\": {\n \"ArnEquals\": { \"aws:SourceArn\": \"${bucket.arn}\" }\n }\n }\n ]\n}\n`,\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n queues: [{\n events: [\"s3:ObjectCreated:*\"],\n filterSuffix: \".log\",\n queueArn: queue.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\")\nqueue = aws.sqs.Queue(\"queue\", policy=bucket.arn.apply(lambda arn: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Action\": \"sqs:SendMessage\",\n\t \"Resource\": \"arn:aws:sqs:*:*:s3-event-notification-queue\",\n \"Condition\": {{\n \"ArnEquals\": {{ \"aws:SourceArn\": \"{arn}\" }}\n }}\n }}\n ]\n}}\n\n\"\"\"))\nbucket_notification = aws.s3.BucketNotification(\"bucketNotification\",\n bucket=bucket.id,\n queues=[{\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filterSuffix\": \".log\",\n \"queueArn\": queue.arn,\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n });\n var queue = new Aws.Sqs.Queue(\"queue\", new Aws.Sqs.QueueArgs\n {\n Policy = bucket.Arn.Apply(arn =\u003e @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Action\"\": \"\"sqs:SendMessage\"\",\n\t \"\"Resource\"\": \"\"arn:aws:sqs:*:*:s3-event-notification-queue\"\",\n \"\"Condition\"\": {{\n \"\"ArnEquals\"\": {{ \"\"aws:SourceArn\"\": \"\"{arn}\"\" }}\n }}\n }}\n ]\n}}\n\n\"),\n });\n var bucketNotification = new Aws.S3.BucketNotification(\"bucketNotification\", new Aws.S3.BucketNotificationArgs\n {\n Bucket = bucket.Id,\n Queues = \n {\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n Events = \n {\n \"s3:ObjectCreated:*\",\n },\n FilterSuffix = \".log\",\n QueueArn = queue.Arn,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucket(ctx, \"bucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tqueue, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tPolicy: bucket.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": \\\"*\\\",\\n\", \" \\\"Action\\\": \\\"sqs:SendMessage\\\",\\n\", \"\t \\\"Resource\\\": \\\"arn:aws:sqs:*:*:s3-event-notification-queue\\\",\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"ArnEquals\\\": { \\\"aws:SourceArn\\\": \\\"\", arn, \"\\\" }\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucketNotification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tQueues: s3.BucketNotificationQueueArray{\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t\tQueueArn: queue.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Add multiple notification configurations to SQS Queue\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"bucket\", {});\nconst queue = new aws.sqs.Queue(\"queue\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Action\": \"sqs:SendMessage\",\n\t \"Resource\": \"arn:aws:sqs:*:*:s3-event-notification-queue\",\n \"Condition\": {\n \"ArnEquals\": { \"aws:SourceArn\": \"${bucket.arn}\" }\n }\n }\n ]\n}\n`,\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n queues: [\n {\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"images/\",\n id: \"image-upload-event\",\n queueArn: queue.arn,\n },\n {\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"videos/\",\n id: \"video-upload-event\",\n queueArn: queue.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\")\nqueue = aws.sqs.Queue(\"queue\", policy=bucket.arn.apply(lambda arn: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Action\": \"sqs:SendMessage\",\n\t \"Resource\": \"arn:aws:sqs:*:*:s3-event-notification-queue\",\n \"Condition\": {{\n \"ArnEquals\": {{ \"aws:SourceArn\": \"{arn}\" }}\n }}\n }}\n ]\n}}\n\n\"\"\"))\nbucket_notification = aws.s3.BucketNotification(\"bucketNotification\",\n bucket=bucket.id,\n queues=[\n {\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filterPrefix\": \"images/\",\n \"id\": \"image-upload-event\",\n \"queueArn\": queue.arn,\n },\n {\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filterPrefix\": \"videos/\",\n \"id\": \"video-upload-event\",\n \"queueArn\": queue.arn,\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n });\n var queue = new Aws.Sqs.Queue(\"queue\", new Aws.Sqs.QueueArgs\n {\n Policy = bucket.Arn.Apply(arn =\u003e @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Action\"\": \"\"sqs:SendMessage\"\",\n\t \"\"Resource\"\": \"\"arn:aws:sqs:*:*:s3-event-notification-queue\"\",\n \"\"Condition\"\": {{\n \"\"ArnEquals\"\": {{ \"\"aws:SourceArn\"\": \"\"{arn}\"\" }}\n }}\n }}\n ]\n}}\n\n\"),\n });\n var bucketNotification = new Aws.S3.BucketNotification(\"bucketNotification\", new Aws.S3.BucketNotificationArgs\n {\n Bucket = bucket.Id,\n Queues = \n {\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n Events = \n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"images/\",\n Id = \"image-upload-event\",\n QueueArn = queue.Arn,\n },\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n Events = \n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"videos/\",\n Id = \"video-upload-event\",\n QueueArn = queue.Arn,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucket(ctx, \"bucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tqueue, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tPolicy: bucket.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": \\\"*\\\",\\n\", \" \\\"Action\\\": \\\"sqs:SendMessage\\\",\\n\", \"\t \\\"Resource\\\": \\\"arn:aws:sqs:*:*:s3-event-notification-queue\\\",\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"ArnEquals\\\": { \\\"aws:SourceArn\\\": \\\"\", arn, \"\\\" }\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucketNotification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tQueues: s3.BucketNotificationQueueArray{\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"images/\"),\n\t\t\t\t\tId: pulumi.String(\"image-upload-event\"),\n\t\t\t\t\tQueueArn: queue.Arn,\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"videos/\"),\n\t\t\t\t\tId: pulumi.String(\"video-upload-event\"),\n\t\t\t\t\tQueueArn: queue.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "bucket": { "type": "string", "description": "The name of the bucket to put notification configuration.\n" }, "lambdaFunctions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationLambdaFunction:BucketNotificationLambdaFunction" }, "description": "Used to configure notifications to a Lambda Function (documented below).\n" }, "queues": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationQueue:BucketNotificationQueue" }, "description": "The notification configuration to SQS Queue (documented below).\n" }, "topics": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationTopic:BucketNotificationTopic" }, "description": "The notification configuration to SNS Topic (documented below).\n" } }, "required": [ "bucket" ], "inputProperties": { "bucket": { "type": "string", "description": "The name of the bucket to put notification configuration.\n" }, "lambdaFunctions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationLambdaFunction:BucketNotificationLambdaFunction" }, "description": "Used to configure notifications to a Lambda Function (documented below).\n" }, "queues": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationQueue:BucketNotificationQueue" }, "description": "The notification configuration to SQS Queue (documented below).\n" }, "topics": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationTopic:BucketNotificationTopic" }, "description": "The notification configuration to SNS Topic (documented below).\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketNotification resources.\n", "properties": { "bucket": { "type": "string", "description": "The name of the bucket to put notification configuration.\n" }, "lambdaFunctions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationLambdaFunction:BucketNotificationLambdaFunction" }, "description": "Used to configure notifications to a Lambda Function (documented below).\n" }, "queues": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationQueue:BucketNotificationQueue" }, "description": "The notification configuration to SQS Queue (documented below).\n" }, "topics": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationTopic:BucketNotificationTopic" }, "description": "The notification configuration to SNS Topic (documented below).\n" } }, "type": "object" } }, "aws:s3/bucketObject:BucketObject": { "description": "Provides a S3 bucket object resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Encrypting with KMS Key\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplekms = new aws.kms.Key(\"examplekms\", {\n deletionWindowInDays: 7,\n description: \"KMS key 1\",\n});\nconst examplebucket = new aws.s3.Bucket(\"examplebucket\", {\n acl: \"private\",\n});\nconst examplebucketObject = new aws.s3.BucketObject(\"examplebucket_object\", {\n bucket: examplebucket.id,\n key: \"someobject\",\n kmsKeyId: examplekms.arn,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplekms = aws.kms.Key(\"examplekms\",\n deletion_window_in_days=7,\n description=\"KMS key 1\")\nexamplebucket = aws.s3.Bucket(\"examplebucket\", acl=\"private\")\nexamplebucket_object = aws.s3.BucketObject(\"examplebucketObject\",\n bucket=examplebucket.id,\n key=\"someobject\",\n kms_key_id=examplekms.arn,\n source=pulumi.FileAsset(\"index.html\"))\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var examplekms = new Aws.Kms.Key(\"examplekms\", new Aws.Kms.KeyArgs\n {\n DeletionWindowInDays = 7,\n Description = \"KMS key 1\",\n });\n var examplebucket = new Aws.S3.Bucket(\"examplebucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n });\n var examplebucketObject = new Aws.S3.BucketObject(\"examplebucketObject\", new Aws.S3.BucketObjectArgs\n {\n Bucket = examplebucket.Id,\n Key = \"someobject\",\n KmsKeyId = examplekms.Arn,\n Source = new FileAsset(\"index.html\"),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplekms, err := kms.NewKey(ctx, \"examplekms\", \u0026kms.KeyArgs{\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tDescription: pulumi.String(\"KMS key 1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplebucket, err := s3.NewBucket(ctx, \"examplebucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"examplebucketObject\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tKmsKeyId: examplekms.Arn,\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Server Side Encryption with S3 Default Master Key\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.Bucket(\"examplebucket\", {\n acl: \"private\",\n});\nconst examplebucketObject = new aws.s3.BucketObject(\"examplebucket_object\", {\n bucket: examplebucket.id,\n key: \"someobject\",\n serverSideEncryption: \"aws:kms\",\n source: new pulumi.asset.FileAsset(\"index.html\"),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.Bucket(\"examplebucket\", acl=\"private\")\nexamplebucket_object = aws.s3.BucketObject(\"examplebucketObject\",\n bucket=examplebucket.id,\n key=\"someobject\",\n server_side_encryption=\"aws:kms\",\n source=pulumi.FileAsset(\"index.html\"))\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var examplebucket = new Aws.S3.Bucket(\"examplebucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n });\n var examplebucketObject = new Aws.S3.BucketObject(\"examplebucketObject\", new Aws.S3.BucketObjectArgs\n {\n Bucket = examplebucket.Id,\n Key = \"someobject\",\n ServerSideEncryption = \"aws:kms\",\n Source = new FileAsset(\"index.html\"),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucket(ctx, \"examplebucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"examplebucketObject\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tServerSideEncryption: pulumi.String(\"aws:kms\"),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Server Side Encryption with AWS-Managed Key\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.Bucket(\"examplebucket\", {\n acl: \"private\",\n});\nconst examplebucketObject = new aws.s3.BucketObject(\"examplebucket_object\", {\n bucket: examplebucket.id,\n key: \"someobject\",\n serverSideEncryption: \"AES256\",\n source: new pulumi.asset.FileAsset(\"index.html\"),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.Bucket(\"examplebucket\", acl=\"private\")\nexamplebucket_object = aws.s3.BucketObject(\"examplebucketObject\",\n bucket=examplebucket.id,\n key=\"someobject\",\n server_side_encryption=\"AES256\",\n source=pulumi.FileAsset(\"index.html\"))\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var examplebucket = new Aws.S3.Bucket(\"examplebucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n });\n var examplebucketObject = new Aws.S3.BucketObject(\"examplebucketObject\", new Aws.S3.BucketObjectArgs\n {\n Bucket = examplebucket.Id,\n Key = \"someobject\",\n ServerSideEncryption = \"AES256\",\n Source = new FileAsset(\"index.html\"),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucket(ctx, \"examplebucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"examplebucketObject\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tServerSideEncryption: pulumi.String(\"AES256\"),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### S3 Object Lock\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.Bucket(\"examplebucket\", {\n acl: \"private\",\n objectLockConfiguration: {\n objectLockEnabled: \"Enabled\",\n },\n versioning: {\n enabled: true,\n },\n});\nconst examplebucketObject = new aws.s3.BucketObject(\"examplebucket_object\", {\n bucket: examplebucket.id,\n forceDestroy: true,\n key: \"someobject\",\n objectLockLegalHoldStatus: \"ON\",\n objectLockMode: \"GOVERNANCE\",\n objectLockRetainUntilDate: \"2021-12-31T23:59:60Z\",\n source: new pulumi.asset.FileAsset(\"important.txt\"),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.Bucket(\"examplebucket\",\n acl=\"private\",\n object_lock_configuration={\n \"objectLockEnabled\": \"Enabled\",\n },\n versioning={\n \"enabled\": True,\n })\nexamplebucket_object = aws.s3.BucketObject(\"examplebucketObject\",\n bucket=examplebucket.id,\n force_destroy=True,\n key=\"someobject\",\n object_lock_legal_hold_status=\"ON\",\n object_lock_mode=\"GOVERNANCE\",\n object_lock_retain_until_date=\"2021-12-31T23:59:60Z\",\n source=pulumi.FileAsset(\"important.txt\"))\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var examplebucket = new Aws.S3.Bucket(\"examplebucket\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n ObjectLockConfiguration = new Aws.S3.Inputs.BucketObjectLockConfigurationArgs\n {\n ObjectLockEnabled = \"Enabled\",\n },\n Versioning = new Aws.S3.Inputs.BucketVersioningArgs\n {\n Enabled = true,\n },\n });\n var examplebucketObject = new Aws.S3.BucketObject(\"examplebucketObject\", new Aws.S3.BucketObjectArgs\n {\n Bucket = examplebucket.Id,\n ForceDestroy = true,\n Key = \"someobject\",\n ObjectLockLegalHoldStatus = \"ON\",\n ObjectLockMode = \"GOVERNANCE\",\n ObjectLockRetainUntilDate = \"2021-12-31T23:59:60Z\",\n Source = new FileAsset(\"important.txt\"),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucket(ctx, \"examplebucket\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t\tObjectLockConfiguration: \u0026s3.BucketObjectLockConfigurationArgs{\n\t\t\t\tObjectLockEnabled: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t\tVersioning: \u0026s3.BucketVersioningArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"examplebucketObject\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tObjectLockLegalHoldStatus: pulumi.String(\"ON\"),\n\t\t\tObjectLockMode: pulumi.String(\"GOVERNANCE\"),\n\t\t\tObjectLockRetainUntilDate: pulumi.String(\"2021-12-31T23:59:60Z\"),\n\t\t\tSource: pulumi.NewFileAsset(\"important.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "acl": { "type": "string", "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Defaults to \"private\".\n" }, "bucket": { "type": "string", "description": "The name of the bucket to put the file in. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified.\n" }, "cacheControl": { "type": "string", "description": "Specifies caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "content": { "type": "string", "description": "Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.\n" }, "contentBase64": { "type": "string", "description": "Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the `gzipbase64` function with small text strings. For larger objects, use `source` to stream the content from a disk file.\n" }, "contentDisposition": { "type": "string", "description": "Specifies presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "The language the content is in e.g. en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.\n" }, "etag": { "type": "string", "description": "Used to trigger updates. The only meaningful value is `${filemd5(\"path/to/file\")}` (this provider 0.11.12 or later) or `${md5(file(\"path/to/file\"))}` (this provider 0.11.11 or earlier).\nThis attribute is not compatible with KMS encryption, `kms_key_id` or `server_side_encryption = \"aws:kms\"`.\n" }, "forceDestroy": { "type": "boolean", "description": "Allow the object to be deleted by removing any legal hold on any object version.\nDefault is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "key": { "type": "string", "description": "The name of the object once it is in the bucket.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the AWS KMS Key ARN to use for object encryption.\nThis value is a fully qualified **ARN** of the KMS Key. If using `aws.kms.Key`,\nuse the exported `arn` attribute:\n`kms_key_id = \"${aws_kms_key.foo.arn}\"`\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "The [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "The object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "The date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "serverSideEncryption": { "type": "string", "description": "Specifies server-side encryption of the object in S3. Valid values are \"`AES256`\" and \"`aws:kms`\".\n" }, "source": { "$ref": "pulumi.json#/Asset", "description": "The path to a file that will be read and uploaded as raw bytes for the object content.\n" }, "storageClass": { "type": "string", "description": "Specifies the desired [Storage Class](http://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html)\nfor the object. Can be either \"`STANDARD`\", \"`REDUCED_REDUNDANCY`\", \"`ONEZONE_IA`\", \"`INTELLIGENT_TIERING`\", \"`GLACIER`\", \"`DEEP_ARCHIVE`\", or \"`STANDARD_IA`\". Defaults to \"`STANDARD`\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" }, "versionId": { "type": "string", "description": "A unique version ID value for the object, if bucket versioning\nis enabled.\n" }, "websiteRedirect": { "type": "string", "description": "Specifies a target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n" } }, "required": [ "bucket", "contentType", "etag", "key", "serverSideEncryption", "storageClass", "versionId" ], "inputProperties": { "acl": { "type": "string", "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Defaults to \"private\".\n" }, "bucket": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/bucket:Bucket" } ], "description": "The name of the bucket to put the file in. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified.\n" }, "cacheControl": { "type": "string", "description": "Specifies caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "content": { "type": "string", "description": "Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.\n" }, "contentBase64": { "type": "string", "description": "Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the `gzipbase64` function with small text strings. For larger objects, use `source` to stream the content from a disk file.\n" }, "contentDisposition": { "type": "string", "description": "Specifies presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "The language the content is in e.g. en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.\n" }, "etag": { "type": "string", "description": "Used to trigger updates. The only meaningful value is `${filemd5(\"path/to/file\")}` (this provider 0.11.12 or later) or `${md5(file(\"path/to/file\"))}` (this provider 0.11.11 or earlier).\nThis attribute is not compatible with KMS encryption, `kms_key_id` or `server_side_encryption = \"aws:kms\"`.\n" }, "forceDestroy": { "type": "boolean", "description": "Allow the object to be deleted by removing any legal hold on any object version.\nDefault is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "key": { "type": "string", "description": "The name of the object once it is in the bucket.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the AWS KMS Key ARN to use for object encryption.\nThis value is a fully qualified **ARN** of the KMS Key. If using `aws.kms.Key`,\nuse the exported `arn` attribute:\n`kms_key_id = \"${aws_kms_key.foo.arn}\"`\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "The [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "The object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "The date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "serverSideEncryption": { "type": "string", "description": "Specifies server-side encryption of the object in S3. Valid values are \"`AES256`\" and \"`aws:kms`\".\n" }, "source": { "$ref": "pulumi.json#/Asset", "description": "The path to a file that will be read and uploaded as raw bytes for the object content.\n" }, "storageClass": { "type": "string", "description": "Specifies the desired [Storage Class](http://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html)\nfor the object. Can be either \"`STANDARD`\", \"`REDUCED_REDUNDANCY`\", \"`ONEZONE_IA`\", \"`INTELLIGENT_TIERING`\", \"`GLACIER`\", \"`DEEP_ARCHIVE`\", or \"`STANDARD_IA`\". Defaults to \"`STANDARD`\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" }, "websiteRedirect": { "type": "string", "description": "Specifies a target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketObject resources.\n", "properties": { "acl": { "type": "string", "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Defaults to \"private\".\n" }, "bucket": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/bucket:Bucket" } ], "description": "The name of the bucket to put the file in. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified.\n" }, "cacheControl": { "type": "string", "description": "Specifies caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "content": { "type": "string", "description": "Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.\n" }, "contentBase64": { "type": "string", "description": "Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the `gzipbase64` function with small text strings. For larger objects, use `source` to stream the content from a disk file.\n" }, "contentDisposition": { "type": "string", "description": "Specifies presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "The language the content is in e.g. en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.\n" }, "etag": { "type": "string", "description": "Used to trigger updates. The only meaningful value is `${filemd5(\"path/to/file\")}` (this provider 0.11.12 or later) or `${md5(file(\"path/to/file\"))}` (this provider 0.11.11 or earlier).\nThis attribute is not compatible with KMS encryption, `kms_key_id` or `server_side_encryption = \"aws:kms\"`.\n" }, "forceDestroy": { "type": "boolean", "description": "Allow the object to be deleted by removing any legal hold on any object version.\nDefault is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "key": { "type": "string", "description": "The name of the object once it is in the bucket.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the AWS KMS Key ARN to use for object encryption.\nThis value is a fully qualified **ARN** of the KMS Key. If using `aws.kms.Key`,\nuse the exported `arn` attribute:\n`kms_key_id = \"${aws_kms_key.foo.arn}\"`\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "The [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "The object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "The date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "serverSideEncryption": { "type": "string", "description": "Specifies server-side encryption of the object in S3. Valid values are \"`AES256`\" and \"`aws:kms`\".\n" }, "source": { "$ref": "pulumi.json#/Asset", "description": "The path to a file that will be read and uploaded as raw bytes for the object content.\n" }, "storageClass": { "type": "string", "description": "Specifies the desired [Storage Class](http://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html)\nfor the object. Can be either \"`STANDARD`\", \"`REDUCED_REDUNDANCY`\", \"`ONEZONE_IA`\", \"`INTELLIGENT_TIERING`\", \"`GLACIER`\", \"`DEEP_ARCHIVE`\", or \"`STANDARD_IA`\". Defaults to \"`STANDARD`\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" }, "versionId": { "type": "string", "description": "A unique version ID value for the object, if bucket versioning\nis enabled.\n" }, "websiteRedirect": { "type": "string", "description": "Specifies a target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n" } }, "type": "object" } }, "aws:s3/bucketPolicy:BucketPolicy": { "description": "Attaches a policy to an S3 bucket resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.Bucket(\"b\", {});\nconst bucketPolicy = new aws.s3.BucketPolicy(\"b\", {\n bucket: bucket.id,\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Id\": \"MYBUCKETPOLICY\",\n \"Statement\": [\n {\n \"Sid\": \"IPAllow\",\n \"Effect\": \"Deny\",\n \"Principal\": \"*\",\n \"Action\": \"s3:*\",\n \"Resource\": \"arn:aws:s3:::my_tf_test_bucket/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": \"8.8.8.8/32\"}\n }\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.Bucket(\"bucket\")\nbucket_policy = aws.s3.BucketPolicy(\"bucketPolicy\",\n bucket=bucket.id,\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Id\": \"MYBUCKETPOLICY\",\n \"Statement\": [\n {\n \"Sid\": \"IPAllow\",\n \"Effect\": \"Deny\",\n \"Principal\": \"*\",\n \"Action\": \"s3:*\",\n \"Resource\": \"arn:aws:s3:::my_tf_test_bucket/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": \"8.8.8.8/32\"}\n }\n }\n ]\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n });\n var bucketPolicy = new Aws.S3.BucketPolicy(\"bucketPolicy\", new Aws.S3.BucketPolicyArgs\n {\n Bucket = bucket.Id,\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Id\"\": \"\"MYBUCKETPOLICY\"\",\n \"\"Statement\"\": [\n {\n \"\"Sid\"\": \"\"IPAllow\"\",\n \"\"Effect\"\": \"\"Deny\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Action\"\": \"\"s3:*\"\",\n \"\"Resource\"\": \"\"arn:aws:s3:::my_tf_test_bucket/*\"\",\n \"\"Condition\"\": {\n \"\"IpAddress\"\": {\"\"aws:SourceIp\"\": \"\"8.8.8.8/32\"\"}\n }\n }\n ]\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucket(ctx, \"bucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPolicy(ctx, \"bucketPolicy\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Id\\\": \\\"MYBUCKETPOLICY\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"IPAllow\\\",\\n\", \" \\\"Effect\\\": \\\"Deny\\\",\\n\", \" \\\"Principal\\\": \\\"*\\\",\\n\", \" \\\"Action\\\": \\\"s3:*\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:s3:::my_tf_test_bucket/*\\\",\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"IpAddress\\\": {\\\"aws:SourceIp\\\": \\\"8.8.8.8/32\\\"}\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "bucket": { "type": "string", "description": "The name of the bucket to which to apply the policy.\n" }, "policy": { "type": "string", "description": "The text of the policy.\n" } }, "required": [ "bucket", "policy" ], "inputProperties": { "bucket": { "type": "string", "description": "The name of the bucket to which to apply the policy.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The text of the policy.\n" } }, "requiredInputs": [ "bucket", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketPolicy resources.\n", "properties": { "bucket": { "type": "string", "description": "The name of the bucket to which to apply the policy.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The text of the policy.\n" } }, "type": "object" } }, "aws:s3/bucketPublicAccessBlock:BucketPublicAccessBlock": { "description": "Manages S3 bucket-level Public Access Block configuration. For more information about these settings, see the [AWS S3 Block Public Access documentation](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucket = new aws.s3.Bucket(\"example\", {});\nconst exampleBucketPublicAccessBlock = new aws.s3.BucketPublicAccessBlock(\"example\", {\n blockPublicAcls: true,\n blockPublicPolicy: true,\n bucket: exampleBucket.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket = aws.s3.Bucket(\"exampleBucket\")\nexample_bucket_public_access_block = aws.s3.BucketPublicAccessBlock(\"exampleBucketPublicAccessBlock\",\n block_public_acls=True,\n block_public_policy=True,\n bucket=example_bucket.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleBucket = new Aws.S3.Bucket(\"exampleBucket\", new Aws.S3.BucketArgs\n {\n });\n var exampleBucketPublicAccessBlock = new Aws.S3.BucketPublicAccessBlock(\"exampleBucketPublicAccessBlock\", new Aws.S3.BucketPublicAccessBlockArgs\n {\n BlockPublicAcls = true,\n BlockPublicPolicy = true,\n Bucket = exampleBucket.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucket, err := s3.NewBucket(ctx, \"exampleBucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPublicAccessBlock(ctx, \"exampleBucketPublicAccessBlock\", \u0026s3.BucketPublicAccessBlockArgs{\n\t\t\tBlockPublicAcls: pulumi.Bool(true),\n\t\t\tBlockPublicPolicy: pulumi.Bool(true),\n\t\t\tBucket: exampleBucket.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls will fail if the request includes an object ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the existing bucket policy. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "bucket": { "type": "string", "description": "S3 Bucket to which this Public Access Block configuration should be applied.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore public ACLs on this bucket and any objects that it contains.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the previously stored bucket policy, except that public and cross-account access within the public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access this buckets if it has a public policy.\n" } }, "required": [ "bucket" ], "inputProperties": { "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls will fail if the request includes an object ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the existing bucket policy. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "bucket": { "type": "string", "description": "S3 Bucket to which this Public Access Block configuration should be applied.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore public ACLs on this bucket and any objects that it contains.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the previously stored bucket policy, except that public and cross-account access within the public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access this buckets if it has a public policy.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketPublicAccessBlock resources.\n", "properties": { "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls will fail if the request includes an object ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the existing bucket policy. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "bucket": { "type": "string", "description": "S3 Bucket to which this Public Access Block configuration should be applied.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore public ACLs on this bucket and any objects that it contains.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the previously stored bucket policy, except that public and cross-account access within the public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access this buckets if it has a public policy.\n" } }, "type": "object" } }, "aws:s3/inventory:Inventory": { "description": "Provides a S3 bucket [inventory configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Add inventory configuration\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testBucket = new aws.s3.Bucket(\"test\", {});\nconst inventory = new aws.s3.Bucket(\"inventory\", {});\nconst testInventory = new aws.s3.Inventory(\"test\", {\n bucket: testBucket.id,\n destination: {\n bucket: {\n bucketArn: inventory.arn,\n format: \"ORC\",\n },\n },\n includedObjectVersions: \"All\",\n schedule: {\n frequency: \"Daily\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_bucket = aws.s3.Bucket(\"testBucket\")\ninventory = aws.s3.Bucket(\"inventory\")\ntest_inventory = aws.s3.Inventory(\"testInventory\",\n bucket=test_bucket.id,\n destination={\n \"bucket\": {\n \"bucketArn\": inventory.arn,\n \"format\": \"ORC\",\n },\n },\n included_object_versions=\"All\",\n schedule={\n \"frequency\": \"Daily\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testBucket = new Aws.S3.Bucket(\"testBucket\", new Aws.S3.BucketArgs\n {\n });\n var inventory = new Aws.S3.Bucket(\"inventory\", new Aws.S3.BucketArgs\n {\n });\n var testInventory = new Aws.S3.Inventory(\"testInventory\", new Aws.S3.InventoryArgs\n {\n Bucket = testBucket.Id,\n Destination = new Aws.S3.Inputs.InventoryDestinationArgs\n {\n Bucket = new Aws.S3.Inputs.InventoryDestinationBucketArgs\n {\n BucketArn = inventory.Arn,\n Format = \"ORC\",\n },\n },\n IncludedObjectVersions = \"All\",\n Schedule = new Aws.S3.Inputs.InventoryScheduleArgs\n {\n Frequency = \"Daily\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestBucket, err := s3.NewBucket(ctx, \"testBucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinventory, err := s3.NewBucket(ctx, \"inventory\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewInventory(ctx, \"testInventory\", \u0026s3.InventoryArgs{\n\t\t\tBucket: testBucket.ID(),\n\t\t\tDestination: \u0026s3.InventoryDestinationArgs{\n\t\t\t\tBucket: \u0026s3.InventoryDestinationBucketArgs{\n\t\t\t\t\tBucketArn: inventory.Arn,\n\t\t\t\t\tFormat: pulumi.String(\"ORC\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIncludedObjectVersions: pulumi.String(\"All\"),\n\t\t\tSchedule: \u0026s3.InventoryScheduleArgs{\n\t\t\t\tFrequency: pulumi.String(\"Daily\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Add inventory configuration with S3 bucket object prefix\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.s3.Bucket(\"test\", {});\nconst inventory = new aws.s3.Bucket(\"inventory\", {});\nconst test_prefix = new aws.s3.Inventory(\"test-prefix\", {\n bucket: test.id,\n destination: {\n bucket: {\n bucketArn: inventory.arn,\n format: \"ORC\",\n prefix: \"inventory\",\n },\n },\n filter: {\n prefix: \"documents/\",\n },\n includedObjectVersions: \"All\",\n schedule: {\n frequency: \"Daily\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.s3.Bucket(\"test\")\ninventory = aws.s3.Bucket(\"inventory\")\ntest_prefix = aws.s3.Inventory(\"test-prefix\",\n bucket=test.id,\n destination={\n \"bucket\": {\n \"bucketArn\": inventory.arn,\n \"format\": \"ORC\",\n \"prefix\": \"inventory\",\n },\n },\n filter={\n \"prefix\": \"documents/\",\n },\n included_object_versions=\"All\",\n schedule={\n \"frequency\": \"Daily\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.S3.Bucket(\"test\", new Aws.S3.BucketArgs\n {\n });\n var inventory = new Aws.S3.Bucket(\"inventory\", new Aws.S3.BucketArgs\n {\n });\n var test_prefix = new Aws.S3.Inventory(\"test-prefix\", new Aws.S3.InventoryArgs\n {\n Bucket = test.Id,\n Destination = new Aws.S3.Inputs.InventoryDestinationArgs\n {\n Bucket = new Aws.S3.Inputs.InventoryDestinationBucketArgs\n {\n BucketArn = inventory.Arn,\n Format = \"ORC\",\n Prefix = \"inventory\",\n },\n },\n Filter = new Aws.S3.Inputs.InventoryFilterArgs\n {\n Prefix = \"documents/\",\n },\n IncludedObjectVersions = \"All\",\n Schedule = new Aws.S3.Inputs.InventoryScheduleArgs\n {\n Frequency = \"Daily\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := s3.NewBucket(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinventory, err := s3.NewBucket(ctx, \"inventory\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewInventory(ctx, \"test-prefix\", \u0026s3.InventoryArgs{\n\t\t\tBucket: test.ID(),\n\t\t\tDestination: \u0026s3.InventoryDestinationArgs{\n\t\t\t\tBucket: \u0026s3.InventoryDestinationBucketArgs{\n\t\t\t\t\tBucketArn: inventory.Arn,\n\t\t\t\t\tFormat: pulumi.String(\"ORC\"),\n\t\t\t\t\tPrefix: pulumi.String(\"inventory\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tFilter: \u0026s3.InventoryFilterArgs{\n\t\t\t\tPrefix: pulumi.String(\"documents/\"),\n\t\t\t},\n\t\t\tIncludedObjectVersions: pulumi.String(\"All\"),\n\t\t\tSchedule: \u0026s3.InventoryScheduleArgs{\n\t\t\t\tFrequency: pulumi.String(\"Daily\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "bucket": { "type": "string", "description": "The name of the bucket where the inventory configuration will be stored.\n" }, "destination": { "$ref": "#/types/aws:s3/InventoryDestination:InventoryDestination", "description": "Contains information about where to publish the inventory results (documented below).\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the inventory is enabled or disabled.\n" }, "filter": { "$ref": "#/types/aws:s3/InventoryFilter:InventoryFilter", "description": "Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria (documented below).\n" }, "includedObjectVersions": { "type": "string", "description": "Object versions to include in the inventory list. Valid values: `All`, `Current`.\n" }, "name": { "type": "string", "description": "Unique identifier of the inventory configuration for the bucket.\n" }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "List of optional fields that are included in the inventory results.\nValid values: `Size`, `LastModifiedDate`, `StorageClass`, `ETag`, `IsMultipartUploaded`, `ReplicationStatus`, `EncryptionStatus`, `ObjectLockRetainUntilDate`, `ObjectLockMode`, `ObjectLockLegalHoldStatus`, `IntelligentTieringAccessTier`.\n" }, "schedule": { "$ref": "#/types/aws:s3/InventorySchedule:InventorySchedule", "description": "Specifies the schedule for generating inventory results (documented below).\n" } }, "required": [ "bucket", "destination", "includedObjectVersions", "name", "schedule" ], "inputProperties": { "bucket": { "type": "string", "description": "The name of the bucket where the inventory configuration will be stored.\n" }, "destination": { "$ref": "#/types/aws:s3/InventoryDestination:InventoryDestination", "description": "Contains information about where to publish the inventory results (documented below).\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the inventory is enabled or disabled.\n" }, "filter": { "$ref": "#/types/aws:s3/InventoryFilter:InventoryFilter", "description": "Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria (documented below).\n" }, "includedObjectVersions": { "type": "string", "description": "Object versions to include in the inventory list. Valid values: `All`, `Current`.\n" }, "name": { "type": "string", "description": "Unique identifier of the inventory configuration for the bucket.\n" }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "List of optional fields that are included in the inventory results.\nValid values: `Size`, `LastModifiedDate`, `StorageClass`, `ETag`, `IsMultipartUploaded`, `ReplicationStatus`, `EncryptionStatus`, `ObjectLockRetainUntilDate`, `ObjectLockMode`, `ObjectLockLegalHoldStatus`, `IntelligentTieringAccessTier`.\n" }, "schedule": { "$ref": "#/types/aws:s3/InventorySchedule:InventorySchedule", "description": "Specifies the schedule for generating inventory results (documented below).\n" } }, "requiredInputs": [ "bucket", "destination", "includedObjectVersions", "schedule" ], "stateInputs": { "description": "Input properties used for looking up and filtering Inventory resources.\n", "properties": { "bucket": { "type": "string", "description": "The name of the bucket where the inventory configuration will be stored.\n" }, "destination": { "$ref": "#/types/aws:s3/InventoryDestination:InventoryDestination", "description": "Contains information about where to publish the inventory results (documented below).\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the inventory is enabled or disabled.\n" }, "filter": { "$ref": "#/types/aws:s3/InventoryFilter:InventoryFilter", "description": "Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria (documented below).\n" }, "includedObjectVersions": { "type": "string", "description": "Object versions to include in the inventory list. Valid values: `All`, `Current`.\n" }, "name": { "type": "string", "description": "Unique identifier of the inventory configuration for the bucket.\n" }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "List of optional fields that are included in the inventory results.\nValid values: `Size`, `LastModifiedDate`, `StorageClass`, `ETag`, `IsMultipartUploaded`, `ReplicationStatus`, `EncryptionStatus`, `ObjectLockRetainUntilDate`, `ObjectLockMode`, `ObjectLockLegalHoldStatus`, `IntelligentTieringAccessTier`.\n" }, "schedule": { "$ref": "#/types/aws:s3/InventorySchedule:InventorySchedule", "description": "Specifies the schedule for generating inventory results (documented below).\n" } }, "type": "object" } }, "aws:sagemaker/endpoint:Endpoint": { "description": "Provides a SageMaker Endpoint resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst endpoint = new aws.sagemaker.Endpoint(\"e\", {\n endpointConfigName: aws_sagemaker_endpoint_configuration_ec.name,\n tags: {\n Name: \"foo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nendpoint = aws.sagemaker.Endpoint(\"endpoint\",\n endpoint_config_name=aws_sagemaker_endpoint_configuration[\"ec\"][\"name\"],\n tags={\n \"Name\": \"foo\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var endpoint = new Aws.Sagemaker.Endpoint(\"endpoint\", new Aws.Sagemaker.EndpointArgs\n {\n EndpointConfigName = aws_sagemaker_endpoint_configuration.Ec.Name,\n Tags = \n {\n { \"Name\", \"foo\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sagemaker.NewEndpoint(ctx, \"endpoint\", \u0026sagemaker.EndpointArgs{\n\t\t\tEndpointConfigName: pulumi.String(aws_sagemaker_endpoint_configuration.Ec.Name),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this endpoint.\n" }, "endpointConfigName": { "type": "string", "description": "The name of the endpoint configuration to use.\n" }, "name": { "type": "string", "description": "The name of the endpoint. If omitted, this provider will assign a random, unique name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" } }, "required": [ "arn", "endpointConfigName", "name" ], "inputProperties": { "endpointConfigName": { "type": "string", "description": "The name of the endpoint configuration to use.\n" }, "name": { "type": "string", "description": "The name of the endpoint. If omitted, this provider will assign a random, unique name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" } }, "requiredInputs": [ "endpointConfigName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Endpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this endpoint.\n" }, "endpointConfigName": { "type": "string", "description": "The name of the endpoint configuration to use.\n" }, "name": { "type": "string", "description": "The name of the endpoint. If omitted, this provider will assign a random, unique name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:sagemaker/endpointConfiguration:EndpointConfiguration": { "description": "Provides a SageMaker endpoint configuration resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec = new aws.sagemaker.EndpointConfiguration(\"ec\", {\n productionVariants: [{\n initialInstanceCount: 1,\n instanceType: \"ml.t2.medium\",\n modelName: aws_sagemaker_model_m.name,\n variantName: \"variant-1\",\n }],\n tags: {\n Name: \"foo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec = aws.sagemaker.EndpointConfiguration(\"ec\",\n production_variants=[{\n \"initialInstanceCount\": 1,\n \"instance_type\": \"ml.t2.medium\",\n \"modelName\": aws_sagemaker_model[\"m\"][\"name\"],\n \"variantName\": \"variant-1\",\n }],\n tags={\n \"Name\": \"foo\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ec = new Aws.Sagemaker.EndpointConfiguration(\"ec\", new Aws.Sagemaker.EndpointConfigurationArgs\n {\n ProductionVariants = \n {\n new Aws.Sagemaker.Inputs.EndpointConfigurationProductionVariantArgs\n {\n InitialInstanceCount = 1,\n InstanceType = \"ml.t2.medium\",\n ModelName = aws_sagemaker_model.M.Name,\n VariantName = \"variant-1\",\n },\n },\n Tags = \n {\n { \"Name\", \"foo\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sagemaker.NewEndpointConfiguration(ctx, \"ec\", \u0026sagemaker.EndpointConfigurationArgs{\n\t\t\tProductionVariants: sagemaker.EndpointConfigurationProductionVariantArray{\n\t\t\t\t\u0026sagemaker.EndpointConfigurationProductionVariantArgs{\n\t\t\t\t\tInitialInstanceCount: pulumi.Int(1),\n\t\t\t\t\tInstanceType: pulumi.String(\"ml.t2.medium\"),\n\t\t\t\t\tModelName: pulumi.String(aws_sagemaker_model.M.Name),\n\t\t\t\t\tVariantName: pulumi.String(\"variant-1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this endpoint configuration.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n" }, "name": { "type": "string", "description": "The name of the endpoint configuration. If omitted, this provider will assign a random, unique name.\n" }, "productionVariants": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationProductionVariant:EndpointConfigurationProductionVariant" }, "description": "Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" } }, "required": [ "arn", "name", "productionVariants" ], "inputProperties": { "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n" }, "name": { "type": "string", "description": "The name of the endpoint configuration. If omitted, this provider will assign a random, unique name.\n" }, "productionVariants": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationProductionVariant:EndpointConfigurationProductionVariant" }, "description": "Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" } }, "requiredInputs": [ "productionVariants" ], "stateInputs": { "description": "Input properties used for looking up and filtering EndpointConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this endpoint configuration.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n" }, "name": { "type": "string", "description": "The name of the endpoint configuration. If omitted, this provider will assign a random, unique name.\n" }, "productionVariants": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationProductionVariant:EndpointConfigurationProductionVariant" }, "description": "Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:sagemaker/model:Model": { "description": "Provides a SageMaker model resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst model = new aws.sagemaker.Model(\"m\", {\n executionRoleArn: aws_iam_role_foo.arn,\n primaryContainer: {\n image: \"174872318107.dkr.ecr.us-west-2.amazonaws.com/kmeans:1\",\n },\n});\nconst assumeRole = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n identifiers: [\"sagemaker.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n}, { async: true }));\nconst role = new aws.iam.Role(\"r\", {\n assumeRolePolicy: assumeRole.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmodel = aws.sagemaker.Model(\"model\",\n execution_role_arn=aws_iam_role[\"foo\"][\"arn\"],\n primary_container={\n \"image\": \"174872318107.dkr.ecr.us-west-2.amazonaws.com/kmeans:1\",\n })\nassume_role = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"identifiers\": [\"sagemaker.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\nrole = aws.iam.Role(\"role\", assume_role_policy=assume_role.json)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var model = new Aws.Sagemaker.Model(\"model\", new Aws.Sagemaker.ModelArgs\n {\n ExecutionRoleArn = aws_iam_role.Foo.Arn,\n PrimaryContainer = new Aws.Sagemaker.Inputs.ModelPrimaryContainerArgs\n {\n Image = \"174872318107.dkr.ecr.us-west-2.amazonaws.com/kmeans:1\",\n },\n });\n var assumeRole = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"sts:AssumeRole\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"sagemaker.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n }));\n var role = new Aws.Iam.Role(\"role\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = assumeRole.Apply(assumeRole =\u003e assumeRole.Json),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sagemaker.NewModel(ctx, \"model\", \u0026sagemaker.ModelArgs{\n\t\t\tExecutionRoleArn: pulumi.String(aws_iam_role.Foo.Arn),\n\t\t\tPrimaryContainer: \u0026sagemaker.ModelPrimaryContainerArgs{\n\t\t\t\tImage: pulumi.String(\"174872318107.dkr.ecr.us-west-2.amazonaws.com/kmeans:1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\tiam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"sagemaker.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this model.\n" }, "containers": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/ModelContainer:ModelContainer" }, "description": "Specifies containers in the inference pipeline. If not specified, the `primary_container` argument is required. Fields are documented below.\n" }, "enableNetworkIsolation": { "type": "boolean", "description": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.\n" }, "executionRoleArn": { "type": "string", "description": "A role that SageMaker can assume to access model artifacts and docker images for deployment.\n" }, "name": { "type": "string", "description": "The name of the model (must be unique). If omitted, this provider will assign a random, unique name.\n" }, "primaryContainer": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer", "description": "The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcConfig": { "$ref": "#/types/aws:sagemaker/ModelVpcConfig:ModelVpcConfig", "description": "Specifies the VPC that you want your model to connect to. VpcConfig is used in hosting services and in batch transform.\n" } }, "required": [ "arn", "executionRoleArn", "name" ], "inputProperties": { "containers": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/ModelContainer:ModelContainer" }, "description": "Specifies containers in the inference pipeline. If not specified, the `primary_container` argument is required. Fields are documented below.\n" }, "enableNetworkIsolation": { "type": "boolean", "description": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.\n" }, "executionRoleArn": { "type": "string", "description": "A role that SageMaker can assume to access model artifacts and docker images for deployment.\n" }, "name": { "type": "string", "description": "The name of the model (must be unique). If omitted, this provider will assign a random, unique name.\n" }, "primaryContainer": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer", "description": "The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcConfig": { "$ref": "#/types/aws:sagemaker/ModelVpcConfig:ModelVpcConfig", "description": "Specifies the VPC that you want your model to connect to. VpcConfig is used in hosting services and in batch transform.\n" } }, "requiredInputs": [ "executionRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Model resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this model.\n" }, "containers": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/ModelContainer:ModelContainer" }, "description": "Specifies containers in the inference pipeline. If not specified, the `primary_container` argument is required. Fields are documented below.\n" }, "enableNetworkIsolation": { "type": "boolean", "description": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.\n" }, "executionRoleArn": { "type": "string", "description": "A role that SageMaker can assume to access model artifacts and docker images for deployment.\n" }, "name": { "type": "string", "description": "The name of the model (must be unique). If omitted, this provider will assign a random, unique name.\n" }, "primaryContainer": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer", "description": "The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "vpcConfig": { "$ref": "#/types/aws:sagemaker/ModelVpcConfig:ModelVpcConfig", "description": "Specifies the VPC that you want your model to connect to. VpcConfig is used in hosting services and in batch transform.\n" } }, "type": "object" } }, "aws:sagemaker/notebookInstance:NotebookInstance": { "description": "Provides a Sagemaker Notebook Instance resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ni = new aws.sagemaker.NotebookInstance(\"ni\", {\n instanceType: \"ml.t2.medium\",\n roleArn: aws_iam_role_role.arn,\n tags: {\n Name: \"foo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nni = aws.sagemaker.NotebookInstance(\"ni\",\n instance_type=\"ml.t2.medium\",\n role_arn=aws_iam_role[\"role\"][\"arn\"],\n tags={\n \"Name\": \"foo\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ni = new Aws.Sagemaker.NotebookInstance(\"ni\", new Aws.Sagemaker.NotebookInstanceArgs\n {\n InstanceType = \"ml.t2.medium\",\n RoleArn = aws_iam_role.Role.Arn,\n Tags = \n {\n { \"Name\", \"foo\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sagemaker.NewNotebookInstance(ctx, \"ni\", \u0026sagemaker.NotebookInstanceArgs{\n\t\t\tInstanceType: pulumi.String(\"ml.t2.medium\"),\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Role.Arn),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this notebook instance.\n" }, "directInternetAccess": { "type": "string", "description": "Set to `Disabled` to disable internet access to notebook. Requires `security_groups` and `subnet_id` to be set. Supported values: `Enabled` (Default) or `Disabled`. If set to `Disabled`, the notebook instance will be able to access resources only in your VPC, and will not be able to connect to Amazon SageMaker training and endpoint services unless your configure a NAT Gateway in your VPC.\n" }, "instanceType": { "type": "string", "description": "The name of ML compute instance type.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.\n" }, "lifecycleConfigName": { "type": "string", "description": "The name of a lifecycle configuration to associate with the notebook instance.\n" }, "name": { "type": "string", "description": "The name of the notebook instance (must be unique).\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be used by the notebook instance which allows SageMaker to call other services on your behalf.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups.\n" }, "subnetId": { "type": "string", "description": "The VPC subnet ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "arn", "instanceType", "name", "roleArn", "securityGroups" ], "inputProperties": { "directInternetAccess": { "type": "string", "description": "Set to `Disabled` to disable internet access to notebook. Requires `security_groups` and `subnet_id` to be set. Supported values: `Enabled` (Default) or `Disabled`. If set to `Disabled`, the notebook instance will be able to access resources only in your VPC, and will not be able to connect to Amazon SageMaker training and endpoint services unless your configure a NAT Gateway in your VPC.\n" }, "instanceType": { "type": "string", "description": "The name of ML compute instance type.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.\n" }, "lifecycleConfigName": { "type": "string", "description": "The name of a lifecycle configuration to associate with the notebook instance.\n" }, "name": { "type": "string", "description": "The name of the notebook instance (must be unique).\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be used by the notebook instance which allows SageMaker to call other services on your behalf.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups.\n" }, "subnetId": { "type": "string", "description": "The VPC subnet ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "instanceType", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering NotebookInstance resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this notebook instance.\n" }, "directInternetAccess": { "type": "string", "description": "Set to `Disabled` to disable internet access to notebook. Requires `security_groups` and `subnet_id` to be set. Supported values: `Enabled` (Default) or `Disabled`. If set to `Disabled`, the notebook instance will be able to access resources only in your VPC, and will not be able to connect to Amazon SageMaker training and endpoint services unless your configure a NAT Gateway in your VPC.\n" }, "instanceType": { "type": "string", "description": "The name of ML compute instance type.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.\n" }, "lifecycleConfigName": { "type": "string", "description": "The name of a lifecycle configuration to associate with the notebook instance.\n" }, "name": { "type": "string", "description": "The name of the notebook instance (must be unique).\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be used by the notebook instance which allows SageMaker to call other services on your behalf.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups.\n" }, "subnetId": { "type": "string", "description": "The VPC subnet ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:sagemaker/notebookInstanceLifecycleConfiguration:NotebookInstanceLifecycleConfiguration": { "description": "Provides a lifecycle configuration for SageMaker Notebook Instances.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this lifecycle configuration.\n" }, "name": { "type": "string", "description": "The name of the lifecycle configuration (must be unique). If omitted, this provider will assign a random, unique name.\n" }, "onCreate": { "type": "string", "description": "A shell script (base64-encoded) that runs only once when the SageMaker Notebook Instance is created.\n" }, "onStart": { "type": "string", "description": "A shell script (base64-encoded) that runs every time the SageMaker Notebook Instance is started including the time it's created.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the lifecycle configuration (must be unique). If omitted, this provider will assign a random, unique name.\n" }, "onCreate": { "type": "string", "description": "A shell script (base64-encoded) that runs only once when the SageMaker Notebook Instance is created.\n" }, "onStart": { "type": "string", "description": "A shell script (base64-encoded) that runs every time the SageMaker Notebook Instance is started including the time it's created.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering NotebookInstanceLifecycleConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this lifecycle configuration.\n" }, "name": { "type": "string", "description": "The name of the lifecycle configuration (must be unique). If omitted, this provider will assign a random, unique name.\n" }, "onCreate": { "type": "string", "description": "A shell script (base64-encoded) that runs only once when the SageMaker Notebook Instance is created.\n" }, "onStart": { "type": "string", "description": "A shell script (base64-encoded) that runs every time the SageMaker Notebook Instance is started including the time it's created.\n" } }, "type": "object" } }, "aws:secretsmanager/secret:Secret": { "description": "Provides a resource to manage AWS Secrets Manager secret metadata. To manage secret rotation, see the `aws.secretsmanager.SecretRotation` resource. To manage a secret value, see the `aws.secretsmanager.SecretVersion` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.Secret(\"example\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.Secret(\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.SecretsManager.Secret(\"example\", new Aws.SecretsManager.SecretArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = secretsmanager.NewSecret(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Rotation Configuration\n\nTo enable automatic secret rotation, the Secrets Manager service requires usage of a Lambda function. The [Rotate Secrets section in the Secrets Manager User Guide](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html) provides additional information about deploying a prebuilt Lambda functions for supported credential rotation (e.g. RDS) or deploying a custom Lambda function.\n\n\u003e **NOTE:** Configuring rotation causes the secret to rotate once as soon as you store the secret. Before you do this, you must ensure that all of your applications that use the credentials stored in the secret are updated to retrieve the secret from AWS Secrets Manager. The old credentials might no longer be usable after the initial rotation and any applications that you fail to update will break as soon as the old credentials are no longer valid.\n\n\u003e **NOTE:** If you cancel a rotation that is in progress (by removing the `rotation` configuration), it can leave the VersionStage labels in an unexpected state. Depending on what step of the rotation was in progress, you might need to remove the staging label AWSPENDING from the partially created version, specified by the SecretVersionId response value. You should also evaluate the partially rotated new version to see if it should be deleted, which you can do by removing all staging labels from the new version's VersionStage field.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst rotation_example = new aws.secretsmanager.Secret(\"rotation-example\", {\n rotationLambdaArn: aws_lambda_function_example.arn,\n rotationRules: {\n automaticallyAfterDays: 7,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nrotation_example = aws.secretsmanager.Secret(\"rotation-example\",\n rotation_lambda_arn=aws_lambda_function[\"example\"][\"arn\"],\n rotation_rules={\n \"automaticallyAfterDays\": 7,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var rotation_example = new Aws.SecretsManager.Secret(\"rotation-example\", new Aws.SecretsManager.SecretArgs\n {\n RotationLambdaArn = aws_lambda_function.Example.Arn,\n RotationRules = new Aws.SecretsManager.Inputs.SecretRotationRulesArgs\n {\n AutomaticallyAfterDays = 7,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = secretsmanager.NewSecret(ctx, \"rotation-example\", \u0026secretsmanager.SecretArgs{\n\t\t\tRotationLambdaArn: pulumi.String(aws_lambda_function.Example.Arn),\n\t\t\tRotationRules: \u0026secretsmanager.SecretRotationRulesArgs{\n\t\t\t\tAutomaticallyAfterDays: pulumi.Int(7),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the secret.\n" }, "description": { "type": "string", "description": "A description of the secret.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the secret values in the versions stored in this secret. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default CMK (the one named `aws/secretsmanager`). If the default KMS CMK with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.\n" }, "name": { "type": "string", "description": "Specifies the friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "A valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html).\n" }, "recoveryWindowInDays": { "type": "integer", "description": "Specifies the number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.\n" }, "rotationEnabled": { "type": "boolean", "description": "Specifies whether automatic rotation is enabled for this secret.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation resource instead" }, "rotationLambdaArn": { "type": "string", "description": "Specifies the ARN of the Lambda function that can rotate the secret. Use the `aws.secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation resource instead" }, "rotationRules": { "$ref": "#/types/aws:secretsmanager/SecretRotationRules:SecretRotationRules", "description": "A structure that defines the rotation configuration for this secret. Defined below. Use the `aws.secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation resource instead" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies a key-value map of user-defined tags that are attached to the secret.\n" } }, "required": [ "arn", "name", "namePrefix", "rotationEnabled", "rotationLambdaArn", "rotationRules" ], "inputProperties": { "description": { "type": "string", "description": "A description of the secret.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the secret values in the versions stored in this secret. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default CMK (the one named `aws/secretsmanager`). If the default KMS CMK with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.\n" }, "name": { "type": "string", "description": "Specifies the friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "A valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html).\n" }, "recoveryWindowInDays": { "type": "integer", "description": "Specifies the number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.\n" }, "rotationLambdaArn": { "type": "string", "description": "Specifies the ARN of the Lambda function that can rotate the secret. Use the `aws.secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation resource instead" }, "rotationRules": { "$ref": "#/types/aws:secretsmanager/SecretRotationRules:SecretRotationRules", "description": "A structure that defines the rotation configuration for this secret. Defined below. Use the `aws.secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation resource instead" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies a key-value map of user-defined tags that are attached to the secret.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Secret resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the secret.\n" }, "description": { "type": "string", "description": "A description of the secret.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the secret values in the versions stored in this secret. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default CMK (the one named `aws/secretsmanager`). If the default KMS CMK with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.\n" }, "name": { "type": "string", "description": "Specifies the friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "A valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html).\n" }, "recoveryWindowInDays": { "type": "integer", "description": "Specifies the number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.\n" }, "rotationEnabled": { "type": "boolean", "description": "Specifies whether automatic rotation is enabled for this secret.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation resource instead" }, "rotationLambdaArn": { "type": "string", "description": "Specifies the ARN of the Lambda function that can rotate the secret. Use the `aws.secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation resource instead" }, "rotationRules": { "$ref": "#/types/aws:secretsmanager/SecretRotationRules:SecretRotationRules", "description": "A structure that defines the rotation configuration for this secret. Defined below. Use the `aws.secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation resource instead" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies a key-value map of user-defined tags that are attached to the secret.\n" } }, "type": "object" } }, "aws:secretsmanager/secretRotation:SecretRotation": { "description": "Provides a resource to manage AWS Secrets Manager secret rotation. To manage a secret, see the [`aws.secretsmanager.Secret` resource](https://www.terraform.io/docs/providers/aws/r/secretsmanager_secret.html). To manage a secret value, see the [`aws.secretsmanager.SecretVersion` resource](https://www.terraform.io/docs/providers/aws/r/secretsmanager_secret_version.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.SecretRotation(\"example\", {\n rotationLambdaArn: aws_lambda_function_example.arn,\n rotationRules: {\n automaticallyAfterDays: 30,\n },\n secretId: aws_secretsmanager_secret_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.SecretRotation(\"example\",\n rotation_lambda_arn=aws_lambda_function[\"example\"][\"arn\"],\n rotation_rules={\n \"automaticallyAfterDays\": 30,\n },\n secret_id=aws_secretsmanager_secret[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.SecretsManager.SecretRotation(\"example\", new Aws.SecretsManager.SecretRotationArgs\n {\n RotationLambdaArn = aws_lambda_function.Example.Arn,\n RotationRules = new Aws.SecretsManager.Inputs.SecretRotationRotationRulesArgs\n {\n AutomaticallyAfterDays = 30,\n },\n SecretId = aws_secretsmanager_secret.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = secretsmanager.NewSecretRotation(ctx, \"example\", \u0026secretsmanager.SecretRotationArgs{\n\t\t\tRotationLambdaArn: pulumi.String(aws_lambda_function.Example.Arn),\n\t\t\tRotationRules: \u0026secretsmanager.SecretRotationRotationRulesArgs{\n\t\t\t\tAutomaticallyAfterDays: pulumi.Int(30),\n\t\t\t},\n\t\t\tSecretId: pulumi.String(aws_secretsmanager_secret.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n### Rotation Configuration\n\nTo enable automatic secret rotation, the Secrets Manager service requires usage of a Lambda function. The [Rotate Secrets section in the Secrets Manager User Guide](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html) provides additional information about deploying a prebuilt Lambda functions for supported credential rotation (e.g. RDS) or deploying a custom Lambda function.\n\n\u003e **NOTE:** Configuring rotation causes the secret to rotate once as soon as you enable rotation. Before you do this, you must ensure that all of your applications that use the credentials stored in the secret are updated to retrieve the secret from AWS Secrets Manager. The old credentials might no longer be usable after the initial rotation and any applications that you fail to update will break as soon as the old credentials are no longer valid.\n\n\u003e **NOTE:** If you cancel a rotation that is in progress (by removing the `rotation` configuration), it can leave the VersionStage labels in an unexpected state. Depending on what step of the rotation was in progress, you might need to remove the staging label AWSPENDING from the partially created version, specified by the SecretVersionId response value. You should also evaluate the partially rotated new version to see if it should be deleted, which you can do by removing all staging labels from the new version's VersionStage field.\n{{% /examples %}}", "properties": { "rotationEnabled": { "type": "boolean", "description": "Specifies whether automatic rotation is enabled for this secret.\n" }, "rotationLambdaArn": { "type": "string", "description": "Specifies the ARN of the Lambda function that can rotate the secret.\n" }, "rotationRules": { "$ref": "#/types/aws:secretsmanager/SecretRotationRotationRules:SecretRotationRotationRules", "description": "A structure that defines the rotation configuration for this secret. Defined below.\n" }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "required": [ "rotationEnabled", "rotationLambdaArn", "rotationRules", "secretId" ], "inputProperties": { "rotationLambdaArn": { "type": "string", "description": "Specifies the ARN of the Lambda function that can rotate the secret.\n" }, "rotationRules": { "$ref": "#/types/aws:secretsmanager/SecretRotationRotationRules:SecretRotationRotationRules", "description": "A structure that defines the rotation configuration for this secret. Defined below.\n" }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "rotationLambdaArn", "rotationRules", "secretId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecretRotation resources.\n", "properties": { "rotationEnabled": { "type": "boolean", "description": "Specifies whether automatic rotation is enabled for this secret.\n" }, "rotationLambdaArn": { "type": "string", "description": "Specifies the ARN of the Lambda function that can rotate the secret.\n" }, "rotationRules": { "$ref": "#/types/aws:secretsmanager/SecretRotationRotationRules:SecretRotationRotationRules", "description": "A structure that defines the rotation configuration for this secret. Defined below.\n" }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" } }, "aws:secretsmanager/secretVersion:SecretVersion": { "description": "Provides a resource to manage AWS Secrets Manager secret version including its secret value. To manage secret metadata, see the `aws.secretsmanager.Secret` resource.\n\n\u003e **NOTE:** If the `AWSCURRENT` staging label is present on this version during resource deletion, that label cannot be removed and will be skipped to prevent errors when fully deleting the secret. That label will leave this secret version active even after the resource is deleted from this provider unless the secret itself is deleted. Move the `AWSCURRENT` staging label before or after deleting this resource from this provider to fully trigger version deprecation if necessary.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Simple String Value\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: aws_secretsmanager_secret_example.id,\n secretString: \"example-string-to-protect\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=aws_secretsmanager_secret[\"example\"][\"id\"],\n secret_string=\"example-string-to-protect\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.SecretsManager.SecretVersion(\"example\", new Aws.SecretsManager.SecretVersionArgs\n {\n SecretId = aws_secretsmanager_secret.Example.Id,\n SecretString = \"example-string-to-protect\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: pulumi.String(aws_secretsmanager_secret.Example.Id),\n\t\t\tSecretString: pulumi.String(\"example-string-to-protect\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the secret.\n" }, "secretBinary": { "type": "string", "description": "Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secret_string is not set. Needs to be encoded to base64.\n" }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n" }, "secretString": { "type": "string", "description": "Specifies text data that you want to encrypt and store in this version of the secret. This is required if secret_binary is not set.\n" }, "versionId": { "type": "string", "description": "The unique identifier of the version of the secret.\n" }, "versionStages": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.\n" } }, "required": [ "arn", "secretId", "versionId", "versionStages" ], "inputProperties": { "secretBinary": { "type": "string", "description": "Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secret_string is not set. Needs to be encoded to base64.\n" }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n" }, "secretString": { "type": "string", "description": "Specifies text data that you want to encrypt and store in this version of the secret. This is required if secret_binary is not set.\n" }, "versionStages": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.\n" } }, "requiredInputs": [ "secretId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecretVersion resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the secret.\n" }, "secretBinary": { "type": "string", "description": "Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secret_string is not set. Needs to be encoded to base64.\n" }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n" }, "secretString": { "type": "string", "description": "Specifies text data that you want to encrypt and store in this version of the secret. This is required if secret_binary is not set.\n" }, "versionId": { "type": "string", "description": "The unique identifier of the version of the secret.\n" }, "versionStages": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.\n" } }, "type": "object" } }, "aws:securityhub/account:Account": { "description": "Enables Security Hub for this AWS account.\n\n\u003e **NOTE:** Destroying this resource will disable Security Hub for this AWS account.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.SecurityHub.Account(\"example\", new Aws.SecurityHub.AccountArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "stateInputs": { "description": "Input properties used for looking up and filtering Account resources.\n", "type": "object" } }, "aws:securityhub/member:Member": { "description": "Provides a Security Hub member resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleAccount = new aws.securityhub.Account(\"example\", {});\nconst exampleMember = new aws.securityhub.Member(\"example\", {\n accountId: \"123456789012\",\n email: \"example@example.com\",\n invite: true,\n}, { dependsOn: [exampleAccount] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_account = aws.securityhub.Account(\"exampleAccount\")\nexample_member = aws.securityhub.Member(\"exampleMember\",\n account_id=\"123456789012\",\n email=\"example@example.com\",\n invite=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleAccount = new Aws.SecurityHub.Account(\"exampleAccount\", new Aws.SecurityHub.AccountArgs\n {\n });\n var exampleMember = new Aws.SecurityHub.Member(\"exampleMember\", new Aws.SecurityHub.MemberArgs\n {\n AccountId = \"123456789012\",\n Email = \"example@example.com\",\n Invite = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = securityhub.NewAccount(ctx, \"exampleAccount\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewMember(ctx, \"exampleMember\", \u0026securityhub.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tEmail: pulumi.String(\"example@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accountId": { "type": "string", "description": "The ID of the member AWS account.\n" }, "email": { "type": "string", "description": "The email of the member AWS account.\n" }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to Security Hub as a member. Defaults to `false`.\n" }, "masterId": { "type": "string", "description": "The ID of the master Security Hub AWS account.\n" }, "memberStatus": { "type": "string", "description": "The status of the relationship between the member account and its master account.\n" } }, "required": [ "accountId", "email", "masterId", "memberStatus" ], "inputProperties": { "accountId": { "type": "string", "description": "The ID of the member AWS account.\n" }, "email": { "type": "string", "description": "The email of the member AWS account.\n" }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to Security Hub as a member. Defaults to `false`.\n" } }, "requiredInputs": [ "accountId", "email" ], "stateInputs": { "description": "Input properties used for looking up and filtering Member resources.\n", "properties": { "accountId": { "type": "string", "description": "The ID of the member AWS account.\n" }, "email": { "type": "string", "description": "The email of the member AWS account.\n" }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to Security Hub as a member. Defaults to `false`.\n" }, "masterId": { "type": "string", "description": "The ID of the master Security Hub AWS account.\n" }, "memberStatus": { "type": "string", "description": "The status of the relationship between the member account and its master account.\n" } }, "type": "object" } }, "aws:securityhub/productSubscription:ProductSubscription": { "description": "Subscribes to a Security Hub product.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleAccount = new aws.securityhub.Account(\"example\", {});\nconst current = pulumi.output(aws.getRegion({ async: true }));\nconst exampleProductSubscription = new aws.securityhub.ProductSubscription(\"example\", {\n productArn: pulumi.interpolate`arn:aws:securityhub:${current.name!}:733251395267:product/alertlogic/althreatmanagement`,\n}, { dependsOn: [exampleAccount] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_account = aws.securityhub.Account(\"exampleAccount\")\ncurrent = aws.get_region()\nexample_product_subscription = aws.securityhub.ProductSubscription(\"exampleProductSubscription\", product_arn=f\"arn:aws:securityhub:{current.name}:733251395267:product/alertlogic/althreatmanagement\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleAccount = new Aws.SecurityHub.Account(\"exampleAccount\", new Aws.SecurityHub.AccountArgs\n {\n });\n var current = Output.Create(Aws.GetRegion.InvokeAsync());\n var exampleProductSubscription = new Aws.SecurityHub.ProductSubscription(\"exampleProductSubscription\", new Aws.SecurityHub.ProductSubscriptionArgs\n {\n ProductArn = current.Apply(current =\u003e $\"arn:aws:securityhub:{current.Name}:733251395267:product/alertlogic/althreatmanagement\"),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = securityhub.NewAccount(ctx, \"exampleAccount\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewProductSubscription(ctx, \"exampleProductSubscription\", \u0026securityhub.ProductSubscriptionArgs{\n\t\t\tProductArn: pulumi.String(fmt.Sprintf(\"%v%v%v\", \"arn:aws:securityhub:\", current.Name, \":733251395267:product/alertlogic/althreatmanagement\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of a resource that represents your subscription to the product that generates the findings that you want to import into Security Hub.\n" }, "productArn": { "type": "string", "description": "The ARN of the product that generates findings that you want to import into Security Hub - see below.\n" } }, "required": [ "arn", "productArn" ], "inputProperties": { "productArn": { "type": "string", "description": "The ARN of the product that generates findings that you want to import into Security Hub - see below.\n" } }, "requiredInputs": [ "productArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProductSubscription resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of a resource that represents your subscription to the product that generates the findings that you want to import into Security Hub.\n" }, "productArn": { "type": "string", "description": "The ARN of the product that generates findings that you want to import into Security Hub - see below.\n" } }, "type": "object" } }, "aws:securityhub/standardsSubscription:StandardsSubscription": { "description": "Subscribes to a Security Hub standard.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst cis = new aws.securityhub.StandardsSubscription(\"cis\", {\n standardsArn: \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n}, { dependsOn: [example] });\nconst pci321 = new aws.securityhub.StandardsSubscription(\"pci_321\", {\n standardsArn: \"arn:aws:securityhub:us-east-1::standards/pci-dss/v/3.2.1\",\n}, { dependsOn: [example] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\ncis = aws.securityhub.StandardsSubscription(\"cis\", standards_arn=\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\npci321 = aws.securityhub.StandardsSubscription(\"pci321\", standards_arn=\"arn:aws:securityhub:us-east-1::standards/pci-dss/v/3.2.1\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.SecurityHub.Account(\"example\", new Aws.SecurityHub.AccountArgs\n {\n });\n var cis = new Aws.SecurityHub.StandardsSubscription(\"cis\", new Aws.SecurityHub.StandardsSubscriptionArgs\n {\n StandardsArn = \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n });\n var pci321 = new Aws.SecurityHub.StandardsSubscription(\"pci321\", new Aws.SecurityHub.StandardsSubscriptionArgs\n {\n StandardsArn = \"arn:aws:securityhub:us-east-1::standards/pci-dss/v/3.2.1\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsSubscription(ctx, \"cis\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsSubscription(ctx, \"pci321\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(\"arn:aws:securityhub:us-east-1::standards/pci-dss/v/3.2.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "standardsArn": { "type": "string", "description": "The ARN of a standard - see below.\n" } }, "required": [ "standardsArn" ], "inputProperties": { "standardsArn": { "type": "string", "description": "The ARN of a standard - see below.\n" } }, "requiredInputs": [ "standardsArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering StandardsSubscription resources.\n", "properties": { "standardsArn": { "type": "string", "description": "The ARN of a standard - see below.\n" } }, "type": "object" } }, "aws:servicecatalog/portfolio:Portfolio": { "description": "Provides a resource to create a Service Catalog Portfolio.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst portfolio = new aws.servicecatalog.Portfolio(\"portfolio\", {\n description: \"List of my organizations apps\",\n providerName: \"Brett\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nportfolio = aws.servicecatalog.Portfolio(\"portfolio\",\n description=\"List of my organizations apps\",\n provider_name=\"Brett\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var portfolio = new Aws.ServiceCatalog.Portfolio(\"portfolio\", new Aws.ServiceCatalog.PortfolioArgs\n {\n Description = \"List of my organizations apps\",\n ProviderName = \"Brett\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = servicecatalog.NewPortfolio(ctx, \"portfolio\", \u0026servicecatalog.PortfolioArgs{\n\t\t\tDescription: pulumi.String(\"List of my organizations apps\"),\n\t\t\tProviderName: pulumi.String(\"Brett\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string" }, "createdTime": { "type": "string" }, "description": { "type": "string", "description": "Description of the portfolio\n" }, "name": { "type": "string", "description": "The name of the portfolio.\n" }, "providerName": { "type": "string", "description": "Name of the person or organization who owns the portfolio.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection.\n" } }, "required": [ "arn", "createdTime", "description", "name" ], "inputProperties": { "description": { "type": "string", "description": "Description of the portfolio\n" }, "name": { "type": "string", "description": "The name of the portfolio.\n" }, "providerName": { "type": "string", "description": "Name of the person or organization who owns the portfolio.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Portfolio resources.\n", "properties": { "arn": { "type": "string" }, "createdTime": { "type": "string" }, "description": { "type": "string", "description": "Description of the portfolio\n" }, "name": { "type": "string", "description": "The name of the portfolio.\n" }, "providerName": { "type": "string", "description": "Name of the person or organization who owns the portfolio.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection.\n" } }, "type": "object" } }, "aws:servicediscovery/httpNamespace:HttpNamespace": { "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicediscovery.HttpNamespace(\"example\", {\n description: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicediscovery.HttpNamespace(\"example\", description=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ServiceDiscovery.HttpNamespace(\"example\", new Aws.ServiceDiscovery.HttpNamespaceArgs\n {\n Description = \"example\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = servicediscovery.NewHttpNamespace(ctx, \"example\", \u0026servicediscovery.HttpNamespaceArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "name": { "type": "string", "description": "The name of the http namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "name": { "type": "string", "description": "The name of the http namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering HttpNamespace resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "name": { "type": "string", "description": "The name of the http namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace.\n" } }, "type": "object" } }, "aws:servicediscovery/privateDnsNamespace:PrivateDnsNamespace": { "description": "Provides a Service Discovery Private DNS Namespace resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst examplePrivateDnsNamespace = new aws.servicediscovery.PrivateDnsNamespace(\"example\", {\n description: \"example\",\n vpc: exampleVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_vpc = aws.ec2.Vpc(\"exampleVpc\", cidr_block=\"10.0.0.0/16\")\nexample_private_dns_namespace = aws.servicediscovery.PrivateDnsNamespace(\"examplePrivateDnsNamespace\",\n description=\"example\",\n vpc=example_vpc.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleVpc = new Aws.Ec2.Vpc(\"exampleVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var examplePrivateDnsNamespace = new Aws.ServiceDiscovery.PrivateDnsNamespace(\"examplePrivateDnsNamespace\", new Aws.ServiceDiscovery.PrivateDnsNamespaceArgs\n {\n Description = \"example\",\n Vpc = exampleVpc.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"exampleVpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = servicediscovery.NewPrivateDnsNamespace(ctx, \"examplePrivateDnsNamespace\", \u0026servicediscovery.PrivateDnsNamespaceArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tVpc: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "hostedZone": { "type": "string", "description": "The ID for the hosted zone that Amazon Route 53 creates when you create a namespace.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace.\n" }, "vpc": { "type": "string", "description": "The ID of VPC that you want to associate the namespace with.\n" } }, "required": [ "arn", "hostedZone", "name", "vpc" ], "inputProperties": { "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace.\n" }, "vpc": { "type": "string", "description": "The ID of VPC that you want to associate the namespace with.\n" } }, "requiredInputs": [ "vpc" ], "stateInputs": { "description": "Input properties used for looking up and filtering PrivateDnsNamespace resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "hostedZone": { "type": "string", "description": "The ID for the hosted zone that Amazon Route 53 creates when you create a namespace.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace.\n" }, "vpc": { "type": "string", "description": "The ID of VPC that you want to associate the namespace with.\n" } }, "type": "object" } }, "aws:servicediscovery/publicDnsNamespace:PublicDnsNamespace": { "description": "Provides a Service Discovery Public DNS Namespace resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicediscovery.PublicDnsNamespace(\"example\", {\n description: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicediscovery.PublicDnsNamespace(\"example\", description=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ServiceDiscovery.PublicDnsNamespace(\"example\", new Aws.ServiceDiscovery.PublicDnsNamespaceArgs\n {\n Description = \"example\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = servicediscovery.NewPublicDnsNamespace(ctx, \"example\", \u0026servicediscovery.PublicDnsNamespaceArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "hostedZone": { "type": "string", "description": "The ID for the hosted zone that Amazon Route 53 creates when you create a namespace.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace.\n" } }, "required": [ "arn", "hostedZone", "name" ], "inputProperties": { "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering PublicDnsNamespace resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "hostedZone": { "type": "string", "description": "The ID for the hosted zone that Amazon Route 53 creates when you create a namespace.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace.\n" } }, "type": "object" } }, "aws:servicediscovery/service:Service": { "description": "Provides a Service Discovery Service resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsHostnames: true,\n enableDnsSupport: true,\n});\nconst examplePrivateDnsNamespace = new aws.servicediscovery.PrivateDnsNamespace(\"example\", {\n description: \"example\",\n vpc: exampleVpc.id,\n});\nconst exampleService = new aws.servicediscovery.Service(\"example\", {\n dnsConfig: {\n dnsRecords: [{\n ttl: 10,\n type: \"A\",\n }],\n namespaceId: examplePrivateDnsNamespace.id,\n routingPolicy: \"MULTIVALUE\",\n },\n healthCheckCustomConfig: {\n failureThreshold: 1,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_vpc = aws.ec2.Vpc(\"exampleVpc\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_hostnames=True,\n enable_dns_support=True)\nexample_private_dns_namespace = aws.servicediscovery.PrivateDnsNamespace(\"examplePrivateDnsNamespace\",\n description=\"example\",\n vpc=example_vpc.id)\nexample_service = aws.servicediscovery.Service(\"exampleService\",\n dns_config={\n \"dnsRecords\": [{\n \"ttl\": 10,\n \"type\": \"A\",\n }],\n \"namespace_id\": example_private_dns_namespace.id,\n \"routingPolicy\": \"MULTIVALUE\",\n },\n health_check_custom_config={\n \"failure_threshold\": 1,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleVpc = new Aws.Ec2.Vpc(\"exampleVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsHostnames = true,\n EnableDnsSupport = true,\n });\n var examplePrivateDnsNamespace = new Aws.ServiceDiscovery.PrivateDnsNamespace(\"examplePrivateDnsNamespace\", new Aws.ServiceDiscovery.PrivateDnsNamespaceArgs\n {\n Description = \"example\",\n Vpc = exampleVpc.Id,\n });\n var exampleService = new Aws.ServiceDiscovery.Service(\"exampleService\", new Aws.ServiceDiscovery.ServiceArgs\n {\n DnsConfig = new Aws.ServiceDiscovery.Inputs.ServiceDnsConfigArgs\n {\n DnsRecords = \n {\n new Aws.ServiceDiscovery.Inputs.ServiceDnsConfigDnsRecordArgs\n {\n Ttl = 10,\n Type = \"A\",\n },\n },\n NamespaceId = examplePrivateDnsNamespace.Id,\n RoutingPolicy = \"MULTIVALUE\",\n },\n HealthCheckCustomConfig = new Aws.ServiceDiscovery.Inputs.ServiceHealthCheckCustomConfigArgs\n {\n FailureThreshold = 1,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"exampleVpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePrivateDnsNamespace, err := servicediscovery.NewPrivateDnsNamespace(ctx, \"examplePrivateDnsNamespace\", \u0026servicediscovery.PrivateDnsNamespaceArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tVpc: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = servicediscovery.NewService(ctx, \"exampleService\", \u0026servicediscovery.ServiceArgs{\n\t\t\tDnsConfig: \u0026servicediscovery.ServiceDnsConfigArgs{\n\t\t\t\tDnsRecords: servicediscovery.ServiceDnsConfigDnsRecordArray{\n\t\t\t\t\t\u0026servicediscovery.ServiceDnsConfigDnsRecordArgs{\n\t\t\t\t\t\tTtl: pulumi.Int(10),\n\t\t\t\t\t\tType: pulumi.String(\"A\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tNamespaceId: examplePrivateDnsNamespace.ID(),\n\t\t\t\tRoutingPolicy: pulumi.String(\"MULTIVALUE\"),\n\t\t\t},\n\t\t\tHealthCheckCustomConfig: \u0026servicediscovery.ServiceHealthCheckCustomConfigArgs{\n\t\t\t\tFailureThreshold: pulumi.Int(1),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplePublicDnsNamespace = new aws.servicediscovery.PublicDnsNamespace(\"example\", {\n description: \"example\",\n});\nconst exampleService = new aws.servicediscovery.Service(\"example\", {\n dnsConfig: {\n dnsRecords: [{\n ttl: 10,\n type: \"A\",\n }],\n namespaceId: examplePublicDnsNamespace.id,\n },\n healthCheckConfig: {\n failureThreshold: 10,\n resourcePath: \"path\",\n type: \"HTTP\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_public_dns_namespace = aws.servicediscovery.PublicDnsNamespace(\"examplePublicDnsNamespace\", description=\"example\")\nexample_service = aws.servicediscovery.Service(\"exampleService\",\n dns_config={\n \"dnsRecords\": [{\n \"ttl\": 10,\n \"type\": \"A\",\n }],\n \"namespace_id\": example_public_dns_namespace.id,\n },\n health_check_config={\n \"failure_threshold\": 10,\n \"resource_path\": \"path\",\n \"type\": \"HTTP\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var examplePublicDnsNamespace = new Aws.ServiceDiscovery.PublicDnsNamespace(\"examplePublicDnsNamespace\", new Aws.ServiceDiscovery.PublicDnsNamespaceArgs\n {\n Description = \"example\",\n });\n var exampleService = new Aws.ServiceDiscovery.Service(\"exampleService\", new Aws.ServiceDiscovery.ServiceArgs\n {\n DnsConfig = new Aws.ServiceDiscovery.Inputs.ServiceDnsConfigArgs\n {\n DnsRecords = \n {\n new Aws.ServiceDiscovery.Inputs.ServiceDnsConfigDnsRecordArgs\n {\n Ttl = 10,\n Type = \"A\",\n },\n },\n NamespaceId = examplePublicDnsNamespace.Id,\n },\n HealthCheckConfig = new Aws.ServiceDiscovery.Inputs.ServiceHealthCheckConfigArgs\n {\n FailureThreshold = 10,\n ResourcePath = \"path\",\n Type = \"HTTP\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplePublicDnsNamespace, err := servicediscovery.NewPublicDnsNamespace(ctx, \"examplePublicDnsNamespace\", \u0026servicediscovery.PublicDnsNamespaceArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = servicediscovery.NewService(ctx, \"exampleService\", \u0026servicediscovery.ServiceArgs{\n\t\t\tDnsConfig: \u0026servicediscovery.ServiceDnsConfigArgs{\n\t\t\t\tDnsRecords: servicediscovery.ServiceDnsConfigDnsRecordArray{\n\t\t\t\t\t\u0026servicediscovery.ServiceDnsConfigDnsRecordArgs{\n\t\t\t\t\t\tTtl: pulumi.Int(10),\n\t\t\t\t\t\tType: pulumi.String(\"A\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tNamespaceId: examplePublicDnsNamespace.ID(),\n\t\t\t},\n\t\t\tHealthCheckConfig: \u0026servicediscovery.ServiceHealthCheckConfigArgs{\n\t\t\t\tFailureThreshold: pulumi.Int(10),\n\t\t\t\tResourcePath: pulumi.String(\"path\"),\n\t\t\t\tType: pulumi.String(\"HTTP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the service.\n" }, "description": { "type": "string", "description": "The description of the service.\n" }, "dnsConfig": { "$ref": "#/types/aws:servicediscovery/ServiceDnsConfig:ServiceDnsConfig", "description": "A complex type that contains information about the resource record sets that you want Amazon Route 53 to create when you register an instance.\n" }, "healthCheckConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckConfig:ServiceHealthCheckConfig", "description": "A complex type that contains settings for an optional health check. Only for Public DNS namespaces.\n" }, "healthCheckCustomConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckCustomConfig:ServiceHealthCheckCustomConfig", "description": "A complex type that contains settings for ECS managed health checks.\n" }, "name": { "type": "string", "description": "The name of the service.\n" }, "namespaceId": { "type": "string", "description": "The ID of the namespace to use for DNS configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the service.\n" } }, "required": [ "arn", "name", "namespaceId" ], "inputProperties": { "description": { "type": "string", "description": "The description of the service.\n" }, "dnsConfig": { "$ref": "#/types/aws:servicediscovery/ServiceDnsConfig:ServiceDnsConfig", "description": "A complex type that contains information about the resource record sets that you want Amazon Route 53 to create when you register an instance.\n" }, "healthCheckConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckConfig:ServiceHealthCheckConfig", "description": "A complex type that contains settings for an optional health check. Only for Public DNS namespaces.\n" }, "healthCheckCustomConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckCustomConfig:ServiceHealthCheckCustomConfig", "description": "A complex type that contains settings for ECS managed health checks.\n" }, "name": { "type": "string", "description": "The name of the service.\n" }, "namespaceId": { "type": "string", "description": "The ID of the namespace to use for DNS configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the service.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Service resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the service.\n" }, "description": { "type": "string", "description": "The description of the service.\n" }, "dnsConfig": { "$ref": "#/types/aws:servicediscovery/ServiceDnsConfig:ServiceDnsConfig", "description": "A complex type that contains information about the resource record sets that you want Amazon Route 53 to create when you register an instance.\n" }, "healthCheckConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckConfig:ServiceHealthCheckConfig", "description": "A complex type that contains settings for an optional health check. Only for Public DNS namespaces.\n" }, "healthCheckCustomConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckCustomConfig:ServiceHealthCheckCustomConfig", "description": "A complex type that contains settings for ECS managed health checks.\n" }, "name": { "type": "string", "description": "The name of the service.\n" }, "namespaceId": { "type": "string", "description": "The ID of the namespace to use for DNS configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the service.\n" } }, "type": "object" } }, "aws:servicequotas/serviceQuota:ServiceQuota": { "description": "Manages an individual Service Quota.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicequotas.ServiceQuota(\"example\", {\n quotaCode: \"L-F678F1CE\",\n serviceCode: \"vpc\",\n value: 75,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicequotas.ServiceQuota(\"example\",\n quota_code=\"L-F678F1CE\",\n service_code=\"vpc\",\n value=75)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.ServiceQuotas.ServiceQuota(\"example\", new Aws.ServiceQuotas.ServiceQuotaArgs\n {\n QuotaCode = \"L-F678F1CE\",\n ServiceCode = \"vpc\",\n Value = 75,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/servicequotas\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = servicequotas.NewServiceQuota(ctx, \"example\", \u0026servicequotas.ServiceQuotaArgs{\n\t\t\tQuotaCode: pulumi.String(\"L-F678F1CE\"),\n\t\t\tServiceCode: pulumi.String(\"vpc\"),\n\t\t\tValue: pulumi.Float64(75),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "adjustable": { "type": "boolean", "description": "Whether the service quota can be increased.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the service quota.\n" }, "defaultValue": { "type": "number", "description": "Default value of the service quota.\n" }, "quotaCode": { "type": "string", "description": "Code of the service quota to track. For example: `L-F678F1CE`. Available values can be found with the [AWS CLI service-quotas list-service-quotas command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html).\n" }, "quotaName": { "type": "string", "description": "Name of the quota.\n" }, "requestId": { "type": "string" }, "requestStatus": { "type": "string" }, "serviceCode": { "type": "string", "description": "Code of the service to track. For example: `vpc`. Available values can be found with the [AWS CLI service-quotas list-services command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-services.html).\n" }, "serviceName": { "type": "string", "description": "Name of the service.\n" }, "value": { "type": "number", "description": "Float specifying the desired value for the service quota. If the desired value is higher than the current value, a quota increase request is submitted. When a known request is submitted and pending, the value reflects the desired value of the pending request.\n" } }, "required": [ "adjustable", "arn", "defaultValue", "quotaCode", "quotaName", "requestId", "requestStatus", "serviceCode", "serviceName", "value" ], "inputProperties": { "quotaCode": { "type": "string", "description": "Code of the service quota to track. For example: `L-F678F1CE`. Available values can be found with the [AWS CLI service-quotas list-service-quotas command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html).\n" }, "serviceCode": { "type": "string", "description": "Code of the service to track. For example: `vpc`. Available values can be found with the [AWS CLI service-quotas list-services command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-services.html).\n" }, "value": { "type": "number", "description": "Float specifying the desired value for the service quota. If the desired value is higher than the current value, a quota increase request is submitted. When a known request is submitted and pending, the value reflects the desired value of the pending request.\n" } }, "requiredInputs": [ "quotaCode", "serviceCode", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServiceQuota resources.\n", "properties": { "adjustable": { "type": "boolean", "description": "Whether the service quota can be increased.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the service quota.\n" }, "defaultValue": { "type": "number", "description": "Default value of the service quota.\n" }, "quotaCode": { "type": "string", "description": "Code of the service quota to track. For example: `L-F678F1CE`. Available values can be found with the [AWS CLI service-quotas list-service-quotas command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html).\n" }, "quotaName": { "type": "string", "description": "Name of the quota.\n" }, "requestId": { "type": "string" }, "requestStatus": { "type": "string" }, "serviceCode": { "type": "string", "description": "Code of the service to track. For example: `vpc`. Available values can be found with the [AWS CLI service-quotas list-services command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-services.html).\n" }, "serviceName": { "type": "string", "description": "Name of the service.\n" }, "value": { "type": "number", "description": "Float specifying the desired value for the service quota. If the desired value is higher than the current value, a quota increase request is submitted. When a known request is submitted and pending, the value reflects the desired value of the pending request.\n" } }, "type": "object" } }, "aws:ses/activeReceiptRuleSet:ActiveReceiptRuleSet": { "description": "Provides a resource to designate the active SES receipt rule set\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ses.ActiveReceiptRuleSet(\"main\", {\n ruleSetName: \"primary-rules\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ses.ActiveReceiptRuleSet(\"main\", rule_set_name=\"primary-rules\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ses.ActiveReceiptRuleSet(\"main\", new Aws.Ses.ActiveReceiptRuleSetArgs\n {\n RuleSetName = \"primary-rules\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewActiveReceiptRuleSet(ctx, \"main\", \u0026ses.ActiveReceiptRuleSetArgs{\n\t\t\tRuleSetName: pulumi.String(\"primary-rules\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "ruleSetName": { "type": "string", "description": "The name of the rule set\n" } }, "required": [ "ruleSetName" ], "inputProperties": { "ruleSetName": { "type": "string", "description": "The name of the rule set\n" } }, "requiredInputs": [ "ruleSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ActiveReceiptRuleSet resources.\n", "properties": { "ruleSetName": { "type": "string", "description": "The name of the rule set\n" } }, "type": "object" } }, "aws:ses/confgurationSet:ConfgurationSet": { "properties": { "name": { "type": "string" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ConfgurationSet resources.\n", "properties": { "name": { "type": "string" } }, "type": "object" }, "deprecationMessage": "aws.ses.ConfgurationSet has been deprecated in favor of aws.ses.ConfigurationSet" }, "aws:ses/configurationSet:ConfigurationSet": { "description": "Provides an SES configuration set resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ses.ConfigurationSet(\"test\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ses.ConfigurationSet(\"test\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.Ses.ConfigurationSet(\"test\", new Aws.Ses.ConfigurationSetArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewConfigurationSet(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name of the configuration set\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the configuration set\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationSet resources.\n", "properties": { "name": { "type": "string", "description": "The name of the configuration set\n" } }, "type": "object" }, "aliases": [ { "type": "aws:ses/confgurationSet:ConfgurationSet" } ] }, "aws:ses/domainDkim:DomainDkim": { "description": "Provides an SES domain DKIM generation resource.\n\nDomain ownership needs to be confirmed first using `aws.ses.DomainIdentity` resource.\n", "properties": { "dkimTokens": { "type": "array", "items": { "type": "string" }, "description": "DKIM tokens generated by SES.\nThese tokens should be used to create CNAME records used to verify SES Easy DKIM.\nSee below for an example of how this might be achieved\nwhen the domain is hosted in Route 53 and managed by this provider.\nFind out more about verifying domains in Amazon SES\nin the [AWS SES docs](http://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim-dns-records.html).\n" }, "domain": { "type": "string", "description": "Verified domain name to generate DKIM tokens for.\n" } }, "required": [ "dkimTokens", "domain" ], "inputProperties": { "domain": { "type": "string", "description": "Verified domain name to generate DKIM tokens for.\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainDkim resources.\n", "properties": { "dkimTokens": { "type": "array", "items": { "type": "string" }, "description": "DKIM tokens generated by SES.\nThese tokens should be used to create CNAME records used to verify SES Easy DKIM.\nSee below for an example of how this might be achieved\nwhen the domain is hosted in Route 53 and managed by this provider.\nFind out more about verifying domains in Amazon SES\nin the [AWS SES docs](http://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim-dns-records.html).\n" }, "domain": { "type": "string", "description": "Verified domain name to generate DKIM tokens for.\n" } }, "type": "object" } }, "aws:ses/domainIdentity:DomainIdentity": { "description": "Provides an SES domain identity resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ses.DomainIdentity(\"example\", {\n domain: \"example.com\",\n});\nconst exampleAmazonsesVerificationRecord = new aws.route53.Record(\"example_amazonses_verification_record\", {\n name: \"_amazonses.example.com\",\n records: [example.verificationToken],\n ttl: 600,\n type: \"TXT\",\n zoneId: \"ABCDEFGHIJ123\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.DomainIdentity(\"example\", domain=\"example.com\")\nexample_amazonses_verification_record = aws.route53.Record(\"exampleAmazonsesVerificationRecord\",\n name=\"_amazonses.example.com\",\n records=[example.verification_token],\n ttl=\"600\",\n type=\"TXT\",\n zone_id=\"ABCDEFGHIJ123\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ses.DomainIdentity(\"example\", new Aws.Ses.DomainIdentityArgs\n {\n Domain = \"example.com\",\n });\n var exampleAmazonsesVerificationRecord = new Aws.Route53.Record(\"exampleAmazonsesVerificationRecord\", new Aws.Route53.RecordArgs\n {\n Name = \"_amazonses.example.com\",\n Records = \n {\n example.VerificationToken,\n },\n Ttl = 600,\n Type = \"TXT\",\n ZoneId = \"ABCDEFGHIJ123\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ses.NewDomainIdentity(ctx, \"example\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"exampleAmazonsesVerificationRecord\", \u0026route53.RecordArgs{\n\t\t\tName: pulumi.String(\"_amazonses.example.com\"),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\texample.VerificationToken,\n\t\t\t},\n\t\t\tTtl: pulumi.Int(600),\n\t\t\tType: pulumi.String(\"TXT\"),\n\t\t\tZoneId: pulumi.String(\"ABCDEFGHIJ123\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the domain identity.\n" }, "domain": { "type": "string", "description": "The domain name to assign to SES\n" }, "verificationToken": { "type": "string", "description": "A code which when added to the domain as a TXT record\nwill signal to SES that the owner of the domain has authorised SES to act on\ntheir behalf. The domain identity will be in state \"verification pending\"\nuntil this is done. See below for an example of how this might be achieved\nwhen the domain is hosted in Route 53 and managed by this provider. Find out\nmore about verifying domains in Amazon SES in the [AWS SES\ndocs](http://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-domains.html).\n" } }, "required": [ "arn", "domain", "verificationToken" ], "inputProperties": { "domain": { "type": "string", "description": "The domain name to assign to SES\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainIdentity resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the domain identity.\n" }, "domain": { "type": "string", "description": "The domain name to assign to SES\n" }, "verificationToken": { "type": "string", "description": "A code which when added to the domain as a TXT record\nwill signal to SES that the owner of the domain has authorised SES to act on\ntheir behalf. The domain identity will be in state \"verification pending\"\nuntil this is done. See below for an example of how this might be achieved\nwhen the domain is hosted in Route 53 and managed by this provider. Find out\nmore about verifying domains in Amazon SES in the [AWS SES\ndocs](http://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-domains.html).\n" } }, "type": "object" } }, "aws:ses/domainIdentityVerification:DomainIdentityVerification": { "description": "Represents a successful verification of an SES domain identity.\n\nMost commonly, this resource is used together with `aws.route53.Record` and\n`aws.ses.DomainIdentity` to request an SES domain identity,\ndeploy the required DNS verification records, and wait for verification to complete.\n\n\u003e **WARNING:** This resource implements a part of the verification workflow. It does not represent a real-world entity in AWS, therefore changing or deleting this resource on its own has no immediate effect.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ses.DomainIdentity(\"example\", {\n domain: \"example.com\",\n});\nconst exampleAmazonsesVerificationRecord = new aws.route53.Record(\"example_amazonses_verification_record\", {\n name: pulumi.interpolate`_amazonses.${example.id}`,\n records: [example.verificationToken],\n ttl: 600,\n type: \"TXT\",\n zoneId: aws_route53_zone_example.zoneId,\n});\nconst exampleVerification = new aws.ses.DomainIdentityVerification(\"example_verification\", {\n domain: example.id,\n}, { dependsOn: [exampleAmazonsesVerificationRecord] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.DomainIdentity(\"example\", domain=\"example.com\")\nexample_amazonses_verification_record = aws.route53.Record(\"exampleAmazonsesVerificationRecord\",\n name=example.id.apply(lambda id: f\"_amazonses.{id}\"),\n records=[example.verification_token],\n ttl=\"600\",\n type=\"TXT\",\n zone_id=aws_route53_zone[\"example\"][\"zone_id\"])\nexample_verification = aws.ses.DomainIdentityVerification(\"exampleVerification\", domain=example.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ses.DomainIdentity(\"example\", new Aws.Ses.DomainIdentityArgs\n {\n Domain = \"example.com\",\n });\n var exampleAmazonsesVerificationRecord = new Aws.Route53.Record(\"exampleAmazonsesVerificationRecord\", new Aws.Route53.RecordArgs\n {\n Name = example.Id.Apply(id =\u003e $\"_amazonses.{id}\"),\n Records = \n {\n example.VerificationToken,\n },\n Ttl = 600,\n Type = \"TXT\",\n ZoneId = aws_route53_zone.Example.Zone_id,\n });\n var exampleVerification = new Aws.Ses.DomainIdentityVerification(\"exampleVerification\", new Aws.Ses.DomainIdentityVerificationArgs\n {\n Domain = example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ses.NewDomainIdentity(ctx, \"example\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"exampleAmazonsesVerificationRecord\", \u0026route53.RecordArgs{\n\t\t\tName: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v\", \"_amazonses.\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\texample.VerificationToken,\n\t\t\t},\n\t\t\tTtl: pulumi.Int(600),\n\t\t\tType: pulumi.String(\"TXT\"),\n\t\t\tZoneId: pulumi.String(aws_route53_zone.Example.Zone_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ses.NewDomainIdentityVerification(ctx, \"exampleVerification\", \u0026ses.DomainIdentityVerificationArgs{\n\t\t\tDomain: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the domain identity.\n" }, "domain": { "type": "string", "description": "The domain name of the SES domain identity to verify.\n" } }, "required": [ "arn", "domain" ], "inputProperties": { "domain": { "type": "string", "description": "The domain name of the SES domain identity to verify.\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainIdentityVerification resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the domain identity.\n" }, "domain": { "type": "string", "description": "The domain name of the SES domain identity to verify.\n" } }, "type": "object" } }, "aws:ses/emailIdentity:EmailIdentity": { "description": "Provides an SES email identity resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ses.EmailIdentity(\"example\", {\n email: \"email@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.EmailIdentity(\"example\", email=\"email@example.com\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ses.EmailIdentity(\"example\", new Aws.Ses.EmailIdentityArgs\n {\n Email = \"email@example.com\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewEmailIdentity(ctx, \"example\", \u0026ses.EmailIdentityArgs{\n\t\t\tEmail: pulumi.String(\"email@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the email identity.\n" }, "email": { "type": "string", "description": "The email address to assign to SES\n" } }, "required": [ "arn", "email" ], "inputProperties": { "email": { "type": "string", "description": "The email address to assign to SES\n" } }, "requiredInputs": [ "email" ], "stateInputs": { "description": "Input properties used for looking up and filtering EmailIdentity resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the email identity.\n" }, "email": { "type": "string", "description": "The email address to assign to SES\n" } }, "type": "object" } }, "aws:ses/eventDestination:EventDestination": { "description": "Provides an SES event destination\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### CloudWatch Destination\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cloudwatch = new aws.ses.EventDestination(\"cloudwatch\", {\n cloudwatchDestinations: [{\n defaultValue: \"default\",\n dimensionName: \"dimension\",\n valueSource: \"emailHeader\",\n }],\n configurationSetName: aws_ses_configuration_set_example.name,\n enabled: true,\n matchingTypes: [\n \"bounce\",\n \"send\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncloudwatch = aws.ses.EventDestination(\"cloudwatch\",\n cloudwatch_destinations=[{\n \"default_value\": \"default\",\n \"dimensionName\": \"dimension\",\n \"valueSource\": \"emailHeader\",\n }],\n configuration_set_name=aws_ses_configuration_set[\"example\"][\"name\"],\n enabled=True,\n matching_types=[\n \"bounce\",\n \"send\",\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var cloudwatch = new Aws.Ses.EventDestination(\"cloudwatch\", new Aws.Ses.EventDestinationArgs\n {\n CloudwatchDestinations = \n {\n new Aws.Ses.Inputs.EventDestinationCloudwatchDestinationArgs\n {\n DefaultValue = \"default\",\n DimensionName = \"dimension\",\n ValueSource = \"emailHeader\",\n },\n },\n ConfigurationSetName = aws_ses_configuration_set.Example.Name,\n Enabled = true,\n MatchingTypes = \n {\n \"bounce\",\n \"send\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewEventDestination(ctx, \"cloudwatch\", \u0026ses.EventDestinationArgs{\n\t\t\tCloudwatchDestinations: ses.EventDestinationCloudwatchDestinationArray{\n\t\t\t\t\u0026ses.EventDestinationCloudwatchDestinationArgs{\n\t\t\t\t\tDefaultValue: pulumi.String(\"default\"),\n\t\t\t\t\tDimensionName: pulumi.String(\"dimension\"),\n\t\t\t\t\tValueSource: pulumi.String(\"emailHeader\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConfigurationSetName: pulumi.String(aws_ses_configuration_set.Example.Name),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tMatchingTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"bounce\"),\n\t\t\t\tpulumi.String(\"send\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Kinesis Destination\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst kinesis = new aws.ses.EventDestination(\"kinesis\", {\n configurationSetName: aws_ses_configuration_set_example.name,\n enabled: true,\n kinesisDestination: {\n roleArn: aws_iam_role_example.arn,\n streamArn: aws_kinesis_firehose_delivery_stream_example.arn,\n },\n matchingTypes: [\n \"bounce\",\n \"send\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nkinesis = aws.ses.EventDestination(\"kinesis\",\n configuration_set_name=aws_ses_configuration_set[\"example\"][\"name\"],\n enabled=True,\n kinesis_destination={\n \"role_arn\": aws_iam_role[\"example\"][\"arn\"],\n \"stream_arn\": aws_kinesis_firehose_delivery_stream[\"example\"][\"arn\"],\n },\n matching_types=[\n \"bounce\",\n \"send\",\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var kinesis = new Aws.Ses.EventDestination(\"kinesis\", new Aws.Ses.EventDestinationArgs\n {\n ConfigurationSetName = aws_ses_configuration_set.Example.Name,\n Enabled = true,\n KinesisDestination = new Aws.Ses.Inputs.EventDestinationKinesisDestinationArgs\n {\n RoleArn = aws_iam_role.Example.Arn,\n StreamArn = aws_kinesis_firehose_delivery_stream.Example.Arn,\n },\n MatchingTypes = \n {\n \"bounce\",\n \"send\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewEventDestination(ctx, \"kinesis\", \u0026ses.EventDestinationArgs{\n\t\t\tConfigurationSetName: pulumi.String(aws_ses_configuration_set.Example.Name),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tKinesisDestination: \u0026ses.EventDestinationKinesisDestinationArgs{\n\t\t\t\tRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t\t\tStreamArn: pulumi.String(aws_kinesis_firehose_delivery_stream.Example.Arn),\n\t\t\t},\n\t\t\tMatchingTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"bounce\"),\n\t\t\t\tpulumi.String(\"send\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### SNS Destination\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sns = new aws.ses.EventDestination(\"sns\", {\n configurationSetName: aws_ses_configuration_set_example.name,\n enabled: true,\n matchingTypes: [\n \"bounce\",\n \"send\",\n ],\n snsDestination: {\n topicArn: aws_sns_topic_example.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsns = aws.ses.EventDestination(\"sns\",\n configuration_set_name=aws_ses_configuration_set[\"example\"][\"name\"],\n enabled=True,\n matching_types=[\n \"bounce\",\n \"send\",\n ],\n sns_destination={\n \"topic_arn\": aws_sns_topic[\"example\"][\"arn\"],\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var sns = new Aws.Ses.EventDestination(\"sns\", new Aws.Ses.EventDestinationArgs\n {\n ConfigurationSetName = aws_ses_configuration_set.Example.Name,\n Enabled = true,\n MatchingTypes = \n {\n \"bounce\",\n \"send\",\n },\n SnsDestination = new Aws.Ses.Inputs.EventDestinationSnsDestinationArgs\n {\n TopicArn = aws_sns_topic.Example.Arn,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewEventDestination(ctx, \"sns\", \u0026ses.EventDestinationArgs{\n\t\t\tConfigurationSetName: pulumi.String(aws_ses_configuration_set.Example.Name),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tMatchingTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"bounce\"),\n\t\t\t\tpulumi.String(\"send\"),\n\t\t\t},\n\t\t\tSnsDestination: \u0026ses.EventDestinationSnsDestinationArgs{\n\t\t\t\tTopicArn: pulumi.String(aws_sns_topic.Example.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "cloudwatchDestinations": { "type": "array", "items": { "$ref": "#/types/aws:ses/EventDestinationCloudwatchDestination:EventDestinationCloudwatchDestination" }, "description": "CloudWatch destination for the events\n" }, "configurationSetName": { "type": "string", "description": "The name of the configuration set\n" }, "enabled": { "type": "boolean", "description": "If true, the event destination will be enabled\n" }, "kinesisDestination": { "$ref": "#/types/aws:ses/EventDestinationKinesisDestination:EventDestinationKinesisDestination", "description": "Send the events to a kinesis firehose destination\n" }, "matchingTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of matching types. May be any of `\"send\"`, `\"reject\"`, `\"bounce\"`, `\"complaint\"`, `\"delivery\"`, `\"open\"`, `\"click\"`, or `\"renderingFailure\"`.\n" }, "name": { "type": "string", "description": "The name of the event destination\n" }, "snsDestination": { "$ref": "#/types/aws:ses/EventDestinationSnsDestination:EventDestinationSnsDestination", "description": "Send the events to an SNS Topic destination\n" } }, "required": [ "configurationSetName", "matchingTypes", "name" ], "inputProperties": { "cloudwatchDestinations": { "type": "array", "items": { "$ref": "#/types/aws:ses/EventDestinationCloudwatchDestination:EventDestinationCloudwatchDestination" }, "description": "CloudWatch destination for the events\n" }, "configurationSetName": { "type": "string", "description": "The name of the configuration set\n" }, "enabled": { "type": "boolean", "description": "If true, the event destination will be enabled\n" }, "kinesisDestination": { "$ref": "#/types/aws:ses/EventDestinationKinesisDestination:EventDestinationKinesisDestination", "description": "Send the events to a kinesis firehose destination\n" }, "matchingTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of matching types. May be any of `\"send\"`, `\"reject\"`, `\"bounce\"`, `\"complaint\"`, `\"delivery\"`, `\"open\"`, `\"click\"`, or `\"renderingFailure\"`.\n" }, "name": { "type": "string", "description": "The name of the event destination\n" }, "snsDestination": { "$ref": "#/types/aws:ses/EventDestinationSnsDestination:EventDestinationSnsDestination", "description": "Send the events to an SNS Topic destination\n" } }, "requiredInputs": [ "configurationSetName", "matchingTypes" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventDestination resources.\n", "properties": { "cloudwatchDestinations": { "type": "array", "items": { "$ref": "#/types/aws:ses/EventDestinationCloudwatchDestination:EventDestinationCloudwatchDestination" }, "description": "CloudWatch destination for the events\n" }, "configurationSetName": { "type": "string", "description": "The name of the configuration set\n" }, "enabled": { "type": "boolean", "description": "If true, the event destination will be enabled\n" }, "kinesisDestination": { "$ref": "#/types/aws:ses/EventDestinationKinesisDestination:EventDestinationKinesisDestination", "description": "Send the events to a kinesis firehose destination\n" }, "matchingTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of matching types. May be any of `\"send\"`, `\"reject\"`, `\"bounce\"`, `\"complaint\"`, `\"delivery\"`, `\"open\"`, `\"click\"`, or `\"renderingFailure\"`.\n" }, "name": { "type": "string", "description": "The name of the event destination\n" }, "snsDestination": { "$ref": "#/types/aws:ses/EventDestinationSnsDestination:EventDestinationSnsDestination", "description": "Send the events to an SNS Topic destination\n" } }, "type": "object" } }, "aws:ses/identityNotificationTopic:IdentityNotificationTopic": { "description": "Resource for managing SES Identity Notification Topics\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ses.IdentityNotificationTopic(\"test\", {\n identity: aws_ses_domain_identity_example.domain,\n includeOriginalHeaders: true,\n notificationType: \"Bounce\",\n topicArn: aws_sns_topic_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ses.IdentityNotificationTopic(\"test\",\n identity=aws_ses_domain_identity[\"example\"][\"domain\"],\n include_original_headers=True,\n notification_type=\"Bounce\",\n topic_arn=aws_sns_topic[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.Ses.IdentityNotificationTopic(\"test\", new Aws.Ses.IdentityNotificationTopicArgs\n {\n Identity = aws_ses_domain_identity.Example.Domain,\n IncludeOriginalHeaders = true,\n NotificationType = \"Bounce\",\n TopicArn = aws_sns_topic.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewIdentityNotificationTopic(ctx, \"test\", \u0026ses.IdentityNotificationTopicArgs{\n\t\t\tIdentity: pulumi.String(aws_ses_domain_identity.Example.Domain),\n\t\t\tIncludeOriginalHeaders: pulumi.Bool(true),\n\t\t\tNotificationType: pulumi.String(\"Bounce\"),\n\t\t\tTopicArn: pulumi.String(aws_sns_topic.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "identity": { "type": "string", "description": "The identity for which the Amazon SNS topic will be set. You can specify an identity by using its name or by using its Amazon Resource Name (ARN).\n" }, "includeOriginalHeaders": { "type": "boolean", "description": "Whether SES should include original email headers in SNS notifications of this type. *false* by default.\n" }, "notificationType": { "type": "string", "description": "The type of notifications that will be published to the specified Amazon SNS topic. Valid Values: *Bounce*, *Complaint* or *Delivery*.\n" }, "topicArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic. Can be set to \"\" (an empty string) to disable publishing.\n" } }, "required": [ "identity", "notificationType" ], "inputProperties": { "identity": { "type": "string", "description": "The identity for which the Amazon SNS topic will be set. You can specify an identity by using its name or by using its Amazon Resource Name (ARN).\n" }, "includeOriginalHeaders": { "type": "boolean", "description": "Whether SES should include original email headers in SNS notifications of this type. *false* by default.\n" }, "notificationType": { "type": "string", "description": "The type of notifications that will be published to the specified Amazon SNS topic. Valid Values: *Bounce*, *Complaint* or *Delivery*.\n" }, "topicArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic. Can be set to \"\" (an empty string) to disable publishing.\n" } }, "requiredInputs": [ "identity", "notificationType" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityNotificationTopic resources.\n", "properties": { "identity": { "type": "string", "description": "The identity for which the Amazon SNS topic will be set. You can specify an identity by using its name or by using its Amazon Resource Name (ARN).\n" }, "includeOriginalHeaders": { "type": "boolean", "description": "Whether SES should include original email headers in SNS notifications of this type. *false* by default.\n" }, "notificationType": { "type": "string", "description": "The type of notifications that will be published to the specified Amazon SNS topic. Valid Values: *Bounce*, *Complaint* or *Delivery*.\n" }, "topicArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic. Can be set to \"\" (an empty string) to disable publishing.\n" } }, "type": "object" } }, "aws:ses/identityPolicy:IdentityPolicy": { "description": "Manages a SES Identity Policy. More information about SES Sending Authorization Policies can be found in the [SES Developer Guide](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/sending-authorization-policies.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleDomainIdentity = new aws.ses.DomainIdentity(\"example\", {\n domain: \"example.com\",\n});\nconst examplePolicyDocument = exampleDomainIdentity.arn.apply(arn =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"SES:SendEmail\",\n \"SES:SendRawEmail\",\n ],\n principals: [{\n identifiers: [\"*\"],\n type: \"AWS\",\n }],\n resources: [arn],\n }],\n}, { async: true }));\nconst exampleIdentityPolicy = new aws.ses.IdentityPolicy(\"example\", {\n identity: exampleDomainIdentity.arn,\n policy: examplePolicyDocument.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_domain_identity = aws.ses.DomainIdentity(\"exampleDomainIdentity\", domain=\"example.com\")\nexample_policy_document = example_domain_identity.arn.apply(lambda arn: aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"SES:SendEmail\",\n \"SES:SendRawEmail\",\n ],\n \"principals\": [{\n \"identifiers\": [\"*\"],\n \"type\": \"AWS\",\n }],\n \"resources\": [arn],\n}]))\nexample_identity_policy = aws.ses.IdentityPolicy(\"exampleIdentityPolicy\",\n identity=example_domain_identity.arn,\n policy=example_policy_document.json)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleDomainIdentity = new Aws.Ses.DomainIdentity(\"exampleDomainIdentity\", new Aws.Ses.DomainIdentityArgs\n {\n Domain = \"example.com\",\n });\n var examplePolicyDocument = exampleDomainIdentity.Arn.Apply(arn =\u003e Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"SES:SendEmail\",\n \"SES:SendRawEmail\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"*\",\n },\n Type = \"AWS\",\n },\n },\n Resources = \n {\n arn,\n },\n },\n },\n }));\n var exampleIdentityPolicy = new Aws.Ses.IdentityPolicy(\"exampleIdentityPolicy\", new Aws.Ses.IdentityPolicyArgs\n {\n Identity = exampleDomainIdentity.Arn,\n Policy = examplePolicyDocument.Apply(examplePolicyDocument =\u003e examplePolicyDocument.Json),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomainIdentity, err := ses.NewDomainIdentity(ctx, \"exampleDomainIdentity\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ses.NewIdentityPolicy(ctx, \"exampleIdentityPolicy\", \u0026ses.IdentityPolicyArgs{\n\t\t\tIdentity: exampleDomainIdentity.Arn,\n\t\t\tPolicy: examplePolicyDocument.ApplyT(func(examplePolicyDocument iam.GetPolicyDocumentResult) (string, error) {\n\t\t\t\treturn examplePolicyDocument.Json, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "identity": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the SES Identity.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON string of the policy.\n" } }, "required": [ "identity", "name", "policy" ], "inputProperties": { "identity": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the SES Identity.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON string of the policy.\n" } }, "requiredInputs": [ "identity", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityPolicy resources.\n", "properties": { "identity": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the SES Identity.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON string of the policy.\n" } }, "type": "object" } }, "aws:ses/mailFrom:MailFrom": { "description": "Provides an SES domain MAIL FROM resource.\n\n\u003e **NOTE:** For the MAIL FROM domain to be fully usable, this resource should be paired with the `aws.ses.DomainIdentity` resource. To validate the MAIL FROM domain, a DNS MX record is required. To pass SPF checks, a DNS TXT record may also be required. See the [Amazon SES MAIL FROM documentation](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/mail-from-set.html) for more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Example SES Domain Identity\nconst exampleDomainIdentity = new aws.ses.DomainIdentity(\"example\", {\n domain: \"example.com\",\n});\nconst exampleMailFrom = new aws.ses.MailFrom(\"example\", {\n domain: exampleDomainIdentity.domain,\n mailFromDomain: pulumi.interpolate`bounce.${exampleDomainIdentity.domain}`,\n});\n// Example Route53 MX record\nconst exampleSesDomainMailFromMx = new aws.route53.Record(\"example_ses_domain_mail_from_mx\", {\n name: exampleMailFrom.mailFromDomain,\n records: [\"10 feedback-smtp.us-east-1.amazonses.com\"], // Change to the region in which `aws_ses_domain_identity.example` is created\n ttl: 600,\n type: \"MX\",\n zoneId: aws_route53_zone_example.id,\n});\n// Example Route53 TXT record for SPF\nconst exampleSesDomainMailFromTxt = new aws.route53.Record(\"example_ses_domain_mail_from_txt\", {\n name: exampleMailFrom.mailFromDomain,\n records: [\"v=spf1 include:amazonses.com -all\"],\n ttl: 600,\n type: \"TXT\",\n zoneId: aws_route53_zone_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Example SES Domain Identity\nexample_domain_identity = aws.ses.DomainIdentity(\"exampleDomainIdentity\", domain=\"example.com\")\nexample_mail_from = aws.ses.MailFrom(\"exampleMailFrom\",\n domain=example_domain_identity.domain,\n mail_from_domain=example_domain_identity.domain.apply(lambda domain: f\"bounce.{domain}\"))\n# Example Route53 MX record\nexample_ses_domain_mail_from_mx = aws.route53.Record(\"exampleSesDomainMailFromMx\",\n name=example_mail_from.mail_from_domain,\n records=[\"10 feedback-smtp.us-east-1.amazonses.com\"],\n ttl=\"600\",\n type=\"MX\",\n zone_id=aws_route53_zone[\"example\"][\"id\"])\n# Example Route53 TXT record for SPF\nexample_ses_domain_mail_from_txt = aws.route53.Record(\"exampleSesDomainMailFromTxt\",\n name=example_mail_from.mail_from_domain,\n records=[\"v=spf1 include:amazonses.com -all\"],\n ttl=\"600\",\n type=\"TXT\",\n zone_id=aws_route53_zone[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Example SES Domain Identity\n var exampleDomainIdentity = new Aws.Ses.DomainIdentity(\"exampleDomainIdentity\", new Aws.Ses.DomainIdentityArgs\n {\n Domain = \"example.com\",\n });\n var exampleMailFrom = new Aws.Ses.MailFrom(\"exampleMailFrom\", new Aws.Ses.MailFromArgs\n {\n Domain = exampleDomainIdentity.Domain,\n MailFromDomain = exampleDomainIdentity.Domain.Apply(domain =\u003e $\"bounce.{domain}\"),\n });\n // Example Route53 MX record\n var exampleSesDomainMailFromMx = new Aws.Route53.Record(\"exampleSesDomainMailFromMx\", new Aws.Route53.RecordArgs\n {\n Name = exampleMailFrom.MailFromDomain,\n Records = \n {\n \"10 feedback-smtp.us-east-1.amazonses.com\",\n },\n Ttl = 600,\n Type = \"MX\",\n ZoneId = aws_route53_zone.Example.Id,\n });\n // Example Route53 TXT record for SPF\n var exampleSesDomainMailFromTxt = new Aws.Route53.Record(\"exampleSesDomainMailFromTxt\", new Aws.Route53.RecordArgs\n {\n Name = exampleMailFrom.MailFromDomain,\n Records = \n {\n \"v=spf1 include:amazonses.com -all\",\n },\n Ttl = 600,\n Type = \"TXT\",\n ZoneId = aws_route53_zone.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomainIdentity, err := ses.NewDomainIdentity(ctx, \"exampleDomainIdentity\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleMailFrom, err := ses.NewMailFrom(ctx, \"exampleMailFrom\", \u0026ses.MailFromArgs{\n\t\t\tDomain: exampleDomainIdentity.Domain,\n\t\t\tMailFromDomain: exampleDomainIdentity.Domain.ApplyT(func(domain string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v\", \"bounce.\", domain), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"exampleSesDomainMailFromMx\", \u0026route53.RecordArgs{\n\t\t\tName: exampleMailFrom.MailFromDomain,\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10 feedback-smtp.us-east-1.amazonses.com\"),\n\t\t\t},\n\t\t\tTtl: pulumi.Int(600),\n\t\t\tType: pulumi.String(\"MX\"),\n\t\t\tZoneId: pulumi.String(aws_route53_zone.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"exampleSesDomainMailFromTxt\", \u0026route53.RecordArgs{\n\t\t\tName: exampleMailFrom.MailFromDomain,\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"v=spf1 include:amazonses.com -all\"),\n\t\t\t},\n\t\t\tTtl: pulumi.Int(600),\n\t\t\tType: pulumi.String(\"TXT\"),\n\t\t\tZoneId: pulumi.String(aws_route53_zone.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "behaviorOnMxFailure": { "type": "string", "description": "The action that you want Amazon SES to take if it cannot successfully read the required MX record when you send an email. Defaults to `UseDefaultValue`. See the [SES API documentation](https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityMailFromDomain.html) for more information.\n" }, "domain": { "type": "string", "description": "Verified domain name to generate DKIM tokens for.\n" }, "mailFromDomain": { "type": "string", "description": "Subdomain (of above domain) which is to be used as MAIL FROM address (Required for DMARC validation)\n" } }, "required": [ "domain", "mailFromDomain" ], "inputProperties": { "behaviorOnMxFailure": { "type": "string", "description": "The action that you want Amazon SES to take if it cannot successfully read the required MX record when you send an email. Defaults to `UseDefaultValue`. See the [SES API documentation](https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityMailFromDomain.html) for more information.\n" }, "domain": { "type": "string", "description": "Verified domain name to generate DKIM tokens for.\n" }, "mailFromDomain": { "type": "string", "description": "Subdomain (of above domain) which is to be used as MAIL FROM address (Required for DMARC validation)\n" } }, "requiredInputs": [ "domain", "mailFromDomain" ], "stateInputs": { "description": "Input properties used for looking up and filtering MailFrom resources.\n", "properties": { "behaviorOnMxFailure": { "type": "string", "description": "The action that you want Amazon SES to take if it cannot successfully read the required MX record when you send an email. Defaults to `UseDefaultValue`. See the [SES API documentation](https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityMailFromDomain.html) for more information.\n" }, "domain": { "type": "string", "description": "Verified domain name to generate DKIM tokens for.\n" }, "mailFromDomain": { "type": "string", "description": "Subdomain (of above domain) which is to be used as MAIL FROM address (Required for DMARC validation)\n" } }, "type": "object" } }, "aws:ses/receiptFilter:ReceiptFilter": { "description": "Provides an SES receipt filter resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst filter = new aws.ses.ReceiptFilter(\"filter\", {\n cidr: \"10.10.10.10\",\n policy: \"Block\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfilter = aws.ses.ReceiptFilter(\"filter\",\n cidr=\"10.10.10.10\",\n policy=\"Block\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var filter = new Aws.Ses.ReceiptFilter(\"filter\", new Aws.Ses.ReceiptFilterArgs\n {\n Cidr = \"10.10.10.10\",\n Policy = \"Block\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewReceiptFilter(ctx, \"filter\", \u0026ses.ReceiptFilterArgs{\n\t\t\tCidr: pulumi.String(\"10.10.10.10\"),\n\t\t\tPolicy: pulumi.String(\"Block\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The SES receipt filter ARN.\n" }, "cidr": { "type": "string", "description": "The IP address or address range to filter, in CIDR notation\n" }, "name": { "type": "string", "description": "The name of the filter\n" }, "policy": { "type": "string", "description": "Block or Allow\n" } }, "required": [ "arn", "cidr", "name", "policy" ], "inputProperties": { "cidr": { "type": "string", "description": "The IP address or address range to filter, in CIDR notation\n" }, "name": { "type": "string", "description": "The name of the filter\n" }, "policy": { "type": "string", "description": "Block or Allow\n" } }, "requiredInputs": [ "cidr", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReceiptFilter resources.\n", "properties": { "arn": { "type": "string", "description": "The SES receipt filter ARN.\n" }, "cidr": { "type": "string", "description": "The IP address or address range to filter, in CIDR notation\n" }, "name": { "type": "string", "description": "The name of the filter\n" }, "policy": { "type": "string", "description": "Block or Allow\n" } }, "type": "object" } }, "aws:ses/receiptRule:ReceiptRule": { "description": "Provides an SES receipt rule resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Add a header to the email and store it in S3\nconst store = new aws.ses.ReceiptRule(\"store\", {\n addHeaderActions: [{\n headerName: \"Custom-Header\",\n headerValue: \"Added by SES\",\n position: 1,\n }],\n enabled: true,\n recipients: [\"karen@example.com\"],\n ruleSetName: \"default-rule-set\",\n s3Actions: [{\n bucketName: \"emails\",\n position: 2,\n }],\n scanEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Add a header to the email and store it in S3\nstore = aws.ses.ReceiptRule(\"store\",\n add_header_actions=[{\n \"headerName\": \"Custom-Header\",\n \"headerValue\": \"Added by SES\",\n \"position\": 1,\n }],\n enabled=True,\n recipients=[\"karen@example.com\"],\n rule_set_name=\"default-rule-set\",\n s3_actions=[{\n \"bucket_name\": \"emails\",\n \"position\": 2,\n }],\n scan_enabled=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n // Add a header to the email and store it in S3\n var store = new Aws.Ses.ReceiptRule(\"store\", new Aws.Ses.ReceiptRuleArgs\n {\n AddHeaderActions = \n {\n new Aws.Ses.Inputs.ReceiptRuleAddHeaderActionArgs\n {\n HeaderName = \"Custom-Header\",\n HeaderValue = \"Added by SES\",\n Position = 1,\n },\n },\n Enabled = true,\n Recipients = \n {\n \"karen@example.com\",\n },\n RuleSetName = \"default-rule-set\",\n S3Actions = \n {\n new Aws.Ses.Inputs.ReceiptRuleS3ActionArgs\n {\n BucketName = \"emails\",\n Position = 2,\n },\n },\n ScanEnabled = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewReceiptRule(ctx, \"store\", \u0026ses.ReceiptRuleArgs{\n\t\t\tAddHeaderActions: ses.ReceiptRuleAddHeaderActionArray{\n\t\t\t\t\u0026ses.ReceiptRuleAddHeaderActionArgs{\n\t\t\t\t\tHeaderName: pulumi.String(\"Custom-Header\"),\n\t\t\t\t\tHeaderValue: pulumi.String(\"Added by SES\"),\n\t\t\t\t\tPosition: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tRecipients: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"karen@example.com\"),\n\t\t\t},\n\t\t\tRuleSetName: pulumi.String(\"default-rule-set\"),\n\t\t\tS3Actions: ses.ReceiptRuleS3ActionArray{\n\t\t\t\t\u0026ses.ReceiptRuleS3ActionArgs{\n\t\t\t\t\tBucketName: pulumi.String(\"emails\"),\n\t\t\t\t\tPosition: pulumi.Int(2),\n\t\t\t\t},\n\t\t\t},\n\t\t\tScanEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "addHeaderActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleAddHeaderAction:ReceiptRuleAddHeaderAction" }, "description": "A list of Add Header Action blocks. Documented below.\n" }, "after": { "type": "string", "description": "The name of the rule to place this rule after\n" }, "bounceActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleBounceAction:ReceiptRuleBounceAction" }, "description": "A list of Bounce Action blocks. Documented below.\n" }, "enabled": { "type": "boolean", "description": "If true, the rule will be enabled\n" }, "lambdaActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleLambdaAction:ReceiptRuleLambdaAction" }, "description": "A list of Lambda Action blocks. Documented below.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "A list of email addresses\n" }, "ruleSetName": { "type": "string", "description": "The name of the rule set\n" }, "s3Actions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleS3Action:ReceiptRuleS3Action" }, "description": "A list of S3 Action blocks. Documented below.\n" }, "scanEnabled": { "type": "boolean", "description": "If true, incoming emails will be scanned for spam and viruses\n" }, "snsActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleSnsAction:ReceiptRuleSnsAction" }, "description": "A list of SNS Action blocks. Documented below.\n" }, "stopActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleStopAction:ReceiptRuleStopAction" }, "description": "A list of Stop Action blocks. Documented below.\n" }, "tlsPolicy": { "type": "string", "description": "Require or Optional\n" }, "workmailActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleWorkmailAction:ReceiptRuleWorkmailAction" }, "description": "A list of WorkMail Action blocks. Documented below.\n" } }, "required": [ "enabled", "name", "ruleSetName", "scanEnabled", "tlsPolicy" ], "inputProperties": { "addHeaderActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleAddHeaderAction:ReceiptRuleAddHeaderAction" }, "description": "A list of Add Header Action blocks. Documented below.\n" }, "after": { "type": "string", "description": "The name of the rule to place this rule after\n" }, "bounceActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleBounceAction:ReceiptRuleBounceAction" }, "description": "A list of Bounce Action blocks. Documented below.\n" }, "enabled": { "type": "boolean", "description": "If true, the rule will be enabled\n" }, "lambdaActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleLambdaAction:ReceiptRuleLambdaAction" }, "description": "A list of Lambda Action blocks. Documented below.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "A list of email addresses\n" }, "ruleSetName": { "type": "string", "description": "The name of the rule set\n" }, "s3Actions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleS3Action:ReceiptRuleS3Action" }, "description": "A list of S3 Action blocks. Documented below.\n" }, "scanEnabled": { "type": "boolean", "description": "If true, incoming emails will be scanned for spam and viruses\n" }, "snsActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleSnsAction:ReceiptRuleSnsAction" }, "description": "A list of SNS Action blocks. Documented below.\n" }, "stopActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleStopAction:ReceiptRuleStopAction" }, "description": "A list of Stop Action blocks. Documented below.\n" }, "tlsPolicy": { "type": "string", "description": "Require or Optional\n" }, "workmailActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleWorkmailAction:ReceiptRuleWorkmailAction" }, "description": "A list of WorkMail Action blocks. Documented below.\n" } }, "requiredInputs": [ "ruleSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReceiptRule resources.\n", "properties": { "addHeaderActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleAddHeaderAction:ReceiptRuleAddHeaderAction" }, "description": "A list of Add Header Action blocks. Documented below.\n" }, "after": { "type": "string", "description": "The name of the rule to place this rule after\n" }, "bounceActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleBounceAction:ReceiptRuleBounceAction" }, "description": "A list of Bounce Action blocks. Documented below.\n" }, "enabled": { "type": "boolean", "description": "If true, the rule will be enabled\n" }, "lambdaActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleLambdaAction:ReceiptRuleLambdaAction" }, "description": "A list of Lambda Action blocks. Documented below.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "A list of email addresses\n" }, "ruleSetName": { "type": "string", "description": "The name of the rule set\n" }, "s3Actions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleS3Action:ReceiptRuleS3Action" }, "description": "A list of S3 Action blocks. Documented below.\n" }, "scanEnabled": { "type": "boolean", "description": "If true, incoming emails will be scanned for spam and viruses\n" }, "snsActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleSnsAction:ReceiptRuleSnsAction" }, "description": "A list of SNS Action blocks. Documented below.\n" }, "stopActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleStopAction:ReceiptRuleStopAction" }, "description": "A list of Stop Action blocks. Documented below.\n" }, "tlsPolicy": { "type": "string", "description": "Require or Optional\n" }, "workmailActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleWorkmailAction:ReceiptRuleWorkmailAction" }, "description": "A list of WorkMail Action blocks. Documented below.\n" } }, "type": "object" } }, "aws:ses/receiptRuleSet:ReceiptRuleSet": { "description": "Provides an SES receipt rule set resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ses.ReceiptRuleSet(\"main\", {\n ruleSetName: \"primary-rules\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ses.ReceiptRuleSet(\"main\", rule_set_name=\"primary-rules\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ses.ReceiptRuleSet(\"main\", new Aws.Ses.ReceiptRuleSetArgs\n {\n RuleSetName = \"primary-rules\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewReceiptRuleSet(ctx, \"main\", \u0026ses.ReceiptRuleSetArgs{\n\t\t\tRuleSetName: pulumi.String(\"primary-rules\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "ruleSetName": { "type": "string", "description": "The name of the rule set\n" } }, "required": [ "ruleSetName" ], "inputProperties": { "ruleSetName": { "type": "string", "description": "The name of the rule set\n" } }, "requiredInputs": [ "ruleSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReceiptRuleSet resources.\n", "properties": { "ruleSetName": { "type": "string", "description": "The name of the rule set\n" } }, "type": "object" } }, "aws:ses/template:Template": { "description": "Provides a resource to create a SES template.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myTemplate = new aws.ses.Template(\"MyTemplate\", {\n html: \"\u003ch1\u003eHello {{name}},\u003c/h1\u003e\u003cp\u003eYour favorite animal is {{favoriteanimal}}.\u003c/p\u003e\",\n subject: \"Greetings, {{name}}!\",\n text: `Hello {{name}},\r\nYour favorite animal is {{favoriteanimal}}.`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_template = aws.ses.Template(\"myTemplate\",\n html=\"\u003ch1\u003eHello {{name}},\u003c/h1\u003e\u003cp\u003eYour favorite animal is {{favoriteanimal}}.\u003c/p\u003e\",\n subject=\"Greetings, {{name}}!\",\n text=\"\"\"Hello {{name}},\r\nYour favorite animal is {{favoriteanimal}}.\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myTemplate = new Aws.Ses.Template(\"myTemplate\", new Aws.Ses.TemplateArgs\n {\n Html = \"\u003ch1\u003eHello {{name}},\u003c/h1\u003e\u003cp\u003eYour favorite animal is {{favoriteanimal}}.\u003c/p\u003e\",\n Subject = \"Greetings, {{name}}!\",\n Text = @\"Hello {{name}},\r\nYour favorite animal is {{favoriteanimal}}.\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ses.NewTemplate(ctx, \"myTemplate\", \u0026ses.TemplateArgs{\n\t\t\tHtml: pulumi.String(\"\u003ch1\u003eHello {{name}},\u003c/h1\u003e\u003cp\u003eYour favorite animal is {{favoriteanimal}}.\u003c/p\u003e\"),\n\t\t\tSubject: pulumi.String(\"Greetings, {{name}}!\"),\n\t\t\tText: pulumi.String(fmt.Sprintf(\"%v%v\", \"Hello {{name}},\r\\n\", \"Your favorite animal is {{favoriteanimal}}.\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "html": { "type": "string", "description": "The HTML body of the email. Must be less than 500KB in size, including both the text and HTML parts.\n" }, "name": { "type": "string", "description": "The name of the template. Cannot exceed 64 characters. You will refer to this name when you send email.\n" }, "subject": { "type": "string", "description": "The subject line of the email.\n" }, "text": { "type": "string", "description": "The email body that will be visible to recipients whose email clients do not display HTML. Must be less than 500KB in size, including both the text and HTML parts.\n" } }, "required": [ "name" ], "inputProperties": { "html": { "type": "string", "description": "The HTML body of the email. Must be less than 500KB in size, including both the text and HTML parts.\n" }, "name": { "type": "string", "description": "The name of the template. Cannot exceed 64 characters. You will refer to this name when you send email.\n" }, "subject": { "type": "string", "description": "The subject line of the email.\n" }, "text": { "type": "string", "description": "The email body that will be visible to recipients whose email clients do not display HTML. Must be less than 500KB in size, including both the text and HTML parts.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Template resources.\n", "properties": { "html": { "type": "string", "description": "The HTML body of the email. Must be less than 500KB in size, including both the text and HTML parts.\n" }, "name": { "type": "string", "description": "The name of the template. Cannot exceed 64 characters. You will refer to this name when you send email.\n" }, "subject": { "type": "string", "description": "The subject line of the email.\n" }, "text": { "type": "string", "description": "The email body that will be visible to recipients whose email clients do not display HTML. Must be less than 500KB in size, including both the text and HTML parts.\n" } }, "type": "object" } }, "aws:sfn/activity:Activity": { "description": "Provides a Step Function Activity resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sfnActivity = new aws.sfn.Activity(\"sfn_activity\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsfn_activity = aws.sfn.Activity(\"sfnActivity\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var sfnActivity = new Aws.Sfn.Activity(\"sfnActivity\", new Aws.Sfn.ActivityArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sfn.NewActivity(ctx, \"sfnActivity\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "creationDate": { "type": "string", "description": "The date the activity was created.\n" }, "name": { "type": "string", "description": "The name of the activity to create.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "creationDate", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the activity to create.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Activity resources.\n", "properties": { "creationDate": { "type": "string", "description": "The date the activity was created.\n" }, "name": { "type": "string", "description": "The name of the activity to create.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:sfn/stateMachine:StateMachine": { "description": "Provides a Step Function State Machine resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sfnStateMachine = new aws.sfn.StateMachine(\"sfn_state_machine\", {\n definition: pulumi.interpolate`{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${aws_lambda_function_lambda.arn}\",\n \"End\": true\n }\n }\n}\n`,\n roleArn: aws_iam_role_iam_for_sfn.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsfn_state_machine = aws.sfn.StateMachine(\"sfnStateMachine\",\n definition=f\"\"\"{{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {{\n \"HelloWorld\": {{\n \"Type\": \"Task\",\n \"Resource\": \"{aws_lambda_function[\"lambda\"][\"arn\"]}\",\n \"End\": true\n }}\n }}\n}}\n\n\"\"\",\n role_arn=aws_iam_role[\"iam_for_sfn\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var sfnStateMachine = new Aws.Sfn.StateMachine(\"sfnStateMachine\", new Aws.Sfn.StateMachineArgs\n {\n Definition = @$\"{{\n \"\"Comment\"\": \"\"A Hello World example of the Amazon States Language using an AWS Lambda Function\"\",\n \"\"StartAt\"\": \"\"HelloWorld\"\",\n \"\"States\"\": {{\n \"\"HelloWorld\"\": {{\n \"\"Type\"\": \"\"Task\"\",\n \"\"Resource\"\": \"\"{aws_lambda_function.Lambda.Arn}\"\",\n \"\"End\"\": true\n }}\n }}\n}}\n\n\",\n RoleArn = aws_iam_role.Iam_for_sfn.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sfn.NewStateMachine(ctx, \"sfnStateMachine\", \u0026sfn.StateMachineArgs{\n\t\t\tDefinition: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Comment\\\": \\\"A Hello World example of the Amazon States Language using an AWS Lambda Function\\\",\\n\", \" \\\"StartAt\\\": \\\"HelloWorld\\\",\\n\", \" \\\"States\\\": {\\n\", \" \\\"HelloWorld\\\": {\\n\", \" \\\"Type\\\": \\\"Task\\\",\\n\", \" \\\"Resource\\\": \\\"\", aws_lambda_function.Lambda.Arn, \"\\\",\\n\", \" \\\"End\\\": true\\n\", \" }\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Iam_for_sfn.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "creationDate": { "type": "string", "description": "The date the state machine was created.\n" }, "definition": { "type": "string", "description": "The Amazon States Language definition of the state machine.\n" }, "name": { "type": "string", "description": "The name of the state machine.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.\n" }, "status": { "type": "string", "description": "The current status of the state machine. Either \"ACTIVE\" or \"DELETING\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "creationDate", "definition", "name", "roleArn", "status" ], "inputProperties": { "definition": { "type": "string", "description": "The Amazon States Language definition of the state machine.\n" }, "name": { "type": "string", "description": "The name of the state machine.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "definition", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering StateMachine resources.\n", "properties": { "creationDate": { "type": "string", "description": "The date the state machine was created.\n" }, "definition": { "type": "string", "description": "The Amazon States Language definition of the state machine.\n" }, "name": { "type": "string", "description": "The name of the state machine.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.\n" }, "status": { "type": "string", "description": "The current status of the state machine. Either \"ACTIVE\" or \"DELETING\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:shield/protection:Protection": { "description": "Enables AWS Shield Advanced for a specific AWS resource.\nThe resource can be an Amazon CloudFront distribution, Elastic Load Balancing load balancer, AWS Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Create protection\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = pulumi.output(aws.getAvailabilityZones({ async: true }));\nconst currentRegion = pulumi.output(aws.getRegion({ async: true }));\nconst currentCallerIdentity = pulumi.output(aws.getCallerIdentity({ async: true }));\nconst fooEip = new aws.ec2.Eip(\"foo\", {\n vpc: true,\n});\nconst fooProtection = new aws.shield.Protection(\"foo\", {\n resourceArn: pulumi.interpolate`arn:aws:ec2:${currentRegion.name!}:${currentCallerIdentity.accountId}:eip-allocation/${fooEip.id}`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones()\ncurrent_region = aws.get_region()\ncurrent_caller_identity = aws.get_caller_identity()\nfoo_eip = aws.ec2.Eip(\"fooEip\", vpc=True)\nfoo_protection = aws.shield.Protection(\"fooProtection\", resource_arn=foo_eip.id.apply(lambda id: f\"arn:aws:ec2:{current_region.name}:{current_caller_identity.account_id}:eip-allocation/{id}\"))\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var available = Output.Create(Aws.GetAvailabilityZones.InvokeAsync());\n var currentRegion = Output.Create(Aws.GetRegion.InvokeAsync());\n var currentCallerIdentity = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n var fooEip = new Aws.Ec2.Eip(\"fooEip\", new Aws.Ec2.EipArgs\n {\n Vpc = true,\n });\n var fooProtection = new Aws.Shield.Protection(\"fooProtection\", new Aws.Shield.ProtectionArgs\n {\n ResourceArn = Output.Tuple(currentRegion, currentCallerIdentity, fooEip.Id).Apply(values =\u003e\n {\n var currentRegion = values.Item1;\n var currentCallerIdentity = values.Item2;\n var id = values.Item3;\n return $\"arn:aws:ec2:{currentRegion.Name}:{currentCallerIdentity.AccountId}:eip-allocation/{id}\";\n }),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetAvailabilityZones(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooEip, err := ec2.NewEip(ctx, \"fooEip\", \u0026ec2.EipArgs{\n\t\t\tVpc: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProtection(ctx, \"fooProtection\", \u0026shield.ProtectionArgs{\n\t\t\tResourceArn: fooEip.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v\", \"arn:aws:ec2:\", currentRegion.Name, \":\", currentCallerIdentity.AccountId, \":eip-allocation/\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "A friendly name for the Protection you are creating.\n" }, "resourceArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the resource to be protected.\n" } }, "required": [ "name", "resourceArn" ], "inputProperties": { "name": { "type": "string", "description": "A friendly name for the Protection you are creating.\n" }, "resourceArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the resource to be protected.\n" } }, "requiredInputs": [ "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Protection resources.\n", "properties": { "name": { "type": "string", "description": "A friendly name for the Protection you are creating.\n" }, "resourceArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the resource to be protected.\n" } }, "type": "object" } }, "aws:simpledb/domain:Domain": { "description": "Provides a SimpleDB domain resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst users = new aws.simpledb.Domain(\"users\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nusers = aws.simpledb.Domain(\"users\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var users = new Aws.SimpleDB.Domain(\"users\", new Aws.SimpleDB.DomainArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/simpledb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = simpledb.NewDomain(ctx, \"users\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name of the SimpleDB domain\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the SimpleDB domain\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "name": { "type": "string", "description": "The name of the SimpleDB domain\n" } }, "type": "object" } }, "aws:sns/platformApplication:PlatformApplication": { "description": "Provides an SNS platform application resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Apple Push Notification Service (APNS)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst apnsApplication = new aws.sns.PlatformApplication(\"apns_application\", {\n platform: \"APNS\",\n platformCredential: \"\u003cAPNS PRIVATE KEY\u003e\",\n platformPrincipal: \"\u003cAPNS CERTIFICATE\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napns_application = aws.sns.PlatformApplication(\"apnsApplication\",\n platform=\"APNS\",\n platform_credential=\"\u003cAPNS PRIVATE KEY\u003e\",\n platform_principal=\"\u003cAPNS CERTIFICATE\u003e\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var apnsApplication = new Aws.Sns.PlatformApplication(\"apnsApplication\", new Aws.Sns.PlatformApplicationArgs\n {\n Platform = \"APNS\",\n PlatformCredential = \"\u003cAPNS PRIVATE KEY\u003e\",\n PlatformPrincipal = \"\u003cAPNS CERTIFICATE\u003e\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sns.NewPlatformApplication(ctx, \"apnsApplication\", \u0026sns.PlatformApplicationArgs{\n\t\t\tPlatform: pulumi.String(\"APNS\"),\n\t\t\tPlatformCredential: pulumi.String(\"\u003cAPNS PRIVATE KEY\u003e\"),\n\t\t\tPlatformPrincipal: pulumi.String(\"\u003cAPNS CERTIFICATE\u003e\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Google Cloud Messaging (GCM)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gcmApplication = new aws.sns.PlatformApplication(\"gcm_application\", {\n platform: \"GCM\",\n platformCredential: \"\u003cGCM API KEY\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngcm_application = aws.sns.PlatformApplication(\"gcmApplication\",\n platform=\"GCM\",\n platform_credential=\"\u003cGCM API KEY\u003e\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var gcmApplication = new Aws.Sns.PlatformApplication(\"gcmApplication\", new Aws.Sns.PlatformApplicationArgs\n {\n Platform = \"GCM\",\n PlatformCredential = \"\u003cGCM API KEY\u003e\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sns.NewPlatformApplication(ctx, \"gcmApplication\", \u0026sns.PlatformApplicationArgs{\n\t\t\tPlatform: pulumi.String(\"GCM\"),\n\t\t\tPlatformCredential: pulumi.String(\"\u003cGCM API KEY\u003e\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the SNS platform application\n" }, "eventDeliveryFailureTopicArn": { "type": "string", "description": "SNS Topic triggered when a delivery to any of the platform endpoints associated with your platform application encounters a permanent failure.\n" }, "eventEndpointCreatedTopicArn": { "type": "string", "description": "SNS Topic triggered when a new platform endpoint is added to your platform application.\n" }, "eventEndpointDeletedTopicArn": { "type": "string", "description": "SNS Topic triggered when an existing platform endpoint is deleted from your platform application.\n" }, "eventEndpointUpdatedTopicArn": { "type": "string", "description": "SNS Topic triggered when an existing platform endpoint is changed from your platform application.\n" }, "failureFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive failure feedback for this application.\n" }, "name": { "type": "string", "description": "The friendly name for the SNS platform application\n" }, "platform": { "type": "string", "description": "The platform that the app is registered with. See [Platform](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for supported platforms.\n" }, "platformCredential": { "type": "string", "description": "Application Platform credential. See [Credential](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for type of credential required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n" }, "platformPrincipal": { "type": "string", "description": "Application Platform principal. See [Principal](http://docs.aws.amazon.com/sns/latest/api/API_CreatePlatformApplication.html) for type of principal required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n" }, "successFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this application.\n" }, "successFeedbackSampleRate": { "type": "string", "description": "The percentage of success to sample (0-100)\n" } }, "required": [ "arn", "name", "platform", "platformCredential" ], "inputProperties": { "eventDeliveryFailureTopicArn": { "type": "string", "description": "SNS Topic triggered when a delivery to any of the platform endpoints associated with your platform application encounters a permanent failure.\n" }, "eventEndpointCreatedTopicArn": { "type": "string", "description": "SNS Topic triggered when a new platform endpoint is added to your platform application.\n" }, "eventEndpointDeletedTopicArn": { "type": "string", "description": "SNS Topic triggered when an existing platform endpoint is deleted from your platform application.\n" }, "eventEndpointUpdatedTopicArn": { "type": "string", "description": "SNS Topic triggered when an existing platform endpoint is changed from your platform application.\n" }, "failureFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive failure feedback for this application.\n" }, "name": { "type": "string", "description": "The friendly name for the SNS platform application\n" }, "platform": { "type": "string", "description": "The platform that the app is registered with. See [Platform](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for supported platforms.\n" }, "platformCredential": { "type": "string", "description": "Application Platform credential. See [Credential](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for type of credential required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n" }, "platformPrincipal": { "type": "string", "description": "Application Platform principal. See [Principal](http://docs.aws.amazon.com/sns/latest/api/API_CreatePlatformApplication.html) for type of principal required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n" }, "successFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this application.\n" }, "successFeedbackSampleRate": { "type": "string", "description": "The percentage of success to sample (0-100)\n" } }, "requiredInputs": [ "platform", "platformCredential" ], "stateInputs": { "description": "Input properties used for looking up and filtering PlatformApplication resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SNS platform application\n" }, "eventDeliveryFailureTopicArn": { "type": "string", "description": "SNS Topic triggered when a delivery to any of the platform endpoints associated with your platform application encounters a permanent failure.\n" }, "eventEndpointCreatedTopicArn": { "type": "string", "description": "SNS Topic triggered when a new platform endpoint is added to your platform application.\n" }, "eventEndpointDeletedTopicArn": { "type": "string", "description": "SNS Topic triggered when an existing platform endpoint is deleted from your platform application.\n" }, "eventEndpointUpdatedTopicArn": { "type": "string", "description": "SNS Topic triggered when an existing platform endpoint is changed from your platform application.\n" }, "failureFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive failure feedback for this application.\n" }, "name": { "type": "string", "description": "The friendly name for the SNS platform application\n" }, "platform": { "type": "string", "description": "The platform that the app is registered with. See [Platform](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for supported platforms.\n" }, "platformCredential": { "type": "string", "description": "Application Platform credential. See [Credential](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for type of credential required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n" }, "platformPrincipal": { "type": "string", "description": "Application Platform principal. See [Principal](http://docs.aws.amazon.com/sns/latest/api/API_CreatePlatformApplication.html) for type of principal required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n" }, "successFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this application.\n" }, "successFeedbackSampleRate": { "type": "string", "description": "The percentage of success to sample (0-100)\n" } }, "type": "object" } }, "aws:sns/smsPreferences:SmsPreferences": { "description": "Provides a way to set SNS SMS preferences.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst updateSmsPrefs = new aws.sns.SmsPreferences(\"update_sms_prefs\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nupdate_sms_prefs = aws.sns.SmsPreferences(\"updateSmsPrefs\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var updateSmsPrefs = new Aws.Sns.SmsPreferences(\"updateSmsPrefs\", new Aws.Sns.SmsPreferencesArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sns.NewSmsPreferences(ctx, \"updateSmsPrefs\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "defaultSenderId": { "type": "string", "description": "A string, such as your business brand, that is displayed as the sender on the receiving device.\n" }, "defaultSmsType": { "type": "string", "description": "The type of SMS message that you will send by default. Possible values are: Promotional, Transactional\n" }, "deliveryStatusIamRoleArn": { "type": "string", "description": "The ARN of the IAM role that allows Amazon SNS to write logs about SMS deliveries in CloudWatch Logs.\n" }, "deliveryStatusSuccessSamplingRate": { "type": "string", "description": "The percentage of successful SMS deliveries for which Amazon SNS will write logs in CloudWatch Logs. The value must be between 0 and 100.\n" }, "monthlySpendLimit": { "type": "string", "description": "The maximum amount in USD that you are willing to spend each month to send SMS messages.\n" }, "usageReportS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket to receive daily SMS usage reports from Amazon SNS.\n" } }, "inputProperties": { "defaultSenderId": { "type": "string", "description": "A string, such as your business brand, that is displayed as the sender on the receiving device.\n" }, "defaultSmsType": { "type": "string", "description": "The type of SMS message that you will send by default. Possible values are: Promotional, Transactional\n" }, "deliveryStatusIamRoleArn": { "type": "string", "description": "The ARN of the IAM role that allows Amazon SNS to write logs about SMS deliveries in CloudWatch Logs.\n" }, "deliveryStatusSuccessSamplingRate": { "type": "string", "description": "The percentage of successful SMS deliveries for which Amazon SNS will write logs in CloudWatch Logs. The value must be between 0 and 100.\n" }, "monthlySpendLimit": { "type": "string", "description": "The maximum amount in USD that you are willing to spend each month to send SMS messages.\n" }, "usageReportS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket to receive daily SMS usage reports from Amazon SNS.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SmsPreferences resources.\n", "properties": { "defaultSenderId": { "type": "string", "description": "A string, such as your business brand, that is displayed as the sender on the receiving device.\n" }, "defaultSmsType": { "type": "string", "description": "The type of SMS message that you will send by default. Possible values are: Promotional, Transactional\n" }, "deliveryStatusIamRoleArn": { "type": "string", "description": "The ARN of the IAM role that allows Amazon SNS to write logs about SMS deliveries in CloudWatch Logs.\n" }, "deliveryStatusSuccessSamplingRate": { "type": "string", "description": "The percentage of successful SMS deliveries for which Amazon SNS will write logs in CloudWatch Logs. The value must be between 0 and 100.\n" }, "monthlySpendLimit": { "type": "string", "description": "The maximum amount in USD that you are willing to spend each month to send SMS messages.\n" }, "usageReportS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket to receive daily SMS usage reports from Amazon SNS.\n" } }, "type": "object" } }, "aws:sns/topic:Topic": { "description": "Provides an SNS topic resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst userUpdates = new aws.sns.Topic(\"user_updates\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser_updates = aws.sns.Topic(\"userUpdates\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var userUpdates = new Aws.Sns.Topic(\"userUpdates\", new Aws.Sns.TopicArgs\n {\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sns.NewTopic(ctx, \"userUpdates\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Example with Delivery Policy\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst userUpdates = new aws.sns.Topic(\"user_updates\", {\n deliveryPolicy: `{\n \"http\": {\n \"defaultHealthyRetryPolicy\": {\n \"minDelayTarget\": 20,\n \"maxDelayTarget\": 20,\n \"numRetries\": 3,\n \"numMaxDelayRetries\": 0,\n \"numNoDelayRetries\": 0,\n \"numMinDelayRetries\": 0,\n \"backoffFunction\": \"linear\"\n },\n \"disableSubscriptionOverrides\": false,\n \"defaultThrottlePolicy\": {\n \"maxReceivesPerSecond\": 1\n }\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser_updates = aws.sns.Topic(\"userUpdates\", delivery_policy=\"\"\"{\n \"http\": {\n \"defaultHealthyRetryPolicy\": {\n \"minDelayTarget\": 20,\n \"maxDelayTarget\": 20,\n \"numRetries\": 3,\n \"numMaxDelayRetries\": 0,\n \"numNoDelayRetries\": 0,\n \"numMinDelayRetries\": 0,\n \"backoffFunction\": \"linear\"\n },\n \"disableSubscriptionOverrides\": false,\n \"defaultThrottlePolicy\": {\n \"maxReceivesPerSecond\": 1\n }\n }\n}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var userUpdates = new Aws.Sns.Topic(\"userUpdates\", new Aws.Sns.TopicArgs\n {\n DeliveryPolicy = @\"{\n \"\"http\"\": {\n \"\"defaultHealthyRetryPolicy\"\": {\n \"\"minDelayTarget\"\": 20,\n \"\"maxDelayTarget\"\": 20,\n \"\"numRetries\"\": 3,\n \"\"numMaxDelayRetries\"\": 0,\n \"\"numNoDelayRetries\"\": 0,\n \"\"numMinDelayRetries\"\": 0,\n \"\"backoffFunction\"\": \"\"linear\"\"\n },\n \"\"disableSubscriptionOverrides\"\": false,\n \"\"defaultThrottlePolicy\"\": {\n \"\"maxReceivesPerSecond\"\": 1\n }\n }\n}\n\n\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sns.NewTopic(ctx, \"userUpdates\", \u0026sns.TopicArgs{\n\t\t\tDeliveryPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"http\\\": {\\n\", \" \\\"defaultHealthyRetryPolicy\\\": {\\n\", \" \\\"minDelayTarget\\\": 20,\\n\", \" \\\"maxDelayTarget\\\": 20,\\n\", \" \\\"numRetries\\\": 3,\\n\", \" \\\"numMaxDelayRetries\\\": 0,\\n\", \" \\\"numNoDelayRetries\\\": 0,\\n\", \" \\\"numMinDelayRetries\\\": 0,\\n\", \" \\\"backoffFunction\\\": \\\"linear\\\"\\n\", \" },\\n\", \" \\\"disableSubscriptionOverrides\\\": false,\\n\", \" \\\"defaultThrottlePolicy\\\": {\\n\", \" \\\"maxReceivesPerSecond\\\": 1\\n\", \" }\\n\", \" }\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Example with Server-side encryption (SSE)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst userUpdates = new aws.sns.Topic(\"user_updates\", {\n kmsMasterKeyId: \"alias/aws/sns\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser_updates = aws.sns.Topic(\"userUpdates\", kms_master_key_id=\"alias/aws/sns\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var userUpdates = new Aws.Sns.Topic(\"userUpdates\", new Aws.Sns.TopicArgs\n {\n KmsMasterKeyId = \"alias/aws/sns\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sns.NewTopic(ctx, \"userUpdates\", \u0026sns.TopicArgs{\n\t\t\tKmsMasterKeyId: pulumi.String(\"alias/aws/sns\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Message Delivery Status Arguments\n\nThe `\u003cendpoint\u003e_success_feedback_role_arn` and `\u003cendpoint\u003e_failure_feedback_role_arn` arguments are used to give Amazon SNS write access to use CloudWatch Logs on your behalf. The `\u003cendpoint\u003e_success_feedback_sample_rate` argument is for specifying the sample rate percentage (0-100) of successfully delivered messages. After you configure the `\u003cendpoint\u003e_failure_feedback_role_arn` argument, then all failed message deliveries generate CloudWatch Logs.\n", "properties": { "applicationFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "applicationSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "applicationSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the SNS topic, as a more obvious property (clone of id)\n" }, "deliveryPolicy": { "type": "string", "description": "The SNS delivery policy. More on [AWS documentation](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html)\n" }, "displayName": { "type": "string", "description": "The display name for the SNS topic\n" }, "httpFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "httpSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "httpSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key Terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms)\n" }, "lambdaFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "lambdaSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "lambdaSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "name": { "type": "string", "description": "The friendly name for the SNS topic. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The friendly name for the SNS topic. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON.\n" }, "sqsFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "sqsSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "sqsSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "name", "policy" ], "inputProperties": { "applicationFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "applicationSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "applicationSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "deliveryPolicy": { "type": "string", "description": "The SNS delivery policy. More on [AWS documentation](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html)\n" }, "displayName": { "type": "string", "description": "The display name for the SNS topic\n" }, "httpFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "httpSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "httpSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key Terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms)\n" }, "lambdaFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "lambdaSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "lambdaSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "name": { "type": "string", "description": "The friendly name for the SNS topic. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The friendly name for the SNS topic. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON.\n" }, "sqsFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "sqsSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "sqsSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Topic resources.\n", "properties": { "applicationFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "applicationSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "applicationSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the SNS topic, as a more obvious property (clone of id)\n" }, "deliveryPolicy": { "type": "string", "description": "The SNS delivery policy. More on [AWS documentation](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html)\n" }, "displayName": { "type": "string", "description": "The display name for the SNS topic\n" }, "httpFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "httpSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "httpSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key Terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms)\n" }, "lambdaFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "lambdaSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "lambdaSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "name": { "type": "string", "description": "The friendly name for the SNS topic. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The friendly name for the SNS topic. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON.\n" }, "sqsFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "sqsSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "sqsSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:sns/topicPolicy:TopicPolicy": { "description": "Provides an SNS topic policy resource\n\n\u003e **NOTE:** If a Principal is specified as just an AWS account ID rather than an ARN, AWS silently converts it to the ARN for the root user, causing future deployments to differ. To avoid this problem, just specify the full ARN, e.g. `arn:aws:iam::123456789012:root`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.sns.Topic(\"test\", {});\nconst snsTopicPolicy = test.arn.apply(arn =\u003e aws.iam.getPolicyDocument({\n policyId: \"__default_policy_ID\",\n statements: [{\n actions: [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n conditions: [{\n test: \"StringEquals\",\n values: [var_account_id],\n variable: \"AWS:SourceOwner\",\n }],\n effect: \"Allow\",\n principals: [{\n identifiers: [\"*\"],\n type: \"AWS\",\n }],\n resources: [arn],\n sid: \"__default_statement_ID\",\n }],\n}, { async: true }));\nconst defaultTopicPolicy = new aws.sns.TopicPolicy(\"default\", {\n arn: test.arn,\n policy: snsTopicPolicy.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.sns.Topic(\"test\")\nsns_topic_policy = test.arn.apply(lambda arn: aws.iam.get_policy_document(policy_id=\"__default_policy_ID\",\n statements=[{\n \"actions\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n \"condition\": [{\n \"test\": \"StringEquals\",\n \"values\": [var[\"account-id\"]],\n \"variable\": \"AWS:SourceOwner\",\n }],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"identifiers\": [\"*\"],\n \"type\": \"AWS\",\n }],\n \"resources\": [arn],\n \"sid\": \"__default_statement_ID\",\n }]))\ndefault = aws.sns.TopicPolicy(\"default\",\n arn=test.arn,\n policy=sns_topic_policy.json)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = new Aws.Sns.Topic(\"test\", new Aws.Sns.TopicArgs\n {\n });\n var snsTopicPolicy = test.Arn.Apply(arn =\u003e Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n PolicyId = \"__default_policy_ID\",\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n },\n Condition = \n {\n \n {\n { \"test\", \"StringEquals\" },\n { \"values\", \n {\n @var.Account_id,\n } },\n { \"variable\", \"AWS:SourceOwner\" },\n },\n },\n Effect = \"Allow\",\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"*\",\n },\n Type = \"AWS\",\n },\n },\n Resources = \n {\n arn,\n },\n Sid = \"__default_statement_ID\",\n },\n },\n }));\n var @default = new Aws.Sns.TopicPolicy(\"default\", new Aws.Sns.TopicPolicyArgs\n {\n Arn = test.Arn,\n Policy = snsTopicPolicy.Apply(snsTopicPolicy =\u003e snsTopicPolicy.Json),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := sns.NewTopic(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sns.NewTopicPolicy(ctx, \"default\", \u0026sns.TopicPolicyArgs{\n\t\t\tArn: test.Arn,\n\t\t\tPolicy: snsTopicPolicy.ApplyT(func(snsTopicPolicy iam.GetPolicyDocumentResult) (string, error) {\n\t\t\t\treturn snsTopicPolicy.Json, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the SNS topic\n" }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON.\n" } }, "required": [ "arn", "policy" ], "inputProperties": { "arn": { "type": "string", "description": "The ARN of the SNS topic\n" }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON.\n" } }, "requiredInputs": [ "arn", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering TopicPolicy resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SNS topic\n" }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON.\n" } }, "type": "object" } }, "aws:sns/topicSubscription:TopicSubscription": { "description": "Provides a resource for subscribing to SNS topics. Requires that an SNS topic exist for the subscription to attach to.\nThis resource allows you to automatically place messages sent to SNS topics in SQS queues, send them as HTTP(S) POST requests\nto a given endpoint, send SMS messages, or notify devices / applications. The most likely use case will\nprobably be SQS queues.\n\n\u003e **NOTE:** If the SNS topic and SQS queue are in different AWS regions, it is important for the \"aws.sns.TopicSubscription\" to use an AWS provider that is in the same region of the SNS topic. If the \"aws.sns.TopicSubscription\" is using a provider with a different region than the SNS topic, the subscription will fail to create.\n\n\u003e **NOTE:** Setup of cross-account subscriptions from SNS topics to SQS queues requires the provider to have access to BOTH accounts.\n\n\u003e **NOTE:** If SNS topic and SQS queue are in different AWS accounts but the same region it is important for the \"aws.sns.TopicSubscription\" to use the AWS provider of the account with the SQS queue. If \"aws.sns.TopicSubscription\" is using a Provider with a different account than the SQS queue, the provider creates the subscriptions but does not keep state and tries to re-create the subscription at every apply.\n\n\u003e **NOTE:** If SNS topic and SQS queue are in different AWS accounts and different AWS regions it is important to recognize that the subscription needs to be initiated from the account with the SQS queue but in the region of the SNS topic.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the subscription stored as a more user-friendly property\n" }, "confirmationTimeoutInMinutes": { "type": "integer", "description": "Integer indicating number of minutes to wait in retying mode for fetching subscription arn before marking it as failure. Only applicable for http and https protocols (default is 1 minute).\n" }, "deliveryPolicy": { "type": "string", "description": "JSON String with the delivery policy (retries, backoff, etc.) that will be used in the subscription - this only applies to HTTP/S subscriptions. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html) for more details.\n" }, "endpoint": { "type": "string", "description": "The endpoint to send data to, the contents will vary with the protocol. (see below for more information)\n" }, "endpointAutoConfirms": { "type": "boolean", "description": "Boolean indicating whether the end point is capable of [auto confirming subscription](http://docs.aws.amazon.com/sns/latest/dg/SendMessageToHttp.html#SendMessageToHttp.prepare) e.g., PagerDuty (default is false)\n" }, "filterPolicy": { "type": "string", "description": "JSON String with the filter policy that will be used in the subscription to filter messages seen by the target resource. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/message-filtering.html) for more details.\n" }, "protocol": { "type": "string", "description": "The protocol to use. The possible values for this are: `sqs`, `sms`, `lambda`, `application`. (`http` or `https` are partially supported, see below) (`email` is an option but is unsupported, see below).\n" }, "rawMessageDelivery": { "type": "boolean", "description": "Boolean indicating whether or not to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property) (default is false).\n" }, "topic": { "type": "string", "description": "The ARN of the SNS topic to subscribe to\n" } }, "required": [ "arn", "endpoint", "protocol", "topic" ], "inputProperties": { "confirmationTimeoutInMinutes": { "type": "integer", "description": "Integer indicating number of minutes to wait in retying mode for fetching subscription arn before marking it as failure. Only applicable for http and https protocols (default is 1 minute).\n" }, "deliveryPolicy": { "type": "string", "description": "JSON String with the delivery policy (retries, backoff, etc.) that will be used in the subscription - this only applies to HTTP/S subscriptions. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html) for more details.\n" }, "endpoint": { "type": "string", "description": "The endpoint to send data to, the contents will vary with the protocol. (see below for more information)\n" }, "endpointAutoConfirms": { "type": "boolean", "description": "Boolean indicating whether the end point is capable of [auto confirming subscription](http://docs.aws.amazon.com/sns/latest/dg/SendMessageToHttp.html#SendMessageToHttp.prepare) e.g., PagerDuty (default is false)\n" }, "filterPolicy": { "type": "string", "description": "JSON String with the filter policy that will be used in the subscription to filter messages seen by the target resource. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/message-filtering.html) for more details.\n" }, "protocol": { "type": "string", "description": "The protocol to use. The possible values for this are: `sqs`, `sms`, `lambda`, `application`. (`http` or `https` are partially supported, see below) (`email` is an option but is unsupported, see below).\n" }, "rawMessageDelivery": { "type": "boolean", "description": "Boolean indicating whether or not to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property) (default is false).\n" }, "topic": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ], "description": "The ARN of the SNS topic to subscribe to\n" } }, "requiredInputs": [ "endpoint", "protocol", "topic" ], "stateInputs": { "description": "Input properties used for looking up and filtering TopicSubscription resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the subscription stored as a more user-friendly property\n" }, "confirmationTimeoutInMinutes": { "type": "integer", "description": "Integer indicating number of minutes to wait in retying mode for fetching subscription arn before marking it as failure. Only applicable for http and https protocols (default is 1 minute).\n" }, "deliveryPolicy": { "type": "string", "description": "JSON String with the delivery policy (retries, backoff, etc.) that will be used in the subscription - this only applies to HTTP/S subscriptions. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html) for more details.\n" }, "endpoint": { "type": "string", "description": "The endpoint to send data to, the contents will vary with the protocol. (see below for more information)\n" }, "endpointAutoConfirms": { "type": "boolean", "description": "Boolean indicating whether the end point is capable of [auto confirming subscription](http://docs.aws.amazon.com/sns/latest/dg/SendMessageToHttp.html#SendMessageToHttp.prepare) e.g., PagerDuty (default is false)\n" }, "filterPolicy": { "type": "string", "description": "JSON String with the filter policy that will be used in the subscription to filter messages seen by the target resource. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/message-filtering.html) for more details.\n" }, "protocol": { "type": "string", "description": "The protocol to use. The possible values for this are: `sqs`, `sms`, `lambda`, `application`. (`http` or `https` are partially supported, see below) (`email` is an option but is unsupported, see below).\n" }, "rawMessageDelivery": { "type": "boolean", "description": "Boolean indicating whether or not to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property) (default is false).\n" }, "topic": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ], "description": "The ARN of the SNS topic to subscribe to\n" } }, "type": "object" } }, "aws:sqs/queue:Queue": { "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst queue = new aws.sqs.Queue(\"queue\", {\n delaySeconds: 90,\n maxMessageSize: 2048,\n messageRetentionSeconds: 86400,\n receiveWaitTimeSeconds: 10,\n redrivePolicy: JSON.stringify({\n deadLetterTargetArn: aws_sqs_queue.queue_deadletter.arn,\n maxReceiveCount: 4,\n }),\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nqueue = aws.sqs.Queue(\"queue\",\n delay_seconds=90,\n max_message_size=2048,\n message_retention_seconds=86400,\n receive_wait_time_seconds=10,\n redrive_policy=json.dumps({\n \"deadLetterTargetArn\": aws_sqs_queue[\"queue_deadletter\"][\"arn\"],\n \"maxReceiveCount\": 4,\n }),\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var queue = new Aws.Sqs.Queue(\"queue\", new Aws.Sqs.QueueArgs\n {\n DelaySeconds = 90,\n MaxMessageSize = 2048,\n MessageRetentionSeconds = 86400,\n ReceiveWaitTimeSeconds = 10,\n RedrivePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n { \"deadLetterTargetArn\", aws_sqs_queue.Queue_deadletter.Arn },\n { \"maxReceiveCount\", 4 },\n }),\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"deadLetterTargetArn\": aws_sqs_queue.Queue_deadletter.Arn,\n\t\t\t\"maxReceiveCount\": 4,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tDelaySeconds: pulumi.Int(90),\n\t\t\tMaxMessageSize: pulumi.Int(2048),\n\t\t\tMessageRetentionSeconds: pulumi.Int(86400),\n\t\t\tReceiveWaitTimeSeconds: pulumi.Int(10),\n\t\t\tRedrivePolicy: pulumi.String(json0),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## FIFO queue\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst queue = new aws.sqs.Queue(\"queue\", {\n contentBasedDeduplication: true,\n fifoQueue: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nqueue = aws.sqs.Queue(\"queue\",\n content_based_deduplication=True,\n fifo_queue=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var queue = new Aws.Sqs.Queue(\"queue\", new Aws.Sqs.QueueArgs\n {\n ContentBasedDeduplication = true,\n FifoQueue = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tContentBasedDeduplication: pulumi.Bool(true),\n\t\t\tFifoQueue: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Server-side encryption (SSE)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst queue = new aws.sqs.Queue(\"queue\", {\n kmsDataKeyReusePeriodSeconds: 300,\n kmsMasterKeyId: \"alias/aws/sqs\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nqueue = aws.sqs.Queue(\"queue\",\n kms_data_key_reuse_period_seconds=300,\n kms_master_key_id=\"alias/aws/sqs\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var queue = new Aws.Sqs.Queue(\"queue\", new Aws.Sqs.QueueArgs\n {\n KmsDataKeyReusePeriodSeconds = 300,\n KmsMasterKeyId = \"alias/aws/sqs\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tKmsDataKeyReusePeriodSeconds: pulumi.Int(300),\n\t\t\tKmsMasterKeyId: pulumi.String(\"alias/aws/sqs\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SQS queue\n" }, "contentBasedDeduplication": { "type": "boolean", "description": "Enables content-based deduplication for FIFO queues. For more information, see the [related documentation](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-exactly-once-processing)\n" }, "delaySeconds": { "type": "integer", "description": "The time in seconds that the delivery of all messages in the queue will be delayed. An integer from 0 to 900 (15 minutes). The default for this attribute is 0 seconds.\n" }, "fifoQueue": { "type": "boolean", "description": "Boolean designating a FIFO queue. If not set, it defaults to `false` making it standard.\n" }, "kmsDataKeyReusePeriodSeconds": { "type": "integer", "description": "The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. An integer representing seconds, between 60 seconds (1 minute) and 86,400 seconds (24 hours). The default is 300 (5 minutes).\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK. For more information, see [Key Terms](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms).\n" }, "maxMessageSize": { "type": "integer", "description": "The limit of how many bytes a message can contain before Amazon SQS rejects it. An integer from 1024 bytes (1 KiB) up to 262144 bytes (256 KiB). The default for this attribute is 262144 (256 KiB).\n" }, "messageRetentionSeconds": { "type": "integer", "description": "The number of seconds Amazon SQS retains a message. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days). The default for this attribute is 345600 (4 days).\n" }, "name": { "type": "string", "description": "This is the human-readable name of the queue. If omitted, this provider will assign a random name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The JSON policy for the SQS queue.\n" }, "receiveWaitTimeSeconds": { "type": "integer", "description": "The time for which a ReceiveMessage call will wait for a message to arrive (long polling) before returning. An integer from 0 to 20 (seconds). The default for this attribute is 0, meaning that the call will return immediately.\n" }, "redrivePolicy": { "type": "string", "description": "The JSON policy to set up the Dead Letter Queue, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/SQSDeadLetterQueue.html). **Note:** when specifying `maxReceiveCount`, you must specify it as an integer (`5`), and not a string (`\"5\"`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the queue.\n" }, "visibilityTimeoutSeconds": { "type": "integer", "description": "The visibility timeout for the queue. An integer from 0 to 43200 (12 hours). The default for this attribute is 30. For more information about visibility timeout, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AboutVT.html).\n" } }, "required": [ "arn", "kmsDataKeyReusePeriodSeconds", "name", "policy" ], "inputProperties": { "contentBasedDeduplication": { "type": "boolean", "description": "Enables content-based deduplication for FIFO queues. For more information, see the [related documentation](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-exactly-once-processing)\n" }, "delaySeconds": { "type": "integer", "description": "The time in seconds that the delivery of all messages in the queue will be delayed. An integer from 0 to 900 (15 minutes). The default for this attribute is 0 seconds.\n" }, "fifoQueue": { "type": "boolean", "description": "Boolean designating a FIFO queue. If not set, it defaults to `false` making it standard.\n" }, "kmsDataKeyReusePeriodSeconds": { "type": "integer", "description": "The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. An integer representing seconds, between 60 seconds (1 minute) and 86,400 seconds (24 hours). The default is 300 (5 minutes).\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK. For more information, see [Key Terms](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms).\n" }, "maxMessageSize": { "type": "integer", "description": "The limit of how many bytes a message can contain before Amazon SQS rejects it. An integer from 1024 bytes (1 KiB) up to 262144 bytes (256 KiB). The default for this attribute is 262144 (256 KiB).\n" }, "messageRetentionSeconds": { "type": "integer", "description": "The number of seconds Amazon SQS retains a message. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days). The default for this attribute is 345600 (4 days).\n" }, "name": { "type": "string", "description": "This is the human-readable name of the queue. If omitted, this provider will assign a random name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The JSON policy for the SQS queue.\n" }, "receiveWaitTimeSeconds": { "type": "integer", "description": "The time for which a ReceiveMessage call will wait for a message to arrive (long polling) before returning. An integer from 0 to 20 (seconds). The default for this attribute is 0, meaning that the call will return immediately.\n" }, "redrivePolicy": { "type": "string", "description": "The JSON policy to set up the Dead Letter Queue, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/SQSDeadLetterQueue.html). **Note:** when specifying `maxReceiveCount`, you must specify it as an integer (`5`), and not a string (`\"5\"`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the queue.\n" }, "visibilityTimeoutSeconds": { "type": "integer", "description": "The visibility timeout for the queue. An integer from 0 to 43200 (12 hours). The default for this attribute is 30. For more information about visibility timeout, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AboutVT.html).\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Queue resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SQS queue\n" }, "contentBasedDeduplication": { "type": "boolean", "description": "Enables content-based deduplication for FIFO queues. For more information, see the [related documentation](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-exactly-once-processing)\n" }, "delaySeconds": { "type": "integer", "description": "The time in seconds that the delivery of all messages in the queue will be delayed. An integer from 0 to 900 (15 minutes). The default for this attribute is 0 seconds.\n" }, "fifoQueue": { "type": "boolean", "description": "Boolean designating a FIFO queue. If not set, it defaults to `false` making it standard.\n" }, "kmsDataKeyReusePeriodSeconds": { "type": "integer", "description": "The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. An integer representing seconds, between 60 seconds (1 minute) and 86,400 seconds (24 hours). The default is 300 (5 minutes).\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK. For more information, see [Key Terms](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms).\n" }, "maxMessageSize": { "type": "integer", "description": "The limit of how many bytes a message can contain before Amazon SQS rejects it. An integer from 1024 bytes (1 KiB) up to 262144 bytes (256 KiB). The default for this attribute is 262144 (256 KiB).\n" }, "messageRetentionSeconds": { "type": "integer", "description": "The number of seconds Amazon SQS retains a message. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days). The default for this attribute is 345600 (4 days).\n" }, "name": { "type": "string", "description": "This is the human-readable name of the queue. If omitted, this provider will assign a random name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The JSON policy for the SQS queue.\n" }, "receiveWaitTimeSeconds": { "type": "integer", "description": "The time for which a ReceiveMessage call will wait for a message to arrive (long polling) before returning. An integer from 0 to 20 (seconds). The default for this attribute is 0, meaning that the call will return immediately.\n" }, "redrivePolicy": { "type": "string", "description": "The JSON policy to set up the Dead Letter Queue, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/SQSDeadLetterQueue.html). **Note:** when specifying `maxReceiveCount`, you must specify it as an integer (`5`), and not a string (`\"5\"`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the queue.\n" }, "visibilityTimeoutSeconds": { "type": "integer", "description": "The visibility timeout for the queue. An integer from 0 to 43200 (12 hours). The default for this attribute is 30. For more information about visibility timeout, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AboutVT.html).\n" } }, "type": "object" } }, "aws:sqs/queuePolicy:QueuePolicy": { "description": "Allows you to set a policy of an SQS Queue\nwhile referencing ARN of the queue within the policy.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst queue = new aws.sqs.Queue(\"q\", {});\nconst test = new aws.sqs.QueuePolicy(\"test\", {\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Id\": \"sqspolicy\",\n \"Statement\": [\n {\n \"Sid\": \"First\",\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Action\": \"sqs:SendMessage\",\n \"Resource\": \"${queue.arn}\",\n \"Condition\": {\n \"ArnEquals\": {\n \"aws:SourceArn\": \"${aws_sns_topic_example.arn}\"\n }\n }\n }\n ]\n}\n`,\n queueUrl: queue.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nqueue = aws.sqs.Queue(\"queue\")\ntest = aws.sqs.QueuePolicy(\"test\",\n policy=queue.arn.apply(lambda arn: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Id\": \"sqspolicy\",\n \"Statement\": [\n {{\n \"Sid\": \"First\",\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Action\": \"sqs:SendMessage\",\n \"Resource\": \"{arn}\",\n \"Condition\": {{\n \"ArnEquals\": {{\n \"aws:SourceArn\": \"{aws_sns_topic[\"example\"][\"arn\"]}\"\n }}\n }}\n }}\n ]\n}}\n\n\"\"\"),\n queue_url=queue.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var queue = new Aws.Sqs.Queue(\"queue\", new Aws.Sqs.QueueArgs\n {\n });\n var test = new Aws.Sqs.QueuePolicy(\"test\", new Aws.Sqs.QueuePolicyArgs\n {\n Policy = queue.Arn.Apply(arn =\u003e @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Id\"\": \"\"sqspolicy\"\",\n \"\"Statement\"\": [\n {{\n \"\"Sid\"\": \"\"First\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Action\"\": \"\"sqs:SendMessage\"\",\n \"\"Resource\"\": \"\"{arn}\"\",\n \"\"Condition\"\": {{\n \"\"ArnEquals\"\": {{\n \"\"aws:SourceArn\"\": \"\"{aws_sns_topic.Example.Arn}\"\"\n }}\n }}\n }}\n ]\n}}\n\n\"),\n QueueUrl = queue.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tqueue, err := sqs.NewQueue(ctx, \"queue\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sqs.NewQueuePolicy(ctx, \"test\", \u0026sqs.QueuePolicyArgs{\n\t\t\tPolicy: queue.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Id\\\": \\\"sqspolicy\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"First\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": \\\"*\\\",\\n\", \" \\\"Action\\\": \\\"sqs:SendMessage\\\",\\n\", \" \\\"Resource\\\": \\\"\", arn, \"\\\",\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"ArnEquals\\\": {\\n\", \" \\\"aws:SourceArn\\\": \\\"\", aws_sns_topic.Example.Arn, \"\\\"\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\"), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tQueueUrl: queue.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "policy": { "type": "string", "description": "The JSON policy for the SQS queue.\n" }, "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n" } }, "required": [ "policy", "queueUrl" ], "inputProperties": { "policy": { "type": "string", "description": "The JSON policy for the SQS queue.\n" }, "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n" } }, "requiredInputs": [ "policy", "queueUrl" ], "stateInputs": { "description": "Input properties used for looking up and filtering QueuePolicy resources.\n", "properties": { "policy": { "type": "string", "description": "The JSON policy for the SQS queue.\n" }, "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n" } }, "type": "object" } }, "aws:ssm/activation:Activation": { "description": "Registers an on-premises server or virtual machine with Amazon EC2 so that it can be managed using Run Command.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRole = new aws.iam.Role(\"test_role\", {\n assumeRolePolicy: ` {\n \"Version\": \"2012-10-17\",\n \"Statement\": {\n \"Effect\": \"Allow\",\n \"Principal\": {\"Service\": \"ssm.amazonaws.com\"},\n \"Action\": \"sts:AssumeRole\"\n }\n }\n`,\n});\nconst testAttach = new aws.iam.RolePolicyAttachment(\"test_attach\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\",\n role: testRole.name,\n});\nconst foo = new aws.ssm.Activation(\"foo\", {\n description: \"Test\",\n iamRole: testRole.id,\n registrationLimit: 5,\n}, { dependsOn: [testAttach] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_role = aws.iam.Role(\"testRole\", assume_role_policy=\"\"\" {\n \"Version\": \"2012-10-17\",\n \"Statement\": {\n \"Effect\": \"Allow\",\n \"Principal\": {\"Service\": \"ssm.amazonaws.com\"},\n \"Action\": \"sts:AssumeRole\"\n }\n }\n\n\"\"\")\ntest_attach = aws.iam.RolePolicyAttachment(\"testAttach\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\",\n role=test_role.name)\nfoo = aws.ssm.Activation(\"foo\",\n description=\"Test\",\n iam_role=test_role.id,\n registration_limit=\"5\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testRole = new Aws.Iam.Role(\"testRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\" {\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\"\"Service\"\": \"\"ssm.amazonaws.com\"\"},\n \"\"Action\"\": \"\"sts:AssumeRole\"\"\n }\n }\n\n\",\n });\n var testAttach = new Aws.Iam.RolePolicyAttachment(\"testAttach\", new Aws.Iam.RolePolicyAttachmentArgs\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\",\n Role = testRole.Name,\n });\n var foo = new Aws.Ssm.Activation(\"foo\", new Aws.Ssm.ActivationArgs\n {\n Description = \"Test\",\n IamRole = testRole.Id,\n RegistrationLimit = 5,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestRole, err := iam.NewRole(ctx, \"testRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v\", \" {\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": {\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\\"Service\\\": \\\"ssm.amazonaws.com\\\"},\\n\", \" \\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \" }\\n\", \" }\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"testAttach\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\"),\n\t\t\tRole: testRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewActivation(ctx, \"foo\", \u0026ssm.ActivationArgs{\n\t\t\tDescription: pulumi.String(\"Test\"),\n\t\t\tIamRole: testRole.ID(),\n\t\t\tRegistrationLimit: pulumi.Int(5),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "activationCode": { "type": "string", "description": "The code the system generates when it processes the activation.\n" }, "description": { "type": "string", "description": "The description of the resource that you want to register.\n" }, "expirationDate": { "type": "string", "description": "UTC timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) by which this activation request should expire. The default value is 24 hours from resource creation time. This provider will only perform drift detection of its value when present in a configuration.\n" }, "expired": { "type": "boolean", "description": "If the current activation has expired.\n" }, "iamRole": { "type": "string", "description": "The IAM Role to attach to the managed instance.\n" }, "name": { "type": "string", "description": "The default name of the registered managed instance.\n" }, "registrationCount": { "type": "integer", "description": "The number of managed instances that are currently registered using this activation.\n" }, "registrationLimit": { "type": "integer", "description": "The maximum number of managed instances you want to register. The default value is 1 instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" } }, "required": [ "activationCode", "expirationDate", "expired", "iamRole", "name", "registrationCount" ], "inputProperties": { "description": { "type": "string", "description": "The description of the resource that you want to register.\n" }, "expirationDate": { "type": "string", "description": "UTC timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) by which this activation request should expire. The default value is 24 hours from resource creation time. This provider will only perform drift detection of its value when present in a configuration.\n" }, "iamRole": { "type": "string", "description": "The IAM Role to attach to the managed instance.\n" }, "name": { "type": "string", "description": "The default name of the registered managed instance.\n" }, "registrationLimit": { "type": "integer", "description": "The maximum number of managed instances you want to register. The default value is 1 instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" } }, "requiredInputs": [ "iamRole" ], "stateInputs": { "description": "Input properties used for looking up and filtering Activation resources.\n", "properties": { "activationCode": { "type": "string", "description": "The code the system generates when it processes the activation.\n" }, "description": { "type": "string", "description": "The description of the resource that you want to register.\n" }, "expirationDate": { "type": "string", "description": "UTC timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) by which this activation request should expire. The default value is 24 hours from resource creation time. This provider will only perform drift detection of its value when present in a configuration.\n" }, "expired": { "type": "boolean", "description": "If the current activation has expired.\n" }, "iamRole": { "type": "string", "description": "The IAM Role to attach to the managed instance.\n" }, "name": { "type": "string", "description": "The default name of the registered managed instance.\n" }, "registrationCount": { "type": "integer", "description": "The number of managed instances that are currently registered using this activation.\n" }, "registrationLimit": { "type": "integer", "description": "The maximum number of managed instances you want to register. The default value is 1 instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" } }, "type": "object" } }, "aws:ssm/association:Association": { "description": "Associates an SSM Document to an instance or EC2 tag.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.Association(\"example\", {\n targets: [{\n key: \"InstanceIds\",\n values: [aws_instance_example.id],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.Association(\"example\", targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [aws_instance[\"example\"][\"id\"]],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ssm.Association(\"example\", new Aws.Ssm.AssociationArgs\n {\n Targets = \n {\n new Aws.Ssm.Inputs.AssociationTargetArgs\n {\n Key = \"InstanceIds\",\n Values = \n {\n aws_instance.Example.Id,\n },\n },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "associationId": { "type": "string", "description": "The ID of the SSM association.\n" }, "associationName": { "type": "string", "description": "The descriptive name for the association.\n" }, "automationTargetParameterName": { "type": "string", "description": "Specify the target for the association. This target is required for associations that use an `Automation` document and target resources by using rate controls.\n" }, "complianceSeverity": { "type": "string", "description": "The compliance severity for the association. Can be one of the following: `UNSPECIFIED`, `LOW`, `MEDIUM`, `HIGH` or `CRITICAL`\n" }, "documentVersion": { "type": "string", "description": "The document version you want to associate with the target(s). Can be a specific version or the default version.\n" }, "instanceId": { "type": "string", "description": "The instance ID to apply an SSM document to. Use `targets` with key `InstanceIds` for document schema versions 2.0 and above.\n" }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%.\n" }, "maxErrors": { "type": "string", "description": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify a number, for example 10, or a percentage of the target set, for example 10%.\n" }, "name": { "type": "string", "description": "The name of the SSM document to apply.\n" }, "outputLocation": { "$ref": "#/types/aws:ssm/AssociationOutputLocation:AssociationOutputLocation", "description": "An output location block. Output Location is documented below.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A block of arbitrary string parameters to pass to the SSM document.\n" }, "scheduleExpression": { "type": "string", "description": "A cron expression when the association will be applied to the target(s).\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/AssociationTarget:AssociationTarget" }, "description": "A block containing the targets of the SSM association. Targets are documented below. AWS currently supports a maximum of 5 targets.\n" } }, "required": [ "associationId", "documentVersion", "name", "parameters", "targets" ], "inputProperties": { "associationName": { "type": "string", "description": "The descriptive name for the association.\n" }, "automationTargetParameterName": { "type": "string", "description": "Specify the target for the association. This target is required for associations that use an `Automation` document and target resources by using rate controls.\n" }, "complianceSeverity": { "type": "string", "description": "The compliance severity for the association. Can be one of the following: `UNSPECIFIED`, `LOW`, `MEDIUM`, `HIGH` or `CRITICAL`\n" }, "documentVersion": { "type": "string", "description": "The document version you want to associate with the target(s). Can be a specific version or the default version.\n" }, "instanceId": { "type": "string", "description": "The instance ID to apply an SSM document to. Use `targets` with key `InstanceIds` for document schema versions 2.0 and above.\n" }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%.\n" }, "maxErrors": { "type": "string", "description": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify a number, for example 10, or a percentage of the target set, for example 10%.\n" }, "name": { "type": "string", "description": "The name of the SSM document to apply.\n" }, "outputLocation": { "$ref": "#/types/aws:ssm/AssociationOutputLocation:AssociationOutputLocation", "description": "An output location block. Output Location is documented below.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A block of arbitrary string parameters to pass to the SSM document.\n" }, "scheduleExpression": { "type": "string", "description": "A cron expression when the association will be applied to the target(s).\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/AssociationTarget:AssociationTarget" }, "description": "A block containing the targets of the SSM association. Targets are documented below. AWS currently supports a maximum of 5 targets.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Association resources.\n", "properties": { "associationId": { "type": "string", "description": "The ID of the SSM association.\n" }, "associationName": { "type": "string", "description": "The descriptive name for the association.\n" }, "automationTargetParameterName": { "type": "string", "description": "Specify the target for the association. This target is required for associations that use an `Automation` document and target resources by using rate controls.\n" }, "complianceSeverity": { "type": "string", "description": "The compliance severity for the association. Can be one of the following: `UNSPECIFIED`, `LOW`, `MEDIUM`, `HIGH` or `CRITICAL`\n" }, "documentVersion": { "type": "string", "description": "The document version you want to associate with the target(s). Can be a specific version or the default version.\n" }, "instanceId": { "type": "string", "description": "The instance ID to apply an SSM document to. Use `targets` with key `InstanceIds` for document schema versions 2.0 and above.\n" }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%.\n" }, "maxErrors": { "type": "string", "description": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify a number, for example 10, or a percentage of the target set, for example 10%.\n" }, "name": { "type": "string", "description": "The name of the SSM document to apply.\n" }, "outputLocation": { "$ref": "#/types/aws:ssm/AssociationOutputLocation:AssociationOutputLocation", "description": "An output location block. Output Location is documented below.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A block of arbitrary string parameters to pass to the SSM document.\n" }, "scheduleExpression": { "type": "string", "description": "A cron expression when the association will be applied to the target(s).\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/AssociationTarget:AssociationTarget" }, "description": "A block containing the targets of the SSM association. Targets are documented below. AWS currently supports a maximum of 5 targets.\n" } }, "type": "object" } }, "aws:ssm/document:Document": { "description": "Provides an SSM Document resource\n\n\u003e **NOTE on updating SSM documents:** Only documents with a schema version of 2.0\nor greater can update their content once created, see [SSM Schema Features](http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-ssm-docs.html#document-schemas-features). To update a document with an older\nschema version you must recreate the resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ssm.Document(\"foo\", {\n content: ` {\n \"schemaVersion\": \"1.2\",\n \"description\": \"Check ip configuration of a Linux instance.\",\n \"parameters\": {\n\n },\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [\n {\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"ifconfig\"]\n }\n ]\n }\n }\n }\n`,\n documentType: \"Command\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ssm.Document(\"foo\",\n content=\"\"\" {\n \"schemaVersion\": \"1.2\",\n \"description\": \"Check ip configuration of a Linux instance.\",\n \"parameters\": {\n\n },\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [\n {\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"ifconfig\"]\n }\n ]\n }\n }\n }\n\n\"\"\",\n document_type=\"Command\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ssm.Document(\"foo\", new Aws.Ssm.DocumentArgs\n {\n Content = @\" {\n \"\"schemaVersion\"\": \"\"1.2\"\",\n \"\"description\"\": \"\"Check ip configuration of a Linux instance.\"\",\n \"\"parameters\"\": {\n\n },\n \"\"runtimeConfig\"\": {\n \"\"aws:runShellScript\"\": {\n \"\"properties\"\": [\n {\n \"\"id\"\": \"\"0.aws:runShellScript\"\",\n \"\"runCommand\"\": [\"\"ifconfig\"\"]\n }\n ]\n }\n }\n }\n\n\",\n DocumentType = \"Command\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ssm.NewDocument(ctx, \"foo\", \u0026ssm.DocumentArgs{\n\t\t\tContent: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \" {\\n\", \" \\\"schemaVersion\\\": \\\"1.2\\\",\\n\", \" \\\"description\\\": \\\"Check ip configuration of a Linux instance.\\\",\\n\", \" \\\"parameters\\\": {\\n\", \"\\n\", \" },\\n\", \" \\\"runtimeConfig\\\": {\\n\", \" \\\"aws:runShellScript\\\": {\\n\", \" \\\"properties\\\": [\\n\", \" {\\n\", \" \\\"id\\\": \\\"0.aws:runShellScript\\\",\\n\", \" \\\"runCommand\\\": [\\\"ifconfig\\\"]\\n\", \" }\\n\", \" ]\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \"\\n\")),\n\t\t\tDocumentType: pulumi.String(\"Command\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Permissions\n\nThe permissions attribute specifies how you want to share the document. If you share a document privately,\nyou must specify the AWS user account IDs for those people who can use the document. If you share a document\npublicly, you must specify All as the account ID.\n\nThe permissions mapping supports the following:\n\n* `type` - The permission type for the document. The permission type can be `Share`.\n* `account_ids` - The AWS user accounts that should have access to the document. The account IDs can either be a group of account IDs or `All`.\n", "properties": { "arn": { "type": "string" }, "attachmentsSources": { "type": "array", "items": { "$ref": "#/types/aws:ssm/DocumentAttachmentsSource:DocumentAttachmentsSource" }, "description": "One or more configuration blocks describing attachments sources to a version of a document. Defined below.\n" }, "content": { "type": "string", "description": "The JSON or YAML content of the document.\n" }, "createdDate": { "type": "string", "description": "The date the document was created.\n" }, "defaultVersion": { "type": "string", "description": "The default version of the document.\n" }, "description": { "type": "string", "description": "The description of the document.\n" }, "documentFormat": { "type": "string", "description": "The format of the document. Valid document types include: `JSON` and `YAML`\n" }, "documentType": { "type": "string", "description": "The type of the document. Valid document types include: `Automation`, `Command`, `Package`, `Policy`, and `Session`\n" }, "documentVersion": { "type": "string", "description": "The document version.\n" }, "hash": { "type": "string", "description": "The sha1 or sha256 of the document content\n" }, "hashType": { "type": "string", "description": "\"Sha1\" \"Sha256\". The hashing algorithm used when hashing the content.\n" }, "latestVersion": { "type": "string", "description": "The latest version of the document.\n" }, "name": { "type": "string", "description": "The name of the document.\n" }, "owner": { "type": "string", "description": "The AWS user account of the person who created the document.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/DocumentParameter:DocumentParameter" }, "description": "The parameters that are available to this document.\n" }, "permissions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional Permissions to attach to the document. See Permissions below for details.\n" }, "platformTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of OS platforms compatible with this SSM document, either \"Windows\" or \"Linux\".\n" }, "schemaVersion": { "type": "string", "description": "The schema version of the document.\n" }, "status": { "type": "string", "description": "\"Creating\", \"Active\" or \"Deleting\". The current status of the document.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" }, "targetType": { "type": "string", "description": "The target type which defines the kinds of resources the document can run on. For example, /AWS::EC2::Instance. For a list of valid resource types, see AWS Resource Types Reference (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html)\n" } }, "required": [ "arn", "content", "createdDate", "defaultVersion", "description", "documentType", "documentVersion", "hash", "hashType", "latestVersion", "name", "owner", "parameters", "platformTypes", "schemaVersion", "status" ], "inputProperties": { "attachmentsSources": { "type": "array", "items": { "$ref": "#/types/aws:ssm/DocumentAttachmentsSource:DocumentAttachmentsSource" }, "description": "One or more configuration blocks describing attachments sources to a version of a document. Defined below.\n" }, "content": { "type": "string", "description": "The JSON or YAML content of the document.\n" }, "documentFormat": { "type": "string", "description": "The format of the document. Valid document types include: `JSON` and `YAML`\n" }, "documentType": { "type": "string", "description": "The type of the document. Valid document types include: `Automation`, `Command`, `Package`, `Policy`, and `Session`\n" }, "name": { "type": "string", "description": "The name of the document.\n" }, "permissions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional Permissions to attach to the document. See Permissions below for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" }, "targetType": { "type": "string", "description": "The target type which defines the kinds of resources the document can run on. For example, /AWS::EC2::Instance. For a list of valid resource types, see AWS Resource Types Reference (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html)\n" } }, "requiredInputs": [ "content", "documentType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Document resources.\n", "properties": { "arn": { "type": "string" }, "attachmentsSources": { "type": "array", "items": { "$ref": "#/types/aws:ssm/DocumentAttachmentsSource:DocumentAttachmentsSource" }, "description": "One or more configuration blocks describing attachments sources to a version of a document. Defined below.\n" }, "content": { "type": "string", "description": "The JSON or YAML content of the document.\n" }, "createdDate": { "type": "string", "description": "The date the document was created.\n" }, "defaultVersion": { "type": "string", "description": "The default version of the document.\n" }, "description": { "type": "string", "description": "The description of the document.\n" }, "documentFormat": { "type": "string", "description": "The format of the document. Valid document types include: `JSON` and `YAML`\n" }, "documentType": { "type": "string", "description": "The type of the document. Valid document types include: `Automation`, `Command`, `Package`, `Policy`, and `Session`\n" }, "documentVersion": { "type": "string", "description": "The document version.\n" }, "hash": { "type": "string", "description": "The sha1 or sha256 of the document content\n" }, "hashType": { "type": "string", "description": "\"Sha1\" \"Sha256\". The hashing algorithm used when hashing the content.\n" }, "latestVersion": { "type": "string", "description": "The latest version of the document.\n" }, "name": { "type": "string", "description": "The name of the document.\n" }, "owner": { "type": "string", "description": "The AWS user account of the person who created the document.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/DocumentParameter:DocumentParameter" }, "description": "The parameters that are available to this document.\n" }, "permissions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional Permissions to attach to the document. See Permissions below for details.\n" }, "platformTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of OS platforms compatible with this SSM document, either \"Windows\" or \"Linux\".\n" }, "schemaVersion": { "type": "string", "description": "The schema version of the document.\n" }, "status": { "type": "string", "description": "\"Creating\", \"Active\" or \"Deleting\". The current status of the document.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" }, "targetType": { "type": "string", "description": "The target type which defines the kinds of resources the document can run on. For example, /AWS::EC2::Instance. For a list of valid resource types, see AWS Resource Types Reference (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html)\n" } }, "type": "object" } }, "aws:ssm/maintenanceWindow:MaintenanceWindow": { "description": "Provides an SSM Maintenance Window resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst production = new aws.ssm.MaintenanceWindow(\"production\", {\n cutoff: 1,\n duration: 3,\n schedule: \"cron(0 16 ? * TUE *)\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction = aws.ssm.MaintenanceWindow(\"production\",\n cutoff=1,\n duration=3,\n schedule=\"cron(0 16 ? * TUE *)\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var production = new Aws.Ssm.MaintenanceWindow(\"production\", new Aws.Ssm.MaintenanceWindowArgs\n {\n Cutoff = 1,\n Duration = 3,\n Schedule = \"cron(0 16 ? * TUE *)\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ssm.NewMaintenanceWindow(ctx, \"production\", \u0026ssm.MaintenanceWindowArgs{\n\t\t\tCutoff: pulumi.Int(1),\n\t\t\tDuration: pulumi.Int(3),\n\t\t\tSchedule: pulumi.String(\"cron(0 16 ? * TUE *)\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowUnassociatedTargets": { "type": "boolean", "description": "Whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.\n" }, "cutoff": { "type": "integer", "description": "The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.\n" }, "description": { "type": "string", "description": "A description for the maintenance window.\n" }, "duration": { "type": "integer", "description": "The duration of the Maintenance Window in hours.\n" }, "enabled": { "type": "boolean", "description": "Whether the maintenance window is enabled. Default: `true`.\n" }, "endDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to no longer run the maintenance window.\n" }, "name": { "type": "string", "description": "The name of the maintenance window.\n" }, "schedule": { "type": "string", "description": "The schedule of the Maintenance Window in the form of a [cron](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-cron.html) or rate expression.\n" }, "scheduleTimezone": { "type": "string", "description": "Timezone for schedule in [Internet Assigned Numbers Authority (IANA) Time Zone Database format](https://www.iana.org/time-zones). For example: `America/Los_Angeles`, `etc/UTC`, or `Asia/Seoul`.\n" }, "startDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to begin the maintenance window.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "cutoff", "duration", "name", "schedule" ], "inputProperties": { "allowUnassociatedTargets": { "type": "boolean", "description": "Whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.\n" }, "cutoff": { "type": "integer", "description": "The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.\n" }, "description": { "type": "string", "description": "A description for the maintenance window.\n" }, "duration": { "type": "integer", "description": "The duration of the Maintenance Window in hours.\n" }, "enabled": { "type": "boolean", "description": "Whether the maintenance window is enabled. Default: `true`.\n" }, "endDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to no longer run the maintenance window.\n" }, "name": { "type": "string", "description": "The name of the maintenance window.\n" }, "schedule": { "type": "string", "description": "The schedule of the Maintenance Window in the form of a [cron](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-cron.html) or rate expression.\n" }, "scheduleTimezone": { "type": "string", "description": "Timezone for schedule in [Internet Assigned Numbers Authority (IANA) Time Zone Database format](https://www.iana.org/time-zones). For example: `America/Los_Angeles`, `etc/UTC`, or `Asia/Seoul`.\n" }, "startDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to begin the maintenance window.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "requiredInputs": [ "cutoff", "duration", "schedule" ], "stateInputs": { "description": "Input properties used for looking up and filtering MaintenanceWindow resources.\n", "properties": { "allowUnassociatedTargets": { "type": "boolean", "description": "Whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.\n" }, "cutoff": { "type": "integer", "description": "The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.\n" }, "description": { "type": "string", "description": "A description for the maintenance window.\n" }, "duration": { "type": "integer", "description": "The duration of the Maintenance Window in hours.\n" }, "enabled": { "type": "boolean", "description": "Whether the maintenance window is enabled. Default: `true`.\n" }, "endDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to no longer run the maintenance window.\n" }, "name": { "type": "string", "description": "The name of the maintenance window.\n" }, "schedule": { "type": "string", "description": "The schedule of the Maintenance Window in the form of a [cron](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-cron.html) or rate expression.\n" }, "scheduleTimezone": { "type": "string", "description": "Timezone for schedule in [Internet Assigned Numbers Authority (IANA) Time Zone Database format](https://www.iana.org/time-zones). For example: `America/Los_Angeles`, `etc/UTC`, or `Asia/Seoul`.\n" }, "startDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to begin the maintenance window.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:ssm/maintenanceWindowTarget:MaintenanceWindowTarget": { "description": "Provides an SSM Maintenance Window Target resource\n\n## Instance Target Example Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst window = new aws.ssm.MaintenanceWindow(\"window\", {\n cutoff: 1,\n duration: 3,\n schedule: \"cron(0 16 ? * TUE *)\",\n});\nconst target1 = new aws.ssm.MaintenanceWindowTarget(\"target1\", {\n description: \"This is a maintenance window target\",\n resourceType: \"INSTANCE\",\n targets: [{\n key: \"tag:Name\",\n values: [\"acceptance_test\"],\n }],\n windowId: window.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwindow = aws.ssm.MaintenanceWindow(\"window\",\n cutoff=1,\n duration=3,\n schedule=\"cron(0 16 ? * TUE *)\")\ntarget1 = aws.ssm.MaintenanceWindowTarget(\"target1\",\n description=\"This is a maintenance window target\",\n resource_type=\"INSTANCE\",\n targets=[{\n \"key\": \"tag:Name\",\n \"values\": [\"acceptance_test\"],\n }],\n window_id=window.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var window = new Aws.Ssm.MaintenanceWindow(\"window\", new Aws.Ssm.MaintenanceWindowArgs\n {\n Cutoff = 1,\n Duration = 3,\n Schedule = \"cron(0 16 ? * TUE *)\",\n });\n var target1 = new Aws.Ssm.MaintenanceWindowTarget(\"target1\", new Aws.Ssm.MaintenanceWindowTargetArgs\n {\n Description = \"This is a maintenance window target\",\n ResourceType = \"INSTANCE\",\n Targets = \n {\n new Aws.Ssm.Inputs.MaintenanceWindowTargetTargetArgs\n {\n Key = \"tag:Name\",\n Values = \n {\n \"acceptance_test\",\n },\n },\n },\n WindowId = window.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twindow, err := ssm.NewMaintenanceWindow(ctx, \"window\", \u0026ssm.MaintenanceWindowArgs{\n\t\t\tCutoff: pulumi.Int(1),\n\t\t\tDuration: pulumi.Int(3),\n\t\t\tSchedule: pulumi.String(\"cron(0 16 ? * TUE *)\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewMaintenanceWindowTarget(ctx, \"target1\", \u0026ssm.MaintenanceWindowTargetArgs{\n\t\t\tDescription: pulumi.String(\"This is a maintenance window target\"),\n\t\t\tResourceType: pulumi.String(\"INSTANCE\"),\n\t\t\tTargets: ssm.MaintenanceWindowTargetTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTargetTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"tag:Name\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"acceptance_test\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tWindowId: window.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## Resource Group Target Example Usage\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst window = new aws.ssm.MaintenanceWindow(\"window\", {\n cutoff: 1,\n duration: 3,\n schedule: \"cron(0 16 ? * TUE *)\",\n});\nconst target1 = new aws.ssm.MaintenanceWindowTarget(\"target1\", {\n description: \"This is a maintenance window target\",\n resourceType: \"RESOURCE_GROUP\",\n targets: [{\n key: \"resource-groups:ResourceTypeFilters\",\n values: [\n \"AWS::EC2::INSTANCE\",\n \"AWS::EC2::VPC\",\n ],\n }],\n windowId: window.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwindow = aws.ssm.MaintenanceWindow(\"window\",\n cutoff=1,\n duration=3,\n schedule=\"cron(0 16 ? * TUE *)\")\ntarget1 = aws.ssm.MaintenanceWindowTarget(\"target1\",\n description=\"This is a maintenance window target\",\n resource_type=\"RESOURCE_GROUP\",\n targets=[{\n \"key\": \"resource-groups:ResourceTypeFilters\",\n \"values\": [\n \"AWS::EC2::INSTANCE\",\n \"AWS::EC2::VPC\",\n ],\n }],\n window_id=window.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var window = new Aws.Ssm.MaintenanceWindow(\"window\", new Aws.Ssm.MaintenanceWindowArgs\n {\n Cutoff = 1,\n Duration = 3,\n Schedule = \"cron(0 16 ? * TUE *)\",\n });\n var target1 = new Aws.Ssm.MaintenanceWindowTarget(\"target1\", new Aws.Ssm.MaintenanceWindowTargetArgs\n {\n Description = \"This is a maintenance window target\",\n ResourceType = \"RESOURCE_GROUP\",\n Targets = \n {\n new Aws.Ssm.Inputs.MaintenanceWindowTargetTargetArgs\n {\n Key = \"resource-groups:ResourceTypeFilters\",\n Values = \n {\n \"AWS::EC2::INSTANCE\",\n \"AWS::EC2::VPC\",\n },\n },\n },\n WindowId = window.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twindow, err := ssm.NewMaintenanceWindow(ctx, \"window\", \u0026ssm.MaintenanceWindowArgs{\n\t\t\tCutoff: pulumi.Int(1),\n\t\t\tDuration: pulumi.Int(3),\n\t\t\tSchedule: pulumi.String(\"cron(0 16 ? * TUE *)\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewMaintenanceWindowTarget(ctx, \"target1\", \u0026ssm.MaintenanceWindowTargetArgs{\n\t\t\tDescription: pulumi.String(\"This is a maintenance window target\"),\n\t\t\tResourceType: pulumi.String(\"RESOURCE_GROUP\"),\n\t\t\tTargets: ssm.MaintenanceWindowTargetTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTargetTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"resource-groups:ResourceTypeFilters\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AWS::EC2::INSTANCE\"),\n\t\t\t\t\t\tpulumi.String(\"AWS::EC2::VPC\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tWindowId: window.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "description": { "type": "string", "description": "The description of the maintenance window target.\n" }, "name": { "type": "string", "description": "The name of the maintenance window target.\n" }, "ownerInformation": { "type": "string", "description": "User-provided value that will be included in any CloudWatch events raised while running tasks for these targets in this Maintenance Window.\n" }, "resourceType": { "type": "string", "description": "The type of target being registered with the Maintenance Window. Possible values are `INSTANCE` and `RESOURCE_GROUP`.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTargetTarget:MaintenanceWindowTargetTarget" }, "description": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs. You can specify targets using instance IDs, resource group names, or tags that have been applied to instances. For more information about these examples formats see\n(https://docs.aws.amazon.com/systems-manager/latest/userguide/mw-cli-tutorial-targets-examples.html)\n" }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the target with.\n" } }, "required": [ "name", "resourceType", "targets", "windowId" ], "inputProperties": { "description": { "type": "string", "description": "The description of the maintenance window target.\n" }, "name": { "type": "string", "description": "The name of the maintenance window target.\n" }, "ownerInformation": { "type": "string", "description": "User-provided value that will be included in any CloudWatch events raised while running tasks for these targets in this Maintenance Window.\n" }, "resourceType": { "type": "string", "description": "The type of target being registered with the Maintenance Window. Possible values are `INSTANCE` and `RESOURCE_GROUP`.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTargetTarget:MaintenanceWindowTargetTarget" }, "description": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs. You can specify targets using instance IDs, resource group names, or tags that have been applied to instances. For more information about these examples formats see\n(https://docs.aws.amazon.com/systems-manager/latest/userguide/mw-cli-tutorial-targets-examples.html)\n" }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the target with.\n" } }, "requiredInputs": [ "resourceType", "targets", "windowId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MaintenanceWindowTarget resources.\n", "properties": { "description": { "type": "string", "description": "The description of the maintenance window target.\n" }, "name": { "type": "string", "description": "The name of the maintenance window target.\n" }, "ownerInformation": { "type": "string", "description": "User-provided value that will be included in any CloudWatch events raised while running tasks for these targets in this Maintenance Window.\n" }, "resourceType": { "type": "string", "description": "The type of target being registered with the Maintenance Window. Possible values are `INSTANCE` and `RESOURCE_GROUP`.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTargetTarget:MaintenanceWindowTargetTarget" }, "description": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs. You can specify targets using instance IDs, resource group names, or tags that have been applied to instances. For more information about these examples formats see\n(https://docs.aws.amazon.com/systems-manager/latest/userguide/mw-cli-tutorial-targets-examples.html)\n" }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the target with.\n" } }, "type": "object" } }, "aws:ssm/maintenanceWindowTask:MaintenanceWindowTask": { "description": "Provides an SSM Maintenance Window Task resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Automation Tasks\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.MaintenanceWindowTask(\"example\", {\n maxConcurrency: \"2\",\n maxErrors: \"1\",\n priority: 1,\n serviceRoleArn: aws_iam_role_example.arn,\n targets: [{\n key: \"InstanceIds\",\n values: [aws_instance_example.id],\n }],\n taskArn: \"AWS-RestartEC2Instance\",\n taskInvocationParameters: {\n automationParameters: {\n documentVersion: \"$LATEST\",\n parameters: [{\n name: \"InstanceId\",\n values: [aws_instance_example.id],\n }],\n },\n },\n taskType: \"AUTOMATION\",\n windowId: aws_ssm_maintenance_window_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.MaintenanceWindowTask(\"example\",\n max_concurrency=2,\n max_errors=1,\n priority=1,\n service_role_arn=aws_iam_role[\"example\"][\"arn\"],\n targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [aws_instance[\"example\"][\"id\"]],\n }],\n task_arn=\"AWS-RestartEC2Instance\",\n task_invocation_parameters={\n \"automationParameters\": {\n \"document_version\": \"$LATEST\",\n \"parameter\": [{\n \"name\": \"InstanceId\",\n \"values\": [aws_instance[\"example\"][\"id\"]],\n }],\n },\n },\n task_type=\"AUTOMATION\",\n window_id=aws_ssm_maintenance_window[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ssm.MaintenanceWindowTask(\"example\", new Aws.Ssm.MaintenanceWindowTaskArgs\n {\n MaxConcurrency = \"2\",\n MaxErrors = \"1\",\n Priority = 1,\n ServiceRoleArn = aws_iam_role.Example.Arn,\n Targets = \n {\n new Aws.Ssm.Inputs.MaintenanceWindowTaskTargetArgs\n {\n Key = \"InstanceIds\",\n Values = \n {\n aws_instance.Example.Id,\n },\n },\n },\n TaskArn = \"AWS-RestartEC2Instance\",\n TaskInvocationParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersArgs\n {\n AutomationParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersAutomationParametersArgs\n {\n DocumentVersion = \"$LATEST\",\n Parameter = \n {\n \n {\n { \"name\", \"InstanceId\" },\n { \"values\", \n {\n aws_instance.Example.Id,\n } },\n },\n },\n },\n },\n TaskType = \"AUTOMATION\",\n WindowId = aws_ssm_maintenance_window.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ssm.NewMaintenanceWindowTask(ctx, \"example\", \u0026ssm.MaintenanceWindowTaskArgs{\n\t\t\tMaxConcurrency: pulumi.String(\"2\"),\n\t\t\tMaxErrors: pulumi.String(\"1\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tServiceRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t\tTargets: ssm.MaintenanceWindowTaskTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTaskTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(aws_instance.Example.Id),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTaskArn: pulumi.String(\"AWS-RestartEC2Instance\"),\n\t\t\tTaskInvocationParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersArgs{\n\t\t\t\tAutomationParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersAutomationParametersArgs{\n\t\t\t\t\tDocumentVersion: pulumi.String(fmt.Sprintf(\"%v%v\", \"$\", \"LATEST\")),\n\t\t\t\t\tParameter: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"name\": pulumi.String(\"InstanceId\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(aws_instance.Example.Id),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTaskType: pulumi.String(\"AUTOMATION\"),\n\t\t\tWindowId: pulumi.String(aws_ssm_maintenance_window.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Run Command Tasks\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.MaintenanceWindowTask(\"example\", {\n maxConcurrency: \"2\",\n maxErrors: \"1\",\n priority: 1,\n serviceRoleArn: aws_iam_role_example.arn,\n targets: [{\n key: \"InstanceIds\",\n values: [aws_instance_example.id],\n }],\n taskArn: \"AWS-RunShellScript\",\n taskInvocationParameters: {\n runCommandParameters: {\n notificationConfig: {\n notificationArn: aws_sns_topic_example.arn,\n notificationEvents: [\"All\"],\n notificationType: \"Command\",\n },\n outputS3Bucket: aws_s3_bucket_example.bucket,\n outputS3KeyPrefix: \"output\",\n parameters: [{\n name: \"commands\",\n values: [\"date\"],\n }],\n serviceRoleArn: aws_iam_role_example.arn,\n timeoutSeconds: 600,\n },\n },\n taskType: \"RUN_COMMAND\",\n windowId: aws_ssm_maintenance_window_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.MaintenanceWindowTask(\"example\",\n max_concurrency=2,\n max_errors=1,\n priority=1,\n service_role_arn=aws_iam_role[\"example\"][\"arn\"],\n targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [aws_instance[\"example\"][\"id\"]],\n }],\n task_arn=\"AWS-RunShellScript\",\n task_invocation_parameters={\n \"runCommandParameters\": {\n \"notificationConfig\": {\n \"notificationArn\": aws_sns_topic[\"example\"][\"arn\"],\n \"notificationEvents\": [\"All\"],\n \"notification_type\": \"Command\",\n },\n \"outputS3Bucket\": aws_s3_bucket[\"example\"][\"bucket\"],\n \"outputS3KeyPrefix\": \"output\",\n \"parameter\": [{\n \"name\": \"commands\",\n \"values\": [\"date\"],\n }],\n \"service_role_arn\": aws_iam_role[\"example\"][\"arn\"],\n \"timeoutSeconds\": 600,\n },\n },\n task_type=\"RUN_COMMAND\",\n window_id=aws_ssm_maintenance_window[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ssm.MaintenanceWindowTask(\"example\", new Aws.Ssm.MaintenanceWindowTaskArgs\n {\n MaxConcurrency = \"2\",\n MaxErrors = \"1\",\n Priority = 1,\n ServiceRoleArn = aws_iam_role.Example.Arn,\n Targets = \n {\n new Aws.Ssm.Inputs.MaintenanceWindowTaskTargetArgs\n {\n Key = \"InstanceIds\",\n Values = \n {\n aws_instance.Example.Id,\n },\n },\n },\n TaskArn = \"AWS-RunShellScript\",\n TaskInvocationParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersArgs\n {\n RunCommandParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersArgs\n {\n NotificationConfig = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfigArgs\n {\n NotificationArn = aws_sns_topic.Example.Arn,\n NotificationEvents = \n {\n \"All\",\n },\n NotificationType = \"Command\",\n },\n OutputS3Bucket = aws_s3_bucket.Example.Bucket,\n OutputS3KeyPrefix = \"output\",\n Parameter = \n {\n \n {\n { \"name\", \"commands\" },\n { \"values\", \n {\n \"date\",\n } },\n },\n },\n ServiceRoleArn = aws_iam_role.Example.Arn,\n TimeoutSeconds = 600,\n },\n },\n TaskType = \"RUN_COMMAND\",\n WindowId = aws_ssm_maintenance_window.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ssm.NewMaintenanceWindowTask(ctx, \"example\", \u0026ssm.MaintenanceWindowTaskArgs{\n\t\t\tMaxConcurrency: pulumi.String(\"2\"),\n\t\t\tMaxErrors: pulumi.String(\"1\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tServiceRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t\tTargets: ssm.MaintenanceWindowTaskTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTaskTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(aws_instance.Example.Id),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTaskArn: pulumi.String(\"AWS-RunShellScript\"),\n\t\t\tTaskInvocationParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersArgs{\n\t\t\t\tRunCommandParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersArgs{\n\t\t\t\t\tNotificationConfig: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfigArgs{\n\t\t\t\t\t\tNotificationArn: pulumi.String(aws_sns_topic.Example.Arn),\n\t\t\t\t\t\tNotificationEvents: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tNotificationType: pulumi.String(\"Command\"),\n\t\t\t\t\t},\n\t\t\t\t\tOutputS3Bucket: pulumi.String(aws_s3_bucket.Example.Bucket),\n\t\t\t\t\tOutputS3KeyPrefix: pulumi.String(\"output\"),\n\t\t\t\t\tParameter: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"name\": pulumi.String(\"commands\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"date\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tServiceRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t\t\t\tTimeoutSeconds: pulumi.Int(600),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTaskType: pulumi.String(\"RUN_COMMAND\"),\n\t\t\tWindowId: pulumi.String(aws_ssm_maintenance_window.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Step Function Tasks\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.MaintenanceWindowTask(\"example\", {\n maxConcurrency: \"2\",\n maxErrors: \"1\",\n priority: 1,\n serviceRoleArn: aws_iam_role_example.arn,\n targets: [{\n key: \"InstanceIds\",\n values: [aws_instance_example.id],\n }],\n taskArn: aws_sfn_activity_example.id,\n taskInvocationParameters: {\n stepFunctionsParameters: {\n input: \"{\\\"key1\\\":\\\"value1\\\"}\",\n name: \"example\",\n },\n },\n taskType: \"STEP_FUNCTIONS\",\n windowId: aws_ssm_maintenance_window_example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.MaintenanceWindowTask(\"example\",\n max_concurrency=2,\n max_errors=1,\n priority=1,\n service_role_arn=aws_iam_role[\"example\"][\"arn\"],\n targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [aws_instance[\"example\"][\"id\"]],\n }],\n task_arn=aws_sfn_activity[\"example\"][\"id\"],\n task_invocation_parameters={\n \"stepFunctionsParameters\": {\n \"input\": \"{\\\"key1\\\":\\\"value1\\\"}\",\n \"name\": \"example\",\n },\n },\n task_type=\"STEP_FUNCTIONS\",\n window_id=aws_ssm_maintenance_window[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Ssm.MaintenanceWindowTask(\"example\", new Aws.Ssm.MaintenanceWindowTaskArgs\n {\n MaxConcurrency = \"2\",\n MaxErrors = \"1\",\n Priority = 1,\n ServiceRoleArn = aws_iam_role.Example.Arn,\n Targets = \n {\n new Aws.Ssm.Inputs.MaintenanceWindowTaskTargetArgs\n {\n Key = \"InstanceIds\",\n Values = \n {\n aws_instance.Example.Id,\n },\n },\n },\n TaskArn = aws_sfn_activity.Example.Id,\n TaskInvocationParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersArgs\n {\n StepFunctionsParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParametersArgs\n {\n Input = \"{\\\"key1\\\":\\\"value1\\\"}\",\n Name = \"example\",\n },\n },\n TaskType = \"STEP_FUNCTIONS\",\n WindowId = aws_ssm_maintenance_window.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ssm.NewMaintenanceWindowTask(ctx, \"example\", \u0026ssm.MaintenanceWindowTaskArgs{\n\t\t\tMaxConcurrency: pulumi.String(\"2\"),\n\t\t\tMaxErrors: pulumi.String(\"1\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tServiceRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t\tTargets: ssm.MaintenanceWindowTaskTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTaskTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(aws_instance.Example.Id),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTaskArn: pulumi.String(aws_sfn_activity.Example.Id),\n\t\t\tTaskInvocationParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersArgs{\n\t\t\t\tStepFunctionsParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParametersArgs{\n\t\t\t\t\tInput: pulumi.String(\"{\\\"key1\\\":\\\"value1\\\"}\"),\n\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTaskType: pulumi.String(\"STEP_FUNCTIONS\"),\n\t\t\tWindowId: pulumi.String(aws_ssm_maintenance_window.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "The description of the maintenance window task.\n" }, "loggingInfo": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskLoggingInfo:MaintenanceWindowTaskLoggingInfo", "description": "A structure containing information about an Amazon S3 bucket to write instance-level logs to. Use `task_invocation_parameters` configuration block `run_command_parameters` configuration block `output_s3_*` arguments instead. Conflicts with `task_invocation_parameters`. Documented below.\n", "deprecationMessage": "use 'task_invocation_parameters' argument instead" }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets this task can be run for in parallel.\n" }, "maxErrors": { "type": "string", "description": "The maximum number of errors allowed before this task stops being scheduled.\n" }, "name": { "type": "string", "description": "The name of the maintenance window task.\n" }, "priority": { "type": "integer", "description": "The priority of the task in the Maintenance Window, the lower the number the higher the priority. Tasks in a Maintenance Window are scheduled in priority order with tasks that have the same priority scheduled in parallel.\n" }, "serviceRoleArn": { "type": "string", "description": "The role that should be assumed when executing the task.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTarget:MaintenanceWindowTaskTarget" }, "description": "The targets (either instances or window target ids). Instances are specified using Key=InstanceIds,Values=instanceid1,instanceid2. Window target ids are specified using Key=WindowTargetIds,Values=window target id1, window target id2.\n" }, "taskArn": { "type": "string", "description": "The ARN of the task to execute.\n" }, "taskInvocationParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParameters:MaintenanceWindowTaskTaskInvocationParameters", "description": "The parameters for task execution. This argument is conflict with `task_parameters` and `logging_info`.\n" }, "taskParameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskParameter:MaintenanceWindowTaskTaskParameter" }, "description": "A structure containing information about parameters required by the particular `task_arn`. Use `parameter` configuration blocks under the `task_invocation_parameters` configuration block instead. Conflicts with `task_invocation_parameters`. Documented below.\n", "deprecationMessage": "use 'task_invocation_parameters' argument instead" }, "taskType": { "type": "string", "description": "The type of task being registered. The only allowed value is `RUN_COMMAND`.\n" }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the task with.\n" } }, "required": [ "maxConcurrency", "maxErrors", "name", "serviceRoleArn", "targets", "taskArn", "taskType", "windowId" ], "inputProperties": { "description": { "type": "string", "description": "The description of the maintenance window task.\n" }, "loggingInfo": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskLoggingInfo:MaintenanceWindowTaskLoggingInfo", "description": "A structure containing information about an Amazon S3 bucket to write instance-level logs to. Use `task_invocation_parameters` configuration block `run_command_parameters` configuration block `output_s3_*` arguments instead. Conflicts with `task_invocation_parameters`. Documented below.\n", "deprecationMessage": "use 'task_invocation_parameters' argument instead" }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets this task can be run for in parallel.\n" }, "maxErrors": { "type": "string", "description": "The maximum number of errors allowed before this task stops being scheduled.\n" }, "name": { "type": "string", "description": "The name of the maintenance window task.\n" }, "priority": { "type": "integer", "description": "The priority of the task in the Maintenance Window, the lower the number the higher the priority. Tasks in a Maintenance Window are scheduled in priority order with tasks that have the same priority scheduled in parallel.\n" }, "serviceRoleArn": { "type": "string", "description": "The role that should be assumed when executing the task.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTarget:MaintenanceWindowTaskTarget" }, "description": "The targets (either instances or window target ids). Instances are specified using Key=InstanceIds,Values=instanceid1,instanceid2. Window target ids are specified using Key=WindowTargetIds,Values=window target id1, window target id2.\n" }, "taskArn": { "type": "string", "description": "The ARN of the task to execute.\n" }, "taskInvocationParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParameters:MaintenanceWindowTaskTaskInvocationParameters", "description": "The parameters for task execution. This argument is conflict with `task_parameters` and `logging_info`.\n" }, "taskParameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskParameter:MaintenanceWindowTaskTaskParameter" }, "description": "A structure containing information about parameters required by the particular `task_arn`. Use `parameter` configuration blocks under the `task_invocation_parameters` configuration block instead. Conflicts with `task_invocation_parameters`. Documented below.\n", "deprecationMessage": "use 'task_invocation_parameters' argument instead" }, "taskType": { "type": "string", "description": "The type of task being registered. The only allowed value is `RUN_COMMAND`.\n" }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the task with.\n" } }, "requiredInputs": [ "maxConcurrency", "maxErrors", "serviceRoleArn", "targets", "taskArn", "taskType", "windowId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MaintenanceWindowTask resources.\n", "properties": { "description": { "type": "string", "description": "The description of the maintenance window task.\n" }, "loggingInfo": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskLoggingInfo:MaintenanceWindowTaskLoggingInfo", "description": "A structure containing information about an Amazon S3 bucket to write instance-level logs to. Use `task_invocation_parameters` configuration block `run_command_parameters` configuration block `output_s3_*` arguments instead. Conflicts with `task_invocation_parameters`. Documented below.\n", "deprecationMessage": "use 'task_invocation_parameters' argument instead" }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets this task can be run for in parallel.\n" }, "maxErrors": { "type": "string", "description": "The maximum number of errors allowed before this task stops being scheduled.\n" }, "name": { "type": "string", "description": "The name of the maintenance window task.\n" }, "priority": { "type": "integer", "description": "The priority of the task in the Maintenance Window, the lower the number the higher the priority. Tasks in a Maintenance Window are scheduled in priority order with tasks that have the same priority scheduled in parallel.\n" }, "serviceRoleArn": { "type": "string", "description": "The role that should be assumed when executing the task.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTarget:MaintenanceWindowTaskTarget" }, "description": "The targets (either instances or window target ids). Instances are specified using Key=InstanceIds,Values=instanceid1,instanceid2. Window target ids are specified using Key=WindowTargetIds,Values=window target id1, window target id2.\n" }, "taskArn": { "type": "string", "description": "The ARN of the task to execute.\n" }, "taskInvocationParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParameters:MaintenanceWindowTaskTaskInvocationParameters", "description": "The parameters for task execution. This argument is conflict with `task_parameters` and `logging_info`.\n" }, "taskParameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskParameter:MaintenanceWindowTaskTaskParameter" }, "description": "A structure containing information about parameters required by the particular `task_arn`. Use `parameter` configuration blocks under the `task_invocation_parameters` configuration block instead. Conflicts with `task_invocation_parameters`. Documented below.\n", "deprecationMessage": "use 'task_invocation_parameters' argument instead" }, "taskType": { "type": "string", "description": "The type of task being registered. The only allowed value is `RUN_COMMAND`.\n" }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the task with.\n" } }, "type": "object" } }, "aws:ssm/parameter:Parameter": { "description": "Provides an SSM Parameter resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nTo store a basic string parameter:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ssm.Parameter(\"foo\", {\n type: \"String\",\n value: \"bar\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ssm.Parameter(\"foo\",\n type=\"String\",\n value=\"bar\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Ssm.Parameter(\"foo\", new Aws.Ssm.ParameterArgs\n {\n Type = \"String\",\n Value = \"bar\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ssm.NewParameter(ctx, \"foo\", \u0026ssm.ParameterArgs{\n\t\t\tType: pulumi.String(\"String\"),\n\t\t\tValue: pulumi.String(\"bar\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nTo store an encrypted string using the default SSM KMS key:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultInstance = new aws.rds.Instance(\"default\", {\n allocatedStorage: 10,\n dbSubnetGroupName: \"my_database_subnet_group\",\n engine: \"mysql\",\n engineVersion: \"5.7.16\",\n instanceClass: \"db.t2.micro\",\n name: \"mydb\",\n parameterGroupName: \"default.mysql5.7\",\n password: var_database_master_password,\n storageType: \"gp2\",\n username: \"foo\",\n});\nconst secret = new aws.ssm.Parameter(\"secret\", {\n description: \"The parameter description\",\n tags: {\n environment: var_environment,\n },\n type: \"SecureString\",\n value: var_database_master_password,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Instance(\"default\",\n allocated_storage=10,\n db_subnet_group_name=\"my_database_subnet_group\",\n engine=\"mysql\",\n engine_version=\"5.7.16\",\n instance_class=\"db.t2.micro\",\n name=\"mydb\",\n parameter_group_name=\"default.mysql5.7\",\n password=var[\"database_master_password\"],\n storage_type=\"gp2\",\n username=\"foo\")\nsecret = aws.ssm.Parameter(\"secret\",\n description=\"The parameter description\",\n tags={\n \"environment\": var[\"environment\"],\n },\n type=\"SecureString\",\n value=var[\"database_master_password\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = new Aws.Rds.Instance(\"default\", new Aws.Rds.InstanceArgs\n {\n AllocatedStorage = 10,\n DbSubnetGroupName = \"my_database_subnet_group\",\n Engine = \"mysql\",\n EngineVersion = \"5.7.16\",\n InstanceClass = \"db.t2.micro\",\n Name = \"mydb\",\n ParameterGroupName = \"default.mysql5.7\",\n Password = @var.Database_master_password,\n StorageType = \"gp2\",\n Username = \"foo\",\n });\n var secret = new Aws.Ssm.Parameter(\"secret\", new Aws.Ssm.ParameterArgs\n {\n Description = \"The parameter description\",\n Tags = \n {\n { \"environment\", @var.Environment },\n },\n Type = \"SecureString\",\n Value = @var.Database_master_password,\n });\n }\n\n}\n```\n\n\u003e **Note:** The unencrypted value of a SecureString will be stored in the raw state as plain-text.\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowedPattern": { "type": "string", "description": "A regular expression used to validate the parameter value.\n" }, "arn": { "type": "string", "description": "The ARN of the parameter.\n" }, "description": { "type": "string", "description": "The description of the parameter.\n" }, "keyId": { "type": "string", "description": "The KMS key id or arn for encrypting a SecureString.\n" }, "name": { "type": "string", "description": "The name of the parameter. If the name contains a path (e.g. any forward slashes (`/`)), it must be fully qualified with a leading forward slash (`/`). For additional requirements and constraints, see the [AWS SSM User Guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html).\n" }, "overwrite": { "type": "boolean", "description": "Overwrite an existing parameter. If not specified, will default to `false` if the resource has not been created by this provider to avoid overwrite of existing resource and will default to `true` otherwise (lifecycle rules should then be used to manage the update behavior).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" }, "tier": { "type": "string", "description": "The tier of the parameter. If not specified, will default to `Standard`. Valid tiers are `Standard` and `Advanced`. For more information on parameter tiers, see the [AWS SSM Parameter tier comparison and guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html).\n" }, "type": { "type": "string", "$ref": "#/types/aws:ssm/parameterType:ParameterType", "description": "The type of the parameter. Valid types are `String`, `StringList` and `SecureString`.\n" }, "value": { "type": "string", "description": "The value of the parameter.\n" }, "version": { "type": "integer", "description": "The version of the parameter.\n" } }, "required": [ "arn", "keyId", "name", "type", "value", "version" ], "inputProperties": { "allowedPattern": { "type": "string", "description": "A regular expression used to validate the parameter value.\n" }, "arn": { "type": "string", "description": "The ARN of the parameter.\n" }, "description": { "type": "string", "description": "The description of the parameter.\n" }, "keyId": { "type": "string", "description": "The KMS key id or arn for encrypting a SecureString.\n" }, "name": { "type": "string", "description": "The name of the parameter. If the name contains a path (e.g. any forward slashes (`/`)), it must be fully qualified with a leading forward slash (`/`). For additional requirements and constraints, see the [AWS SSM User Guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html).\n" }, "overwrite": { "type": "boolean", "description": "Overwrite an existing parameter. If not specified, will default to `false` if the resource has not been created by this provider to avoid overwrite of existing resource and will default to `true` otherwise (lifecycle rules should then be used to manage the update behavior).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" }, "tier": { "type": "string", "description": "The tier of the parameter. If not specified, will default to `Standard`. Valid tiers are `Standard` and `Advanced`. For more information on parameter tiers, see the [AWS SSM Parameter tier comparison and guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html).\n" }, "type": { "type": "string", "$ref": "#/types/aws:ssm/parameterType:ParameterType", "description": "The type of the parameter. Valid types are `String`, `StringList` and `SecureString`.\n" }, "value": { "type": "string", "description": "The value of the parameter.\n" } }, "requiredInputs": [ "type", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering Parameter resources.\n", "properties": { "allowedPattern": { "type": "string", "description": "A regular expression used to validate the parameter value.\n" }, "arn": { "type": "string", "description": "The ARN of the parameter.\n" }, "description": { "type": "string", "description": "The description of the parameter.\n" }, "keyId": { "type": "string", "description": "The KMS key id or arn for encrypting a SecureString.\n" }, "name": { "type": "string", "description": "The name of the parameter. If the name contains a path (e.g. any forward slashes (`/`)), it must be fully qualified with a leading forward slash (`/`). For additional requirements and constraints, see the [AWS SSM User Guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html).\n" }, "overwrite": { "type": "boolean", "description": "Overwrite an existing parameter. If not specified, will default to `false` if the resource has not been created by this provider to avoid overwrite of existing resource and will default to `true` otherwise (lifecycle rules should then be used to manage the update behavior).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object.\n" }, "tier": { "type": "string", "description": "The tier of the parameter. If not specified, will default to `Standard`. Valid tiers are `Standard` and `Advanced`. For more information on parameter tiers, see the [AWS SSM Parameter tier comparison and guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html).\n" }, "type": { "type": "string", "$ref": "#/types/aws:ssm/parameterType:ParameterType", "description": "The type of the parameter. Valid types are `String`, `StringList` and `SecureString`.\n" }, "value": { "type": "string", "description": "The value of the parameter.\n" }, "version": { "type": "integer", "description": "The version of the parameter.\n" } }, "type": "object" } }, "aws:ssm/patchBaseline:PatchBaseline": { "description": "Provides an SSM Patch Baseline resource\n\n\u003e **NOTE on Patch Baselines:** The `approved_patches` and `approval_rule` are \nboth marked as optional fields, but the Patch Baseline requires that at least one\nof them is specified.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nBasic usage using `approved_patches` only\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst production = new aws.ssm.PatchBaseline(\"production\", {\n approvedPatches: [\"KB123456\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction = aws.ssm.PatchBaseline(\"production\", approved_patches=[\"KB123456\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var production = new Aws.Ssm.PatchBaseline(\"production\", new Aws.Ssm.PatchBaselineArgs\n {\n ApprovedPatches = \n {\n \"KB123456\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ssm.NewPatchBaseline(ctx, \"production\", \u0026ssm.PatchBaselineArgs{\n\t\t\tApprovedPatches: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"KB123456\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nAdvanced usage, specifying patch filters\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst production = new aws.ssm.PatchBaseline(\"production\", {\n approvalRules: [\n {\n approveAfterDays: 7,\n complianceLevel: \"HIGH\",\n patchFilters: [\n {\n key: \"PRODUCT\",\n values: [\"WindowsServer2016\"],\n },\n {\n key: \"CLASSIFICATION\",\n values: [\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n \"Updates\",\n ],\n },\n {\n key: \"MSRC_SEVERITY\",\n values: [\n \"Critical\",\n \"Important\",\n \"Moderate\",\n ],\n },\n ],\n },\n {\n approveAfterDays: 7,\n patchFilters: [{\n key: \"PRODUCT\",\n values: [\"WindowsServer2012\"],\n }],\n },\n ],\n approvedPatches: [\n \"KB123456\",\n \"KB456789\",\n ],\n description: \"Patch Baseline Description\",\n globalFilters: [\n {\n key: \"PRODUCT\",\n values: [\"WindowsServer2008\"],\n },\n {\n key: \"CLASSIFICATION\",\n values: [\"ServicePacks\"],\n },\n {\n key: \"MSRC_SEVERITY\",\n values: [\"Low\"],\n },\n ],\n rejectedPatches: [\"KB987654\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction = aws.ssm.PatchBaseline(\"production\",\n approval_rules=[\n {\n \"approveAfterDays\": 7,\n \"complianceLevel\": \"HIGH\",\n \"patchFilter\": [\n {\n \"key\": \"PRODUCT\",\n \"values\": [\"WindowsServer2016\"],\n },\n {\n \"key\": \"CLASSIFICATION\",\n \"values\": [\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n \"Updates\",\n ],\n },\n {\n \"key\": \"MSRC_SEVERITY\",\n \"values\": [\n \"Critical\",\n \"Important\",\n \"Moderate\",\n ],\n },\n ],\n },\n {\n \"approveAfterDays\": 7,\n \"patchFilter\": [{\n \"key\": \"PRODUCT\",\n \"values\": [\"WindowsServer2012\"],\n }],\n },\n ],\n approved_patches=[\n \"KB123456\",\n \"KB456789\",\n ],\n description=\"Patch Baseline Description\",\n global_filters=[\n {\n \"key\": \"PRODUCT\",\n \"values\": [\"WindowsServer2008\"],\n },\n {\n \"key\": \"CLASSIFICATION\",\n \"values\": [\"ServicePacks\"],\n },\n {\n \"key\": \"MSRC_SEVERITY\",\n \"values\": [\"Low\"],\n },\n ],\n rejected_patches=[\"KB987654\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var production = new Aws.Ssm.PatchBaseline(\"production\", new Aws.Ssm.PatchBaselineArgs\n {\n ApprovalRules = \n {\n new Aws.Ssm.Inputs.PatchBaselineApprovalRuleArgs\n {\n ApproveAfterDays = 7,\n ComplianceLevel = \"HIGH\",\n PatchFilter = \n {\n \n {\n { \"key\", \"PRODUCT\" },\n { \"values\", \n {\n \"WindowsServer2016\",\n } },\n },\n \n {\n { \"key\", \"CLASSIFICATION\" },\n { \"values\", \n {\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n \"Updates\",\n } },\n },\n \n {\n { \"key\", \"MSRC_SEVERITY\" },\n { \"values\", \n {\n \"Critical\",\n \"Important\",\n \"Moderate\",\n } },\n },\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineApprovalRuleArgs\n {\n ApproveAfterDays = 7,\n PatchFilter = \n {\n \n {\n { \"key\", \"PRODUCT\" },\n { \"values\", \n {\n \"WindowsServer2012\",\n } },\n },\n },\n },\n },\n ApprovedPatches = \n {\n \"KB123456\",\n \"KB456789\",\n },\n Description = \"Patch Baseline Description\",\n GlobalFilters = \n {\n new Aws.Ssm.Inputs.PatchBaselineGlobalFilterArgs\n {\n Key = \"PRODUCT\",\n Values = \n {\n \"WindowsServer2008\",\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineGlobalFilterArgs\n {\n Key = \"CLASSIFICATION\",\n Values = \n {\n \"ServicePacks\",\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineGlobalFilterArgs\n {\n Key = \"MSRC_SEVERITY\",\n Values = \n {\n \"Low\",\n },\n },\n },\n RejectedPatches = \n {\n \"KB987654\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ssm.NewPatchBaseline(ctx, \"production\", \u0026ssm.PatchBaselineArgs{\n\t\t\tApprovalRules: ssm.PatchBaselineApprovalRuleArray{\n\t\t\t\t\u0026ssm.PatchBaselineApprovalRuleArgs{\n\t\t\t\t\tApproveAfterDays: pulumi.Int(7),\n\t\t\t\t\tComplianceLevel: pulumi.String(\"HIGH\"),\n\t\t\t\t\tPatchFilter: pulumi.Array{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"PRODUCT\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"WindowsServer2016\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"CLASSIFICATION\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"CriticalUpdates\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"SecurityUpdates\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Updates\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"MSRC_SEVERITY\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Critical\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Important\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Moderate\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026ssm.PatchBaselineApprovalRuleArgs{\n\t\t\t\t\tApproveAfterDays: pulumi.Int(7),\n\t\t\t\t\tPatchFilter: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"PRODUCT\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"WindowsServer2012\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tApprovedPatches: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"KB123456\"),\n\t\t\t\tpulumi.String(\"KB456789\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"Patch Baseline Description\"),\n\t\t\tGlobalFilters: ssm.PatchBaselineGlobalFilterArray{\n\t\t\t\t\u0026ssm.PatchBaselineGlobalFilterArgs{\n\t\t\t\t\tKey: pulumi.String(\"PRODUCT\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"WindowsServer2008\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026ssm.PatchBaselineGlobalFilterArgs{\n\t\t\t\t\tKey: pulumi.String(\"CLASSIFICATION\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ServicePacks\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026ssm.PatchBaselineGlobalFilterArgs{\n\t\t\t\t\tKey: pulumi.String(\"MSRC_SEVERITY\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Low\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tRejectedPatches: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"KB987654\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nAdvanced usage, specifying Microsoft application and Windows patch rules\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst windowsOsApps = new aws.ssm.PatchBaseline(\"windows_os_apps\", {\n approvalRules: [\n {\n approveAfterDays: 7,\n patchFilters: [\n {\n key: \"CLASSIFICATION\",\n values: [\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n ],\n },\n {\n key: \"MSRC_SEVERITY\",\n values: [\n \"Critical\",\n \"Important\",\n ],\n },\n ],\n },\n {\n approveAfterDays: 7,\n patchFilters: [\n {\n key: \"PATCH_SET\",\n values: [\"APPLICATION\"],\n },\n // Filter on Microsoft product if necessary \n {\n key: \"PRODUCT\",\n values: [\n \"Office 2013\",\n \"Office 2016\",\n ],\n },\n ],\n },\n ],\n description: \"Patch both Windows and Microsoft apps\",\n operatingSystem: \"WINDOWS\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwindows_os_apps = aws.ssm.PatchBaseline(\"windowsOsApps\",\n approval_rules=[\n {\n \"approveAfterDays\": 7,\n \"patchFilter\": [\n {\n \"key\": \"CLASSIFICATION\",\n \"values\": [\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n ],\n },\n {\n \"key\": \"MSRC_SEVERITY\",\n \"values\": [\n \"Critical\",\n \"Important\",\n ],\n },\n ],\n },\n {\n \"approveAfterDays\": 7,\n \"patchFilter\": [\n {\n \"key\": \"PATCH_SET\",\n \"values\": [\"APPLICATION\"],\n },\n {\n \"key\": \"PRODUCT\",\n \"values\": [\n \"Office 2013\",\n \"Office 2016\",\n ],\n },\n ],\n },\n ],\n description=\"Patch both Windows and Microsoft apps\",\n operating_system=\"WINDOWS\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var windowsOsApps = new Aws.Ssm.PatchBaseline(\"windowsOsApps\", new Aws.Ssm.PatchBaselineArgs\n {\n ApprovalRules = \n {\n new Aws.Ssm.Inputs.PatchBaselineApprovalRuleArgs\n {\n ApproveAfterDays = 7,\n PatchFilter = \n {\n \n {\n { \"key\", \"CLASSIFICATION\" },\n { \"values\", \n {\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n } },\n },\n \n {\n { \"key\", \"MSRC_SEVERITY\" },\n { \"values\", \n {\n \"Critical\",\n \"Important\",\n } },\n },\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineApprovalRuleArgs\n {\n ApproveAfterDays = 7,\n PatchFilter = \n {\n \n {\n { \"key\", \"PATCH_SET\" },\n { \"values\", \n {\n \"APPLICATION\",\n } },\n },\n \n {\n { \"key\", \"PRODUCT\" },\n { \"values\", \n {\n \"Office 2013\",\n \"Office 2016\",\n } },\n },\n },\n },\n },\n Description = \"Patch both Windows and Microsoft apps\",\n OperatingSystem = \"WINDOWS\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = ssm.NewPatchBaseline(ctx, \"windowsOsApps\", \u0026ssm.PatchBaselineArgs{\n\t\t\tApprovalRules: ssm.PatchBaselineApprovalRuleArray{\n\t\t\t\t\u0026ssm.PatchBaselineApprovalRuleArgs{\n\t\t\t\t\tApproveAfterDays: pulumi.Int(7),\n\t\t\t\t\tPatchFilter: pulumi.MapArray{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"CLASSIFICATION\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"CriticalUpdates\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"SecurityUpdates\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"MSRC_SEVERITY\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Critical\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Important\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026ssm.PatchBaselineApprovalRuleArgs{\n\t\t\t\t\tApproveAfterDays: pulumi.Int(7),\n\t\t\t\t\tPatchFilter: pulumi.Array{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"PATCH_SET\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"APPLICATION\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"PRODUCT\"),\n\t\t\t\t\t\t\t\"values\": pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Office 2013\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Office 2016\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"Patch both Windows and Microsoft apps\"),\n\t\t\tOperatingSystem: pulumi.String(\"WINDOWS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "approvalRules": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineApprovalRule:PatchBaselineApprovalRule" }, "description": "A set of rules used to include patches in the baseline. up to 10 approval rules can be specified. Each approval_rule block requires the fields documented below.\n" }, "approvedPatches": { "type": "array", "items": { "type": "string" }, "description": "A list of explicitly approved patches for the baseline.\n" }, "approvedPatchesComplianceLevel": { "type": "string", "description": "Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid compliance levels include the following: `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`.\n" }, "description": { "type": "string", "description": "The description of the patch baseline.\n" }, "globalFilters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineGlobalFilter:PatchBaselineGlobalFilter" }, "description": "A set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT | CLASSIFICATION | MSRC_SEVERITY | PATCH_ID`.\n" }, "name": { "type": "string", "description": "The name of the patch baseline.\n" }, "operatingSystem": { "type": "string", "description": "Defines the operating system the patch baseline applies to. Supported operating systems include `WINDOWS`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `SUSE`, `UBUNTU`, `CENTOS`, and `REDHAT_ENTERPRISE_LINUX`. The Default value is `WINDOWS`.\n" }, "rejectedPatches": { "type": "array", "items": { "type": "string" }, "description": "A list of rejected patches.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "required": [ "name" ], "inputProperties": { "approvalRules": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineApprovalRule:PatchBaselineApprovalRule" }, "description": "A set of rules used to include patches in the baseline. up to 10 approval rules can be specified. Each approval_rule block requires the fields documented below.\n" }, "approvedPatches": { "type": "array", "items": { "type": "string" }, "description": "A list of explicitly approved patches for the baseline.\n" }, "approvedPatchesComplianceLevel": { "type": "string", "description": "Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid compliance levels include the following: `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`.\n" }, "description": { "type": "string", "description": "The description of the patch baseline.\n" }, "globalFilters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineGlobalFilter:PatchBaselineGlobalFilter" }, "description": "A set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT | CLASSIFICATION | MSRC_SEVERITY | PATCH_ID`.\n" }, "name": { "type": "string", "description": "The name of the patch baseline.\n" }, "operatingSystem": { "type": "string", "description": "Defines the operating system the patch baseline applies to. Supported operating systems include `WINDOWS`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `SUSE`, `UBUNTU`, `CENTOS`, and `REDHAT_ENTERPRISE_LINUX`. The Default value is `WINDOWS`.\n" }, "rejectedPatches": { "type": "array", "items": { "type": "string" }, "description": "A list of rejected patches.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering PatchBaseline resources.\n", "properties": { "approvalRules": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineApprovalRule:PatchBaselineApprovalRule" }, "description": "A set of rules used to include patches in the baseline. up to 10 approval rules can be specified. Each approval_rule block requires the fields documented below.\n" }, "approvedPatches": { "type": "array", "items": { "type": "string" }, "description": "A list of explicitly approved patches for the baseline.\n" }, "approvedPatchesComplianceLevel": { "type": "string", "description": "Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid compliance levels include the following: `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`.\n" }, "description": { "type": "string", "description": "The description of the patch baseline.\n" }, "globalFilters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineGlobalFilter:PatchBaselineGlobalFilter" }, "description": "A set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT | CLASSIFICATION | MSRC_SEVERITY | PATCH_ID`.\n" }, "name": { "type": "string", "description": "The name of the patch baseline.\n" }, "operatingSystem": { "type": "string", "description": "Defines the operating system the patch baseline applies to. Supported operating systems include `WINDOWS`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `SUSE`, `UBUNTU`, `CENTOS`, and `REDHAT_ENTERPRISE_LINUX`. The Default value is `WINDOWS`.\n" }, "rejectedPatches": { "type": "array", "items": { "type": "string" }, "description": "A list of rejected patches.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" } }, "aws:ssm/patchGroup:PatchGroup": { "description": "Provides an SSM Patch Group resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst production = new aws.ssm.PatchBaseline(\"production\", {\n approvedPatches: [\"KB123456\"],\n});\nconst patchgroup = new aws.ssm.PatchGroup(\"patchgroup\", {\n baselineId: production.id,\n patchGroup: \"patch-group-name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction = aws.ssm.PatchBaseline(\"production\", approved_patches=[\"KB123456\"])\npatchgroup = aws.ssm.PatchGroup(\"patchgroup\",\n baseline_id=production.id,\n patch_group=\"patch-group-name\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var production = new Aws.Ssm.PatchBaseline(\"production\", new Aws.Ssm.PatchBaselineArgs\n {\n ApprovedPatches = \n {\n \"KB123456\",\n },\n });\n var patchgroup = new Aws.Ssm.PatchGroup(\"patchgroup\", new Aws.Ssm.PatchGroupArgs\n {\n BaselineId = production.Id,\n PatchGroup = \"patch-group-name\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproduction, err := ssm.NewPatchBaseline(ctx, \"production\", \u0026ssm.PatchBaselineArgs{\n\t\t\tApprovedPatches: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"KB123456\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewPatchGroup(ctx, \"patchgroup\", \u0026ssm.PatchGroupArgs{\n\t\t\tBaselineId: production.ID(),\n\t\t\tPatchGroup: pulumi.String(\"patch-group-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "baselineId": { "type": "string", "description": "The ID of the patch baseline to register the patch group with.\n" }, "patchGroup": { "type": "string", "description": "The name of the patch group that should be registered with the patch baseline.\n", "language": { "csharp": { "name": "PatchGroupName" } } } }, "required": [ "baselineId", "patchGroup" ], "inputProperties": { "baselineId": { "type": "string", "description": "The ID of the patch baseline to register the patch group with.\n" }, "patchGroup": { "type": "string", "description": "The name of the patch group that should be registered with the patch baseline.\n", "language": { "csharp": { "name": "PatchGroupName" } } } }, "requiredInputs": [ "baselineId", "patchGroup" ], "stateInputs": { "description": "Input properties used for looking up and filtering PatchGroup resources.\n", "properties": { "baselineId": { "type": "string", "description": "The ID of the patch baseline to register the patch group with.\n" }, "patchGroup": { "type": "string", "description": "The name of the patch group that should be registered with the patch baseline.\n", "language": { "csharp": { "name": "PatchGroupName" } } } }, "type": "object" } }, "aws:ssm/resourceDataSync:ResourceDataSync": { "description": "Provides a SSM resource data sync.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst hogeBucket = new aws.s3.Bucket(\"hoge\", {\n region: \"us-east-1\",\n});\nconst hogeBucketPolicy = new aws.s3.BucketPolicy(\"hoge\", {\n bucket: hogeBucket.bucket,\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"SSMBucketPermissionsCheck\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"ssm.amazonaws.com\"\n },\n \"Action\": \"s3:GetBucketAcl\",\n \"Resource\": \"arn:aws:s3:::tf-test-bucket-1234\"\n },\n {\n \"Sid\": \" SSMBucketDelivery\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"ssm.amazonaws.com\"\n },\n \"Action\": \"s3:PutObject\",\n \"Resource\": [\"arn:aws:s3:::tf-test-bucket-1234/*\"],\n \"Condition\": {\n \"StringEquals\": {\n \"s3:x-amz-acl\": \"bucket-owner-full-control\"\n }\n }\n }\n ]\n}\n`,\n});\nconst foo = new aws.ssm.ResourceDataSync(\"foo\", {\n s3Destination: {\n bucketName: hogeBucket.bucket,\n region: hogeBucket.region,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nhoge_bucket = aws.s3.Bucket(\"hogeBucket\", region=\"us-east-1\")\nhoge_bucket_policy = aws.s3.BucketPolicy(\"hogeBucketPolicy\",\n bucket=hoge_bucket.bucket,\n policy=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"SSMBucketPermissionsCheck\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"ssm.amazonaws.com\"\n },\n \"Action\": \"s3:GetBucketAcl\",\n \"Resource\": \"arn:aws:s3:::tf-test-bucket-1234\"\n },\n {\n \"Sid\": \" SSMBucketDelivery\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"ssm.amazonaws.com\"\n },\n \"Action\": \"s3:PutObject\",\n \"Resource\": [\"arn:aws:s3:::tf-test-bucket-1234/*\"],\n \"Condition\": {\n \"StringEquals\": {\n \"s3:x-amz-acl\": \"bucket-owner-full-control\"\n }\n }\n }\n ]\n}\n\n\"\"\")\nfoo = aws.ssm.ResourceDataSync(\"foo\", s3_destination={\n \"bucket_name\": hoge_bucket.bucket,\n \"region\": hoge_bucket.region,\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var hogeBucket = new Aws.S3.Bucket(\"hogeBucket\", new Aws.S3.BucketArgs\n {\n Region = \"us-east-1\",\n });\n var hogeBucketPolicy = new Aws.S3.BucketPolicy(\"hogeBucketPolicy\", new Aws.S3.BucketPolicyArgs\n {\n Bucket = hogeBucket.BucketName,\n Policy = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Sid\"\": \"\"SSMBucketPermissionsCheck\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"ssm.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"s3:GetBucketAcl\"\",\n \"\"Resource\"\": \"\"arn:aws:s3:::tf-test-bucket-1234\"\"\n },\n {\n \"\"Sid\"\": \"\" SSMBucketDelivery\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"Service\"\": \"\"ssm.amazonaws.com\"\"\n },\n \"\"Action\"\": \"\"s3:PutObject\"\",\n \"\"Resource\"\": [\"\"arn:aws:s3:::tf-test-bucket-1234/*\"\"],\n \"\"Condition\"\": {\n \"\"StringEquals\"\": {\n \"\"s3:x-amz-acl\"\": \"\"bucket-owner-full-control\"\"\n }\n }\n }\n ]\n}\n\n\",\n });\n var foo = new Aws.Ssm.ResourceDataSync(\"foo\", new Aws.Ssm.ResourceDataSyncArgs\n {\n S3Destination = new Aws.Ssm.Inputs.ResourceDataSyncS3DestinationArgs\n {\n BucketName = hogeBucket.BucketName,\n Region = hogeBucket.Region,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\thogeBucket, err := s3.NewBucket(ctx, \"hogeBucket\", \u0026s3.BucketArgs{\n\t\t\tRegion: pulumi.String(\"us-east-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPolicy(ctx, \"hogeBucketPolicy\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: hogeBucket.Bucket,\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"SSMBucketPermissionsCheck\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"ssm.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"s3:GetBucketAcl\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:s3:::tf-test-bucket-1234\\\"\\n\", \" },\\n\", \" {\\n\", \" \\\"Sid\\\": \\\" SSMBucketDelivery\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"Service\\\": \\\"ssm.amazonaws.com\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"s3:PutObject\\\",\\n\", \" \\\"Resource\\\": [\\\"arn:aws:s3:::tf-test-bucket-1234/*\\\"],\\n\", \" \\\"Condition\\\": {\\n\", \" \\\"StringEquals\\\": {\\n\", \" \\\"s3:x-amz-acl\\\": \\\"bucket-owner-full-control\\\"\\n\", \" }\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewResourceDataSync(ctx, \"foo\", \u0026ssm.ResourceDataSyncArgs{\n\t\t\tS3Destination: \u0026ssm.ResourceDataSyncS3DestinationArgs{\n\t\t\t\tBucketName: hogeBucket.Bucket,\n\t\t\t\tRegion: hogeBucket.Region,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "Name for the configuration.\n" }, "s3Destination": { "$ref": "#/types/aws:ssm/ResourceDataSyncS3Destination:ResourceDataSyncS3Destination", "description": "Amazon S3 configuration details for the sync.\n" } }, "required": [ "name", "s3Destination" ], "inputProperties": { "name": { "type": "string", "description": "Name for the configuration.\n" }, "s3Destination": { "$ref": "#/types/aws:ssm/ResourceDataSyncS3Destination:ResourceDataSyncS3Destination", "description": "Amazon S3 configuration details for the sync.\n" } }, "requiredInputs": [ "s3Destination" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceDataSync resources.\n", "properties": { "name": { "type": "string", "description": "Name for the configuration.\n" }, "s3Destination": { "$ref": "#/types/aws:ssm/ResourceDataSyncS3Destination:ResourceDataSyncS3Destination", "description": "Amazon S3 configuration details for the sync.\n" } }, "type": "object" } }, "aws:storagegateway/cache:Cache": { "description": "Manages an AWS Storage Gateway cache.\n\n\u003e **NOTE:** The Storage Gateway API provides no method to remove a cache disk. Destroying this resource does not perform any Storage Gateway actions.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.Cache(\"example\", {\n diskId: aws_storagegateway_local_disk_example.id,\n gatewayArn: aws_storagegateway_gateway_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.Cache(\"example\",\n disk_id=data[\"aws_storagegateway_local_disk\"][\"example\"][\"id\"],\n gateway_arn=aws_storagegateway_gateway[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.Cache(\"example\", new Aws.StorageGateway.CacheArgs\n {\n DiskId = data.Aws_storagegateway_local_disk.Example.Id,\n GatewayArn = aws_storagegateway_gateway.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewCache(ctx, \"example\", \u0026storagegateway.CacheArgs{\n\t\t\tDiskId: pulumi.String(data.Aws_storagegateway_local_disk.Example.Id),\n\t\t\tGatewayArn: pulumi.String(aws_storagegateway_gateway.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "required": [ "diskId", "gatewayArn" ], "inputProperties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "requiredInputs": [ "diskId", "gatewayArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cache resources.\n", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "type": "object" } }, "aws:storagegateway/cachesIscsiVolume:CachesIscsiVolume": { "description": "Manages an AWS Storage Gateway cached iSCSI volume.\n\n\u003e **NOTE:** The gateway must have cache added (e.g. via the `aws.storagegateway.Cache` resource) before creating volumes otherwise the Storage Gateway API will return an error.\n\n\u003e **NOTE:** The gateway must have an upload buffer added (e.g. via the `aws.storagegateway.UploadBuffer` resource) before the volume is operational to clients, however the Storage Gateway API will allow volume creation without error in that case and return volume status as `UPLOAD BUFFER NOT CONFIGURED`.\n\n{{% examples %}}\n## Example Usage\n\n\u003e **NOTE:** These examples are referencing the `aws.storagegateway.Cache` resource `gateway_arn` attribute to ensure this provider properly adds cache before creating the volume. If you are not using this method, you may need to declare an expicit dependency (e.g. via `depends_on = [\"aws_storagegateway_cache.example\"]`) to ensure proper ordering.\n{{% example %}}\n### Create Empty Cached iSCSI Volume\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.CachesIscsiVolume(\"example\", {\n gatewayArn: aws_storagegateway_cache_example.gatewayArn,\n networkInterfaceId: aws_instance_example.privateIp,\n targetName: \"example\",\n volumeSizeInBytes: 5368709120, // 5 GB\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.CachesIscsiVolume(\"example\",\n gateway_arn=aws_storagegateway_cache[\"example\"][\"gateway_arn\"],\n network_interface_id=aws_instance[\"example\"][\"private_ip\"],\n target_name=\"example\",\n volume_size_in_bytes=5368709120)\n# 5 GB\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.CachesIscsiVolume(\"example\", new Aws.StorageGateway.CachesIscsiVolumeArgs\n {\n GatewayArn = aws_storagegateway_cache.Example.Gateway_arn,\n NetworkInterfaceId = aws_instance.Example.Private_ip,\n TargetName = \"example\",\n VolumeSizeInBytes = 5368709120,\n });\n // 5 GB\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewCachesIscsiVolume(ctx, \"example\", \u0026storagegateway.CachesIscsiVolumeArgs{\n\t\t\tGatewayArn: pulumi.String(aws_storagegateway_cache.Example.Gateway_arn),\n\t\t\tNetworkInterfaceId: pulumi.String(aws_instance.Example.Private_ip),\n\t\t\tTargetName: pulumi.String(\"example\"),\n\t\t\tVolumeSizeInBytes: pulumi.Int(5368709120),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Create Cached iSCSI Volume From Snapshot\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.CachesIscsiVolume(\"example\", {\n gatewayArn: aws_storagegateway_cache_example.gatewayArn,\n networkInterfaceId: aws_instance_example.privateIp,\n snapshotId: aws_ebs_snapshot_example.id,\n targetName: \"example\",\n volumeSizeInBytes: aws_ebs_snapshot_example.volumeSize.apply(volumeSize =\u003e (((volumeSize * 1024) * 1024) * 1024)),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.CachesIscsiVolume(\"example\",\n gateway_arn=aws_storagegateway_cache[\"example\"][\"gateway_arn\"],\n network_interface_id=aws_instance[\"example\"][\"private_ip\"],\n snapshot_id=aws_ebs_snapshot[\"example\"][\"id\"],\n target_name=\"example\",\n volume_size_in_bytes=aws_ebs_snapshot[\"example\"][\"volume_size\"] * 1024 * 1024 * 1024)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.CachesIscsiVolume(\"example\", new Aws.StorageGateway.CachesIscsiVolumeArgs\n {\n GatewayArn = aws_storagegateway_cache.Example.Gateway_arn,\n NetworkInterfaceId = aws_instance.Example.Private_ip,\n SnapshotId = aws_ebs_snapshot.Example.Id,\n TargetName = \"example\",\n VolumeSizeInBytes = aws_ebs_snapshot.Example.Volume_size * 1024 * 1024 * 1024,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewCachesIscsiVolume(ctx, \"example\", \u0026storagegateway.CachesIscsiVolumeArgs{\n\t\t\tGatewayArn: pulumi.String(aws_storagegateway_cache.Example.Gateway_arn),\n\t\t\tNetworkInterfaceId: pulumi.String(aws_instance.Example.Private_ip),\n\t\t\tSnapshotId: pulumi.String(aws_ebs_snapshot.Example.Id),\n\t\t\tTargetName: pulumi.String(\"example\"),\n\t\t\tVolumeSizeInBytes: pulumi.Int(aws_ebs_snapshot.Example.Volume_size * 1024 * 1024 * 1024),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Create Cached iSCSI Volume From Source Volume\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.CachesIscsiVolume(\"example\", {\n gatewayArn: aws_storagegateway_cache_example.gatewayArn,\n networkInterfaceId: aws_instance_example.privateIp,\n sourceVolumeArn: aws_storagegateway_cached_iscsi_volume_existing.arn,\n targetName: \"example\",\n volumeSizeInBytes: aws_storagegateway_cached_iscsi_volume_existing.volumeSizeInBytes,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.CachesIscsiVolume(\"example\",\n gateway_arn=aws_storagegateway_cache[\"example\"][\"gateway_arn\"],\n network_interface_id=aws_instance[\"example\"][\"private_ip\"],\n source_volume_arn=aws_storagegateway_cached_iscsi_volume[\"existing\"][\"arn\"],\n target_name=\"example\",\n volume_size_in_bytes=aws_storagegateway_cached_iscsi_volume[\"existing\"][\"volume_size_in_bytes\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.CachesIscsiVolume(\"example\", new Aws.StorageGateway.CachesIscsiVolumeArgs\n {\n GatewayArn = aws_storagegateway_cache.Example.Gateway_arn,\n NetworkInterfaceId = aws_instance.Example.Private_ip,\n SourceVolumeArn = aws_storagegateway_cached_iscsi_volume.Existing.Arn,\n TargetName = \"example\",\n VolumeSizeInBytes = aws_storagegateway_cached_iscsi_volume.Existing.Volume_size_in_bytes,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewCachesIscsiVolume(ctx, \"example\", \u0026storagegateway.CachesIscsiVolumeArgs{\n\t\t\tGatewayArn: pulumi.String(aws_storagegateway_cache.Example.Gateway_arn),\n\t\t\tNetworkInterfaceId: pulumi.String(aws_instance.Example.Private_ip),\n\t\t\tSourceVolumeArn: pulumi.String(aws_storagegateway_cached_iscsi_volume.Existing.Arn),\n\t\t\tTargetName: pulumi.String(\"example\"),\n\t\t\tVolumeSizeInBytes: pulumi.String(aws_storagegateway_cached_iscsi_volume.Existing.Volume_size_in_bytes),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g. `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678`.\n" }, "chapEnabled": { "type": "boolean", "description": "Whether mutual CHAP is enabled for the iSCSI target.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" }, "lunNumber": { "type": "integer", "description": "Logical disk number.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface of the gateway on which to expose the iSCSI target. Only IPv4 addresses are accepted.\n" }, "networkInterfacePort": { "type": "integer", "description": "The port used to communicate with iSCSI targets.\n" }, "snapshotId": { "type": "string", "description": "The snapshot ID of the snapshot to restore as the new cached volume. e.g. `snap-1122aabb`.\n" }, "sourceVolumeArn": { "type": "string", "description": "The ARN for an existing volume. Specifying this ARN makes the new volume into an exact copy of the specified existing volume's latest recovery point. The `volume_size_in_bytes` value for this new volume must be equal to or larger than the size of the existing volume, in bytes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "targetArn": { "type": "string", "description": "Target Amazon Resource Name (ARN), e.g. `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/target/iqn.1997-05.com.amazon:TargetName`.\n" }, "targetName": { "type": "string", "description": "The name of the iSCSI target used by initiators to connect to the target and as a suffix for the target ARN. The target name must be unique across all volumes of a gateway.\n" }, "volumeArn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g. `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678`.\n" }, "volumeId": { "type": "string", "description": "Volume ID, e.g. `vol-12345678`.\n" }, "volumeSizeInBytes": { "type": "integer", "description": "The size of the volume in bytes.\n" } }, "required": [ "arn", "chapEnabled", "gatewayArn", "lunNumber", "networkInterfaceId", "networkInterfacePort", "targetArn", "targetName", "volumeArn", "volumeId", "volumeSizeInBytes" ], "inputProperties": { "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface of the gateway on which to expose the iSCSI target. Only IPv4 addresses are accepted.\n" }, "snapshotId": { "type": "string", "description": "The snapshot ID of the snapshot to restore as the new cached volume. e.g. `snap-1122aabb`.\n" }, "sourceVolumeArn": { "type": "string", "description": "The ARN for an existing volume. Specifying this ARN makes the new volume into an exact copy of the specified existing volume's latest recovery point. The `volume_size_in_bytes` value for this new volume must be equal to or larger than the size of the existing volume, in bytes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "targetName": { "type": "string", "description": "The name of the iSCSI target used by initiators to connect to the target and as a suffix for the target ARN. The target name must be unique across all volumes of a gateway.\n" }, "volumeSizeInBytes": { "type": "integer", "description": "The size of the volume in bytes.\n" } }, "requiredInputs": [ "gatewayArn", "networkInterfaceId", "targetName", "volumeSizeInBytes" ], "stateInputs": { "description": "Input properties used for looking up and filtering CachesIscsiVolume resources.\n", "properties": { "arn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g. `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678`.\n" }, "chapEnabled": { "type": "boolean", "description": "Whether mutual CHAP is enabled for the iSCSI target.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" }, "lunNumber": { "type": "integer", "description": "Logical disk number.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface of the gateway on which to expose the iSCSI target. Only IPv4 addresses are accepted.\n" }, "networkInterfacePort": { "type": "integer", "description": "The port used to communicate with iSCSI targets.\n" }, "snapshotId": { "type": "string", "description": "The snapshot ID of the snapshot to restore as the new cached volume. e.g. `snap-1122aabb`.\n" }, "sourceVolumeArn": { "type": "string", "description": "The ARN for an existing volume. Specifying this ARN makes the new volume into an exact copy of the specified existing volume's latest recovery point. The `volume_size_in_bytes` value for this new volume must be equal to or larger than the size of the existing volume, in bytes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "targetArn": { "type": "string", "description": "Target Amazon Resource Name (ARN), e.g. `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/target/iqn.1997-05.com.amazon:TargetName`.\n" }, "targetName": { "type": "string", "description": "The name of the iSCSI target used by initiators to connect to the target and as a suffix for the target ARN. The target name must be unique across all volumes of a gateway.\n" }, "volumeArn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g. `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678`.\n" }, "volumeId": { "type": "string", "description": "Volume ID, e.g. `vol-12345678`.\n" }, "volumeSizeInBytes": { "type": "integer", "description": "The size of the volume in bytes.\n" } }, "type": "object" } }, "aws:storagegateway/gateway:Gateway": { "description": "Manages an AWS Storage Gateway file, tape, or volume gateway in the provider region.\n\n\u003e NOTE: The Storage Gateway API requires the gateway to be connected to properly return information after activation. If you are receiving `The specified gateway is not connected` errors during resource creation (gateway activation), ensure your gateway instance meets the [Storage Gateway requirements](https://docs.aws.amazon.com/storagegateway/latest/userguide/Requirements.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### File Gateway\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.Gateway(\"example\", {\n gatewayIpAddress: \"1.2.3.4\",\n gatewayName: \"example\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"FILE_S3\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.Gateway(\"example\",\n gateway_ip_address=\"1.2.3.4\",\n gateway_name=\"example\",\n gateway_timezone=\"GMT\",\n gateway_type=\"FILE_S3\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.Gateway(\"example\", new Aws.StorageGateway.GatewayArgs\n {\n GatewayIpAddress = \"1.2.3.4\",\n GatewayName = \"example\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"FILE_S3\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewGateway(ctx, \"example\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t\tGatewayName: pulumi.String(\"example\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"FILE_S3\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Volume Gateway (Cached)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.Gateway(\"example\", {\n gatewayIpAddress: \"1.2.3.4\",\n gatewayName: \"example\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"CACHED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.Gateway(\"example\",\n gateway_ip_address=\"1.2.3.4\",\n gateway_name=\"example\",\n gateway_timezone=\"GMT\",\n gateway_type=\"CACHED\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.Gateway(\"example\", new Aws.StorageGateway.GatewayArgs\n {\n GatewayIpAddress = \"1.2.3.4\",\n GatewayName = \"example\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"CACHED\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewGateway(ctx, \"example\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t\tGatewayName: pulumi.String(\"example\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"CACHED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Volume Gateway (Stored)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.Gateway(\"example\", {\n gatewayIpAddress: \"1.2.3.4\",\n gatewayName: \"example\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"STORED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.Gateway(\"example\",\n gateway_ip_address=\"1.2.3.4\",\n gateway_name=\"example\",\n gateway_timezone=\"GMT\",\n gateway_type=\"STORED\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.Gateway(\"example\", new Aws.StorageGateway.GatewayArgs\n {\n GatewayIpAddress = \"1.2.3.4\",\n GatewayName = \"example\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"STORED\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewGateway(ctx, \"example\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t\tGatewayName: pulumi.String(\"example\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"STORED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "activationKey": { "type": "string", "description": "Gateway activation key during resource creation. Conflicts with `gateway_ip_address`. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the gateway.\n" }, "cloudwatchLogGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon CloudWatch log group to use to monitor and log events in the gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of the gateway.\n" }, "gatewayIpAddress": { "type": "string", "description": "Gateway IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. Gateway must be accessible on port 80 from where this provider is running. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n" }, "gatewayName": { "type": "string", "description": "Name of the gateway.\n" }, "gatewayTimezone": { "type": "string", "description": "Time zone for the gateway. The time zone is of the format \"GMT\", \"GMT-hr:mm\", or \"GMT+hr:mm\". For example, `GMT-4:00` indicates the time is 4 hours behind GMT. The time zone is used, for example, for scheduling snapshots and your gateway's maintenance schedule.\n" }, "gatewayType": { "type": "string", "description": "Type of the gateway. The default value is `STORED`. Valid values: `CACHED`, `FILE_S3`, `STORED`, `VTL`.\n" }, "gatewayVpcEndpoint": { "type": "string", "description": "VPC endpoint address to be used when activating your gateway. This should be used when your instance is in a private subnet. Requires HTTP access from client computer running Pulumi. More info on what ports are required by your VPC Endpoint Security group in [Activating a Gateway in a Virtual Private Cloud](https://docs.aws.amazon.com/storagegateway/latest/userguide/gateway-private-link.html).\n" }, "mediumChangerType": { "type": "string" }, "smbActiveDirectorySettings": { "$ref": "#/types/aws:storagegateway/GatewaySmbActiveDirectorySettings:GatewaySmbActiveDirectorySettings", "description": "Nested argument with Active Directory domain join information for Server Message Block (SMB) file shares. Only valid for `FILE_S3` gateway type. Must be set before creating `ActiveDirectory` authentication SMB file shares. More details below.\n" }, "smbGuestPassword": { "type": "string", "description": "Guest password for Server Message Block (SMB) file shares. Only valid for `FILE_S3` gateway type. Must be set before creating `GuestAccess` authentication SMB file shares. This provider can only detect drift of the existence of a guest password, not its actual value from the gateway. This provider can however update the password with changing the argument.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" }, "tapeDriveType": { "type": "string", "description": "Type of tape drive to use for tape gateway. This provider cannot detect drift of this argument. Valid values: `IBM-ULT3580-TD5`.\n" } }, "required": [ "activationKey", "arn", "gatewayId", "gatewayIpAddress", "gatewayName", "gatewayTimezone" ], "inputProperties": { "activationKey": { "type": "string", "description": "Gateway activation key during resource creation. Conflicts with `gateway_ip_address`. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n" }, "cloudwatchLogGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon CloudWatch log group to use to monitor and log events in the gateway.\n" }, "gatewayIpAddress": { "type": "string", "description": "Gateway IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. Gateway must be accessible on port 80 from where this provider is running. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n" }, "gatewayName": { "type": "string", "description": "Name of the gateway.\n" }, "gatewayTimezone": { "type": "string", "description": "Time zone for the gateway. The time zone is of the format \"GMT\", \"GMT-hr:mm\", or \"GMT+hr:mm\". For example, `GMT-4:00` indicates the time is 4 hours behind GMT. The time zone is used, for example, for scheduling snapshots and your gateway's maintenance schedule.\n" }, "gatewayType": { "type": "string", "description": "Type of the gateway. The default value is `STORED`. Valid values: `CACHED`, `FILE_S3`, `STORED`, `VTL`.\n" }, "gatewayVpcEndpoint": { "type": "string", "description": "VPC endpoint address to be used when activating your gateway. This should be used when your instance is in a private subnet. Requires HTTP access from client computer running Pulumi. More info on what ports are required by your VPC Endpoint Security group in [Activating a Gateway in a Virtual Private Cloud](https://docs.aws.amazon.com/storagegateway/latest/userguide/gateway-private-link.html).\n" }, "mediumChangerType": { "type": "string" }, "smbActiveDirectorySettings": { "$ref": "#/types/aws:storagegateway/GatewaySmbActiveDirectorySettings:GatewaySmbActiveDirectorySettings", "description": "Nested argument with Active Directory domain join information for Server Message Block (SMB) file shares. Only valid for `FILE_S3` gateway type. Must be set before creating `ActiveDirectory` authentication SMB file shares. More details below.\n" }, "smbGuestPassword": { "type": "string", "description": "Guest password for Server Message Block (SMB) file shares. Only valid for `FILE_S3` gateway type. Must be set before creating `GuestAccess` authentication SMB file shares. This provider can only detect drift of the existence of a guest password, not its actual value from the gateway. This provider can however update the password with changing the argument.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" }, "tapeDriveType": { "type": "string", "description": "Type of tape drive to use for tape gateway. This provider cannot detect drift of this argument. Valid values: `IBM-ULT3580-TD5`.\n" } }, "requiredInputs": [ "gatewayName", "gatewayTimezone" ], "stateInputs": { "description": "Input properties used for looking up and filtering Gateway resources.\n", "properties": { "activationKey": { "type": "string", "description": "Gateway activation key during resource creation. Conflicts with `gateway_ip_address`. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the gateway.\n" }, "cloudwatchLogGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon CloudWatch log group to use to monitor and log events in the gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of the gateway.\n" }, "gatewayIpAddress": { "type": "string", "description": "Gateway IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. Gateway must be accessible on port 80 from where this provider is running. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n" }, "gatewayName": { "type": "string", "description": "Name of the gateway.\n" }, "gatewayTimezone": { "type": "string", "description": "Time zone for the gateway. The time zone is of the format \"GMT\", \"GMT-hr:mm\", or \"GMT+hr:mm\". For example, `GMT-4:00` indicates the time is 4 hours behind GMT. The time zone is used, for example, for scheduling snapshots and your gateway's maintenance schedule.\n" }, "gatewayType": { "type": "string", "description": "Type of the gateway. The default value is `STORED`. Valid values: `CACHED`, `FILE_S3`, `STORED`, `VTL`.\n" }, "gatewayVpcEndpoint": { "type": "string", "description": "VPC endpoint address to be used when activating your gateway. This should be used when your instance is in a private subnet. Requires HTTP access from client computer running Pulumi. More info on what ports are required by your VPC Endpoint Security group in [Activating a Gateway in a Virtual Private Cloud](https://docs.aws.amazon.com/storagegateway/latest/userguide/gateway-private-link.html).\n" }, "mediumChangerType": { "type": "string" }, "smbActiveDirectorySettings": { "$ref": "#/types/aws:storagegateway/GatewaySmbActiveDirectorySettings:GatewaySmbActiveDirectorySettings", "description": "Nested argument with Active Directory domain join information for Server Message Block (SMB) file shares. Only valid for `FILE_S3` gateway type. Must be set before creating `ActiveDirectory` authentication SMB file shares. More details below.\n" }, "smbGuestPassword": { "type": "string", "description": "Guest password for Server Message Block (SMB) file shares. Only valid for `FILE_S3` gateway type. Must be set before creating `GuestAccess` authentication SMB file shares. This provider can only detect drift of the existence of a guest password, not its actual value from the gateway. This provider can however update the password with changing the argument.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" }, "tapeDriveType": { "type": "string", "description": "Type of tape drive to use for tape gateway. This provider cannot detect drift of this argument. Valid values: `IBM-ULT3580-TD5`.\n" } }, "type": "object" } }, "aws:storagegateway/nfsFileShare:NfsFileShare": { "description": "Manages an AWS Storage Gateway NFS File Share.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.NfsFileShare(\"example\", {\n clientLists: [\"0.0.0.0/0\"],\n gatewayArn: aws_storagegateway_gateway_example.arn,\n locationArn: aws_s3_bucket_example.arn,\n roleArn: aws_iam_role_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.NfsFileShare(\"example\",\n client_lists=[\"0.0.0.0/0\"],\n gateway_arn=aws_storagegateway_gateway[\"example\"][\"arn\"],\n location_arn=aws_s3_bucket[\"example\"][\"arn\"],\n role_arn=aws_iam_role[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.NfsFileShare(\"example\", new Aws.StorageGateway.NfsFileShareArgs\n {\n ClientLists = \n {\n \"0.0.0.0/0\",\n },\n GatewayArn = aws_storagegateway_gateway.Example.Arn,\n LocationArn = aws_s3_bucket.Example.Arn,\n RoleArn = aws_iam_role.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewNfsFileShare(ctx, \"example\", \u0026storagegateway.NfsFileShareArgs{\n\t\t\tClientLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t},\n\t\t\tGatewayArn: pulumi.String(aws_storagegateway_gateway.Example.Arn),\n\t\t\tLocationArn: pulumi.String(aws_s3_bucket.Example.Arn),\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the NFS File Share.\n" }, "clientLists": { "type": "array", "items": { "type": "string" }, "description": "The list of clients that are allowed to access the file gateway. The list must contain either valid IP addresses or valid CIDR blocks. Set to `[\"0.0.0.0/0\"]` to not limit access. Minimum 1 item. Maximum 100 items.\n" }, "defaultStorageClass": { "type": "string", "description": "The default storage class for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`. Valid values: `S3_STANDARD`, `S3_STANDARD_IA`, `S3_ONEZONE_IA`.\n" }, "fileshareId": { "type": "string", "description": "ID of the NFS File Share.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n" }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n" }, "nfsFileShareDefaults": { "$ref": "#/types/aws:storagegateway/NfsFileShareNfsFileShareDefaults:NfsFileShareNfsFileShareDefaults", "description": "Nested argument with file share default values. More information below.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 bucket objects. Defaults to `private`.\n" }, "path": { "type": "string", "description": "File share path used by the NFS client to identify the mount point.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n" }, "squash": { "type": "string", "description": "Maps a user to anonymous user. Defaults to `RootSquash`. Valid values: `RootSquash` (only root is mapped to anonymous user), `NoSquash` (no one is mapped to anonymous user), `AllSquash` (everyone is mapped to anonymous user)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "clientLists", "fileshareId", "gatewayArn", "locationArn", "path", "roleArn" ], "inputProperties": { "clientLists": { "type": "array", "items": { "type": "string" }, "description": "The list of clients that are allowed to access the file gateway. The list must contain either valid IP addresses or valid CIDR blocks. Set to `[\"0.0.0.0/0\"]` to not limit access. Minimum 1 item. Maximum 100 items.\n" }, "defaultStorageClass": { "type": "string", "description": "The default storage class for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`. Valid values: `S3_STANDARD`, `S3_STANDARD_IA`, `S3_ONEZONE_IA`.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n" }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n" }, "nfsFileShareDefaults": { "$ref": "#/types/aws:storagegateway/NfsFileShareNfsFileShareDefaults:NfsFileShareNfsFileShareDefaults", "description": "Nested argument with file share default values. More information below.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 bucket objects. Defaults to `private`.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n" }, "squash": { "type": "string", "description": "Maps a user to anonymous user. Defaults to `RootSquash`. Valid values: `RootSquash` (only root is mapped to anonymous user), `NoSquash` (no one is mapped to anonymous user), `AllSquash` (everyone is mapped to anonymous user)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "clientLists", "gatewayArn", "locationArn", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering NfsFileShare resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the NFS File Share.\n" }, "clientLists": { "type": "array", "items": { "type": "string" }, "description": "The list of clients that are allowed to access the file gateway. The list must contain either valid IP addresses or valid CIDR blocks. Set to `[\"0.0.0.0/0\"]` to not limit access. Minimum 1 item. Maximum 100 items.\n" }, "defaultStorageClass": { "type": "string", "description": "The default storage class for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`. Valid values: `S3_STANDARD`, `S3_STANDARD_IA`, `S3_ONEZONE_IA`.\n" }, "fileshareId": { "type": "string", "description": "ID of the NFS File Share.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n" }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n" }, "nfsFileShareDefaults": { "$ref": "#/types/aws:storagegateway/NfsFileShareNfsFileShareDefaults:NfsFileShareNfsFileShareDefaults", "description": "Nested argument with file share default values. More information below.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 bucket objects. Defaults to `private`.\n" }, "path": { "type": "string", "description": "File share path used by the NFS client to identify the mount point.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n" }, "squash": { "type": "string", "description": "Maps a user to anonymous user. Defaults to `RootSquash`. Valid values: `RootSquash` (only root is mapped to anonymous user), `NoSquash` (no one is mapped to anonymous user), `AllSquash` (everyone is mapped to anonymous user)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:storagegateway/smbFileShare:SmbFileShare": { "description": "Manages an AWS Storage Gateway SMB File Share.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Active Directory Authentication\n\n\u003e **NOTE:** The gateway must have already joined the Active Directory domain prior to SMB file share creation. e.g. via \"SMB Settings\" in the AWS Storage Gateway console or `smb_active_directory_settings` in the `aws.storagegateway.Gateway` resource.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.SmbFileShare(\"example\", {\n authentication: \"ActiveDirectory\",\n gatewayArn: aws_storagegateway_gateway_example.arn,\n locationArn: aws_s3_bucket_example.arn,\n roleArn: aws_iam_role_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.SmbFileShare(\"example\",\n authentication=\"ActiveDirectory\",\n gateway_arn=aws_storagegateway_gateway[\"example\"][\"arn\"],\n location_arn=aws_s3_bucket[\"example\"][\"arn\"],\n role_arn=aws_iam_role[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.SmbFileShare(\"example\", new Aws.StorageGateway.SmbFileShareArgs\n {\n Authentication = \"ActiveDirectory\",\n GatewayArn = aws_storagegateway_gateway.Example.Arn,\n LocationArn = aws_s3_bucket.Example.Arn,\n RoleArn = aws_iam_role.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewSmbFileShare(ctx, \"example\", \u0026storagegateway.SmbFileShareArgs{\n\t\t\tAuthentication: pulumi.String(\"ActiveDirectory\"),\n\t\t\tGatewayArn: pulumi.String(aws_storagegateway_gateway.Example.Arn),\n\t\t\tLocationArn: pulumi.String(aws_s3_bucket.Example.Arn),\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Guest Authentication\n\n\u003e **NOTE:** The gateway must have already had the SMB guest password set prior to SMB file share creation. e.g. via \"SMB Settings\" in the AWS Storage Gateway console or `smb_guest_password` in the `aws.storagegateway.Gateway` resource.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.SmbFileShare(\"example\", {\n authentication: \"GuestAccess\",\n gatewayArn: aws_storagegateway_gateway_example.arn,\n locationArn: aws_s3_bucket_example.arn,\n roleArn: aws_iam_role_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.SmbFileShare(\"example\",\n authentication=\"GuestAccess\",\n gateway_arn=aws_storagegateway_gateway[\"example\"][\"arn\"],\n location_arn=aws_s3_bucket[\"example\"][\"arn\"],\n role_arn=aws_iam_role[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.SmbFileShare(\"example\", new Aws.StorageGateway.SmbFileShareArgs\n {\n Authentication = \"GuestAccess\",\n GatewayArn = aws_storagegateway_gateway.Example.Arn,\n LocationArn = aws_s3_bucket.Example.Arn,\n RoleArn = aws_iam_role.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewSmbFileShare(ctx, \"example\", \u0026storagegateway.SmbFileShareArgs{\n\t\t\tAuthentication: pulumi.String(\"GuestAccess\"),\n\t\t\tGatewayArn: pulumi.String(aws_storagegateway_gateway.Example.Arn),\n\t\t\tLocationArn: pulumi.String(aws_s3_bucket.Example.Arn),\n\t\t\tRoleArn: pulumi.String(aws_iam_role.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the SMB File Share.\n" }, "authentication": { "type": "string", "description": "The authentication method that users use to access the file share. Defaults to `ActiveDirectory`. Valid values: `ActiveDirectory`, `GuestAccess`.\n" }, "defaultStorageClass": { "type": "string", "description": "The default storage class for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`. Valid values: `S3_STANDARD`, `S3_STANDARD_IA`, `S3_ONEZONE_IA`.\n" }, "fileshareId": { "type": "string", "description": "ID of the SMB File Share.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n" }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "invalidUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are not allowed to access the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 bucket objects. Defaults to `private`.\n" }, "path": { "type": "string", "description": "File share path used by the NFS client to identify the mount point.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "validUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are allowed to access the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" } }, "required": [ "arn", "fileshareId", "gatewayArn", "locationArn", "path", "roleArn" ], "inputProperties": { "authentication": { "type": "string", "description": "The authentication method that users use to access the file share. Defaults to `ActiveDirectory`. Valid values: `ActiveDirectory`, `GuestAccess`.\n" }, "defaultStorageClass": { "type": "string", "description": "The default storage class for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`. Valid values: `S3_STANDARD`, `S3_STANDARD_IA`, `S3_ONEZONE_IA`.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n" }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "invalidUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are not allowed to access the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 bucket objects. Defaults to `private`.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "validUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are allowed to access the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" } }, "requiredInputs": [ "gatewayArn", "locationArn", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering SmbFileShare resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the SMB File Share.\n" }, "authentication": { "type": "string", "description": "The authentication method that users use to access the file share. Defaults to `ActiveDirectory`. Valid values: `ActiveDirectory`, `GuestAccess`.\n" }, "defaultStorageClass": { "type": "string", "description": "The default storage class for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`. Valid values: `S3_STANDARD`, `S3_STANDARD_IA`, `S3_ONEZONE_IA`.\n" }, "fileshareId": { "type": "string", "description": "ID of the SMB File Share.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n" }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "invalidUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are not allowed to access the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 bucket objects. Defaults to `private`.\n" }, "path": { "type": "string", "description": "File share path used by the NFS client to identify the mount point.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "validUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are allowed to access the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" } }, "type": "object" } }, "aws:storagegateway/uploadBuffer:UploadBuffer": { "description": "Manages an AWS Storage Gateway upload buffer.\n\n\u003e **NOTE:** The Storage Gateway API provides no method to remove an upload buffer disk. Destroying this resource does not perform any Storage Gateway actions.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.UploadBuffer(\"example\", {\n diskId: aws_storagegateway_local_disk_example.id,\n gatewayArn: aws_storagegateway_gateway_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.UploadBuffer(\"example\",\n disk_id=data[\"aws_storagegateway_local_disk\"][\"example\"][\"id\"],\n gateway_arn=aws_storagegateway_gateway[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.UploadBuffer(\"example\", new Aws.StorageGateway.UploadBufferArgs\n {\n DiskId = data.Aws_storagegateway_local_disk.Example.Id,\n GatewayArn = aws_storagegateway_gateway.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewUploadBuffer(ctx, \"example\", \u0026storagegateway.UploadBufferArgs{\n\t\t\tDiskId: pulumi.String(data.Aws_storagegateway_local_disk.Example.Id),\n\t\t\tGatewayArn: pulumi.String(aws_storagegateway_gateway.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "required": [ "diskId", "gatewayArn" ], "inputProperties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "requiredInputs": [ "diskId", "gatewayArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering UploadBuffer resources.\n", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "type": "object" } }, "aws:storagegateway/workingStorage:WorkingStorage": { "description": "Manages an AWS Storage Gateway working storage.\n\n\u003e **NOTE:** The Storage Gateway API provides no method to remove a working storage disk. Destroying this resource does not perform any Storage Gateway actions.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.WorkingStorage(\"example\", {\n diskId: aws_storagegateway_local_disk_example.id,\n gatewayArn: aws_storagegateway_gateway_example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.WorkingStorage(\"example\",\n disk_id=data[\"aws_storagegateway_local_disk\"][\"example\"][\"id\"],\n gateway_arn=aws_storagegateway_gateway[\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.StorageGateway.WorkingStorage(\"example\", new Aws.StorageGateway.WorkingStorageArgs\n {\n DiskId = data.Aws_storagegateway_local_disk.Example.Id,\n GatewayArn = aws_storagegateway_gateway.Example.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = storagegateway.NewWorkingStorage(ctx, \"example\", \u0026storagegateway.WorkingStorageArgs{\n\t\t\tDiskId: pulumi.String(data.Aws_storagegateway_local_disk.Example.Id),\n\t\t\tGatewayArn: pulumi.String(aws_storagegateway_gateway.Example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "required": [ "diskId", "gatewayArn" ], "inputProperties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "requiredInputs": [ "diskId", "gatewayArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering WorkingStorage resources.\n", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "type": "object" } }, "aws:swf/domain:Domain": { "description": "Provides an SWF Domain resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nTo register a basic SWF domain:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.swf.Domain(\"foo\", {\n description: \"SWF Domain\",\n workflowExecutionRetentionPeriodInDays: \"30\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.swf.Domain(\"foo\",\n description=\"SWF Domain\",\n workflow_execution_retention_period_in_days=30)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = new Aws.Swf.Domain(\"foo\", new Aws.Swf.DomainArgs\n {\n Description = \"SWF Domain\",\n WorkflowExecutionRetentionPeriodInDays = \"30\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/swf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = swf.NewDomain(ctx, \"foo\", \u0026swf.DomainArgs{\n\t\t\tDescription: pulumi.String(\"SWF Domain\"),\n\t\t\tWorkflowExecutionRetentionPeriodInDays: pulumi.String(\"30\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "description": { "type": "string", "description": "The domain description.\n" }, "name": { "type": "string", "description": "The name of the domain. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "workflowExecutionRetentionPeriodInDays": { "type": "string", "description": "Length of time that SWF will continue to retain information about the workflow execution after the workflow execution is complete, must be between 0 and 90 days.\n" } }, "required": [ "arn", "name", "workflowExecutionRetentionPeriodInDays" ], "inputProperties": { "description": { "type": "string", "description": "The domain description.\n" }, "name": { "type": "string", "description": "The name of the domain. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "workflowExecutionRetentionPeriodInDays": { "type": "string", "description": "Length of time that SWF will continue to retain information about the workflow execution after the workflow execution is complete, must be between 0 and 90 days.\n" } }, "requiredInputs": [ "workflowExecutionRetentionPeriodInDays" ], "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "description": { "type": "string", "description": "The domain description.\n" }, "name": { "type": "string", "description": "The name of the domain. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "workflowExecutionRetentionPeriodInDays": { "type": "string", "description": "Length of time that SWF will continue to retain information about the workflow execution after the workflow execution is complete, must be between 0 and 90 days.\n" } }, "type": "object" } }, "aws:transfer/server:Server": { "description": "Provides a AWS Transfer Server resource.\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooRole = new aws.iam.Role(\"foo\", {\n assumeRolePolicy: `{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\"Effect\": \"Allow\",\n\t\t\"Principal\": {\n\t\t\t\"Service\": \"transfer.amazonaws.com\"\n\t\t},\n\t\t\"Action\": \"sts:AssumeRole\"\n\t\t}\n\t]\n}\n`,\n});\nconst fooRolePolicy = new aws.iam.RolePolicy(\"foo\", {\n policy: `{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\"Sid\": \"AllowFullAccesstoCloudWatchLogs\",\n\t\t\"Effect\": \"Allow\",\n\t\t\"Action\": [\n\t\t\t\"logs:*\"\n\t\t],\n\t\t\"Resource\": \"*\"\n\t\t}\n\t]\n}\n`,\n role: fooRole.id,\n});\nconst fooServer = new aws.transfer.Server(\"foo\", {\n identityProviderType: \"SERVICE_MANAGED\",\n loggingRole: fooRole.arn,\n tags: {\n ENV: \"test\",\n NAME: \"tf-acc-test-transfer-server\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_role = aws.iam.Role(\"fooRole\", assume_role_policy=\"\"\"{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\"Effect\": \"Allow\",\n\t\t\"Principal\": {\n\t\t\t\"Service\": \"transfer.amazonaws.com\"\n\t\t},\n\t\t\"Action\": \"sts:AssumeRole\"\n\t\t}\n\t]\n}\n\n\"\"\")\nfoo_role_policy = aws.iam.RolePolicy(\"fooRolePolicy\",\n policy=\"\"\"{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\"Sid\": \"AllowFullAccesstoCloudWatchLogs\",\n\t\t\"Effect\": \"Allow\",\n\t\t\"Action\": [\n\t\t\t\"logs:*\"\n\t\t],\n\t\t\"Resource\": \"*\"\n\t\t}\n\t]\n}\n\n\"\"\",\n role=foo_role.id)\nfoo_server = aws.transfer.Server(\"fooServer\",\n identity_provider_type=\"SERVICE_MANAGED\",\n logging_role=foo_role.arn,\n tags={\n \"ENV\": \"test\",\n \"NAME\": \"tf-acc-test-transfer-server\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooRole = new Aws.Iam.Role(\"fooRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{\n\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\"\"Principal\"\": {\n\t\t\t\"\"Service\"\": \"\"transfer.amazonaws.com\"\"\n\t\t},\n\t\t\"\"Action\"\": \"\"sts:AssumeRole\"\"\n\t\t}\n\t]\n}\n\n\",\n });\n var fooRolePolicy = new Aws.Iam.RolePolicy(\"fooRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = @\"{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{\n\t\t\"\"Sid\"\": \"\"AllowFullAccesstoCloudWatchLogs\"\",\n\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\"\"Action\"\": [\n\t\t\t\"\"logs:*\"\"\n\t\t],\n\t\t\"\"Resource\"\": \"\"*\"\"\n\t\t}\n\t]\n}\n\n\",\n Role = fooRole.Id,\n });\n var fooServer = new Aws.Transfer.Server(\"fooServer\", new Aws.Transfer.ServerArgs\n {\n IdentityProviderType = \"SERVICE_MANAGED\",\n LoggingRole = fooRole.Arn,\n Tags = \n {\n { \"ENV\", \"test\" },\n { \"NAME\", \"tf-acc-test-transfer-server\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooRole, err := iam.NewRole(ctx, \"fooRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \"\t\\\"Version\\\": \\\"2012-10-17\\\",\\n\", \"\t\\\"Statement\\\": [\\n\", \"\t\t{\\n\", \"\t\t\\\"Effect\\\": \\\"Allow\\\",\\n\", \"\t\t\\\"Principal\\\": {\\n\", \"\t\t\t\\\"Service\\\": \\\"transfer.amazonaws.com\\\"\\n\", \"\t\t},\\n\", \"\t\t\\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \"\t\t}\\n\", \"\t]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"fooRolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \"\t\\\"Version\\\": \\\"2012-10-17\\\",\\n\", \"\t\\\"Statement\\\": [\\n\", \"\t\t{\\n\", \"\t\t\\\"Sid\\\": \\\"AllowFullAccesstoCloudWatchLogs\\\",\\n\", \"\t\t\\\"Effect\\\": \\\"Allow\\\",\\n\", \"\t\t\\\"Action\\\": [\\n\", \"\t\t\t\\\"logs:*\\\"\\n\", \"\t\t],\\n\", \"\t\t\\\"Resource\\\": \\\"*\\\"\\n\", \"\t\t}\\n\", \"\t]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRole: fooRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transfer.NewServer(ctx, \"fooServer\", \u0026transfer.ServerArgs{\n\t\t\tIdentityProviderType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tLoggingRole: fooRole.Arn,\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"ENV\": pulumi.String(\"test\"),\n\t\t\t\t\"NAME\": pulumi.String(\"tf-acc-test-transfer-server\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Transfer Server\n" }, "endpoint": { "type": "string", "description": "The endpoint of the Transfer Server (e.g. `s-12345678.server.transfer.REGION.amazonaws.com`)\n" }, "endpointDetails": { "$ref": "#/types/aws:transfer/ServerEndpointDetails:ServerEndpointDetails", "description": "The virtual private cloud (VPC) endpoint settings that you want to configure for your SFTP server. Fields documented below.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint that you want your SFTP server connect to. If you connect to a `VPC_ENDPOINT`, your SFTP server isn't accessible over the public internet. If you want to connect your SFTP server via public internet, set `PUBLIC`. Defaults to `PUBLIC`.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all users associated with the server should be deleted so that the Server can be destroyed without error. The default value is `false`.\n" }, "hostKey": { "type": "string", "description": "RSA private key (e.g. as generated by the `ssh-keygen -N \"\" -f my-new-server-key` command).\n" }, "hostKeyFingerprint": { "type": "string", "description": "This value contains the message-digest algorithm (MD5) hash of the server's host key. This value is equivalent to the output of the `ssh-keygen -l -E md5 -f my-new-server-key` command.\n" }, "identityProviderType": { "type": "string", "description": "The mode of authentication enabled for this service. The default value is `SERVICE_MANAGED`, which allows you to store and access SFTP user credentials within the service. `API_GATEWAY` indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice.\n" }, "invocationRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role used to authenticate the user account with an `identity_provider_type` of `API_GATEWAY`.\n" }, "loggingRole": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to write your SFTP users’ activity to your Amazon CloudWatch logs for monitoring and auditing purposes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "url": { "type": "string", "description": "- URL of the service endpoint used to authenticate users with an `identity_provider_type` of `API_GATEWAY`.\n" } }, "required": [ "arn", "endpoint", "hostKeyFingerprint" ], "inputProperties": { "endpointDetails": { "$ref": "#/types/aws:transfer/ServerEndpointDetails:ServerEndpointDetails", "description": "The virtual private cloud (VPC) endpoint settings that you want to configure for your SFTP server. Fields documented below.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint that you want your SFTP server connect to. If you connect to a `VPC_ENDPOINT`, your SFTP server isn't accessible over the public internet. If you want to connect your SFTP server via public internet, set `PUBLIC`. Defaults to `PUBLIC`.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all users associated with the server should be deleted so that the Server can be destroyed without error. The default value is `false`.\n" }, "hostKey": { "type": "string", "description": "RSA private key (e.g. as generated by the `ssh-keygen -N \"\" -f my-new-server-key` command).\n" }, "identityProviderType": { "type": "string", "description": "The mode of authentication enabled for this service. The default value is `SERVICE_MANAGED`, which allows you to store and access SFTP user credentials within the service. `API_GATEWAY` indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice.\n" }, "invocationRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role used to authenticate the user account with an `identity_provider_type` of `API_GATEWAY`.\n" }, "loggingRole": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to write your SFTP users’ activity to your Amazon CloudWatch logs for monitoring and auditing purposes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "url": { "type": "string", "description": "- URL of the service endpoint used to authenticate users with an `identity_provider_type` of `API_GATEWAY`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Server resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Transfer Server\n" }, "endpoint": { "type": "string", "description": "The endpoint of the Transfer Server (e.g. `s-12345678.server.transfer.REGION.amazonaws.com`)\n" }, "endpointDetails": { "$ref": "#/types/aws:transfer/ServerEndpointDetails:ServerEndpointDetails", "description": "The virtual private cloud (VPC) endpoint settings that you want to configure for your SFTP server. Fields documented below.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint that you want your SFTP server connect to. If you connect to a `VPC_ENDPOINT`, your SFTP server isn't accessible over the public internet. If you want to connect your SFTP server via public internet, set `PUBLIC`. Defaults to `PUBLIC`.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all users associated with the server should be deleted so that the Server can be destroyed without error. The default value is `false`.\n" }, "hostKey": { "type": "string", "description": "RSA private key (e.g. as generated by the `ssh-keygen -N \"\" -f my-new-server-key` command).\n" }, "hostKeyFingerprint": { "type": "string", "description": "This value contains the message-digest algorithm (MD5) hash of the server's host key. This value is equivalent to the output of the `ssh-keygen -l -E md5 -f my-new-server-key` command.\n" }, "identityProviderType": { "type": "string", "description": "The mode of authentication enabled for this service. The default value is `SERVICE_MANAGED`, which allows you to store and access SFTP user credentials within the service. `API_GATEWAY` indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice.\n" }, "invocationRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role used to authenticate the user account with an `identity_provider_type` of `API_GATEWAY`.\n" }, "loggingRole": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to write your SFTP users’ activity to your Amazon CloudWatch logs for monitoring and auditing purposes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "url": { "type": "string", "description": "- URL of the service endpoint used to authenticate users with an `identity_provider_type` of `API_GATEWAY`.\n" } }, "type": "object" } }, "aws:transfer/sshKey:SshKey": { "description": "Provides a AWS Transfer User SSH Key resource.\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooServer = new aws.transfer.Server(\"foo\", {\n identityProviderType: \"SERVICE_MANAGED\",\n tags: {\n NAME: \"tf-acc-test-transfer-server\",\n },\n});\nconst fooRole = new aws.iam.Role(\"foo\", {\n assumeRolePolicy: `{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\"Effect\": \"Allow\",\n\t\t\"Principal\": {\n\t\t\t\"Service\": \"transfer.amazonaws.com\"\n\t\t},\n\t\t\"Action\": \"sts:AssumeRole\"\n\t\t}\n\t]\n}\n`,\n});\nconst fooRolePolicy = new aws.iam.RolePolicy(\"foo\", {\n policy: `{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Sid\": \"AllowFullAccesstoS3\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"s3:*\"\n\t\t\t],\n\t\t\t\"Resource\": \"*\"\n\t\t}\n\t]\n}\n`,\n role: fooRole.id,\n});\nconst fooUser = new aws.transfer.User(\"foo\", {\n role: fooRole.arn,\n serverId: fooServer.id,\n tags: {\n NAME: \"tftestuser\",\n },\n userName: \"tftestuser\",\n});\nconst fooSshKey = new aws.transfer.SshKey(\"foo\", {\n body: \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 example@example.com\",\n serverId: fooServer.id,\n userName: fooUser.userName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_server = aws.transfer.Server(\"fooServer\",\n identity_provider_type=\"SERVICE_MANAGED\",\n tags={\n \"NAME\": \"tf-acc-test-transfer-server\",\n })\nfoo_role = aws.iam.Role(\"fooRole\", assume_role_policy=\"\"\"{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\"Effect\": \"Allow\",\n\t\t\"Principal\": {\n\t\t\t\"Service\": \"transfer.amazonaws.com\"\n\t\t},\n\t\t\"Action\": \"sts:AssumeRole\"\n\t\t}\n\t]\n}\n\n\"\"\")\nfoo_role_policy = aws.iam.RolePolicy(\"fooRolePolicy\",\n policy=\"\"\"{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Sid\": \"AllowFullAccesstoS3\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"s3:*\"\n\t\t\t],\n\t\t\t\"Resource\": \"*\"\n\t\t}\n\t]\n}\n\n\"\"\",\n role=foo_role.id)\nfoo_user = aws.transfer.User(\"fooUser\",\n role=foo_role.arn,\n server_id=foo_server.id,\n tags={\n \"NAME\": \"tftestuser\",\n },\n user_name=\"tftestuser\")\nfoo_ssh_key = aws.transfer.SshKey(\"fooSshKey\",\n body=\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 example@example.com\",\n server_id=foo_server.id,\n user_name=foo_user.user_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooServer = new Aws.Transfer.Server(\"fooServer\", new Aws.Transfer.ServerArgs\n {\n IdentityProviderType = \"SERVICE_MANAGED\",\n Tags = \n {\n { \"NAME\", \"tf-acc-test-transfer-server\" },\n },\n });\n var fooRole = new Aws.Iam.Role(\"fooRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{\n\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\"\"Principal\"\": {\n\t\t\t\"\"Service\"\": \"\"transfer.amazonaws.com\"\"\n\t\t},\n\t\t\"\"Action\"\": \"\"sts:AssumeRole\"\"\n\t\t}\n\t]\n}\n\n\",\n });\n var fooRolePolicy = new Aws.Iam.RolePolicy(\"fooRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = @\"{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{\n\t\t\t\"\"Sid\"\": \"\"AllowFullAccesstoS3\"\",\n\t\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\t\"\"Action\"\": [\n\t\t\t\t\"\"s3:*\"\"\n\t\t\t],\n\t\t\t\"\"Resource\"\": \"\"*\"\"\n\t\t}\n\t]\n}\n\n\",\n Role = fooRole.Id,\n });\n var fooUser = new Aws.Transfer.User(\"fooUser\", new Aws.Transfer.UserArgs\n {\n Role = fooRole.Arn,\n ServerId = fooServer.Id,\n Tags = \n {\n { \"NAME\", \"tftestuser\" },\n },\n UserName = \"tftestuser\",\n });\n var fooSshKey = new Aws.Transfer.SshKey(\"fooSshKey\", new Aws.Transfer.SshKeyArgs\n {\n Body = \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 example@example.com\",\n ServerId = fooServer.Id,\n UserName = fooUser.UserName,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooServer, err := transfer.NewServer(ctx, \"fooServer\", \u0026transfer.ServerArgs{\n\t\t\tIdentityProviderType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"NAME\": pulumi.String(\"tf-acc-test-transfer-server\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooRole, err := iam.NewRole(ctx, \"fooRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \"\t\\\"Version\\\": \\\"2012-10-17\\\",\\n\", \"\t\\\"Statement\\\": [\\n\", \"\t\t{\\n\", \"\t\t\\\"Effect\\\": \\\"Allow\\\",\\n\", \"\t\t\\\"Principal\\\": {\\n\", \"\t\t\t\\\"Service\\\": \\\"transfer.amazonaws.com\\\"\\n\", \"\t\t},\\n\", \"\t\t\\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \"\t\t}\\n\", \"\t]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"fooRolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \"\t\\\"Version\\\": \\\"2012-10-17\\\",\\n\", \"\t\\\"Statement\\\": [\\n\", \"\t\t{\\n\", \"\t\t\t\\\"Sid\\\": \\\"AllowFullAccesstoS3\\\",\\n\", \"\t\t\t\\\"Effect\\\": \\\"Allow\\\",\\n\", \"\t\t\t\\\"Action\\\": [\\n\", \"\t\t\t\t\\\"s3:*\\\"\\n\", \"\t\t\t],\\n\", \"\t\t\t\\\"Resource\\\": \\\"*\\\"\\n\", \"\t\t}\\n\", \"\t]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRole: fooRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooUser, err := transfer.NewUser(ctx, \"fooUser\", \u0026transfer.UserArgs{\n\t\t\tRole: fooRole.Arn,\n\t\t\tServerId: fooServer.ID(),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"NAME\": pulumi.String(\"tftestuser\"),\n\t\t\t},\n\t\t\tUserName: pulumi.String(\"tftestuser\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transfer.NewSshKey(ctx, \"fooSshKey\", \u0026transfer.SshKeyArgs{\n\t\t\tBody: pulumi.String(\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 example@example.com\"),\n\t\t\tServerId: fooServer.ID(),\n\t\t\tUserName: fooUser.UserName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "body": { "type": "string", "description": "The public key portion of an SSH key pair.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g. `s-12345678`)\n" }, "userName": { "type": "string", "description": "The name of the user account that is assigned to one or more servers.\n" } }, "required": [ "body", "serverId", "userName" ], "inputProperties": { "body": { "type": "string", "description": "The public key portion of an SSH key pair.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g. `s-12345678`)\n" }, "userName": { "type": "string", "description": "The name of the user account that is assigned to one or more servers.\n" } }, "requiredInputs": [ "body", "serverId", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering SshKey resources.\n", "properties": { "body": { "type": "string", "description": "The public key portion of an SSH key pair.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g. `s-12345678`)\n" }, "userName": { "type": "string", "description": "The name of the user account that is assigned to one or more servers.\n" } }, "type": "object" } }, "aws:transfer/user:User": { "description": "Provides a AWS Transfer User resource. Managing SSH keys can be accomplished with the `aws.transfer.SshKey` resource.\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooServer = new aws.transfer.Server(\"foo\", {\n identityProviderType: \"SERVICE_MANAGED\",\n tags: {\n NAME: \"tf-acc-test-transfer-server\",\n },\n});\nconst fooRole = new aws.iam.Role(\"foo\", {\n assumeRolePolicy: `{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\"Effect\": \"Allow\",\n\t\t\"Principal\": {\n\t\t\t\"Service\": \"transfer.amazonaws.com\"\n\t\t},\n\t\t\"Action\": \"sts:AssumeRole\"\n\t\t}\n\t]\n}\n`,\n});\nconst fooRolePolicy = new aws.iam.RolePolicy(\"foo\", {\n policy: `{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Sid\": \"AllowFullAccesstoS3\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"s3:*\"\n\t\t\t],\n\t\t\t\"Resource\": \"*\"\n\t\t}\n\t]\n}\n`,\n role: fooRole.id,\n});\nconst fooUser = new aws.transfer.User(\"foo\", {\n role: fooRole.arn,\n serverId: fooServer.id,\n userName: \"tftestuser\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_server = aws.transfer.Server(\"fooServer\",\n identity_provider_type=\"SERVICE_MANAGED\",\n tags={\n \"NAME\": \"tf-acc-test-transfer-server\",\n })\nfoo_role = aws.iam.Role(\"fooRole\", assume_role_policy=\"\"\"{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\"Effect\": \"Allow\",\n\t\t\"Principal\": {\n\t\t\t\"Service\": \"transfer.amazonaws.com\"\n\t\t},\n\t\t\"Action\": \"sts:AssumeRole\"\n\t\t}\n\t]\n}\n\n\"\"\")\nfoo_role_policy = aws.iam.RolePolicy(\"fooRolePolicy\",\n policy=\"\"\"{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Sid\": \"AllowFullAccesstoS3\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"s3:*\"\n\t\t\t],\n\t\t\t\"Resource\": \"*\"\n\t\t}\n\t]\n}\n\n\"\"\",\n role=foo_role.id)\nfoo_user = aws.transfer.User(\"fooUser\",\n role=foo_role.arn,\n server_id=foo_server.id,\n user_name=\"tftestuser\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooServer = new Aws.Transfer.Server(\"fooServer\", new Aws.Transfer.ServerArgs\n {\n IdentityProviderType = \"SERVICE_MANAGED\",\n Tags = \n {\n { \"NAME\", \"tf-acc-test-transfer-server\" },\n },\n });\n var fooRole = new Aws.Iam.Role(\"fooRole\", new Aws.Iam.RoleArgs\n {\n AssumeRolePolicy = @\"{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{\n\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\"\"Principal\"\": {\n\t\t\t\"\"Service\"\": \"\"transfer.amazonaws.com\"\"\n\t\t},\n\t\t\"\"Action\"\": \"\"sts:AssumeRole\"\"\n\t\t}\n\t]\n}\n\n\",\n });\n var fooRolePolicy = new Aws.Iam.RolePolicy(\"fooRolePolicy\", new Aws.Iam.RolePolicyArgs\n {\n Policy = @\"{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{\n\t\t\t\"\"Sid\"\": \"\"AllowFullAccesstoS3\"\",\n\t\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\t\"\"Action\"\": [\n\t\t\t\t\"\"s3:*\"\"\n\t\t\t],\n\t\t\t\"\"Resource\"\": \"\"*\"\"\n\t\t}\n\t]\n}\n\n\",\n Role = fooRole.Id,\n });\n var fooUser = new Aws.Transfer.User(\"fooUser\", new Aws.Transfer.UserArgs\n {\n Role = fooRole.Arn,\n ServerId = fooServer.Id,\n UserName = \"tftestuser\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooServer, err := transfer.NewServer(ctx, \"fooServer\", \u0026transfer.ServerArgs{\n\t\t\tIdentityProviderType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"NAME\": pulumi.String(\"tf-acc-test-transfer-server\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooRole, err := iam.NewRole(ctx, \"fooRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \"\t\\\"Version\\\": \\\"2012-10-17\\\",\\n\", \"\t\\\"Statement\\\": [\\n\", \"\t\t{\\n\", \"\t\t\\\"Effect\\\": \\\"Allow\\\",\\n\", \"\t\t\\\"Principal\\\": {\\n\", \"\t\t\t\\\"Service\\\": \\\"transfer.amazonaws.com\\\"\\n\", \"\t\t},\\n\", \"\t\t\\\"Action\\\": \\\"sts:AssumeRole\\\"\\n\", \"\t\t}\\n\", \"\t]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"fooRolePolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \"\t\\\"Version\\\": \\\"2012-10-17\\\",\\n\", \"\t\\\"Statement\\\": [\\n\", \"\t\t{\\n\", \"\t\t\t\\\"Sid\\\": \\\"AllowFullAccesstoS3\\\",\\n\", \"\t\t\t\\\"Effect\\\": \\\"Allow\\\",\\n\", \"\t\t\t\\\"Action\\\": [\\n\", \"\t\t\t\t\\\"s3:*\\\"\\n\", \"\t\t\t],\\n\", \"\t\t\t\\\"Resource\\\": \\\"*\\\"\\n\", \"\t\t}\\n\", \"\t]\\n\", \"}\\n\", \"\\n\")),\n\t\t\tRole: fooRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transfer.NewUser(ctx, \"fooUser\", \u0026transfer.UserArgs{\n\t\t\tRole: fooRole.Arn,\n\t\t\tServerId: fooServer.ID(),\n\t\t\tUserName: pulumi.String(\"tftestuser\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Transfer User\n" }, "homeDirectory": { "type": "string", "description": "The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a `/`. The first item in the path is the name of the home bucket (accessible as `${Transfer:HomeBucket}` in the policy) and the rest is the home directory (accessible as `${Transfer:HomeDirectory}` in the policy). For example, `/example-bucket-1234/username` would set the home bucket to `example-bucket-1234` and the home directory to `username`.\n" }, "policy": { "type": "string", "description": "An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include `${Transfer:UserName}`, `${Transfer:HomeDirectory}`, and `${Transfer:HomeBucket}`. These are evaluated on-the-fly when navigating the bucket.\n" }, "role": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g. `s-12345678`)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "userName": { "type": "string", "description": "The name used for log in to your SFTP server.\n" } }, "required": [ "arn", "role", "serverId", "userName" ], "inputProperties": { "homeDirectory": { "type": "string", "description": "The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a `/`. The first item in the path is the name of the home bucket (accessible as `${Transfer:HomeBucket}` in the policy) and the rest is the home directory (accessible as `${Transfer:HomeDirectory}` in the policy). For example, `/example-bucket-1234/username` would set the home bucket to `example-bucket-1234` and the home directory to `username`.\n" }, "policy": { "type": "string", "description": "An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include `${Transfer:UserName}`, `${Transfer:HomeDirectory}`, and `${Transfer:HomeBucket}`. These are evaluated on-the-fly when navigating the bucket.\n" }, "role": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g. `s-12345678`)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "userName": { "type": "string", "description": "The name used for log in to your SFTP server.\n" } }, "requiredInputs": [ "role", "serverId", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Transfer User\n" }, "homeDirectory": { "type": "string", "description": "The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a `/`. The first item in the path is the name of the home bucket (accessible as `${Transfer:HomeBucket}` in the policy) and the rest is the home directory (accessible as `${Transfer:HomeDirectory}` in the policy). For example, `/example-bucket-1234/username` would set the home bucket to `example-bucket-1234` and the home directory to `username`.\n" }, "policy": { "type": "string", "description": "An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include `${Transfer:UserName}`, `${Transfer:HomeDirectory}`, and `${Transfer:HomeBucket}`. These are evaluated on-the-fly when navigating the bucket.\n" }, "role": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g. `s-12345678`)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "userName": { "type": "string", "description": "The name used for log in to your SFTP server.\n" } }, "type": "object" } }, "aws:waf/byteMatchSet:ByteMatchSet": { "description": "Provides a WAF Byte Match Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byteSet = new aws.waf.ByteMatchSet(\"byte_set\", {\n byteMatchTuples: [{\n fieldToMatch: {\n data: \"referer\",\n type: \"HEADER\",\n },\n positionalConstraint: \"CONTAINS\",\n targetString: \"badrefer1\",\n textTransformation: \"NONE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbyte_set = aws.waf.ByteMatchSet(\"byteSet\", byte_match_tuples=[{\n \"fieldToMatch\": {\n \"data\": \"referer\",\n \"type\": \"HEADER\",\n },\n \"positionalConstraint\": \"CONTAINS\",\n \"targetString\": \"badrefer1\",\n \"textTransformation\": \"NONE\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var byteSet = new Aws.Waf.ByteMatchSet(\"byteSet\", new Aws.Waf.ByteMatchSetArgs\n {\n ByteMatchTuples = \n {\n new Aws.Waf.Inputs.ByteMatchSetByteMatchTupleArgs\n {\n FieldToMatch = new Aws.Waf.Inputs.ByteMatchSetByteMatchTupleFieldToMatchArgs\n {\n Data = \"referer\",\n Type = \"HEADER\",\n },\n PositionalConstraint = \"CONTAINS\",\n TargetString = \"badrefer1\",\n TextTransformation = \"NONE\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = waf.NewByteMatchSet(ctx, \"byteSet\", \u0026waf.ByteMatchSetArgs{\n\t\t\tByteMatchTuples: waf.ByteMatchSetByteMatchTupleArray{\n\t\t\t\t\u0026waf.ByteMatchSetByteMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026waf.ByteMatchSetByteMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tData: pulumi.String(\"referer\"),\n\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t},\n\t\t\t\t\tPositionalConstraint: pulumi.String(\"CONTAINS\"),\n\t\t\t\t\tTargetString: pulumi.String(\"badrefer1\"),\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Specifies the bytes (typically a string that corresponds\nwith ASCII characters) that you want to search for in web requests,\nthe location in requests that you want to search, and other settings.\n" }, "name": { "type": "string", "description": "The name or description of the Byte Match Set.\n" } }, "required": [ "name" ], "inputProperties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Specifies the bytes (typically a string that corresponds\nwith ASCII characters) that you want to search for in web requests,\nthe location in requests that you want to search, and other settings.\n" }, "name": { "type": "string", "description": "The name or description of the Byte Match Set.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ByteMatchSet resources.\n", "properties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Specifies the bytes (typically a string that corresponds\nwith ASCII characters) that you want to search for in web requests,\nthe location in requests that you want to search, and other settings.\n" }, "name": { "type": "string", "description": "The name or description of the Byte Match Set.\n" } }, "type": "object" } }, "aws:waf/geoMatchSet:GeoMatchSet": { "description": "Provides a WAF Geo Match Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst geoMatchSet = new aws.waf.GeoMatchSet(\"geo_match_set\", {\n geoMatchConstraints: [\n {\n type: \"Country\",\n value: \"US\",\n },\n {\n type: \"Country\",\n value: \"CA\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngeo_match_set = aws.waf.GeoMatchSet(\"geoMatchSet\", geo_match_constraints=[\n {\n \"type\": \"Country\",\n \"value\": \"US\",\n },\n {\n \"type\": \"Country\",\n \"value\": \"CA\",\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var geoMatchSet = new Aws.Waf.GeoMatchSet(\"geoMatchSet\", new Aws.Waf.GeoMatchSetArgs\n {\n GeoMatchConstraints = \n {\n new Aws.Waf.Inputs.GeoMatchSetGeoMatchConstraintArgs\n {\n Type = \"Country\",\n Value = \"US\",\n },\n new Aws.Waf.Inputs.GeoMatchSetGeoMatchConstraintArgs\n {\n Type = \"Country\",\n Value = \"CA\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = waf.NewGeoMatchSet(ctx, \"geoMatchSet\", \u0026waf.GeoMatchSetArgs{\n\t\t\tGeoMatchConstraints: waf.GeoMatchSetGeoMatchConstraintArray{\n\t\t\t\t\u0026waf.GeoMatchSetGeoMatchConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"Country\"),\n\t\t\t\t\tValue: pulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\t\u0026waf.GeoMatchSetGeoMatchConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"Country\"),\n\t\t\t\t\tValue: pulumi.String(\"CA\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The GeoMatchConstraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the GeoMatchSet.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The GeoMatchConstraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the GeoMatchSet.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering GeoMatchSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The GeoMatchConstraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the GeoMatchSet.\n" } }, "type": "object" } }, "aws:waf/ipSet:IpSet": { "description": "Provides a WAF IPSet Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n ipSetDescriptors: [\n {\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n },\n {\n type: \"IPV4\",\n value: \"10.16.16.0/16\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\", ip_set_descriptors=[\n {\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n },\n {\n \"type\": \"IPV4\",\n \"value\": \"10.16.16.0/16\",\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ipset = new Aws.Waf.IpSet(\"ipset\", new Aws.Waf.IpSetArgs\n {\n IpSetDescriptors = \n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"10.16.16.0/16\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"10.16.16.0/16\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF IPSet.\n" }, "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:waf/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR format) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:waf/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR format) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering IpSet resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF IPSet.\n" }, "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:waf/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR format) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n" } }, "type": "object" } }, "aws:waf/rateBasedRule:RateBasedRule": { "description": "Provides a WAF Rate Based Rule Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.RateBasedRule(\"wafrule\", {\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n rateKey: \"IP\",\n rateLimit: 100,\n}, { dependsOn: [ipset] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\", ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n}])\nwafrule = aws.waf.RateBasedRule(\"wafrule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"dataId\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }],\n rate_key=\"IP\",\n rate_limit=100)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ipset = new Aws.Waf.IpSet(\"ipset\", new Aws.Waf.IpSetArgs\n {\n IpSetDescriptors = \n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n var wafrule = new Aws.Waf.RateBasedRule(\"wafrule\", new Aws.Waf.RateBasedRuleArgs\n {\n MetricName = \"tfWAFRule\",\n Predicates = \n {\n new Aws.Waf.Inputs.RateBasedRulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n RateKey = \"IP\",\n RateLimit = 100,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRateBasedRule(ctx, \"wafrule\", \u0026waf.RateBasedRuleArgs{\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: waf.RateBasedRulePredicateArray{\n\t\t\t\t\u0026waf.RateBasedRulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRateKey: pulumi.String(\"IP\"),\n\t\t\tRateLimit: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "metricName", "name", "rateKey", "rateLimit" ], "inputProperties": { "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "metricName", "rateKey", "rateLimit" ], "stateInputs": { "description": "Input properties used for looking up and filtering RateBasedRule resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:waf/regexMatchSet:RegexMatchSet": { "description": "Provides a WAF Regex Match Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRegexPatternSet = new aws.waf.RegexPatternSet(\"example\", {\n regexPatternStrings: [\n \"one\",\n \"two\",\n ],\n});\nconst exampleRegexMatchSet = new aws.waf.RegexMatchSet(\"example\", {\n regexMatchTuples: [{\n fieldToMatch: {\n data: \"User-Agent\",\n type: \"HEADER\",\n },\n regexPatternSetId: exampleRegexPatternSet.id,\n textTransformation: \"NONE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_regex_pattern_set = aws.waf.RegexPatternSet(\"exampleRegexPatternSet\", regex_pattern_strings=[\n \"one\",\n \"two\",\n])\nexample_regex_match_set = aws.waf.RegexMatchSet(\"exampleRegexMatchSet\", regex_match_tuples=[{\n \"fieldToMatch\": {\n \"data\": \"User-Agent\",\n \"type\": \"HEADER\",\n },\n \"regexPatternSetId\": example_regex_pattern_set.id,\n \"textTransformation\": \"NONE\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleRegexPatternSet = new Aws.Waf.RegexPatternSet(\"exampleRegexPatternSet\", new Aws.Waf.RegexPatternSetArgs\n {\n RegexPatternStrings = \n {\n \"one\",\n \"two\",\n },\n });\n var exampleRegexMatchSet = new Aws.Waf.RegexMatchSet(\"exampleRegexMatchSet\", new Aws.Waf.RegexMatchSetArgs\n {\n RegexMatchTuples = \n {\n new Aws.Waf.Inputs.RegexMatchSetRegexMatchTupleArgs\n {\n FieldToMatch = new Aws.Waf.Inputs.RegexMatchSetRegexMatchTupleFieldToMatchArgs\n {\n Data = \"User-Agent\",\n Type = \"HEADER\",\n },\n RegexPatternSetId = exampleRegexPatternSet.Id,\n TextTransformation = \"NONE\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRegexPatternSet, err := waf.NewRegexPatternSet(ctx, \"exampleRegexPatternSet\", \u0026waf.RegexPatternSetArgs{\n\t\t\tRegexPatternStrings: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRegexMatchSet(ctx, \"exampleRegexMatchSet\", \u0026waf.RegexMatchSetArgs{\n\t\t\tRegexMatchTuples: waf.RegexMatchSetRegexMatchTupleArray{\n\t\t\t\t\u0026waf.RegexMatchSetRegexMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026waf.RegexMatchSetRegexMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tData: pulumi.String(\"User-Agent\"),\n\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t},\n\t\t\t\t\tRegexPatternSetId: exampleRegexPatternSet.ID(),\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n" }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests,\nthe location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n" }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests,\nthe location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering RegexMatchSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n" }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests,\nthe location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "type": "object" } }, "aws:waf/regexPatternSet:RegexPatternSet": { "description": "Provides a WAF Regex Pattern Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.waf.RegexPatternSet(\"example\", {\n regexPatternStrings: [\n \"one\",\n \"two\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.RegexPatternSet(\"example\", regex_pattern_strings=[\n \"one\",\n \"two\",\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Waf.RegexPatternSet(\"example\", new Aws.Waf.RegexPatternSetArgs\n {\n RegexPatternStrings = \n {\n \"one\",\n \"two\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = waf.NewRegexPatternSet(ctx, \"example\", \u0026waf.RegexPatternSetArgs{\n\t\t\tRegexPatternStrings: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n" }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n" }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering RegexPatternSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n" }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "type": "object" } }, "aws:waf/rule:Rule": { "description": "Provides a WAF Rule Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.Rule(\"wafrule\", {\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n}, { dependsOn: [ipset] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\", ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n}])\nwafrule = aws.waf.Rule(\"wafrule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"dataId\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ipset = new Aws.Waf.IpSet(\"ipset\", new Aws.Waf.IpSetArgs\n {\n IpSetDescriptors = \n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n var wafrule = new Aws.Waf.Rule(\"wafrule\", new Aws.Waf.RuleArgs\n {\n MetricName = \"tfWAFRule\",\n Predicates = \n {\n new Aws.Waf.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRule(ctx, \"wafrule\", \u0026waf.RuleArgs{\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: waf.RulePredicateArray{\n\t\t\t\t\u0026waf.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule. The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "metricName", "name" ], "inputProperties": { "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule. The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Rule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule. The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:waf/ruleGroup:RuleGroup": { "description": "Provides a WAF Rule Group Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRule = new aws.waf.Rule(\"example\", {\n metricName: \"example\",\n});\nconst exampleRuleGroup = new aws.waf.RuleGroup(\"example\", {\n activatedRules: [{\n action: {\n type: \"COUNT\",\n },\n priority: 50,\n ruleId: exampleRule.id,\n }],\n metricName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_rule = aws.waf.Rule(\"exampleRule\", metric_name=\"example\")\nexample_rule_group = aws.waf.RuleGroup(\"exampleRuleGroup\",\n activated_rules=[{\n \"action\": {\n \"type\": \"COUNT\",\n },\n \"priority\": 50,\n \"rule_id\": example_rule.id,\n }],\n metric_name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleRule = new Aws.Waf.Rule(\"exampleRule\", new Aws.Waf.RuleArgs\n {\n MetricName = \"example\",\n });\n var exampleRuleGroup = new Aws.Waf.RuleGroup(\"exampleRuleGroup\", new Aws.Waf.RuleGroupArgs\n {\n ActivatedRules = \n {\n new Aws.Waf.Inputs.RuleGroupActivatedRuleArgs\n {\n Action = new Aws.Waf.Inputs.RuleGroupActivatedRuleActionArgs\n {\n Type = \"COUNT\",\n },\n Priority = 50,\n RuleId = exampleRule.Id,\n },\n },\n MetricName = \"example\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRule, err := waf.NewRule(ctx, \"exampleRule\", \u0026waf.RuleArgs{\n\t\t\tMetricName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRuleGroup(ctx, \"exampleRuleGroup\", \u0026waf.RuleGroupArgs{\n\t\t\tActivatedRules: waf.RuleGroupActivatedRuleArray{\n\t\t\t\t\u0026waf.RuleGroupActivatedRuleArgs{\n\t\t\t\t\tAction: \u0026waf.RuleGroupActivatedRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"COUNT\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(50),\n\t\t\t\t\tRuleId: exampleRule.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tMetricName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:waf/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "arn": { "type": "string", "description": "The ARN of the WAF rule group.\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n" }, "name": { "type": "string", "description": "A friendly name of the rule group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "metricName", "name" ], "inputProperties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:waf/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n" }, "name": { "type": "string", "description": "A friendly name of the rule group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering RuleGroup resources.\n", "properties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:waf/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "arn": { "type": "string", "description": "The ARN of the WAF rule group.\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n" }, "name": { "type": "string", "description": "A friendly name of the rule group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:waf/sizeConstraintSet:SizeConstraintSet": { "description": "Provides a WAF Size Constraint Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sizeConstraintSet = new aws.waf.SizeConstraintSet(\"size_constraint_set\", {\n sizeConstraints: [{\n comparisonOperator: \"EQ\",\n fieldToMatch: {\n type: \"BODY\",\n },\n size: 4096,\n textTransformation: \"NONE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsize_constraint_set = aws.waf.SizeConstraintSet(\"sizeConstraintSet\", size_constraints=[{\n \"comparison_operator\": \"EQ\",\n \"fieldToMatch\": {\n \"type\": \"BODY\",\n },\n \"size\": \"4096\",\n \"textTransformation\": \"NONE\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var sizeConstraintSet = new Aws.Waf.SizeConstraintSet(\"sizeConstraintSet\", new Aws.Waf.SizeConstraintSetArgs\n {\n SizeConstraints = \n {\n new Aws.Waf.Inputs.SizeConstraintSetSizeConstraintArgs\n {\n ComparisonOperator = \"EQ\",\n FieldToMatch = new Aws.Waf.Inputs.SizeConstraintSetSizeConstraintFieldToMatchArgs\n {\n Type = \"BODY\",\n },\n Size = 4096,\n TextTransformation = \"NONE\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = waf.NewSizeConstraintSet(ctx, \"sizeConstraintSet\", \u0026waf.SizeConstraintSetArgs{\n\t\t\tSizeConstraints: waf.SizeConstraintSetSizeConstraintArray{\n\t\t\t\t\u0026waf.SizeConstraintSetSizeConstraintArgs{\n\t\t\t\t\tComparisonOperator: pulumi.String(\"EQ\"),\n\t\t\t\t\tFieldToMatch: \u0026waf.SizeConstraintSetSizeConstraintFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BODY\"),\n\t\t\t\t\t},\n\t\t\t\t\tSize: pulumi.Int(4096),\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the Size Constraint Set.\n" }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Specifies the parts of web requests that you want to inspect the size of.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Size Constraint Set.\n" }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Specifies the parts of web requests that you want to inspect the size of.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SizeConstraintSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the Size Constraint Set.\n" }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Specifies the parts of web requests that you want to inspect the size of.\n" } }, "type": "object" } }, "aws:waf/sqlInjectionMatchSet:SqlInjectionMatchSet": { "description": "Provides a WAF SQL Injection Match Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sqlInjectionMatchSet = new aws.waf.SqlInjectionMatchSet(\"sql_injection_match_set\", {\n sqlInjectionMatchTuples: [{\n fieldToMatch: {\n type: \"QUERY_STRING\",\n },\n textTransformation: \"URL_DECODE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsql_injection_match_set = aws.waf.SqlInjectionMatchSet(\"sqlInjectionMatchSet\", sql_injection_match_tuples=[{\n \"fieldToMatch\": {\n \"type\": \"QUERY_STRING\",\n },\n \"textTransformation\": \"URL_DECODE\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var sqlInjectionMatchSet = new Aws.Waf.SqlInjectionMatchSet(\"sqlInjectionMatchSet\", new Aws.Waf.SqlInjectionMatchSetArgs\n {\n SqlInjectionMatchTuples = \n {\n new Aws.Waf.Inputs.SqlInjectionMatchSetSqlInjectionMatchTupleArgs\n {\n FieldToMatch = new Aws.Waf.Inputs.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs\n {\n Type = \"QUERY_STRING\",\n },\n TextTransformation = \"URL_DECODE\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = waf.NewSqlInjectionMatchSet(ctx, \"sqlInjectionMatchSet\", \u0026waf.SqlInjectionMatchSetArgs{\n\t\t\tSqlInjectionMatchTuples: waf.SqlInjectionMatchSetSqlInjectionMatchTupleArray{\n\t\t\t\t\u0026waf.SqlInjectionMatchSetSqlInjectionMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026waf.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"QUERY_STRING\"),\n\t\t\t\t\t},\n\t\t\t\t\tTextTransformation: pulumi.String(\"URL_DECODE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name or description of the SQL Injection Match Set.\n" }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the SQL Injection Match Set.\n" }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SqlInjectionMatchSet resources.\n", "properties": { "name": { "type": "string", "description": "The name or description of the SQL Injection Match Set.\n" }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "type": "object" } }, "aws:waf/webAcl:WebAcl": { "description": "Provides a WAF Web ACL Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.Rule(\"wafrule\", {\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n}, { dependsOn: [ipset] });\nconst wafAcl = new aws.waf.WebAcl(\"waf_acl\", {\n defaultAction: {\n type: \"ALLOW\",\n },\n metricName: \"tfWebACL\",\n rules: [{\n action: {\n type: \"BLOCK\",\n },\n priority: 1,\n ruleId: wafrule.id,\n type: \"REGULAR\",\n }],\n}, { dependsOn: [ipset, wafrule] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\", ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n}])\nwafrule = aws.waf.Rule(\"wafrule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"dataId\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }])\nwaf_acl = aws.waf.WebAcl(\"wafAcl\",\n default_action={\n \"type\": \"ALLOW\",\n },\n metric_name=\"tfWebACL\",\n rules=[{\n \"action\": {\n \"type\": \"BLOCK\",\n },\n \"priority\": 1,\n \"rule_id\": wafrule.id,\n \"type\": \"REGULAR\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ipset = new Aws.Waf.IpSet(\"ipset\", new Aws.Waf.IpSetArgs\n {\n IpSetDescriptors = \n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n var wafrule = new Aws.Waf.Rule(\"wafrule\", new Aws.Waf.RuleArgs\n {\n MetricName = \"tfWAFRule\",\n Predicates = \n {\n new Aws.Waf.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n var wafAcl = new Aws.Waf.WebAcl(\"wafAcl\", new Aws.Waf.WebAclArgs\n {\n DefaultAction = new Aws.Waf.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n MetricName = \"tfWebACL\",\n Rules = \n {\n new Aws.Waf.Inputs.WebAclRuleArgs\n {\n Action = new Aws.Waf.Inputs.WebAclRuleActionArgs\n {\n Type = \"BLOCK\",\n },\n Priority = 1,\n RuleId = wafrule.Id,\n Type = \"REGULAR\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twafrule, err := waf.NewRule(ctx, \"wafrule\", \u0026waf.RuleArgs{\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: waf.RulePredicateArray{\n\t\t\t\t\u0026waf.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewWebAcl(ctx, \"wafAcl\", \u0026waf.WebAclArgs{\n\t\t\tDefaultAction: \u0026waf.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tMetricName: pulumi.String(\"tfWebACL\"),\n\t\t\tRules: waf.WebAclRuleArray{\n\t\t\t\t\u0026waf.WebAclRuleArgs{\n\t\t\t\t\tAction: \u0026waf.WebAclRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BLOCK\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: wafrule.ID(),\n\t\t\t\t\tType: pulumi.String(\"REGULAR\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Logging\n\n\u003e *NOTE:* The Kinesis Firehose Delivery Stream name must begin with `aws-waf-logs-` and be located in `us-east-1` region. See the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) for more information about enabling WAF logging.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.waf.WebAcl(\"example\", {\n // ... other configuration ...\n loggingConfiguration: {\n logDestination: aws_kinesis_firehose_delivery_stream_example.arn,\n redactedFields: {\n fieldToMatches: [\n {\n type: \"URI\",\n },\n {\n data: \"referer\",\n type: \"HEADER\",\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.WebAcl(\"example\", logging_configuration={\n \"log_destination\": aws_kinesis_firehose_delivery_stream[\"example\"][\"arn\"],\n \"redactedFields\": {\n \"fieldToMatch\": [\n {\n \"type\": \"URI\",\n },\n {\n \"data\": \"referer\",\n \"type\": \"HEADER\",\n },\n ],\n },\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Waf.WebAcl(\"example\", new Aws.Waf.WebAclArgs\n {\n LoggingConfiguration = new Aws.Waf.Inputs.WebAclLoggingConfigurationArgs\n {\n LogDestination = aws_kinesis_firehose_delivery_stream.Example.Arn,\n RedactedFields = new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsArgs\n {\n FieldToMatch = \n {\n \n {\n { \"type\", \"URI\" },\n },\n \n {\n { \"data\", \"referer\" },\n { \"type\", \"HEADER\" },\n },\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = waf.NewWebAcl(ctx, \"example\", \u0026waf.WebAclArgs{\n\t\t\tLoggingConfiguration: \u0026waf.WebAclLoggingConfigurationArgs{\n\t\t\t\tLogDestination: pulumi.String(aws_kinesis_firehose_delivery_stream.Example.Arn),\n\t\t\t\tRedactedFields: \u0026waf.WebAclLoggingConfigurationRedactedFieldsArgs{\n\t\t\t\t\tFieldToMatch: pulumi.Array{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"URI\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"data\": pulumi.String(\"referer\"),\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"HEADER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF WebACL.\n" }, "defaultAction": { "$ref": "#/types/aws:waf/WebAclDefaultAction:WebAclDefaultAction", "description": "Configuration block with action that you want AWS WAF to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL. Detailed below.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:waf/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n" }, "name": { "type": "string", "description": "The name or description of the web ACL.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:waf/WebAclRule:WebAclRule" }, "description": "Configuration blocks containing rules to associate with the web ACL and the settings for each rule. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "defaultAction", "metricName", "name" ], "inputProperties": { "defaultAction": { "$ref": "#/types/aws:waf/WebAclDefaultAction:WebAclDefaultAction", "description": "Configuration block with action that you want AWS WAF to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL. Detailed below.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:waf/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n" }, "name": { "type": "string", "description": "The name or description of the web ACL.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:waf/WebAclRule:WebAclRule" }, "description": "Configuration blocks containing rules to associate with the web ACL and the settings for each rule. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "defaultAction", "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebAcl resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF WebACL.\n" }, "defaultAction": { "$ref": "#/types/aws:waf/WebAclDefaultAction:WebAclDefaultAction", "description": "Configuration block with action that you want AWS WAF to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL. Detailed below.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:waf/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n" }, "name": { "type": "string", "description": "The name or description of the web ACL.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:waf/WebAclRule:WebAclRule" }, "description": "Configuration blocks containing rules to associate with the web ACL and the settings for each rule. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:waf/xssMatchSet:XssMatchSet": { "description": "Provides a WAF XSS Match Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst xssMatchSet = new aws.waf.XssMatchSet(\"xss_match_set\", {\n xssMatchTuples: [\n {\n fieldToMatch: {\n type: \"URI\",\n },\n textTransformation: \"NONE\",\n },\n {\n fieldToMatch: {\n type: \"QUERY_STRING\",\n },\n textTransformation: \"NONE\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nxss_match_set = aws.waf.XssMatchSet(\"xssMatchSet\", xss_match_tuples=[\n {\n \"fieldToMatch\": {\n \"type\": \"URI\",\n },\n \"textTransformation\": \"NONE\",\n },\n {\n \"fieldToMatch\": {\n \"type\": \"QUERY_STRING\",\n },\n \"textTransformation\": \"NONE\",\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var xssMatchSet = new Aws.Waf.XssMatchSet(\"xssMatchSet\", new Aws.Waf.XssMatchSetArgs\n {\n XssMatchTuples = \n {\n new Aws.Waf.Inputs.XssMatchSetXssMatchTupleArgs\n {\n FieldToMatch = new Aws.Waf.Inputs.XssMatchSetXssMatchTupleFieldToMatchArgs\n {\n Type = \"URI\",\n },\n TextTransformation = \"NONE\",\n },\n new Aws.Waf.Inputs.XssMatchSetXssMatchTupleArgs\n {\n FieldToMatch = new Aws.Waf.Inputs.XssMatchSetXssMatchTupleFieldToMatchArgs\n {\n Type = \"QUERY_STRING\",\n },\n TextTransformation = \"NONE\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = waf.NewXssMatchSet(ctx, \"xssMatchSet\", \u0026waf.XssMatchSetArgs{\n\t\t\tXssMatchTuples: waf.XssMatchSetXssMatchTupleArray{\n\t\t\t\t\u0026waf.XssMatchSetXssMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026waf.XssMatchSetXssMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"URI\"),\n\t\t\t\t\t},\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t\t\u0026waf.XssMatchSetXssMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026waf.XssMatchSetXssMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"QUERY_STRING\"),\n\t\t\t\t\t},\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n" }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n" }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering XssMatchSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n" }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "type": "object" } }, "aws:wafregional/byteMatchSet:ByteMatchSet": { "description": "Provides a WAF Regional Byte Match Set Resource for use with Application Load Balancer.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byteSet = new aws.wafregional.ByteMatchSet(\"byte_set\", {\n byteMatchTuples: [{\n fieldToMatch: {\n data: \"referer\",\n type: \"HEADER\",\n },\n positionalConstraint: \"CONTAINS\",\n targetString: \"badrefer1\",\n textTransformation: \"NONE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbyte_set = aws.wafregional.ByteMatchSet(\"byteSet\", byte_match_tuples=[{\n \"fieldToMatch\": {\n \"data\": \"referer\",\n \"type\": \"HEADER\",\n },\n \"positionalConstraint\": \"CONTAINS\",\n \"targetString\": \"badrefer1\",\n \"textTransformation\": \"NONE\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var byteSet = new Aws.WafRegional.ByteMatchSet(\"byteSet\", new Aws.WafRegional.ByteMatchSetArgs\n {\n ByteMatchTuples = \n {\n new Aws.WafRegional.Inputs.ByteMatchSetByteMatchTupleArgs\n {\n FieldToMatch = new Aws.WafRegional.Inputs.ByteMatchSetByteMatchTupleFieldToMatchArgs\n {\n Data = \"referer\",\n Type = \"HEADER\",\n },\n PositionalConstraint = \"CONTAINS\",\n TargetString = \"badrefer1\",\n TextTransformation = \"NONE\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafregional.NewByteMatchSet(ctx, \"byteSet\", \u0026wafregional.ByteMatchSetArgs{\n\t\t\tByteMatchTuples: wafregional.ByteMatchSetByteMatchTupleArray{\n\t\t\t\t\u0026wafregional.ByteMatchSetByteMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026wafregional.ByteMatchSetByteMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tData: pulumi.String(\"referer\"),\n\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t},\n\t\t\t\t\tPositionalConstraint: pulumi.String(\"CONTAINS\"),\n\t\t\t\t\tTargetString: pulumi.String(\"badrefer1\"),\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Settings for the ByteMatchSet, such as the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests. ByteMatchTuple documented below.\n" }, "name": { "type": "string", "description": "The name or description of the ByteMatchSet.\n" } }, "required": [ "name" ], "inputProperties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Settings for the ByteMatchSet, such as the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests. ByteMatchTuple documented below.\n" }, "name": { "type": "string", "description": "The name or description of the ByteMatchSet.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ByteMatchSet resources.\n", "properties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Settings for the ByteMatchSet, such as the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests. ByteMatchTuple documented below.\n" }, "name": { "type": "string", "description": "The name or description of the ByteMatchSet.\n" } }, "type": "object" } }, "aws:wafregional/geoMatchSet:GeoMatchSet": { "description": "Provides a WAF Regional Geo Match Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst geoMatchSet = new aws.wafregional.GeoMatchSet(\"geo_match_set\", {\n geoMatchConstraints: [\n {\n type: \"Country\",\n value: \"US\",\n },\n {\n type: \"Country\",\n value: \"CA\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngeo_match_set = aws.wafregional.GeoMatchSet(\"geoMatchSet\", geo_match_constraints=[\n {\n \"type\": \"Country\",\n \"value\": \"US\",\n },\n {\n \"type\": \"Country\",\n \"value\": \"CA\",\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var geoMatchSet = new Aws.WafRegional.GeoMatchSet(\"geoMatchSet\", new Aws.WafRegional.GeoMatchSetArgs\n {\n GeoMatchConstraints = \n {\n new Aws.WafRegional.Inputs.GeoMatchSetGeoMatchConstraintArgs\n {\n Type = \"Country\",\n Value = \"US\",\n },\n new Aws.WafRegional.Inputs.GeoMatchSetGeoMatchConstraintArgs\n {\n Type = \"Country\",\n Value = \"CA\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafregional.NewGeoMatchSet(ctx, \"geoMatchSet\", \u0026wafregional.GeoMatchSetArgs{\n\t\t\tGeoMatchConstraints: wafregional.GeoMatchSetGeoMatchConstraintArray{\n\t\t\t\t\u0026wafregional.GeoMatchSetGeoMatchConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"Country\"),\n\t\t\t\t\tValue: pulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\t\u0026wafregional.GeoMatchSetGeoMatchConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"Country\"),\n\t\t\t\t\tValue: pulumi.String(\"CA\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The Geo Match Constraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the Geo Match Set.\n" } }, "required": [ "name" ], "inputProperties": { "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The Geo Match Constraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the Geo Match Set.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering GeoMatchSet resources.\n", "properties": { "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The Geo Match Constraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the Geo Match Set.\n" } }, "type": "object" } }, "aws:wafregional/ipSet:IpSet": { "description": "Provides a WAF Regional IPSet Resource for use with Application Load Balancer.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n ipSetDescriptors: [\n {\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n },\n {\n type: \"IPV4\",\n value: \"10.16.16.0/16\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\", ip_set_descriptors=[\n {\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n },\n {\n \"type\": \"IPV4\",\n \"value\": \"10.16.16.0/16\",\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new Aws.WafRegional.IpSetArgs\n {\n IpSetDescriptors = \n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"10.16.16.0/16\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"10.16.16.0/16\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF IPSet.\n" }, "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering IpSet resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF IPSet.\n" }, "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n" } }, "type": "object" } }, "aws:wafregional/rateBasedRule:RateBasedRule": { "description": "Provides a WAF Rate Based Rule Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.wafregional.RateBasedRule(\"wafrule\", {\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n rateKey: \"IP\",\n rateLimit: 100,\n}, { dependsOn: [ipset] });\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\", ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n}])\nwafrule = aws.wafregional.RateBasedRule(\"wafrule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"dataId\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }],\n rate_key=\"IP\",\n rate_limit=100)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new Aws.WafRegional.IpSetArgs\n {\n IpSetDescriptors = \n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n var wafrule = new Aws.WafRegional.RateBasedRule(\"wafrule\", new Aws.WafRegional.RateBasedRuleArgs\n {\n MetricName = \"tfWAFRule\",\n Predicates = \n {\n new Aws.WafRegional.Inputs.RateBasedRulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n RateKey = \"IP\",\n RateLimit = 100,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewRateBasedRule(ctx, \"wafrule\", \u0026wafregional.RateBasedRuleArgs{\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: wafregional.RateBasedRulePredicateArray{\n\t\t\t\t\u0026wafregional.RateBasedRulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRateKey: pulumi.String(\"IP\"),\n\t\t\tRateLimit: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF Regional Rate Based Rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "metricName", "name", "rateKey", "rateLimit" ], "inputProperties": { "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "metricName", "rateKey", "rateLimit" ], "stateInputs": { "description": "Input properties used for looking up and filtering RateBasedRule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF Regional Rate Based Rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:wafregional/regexMatchSet:RegexMatchSet": { "description": "Provides a WAF Regional Regex Match Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRegexPatternSet = new aws.wafregional.RegexPatternSet(\"example\", {\n regexPatternStrings: [\n \"one\",\n \"two\",\n ],\n});\nconst exampleRegexMatchSet = new aws.wafregional.RegexMatchSet(\"example\", {\n regexMatchTuples: [{\n fieldToMatch: {\n data: \"User-Agent\",\n type: \"HEADER\",\n },\n regexPatternSetId: exampleRegexPatternSet.id,\n textTransformation: \"NONE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_regex_pattern_set = aws.wafregional.RegexPatternSet(\"exampleRegexPatternSet\", regex_pattern_strings=[\n \"one\",\n \"two\",\n])\nexample_regex_match_set = aws.wafregional.RegexMatchSet(\"exampleRegexMatchSet\", regex_match_tuples=[{\n \"fieldToMatch\": {\n \"data\": \"User-Agent\",\n \"type\": \"HEADER\",\n },\n \"regexPatternSetId\": example_regex_pattern_set.id,\n \"textTransformation\": \"NONE\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleRegexPatternSet = new Aws.WafRegional.RegexPatternSet(\"exampleRegexPatternSet\", new Aws.WafRegional.RegexPatternSetArgs\n {\n RegexPatternStrings = \n {\n \"one\",\n \"two\",\n },\n });\n var exampleRegexMatchSet = new Aws.WafRegional.RegexMatchSet(\"exampleRegexMatchSet\", new Aws.WafRegional.RegexMatchSetArgs\n {\n RegexMatchTuples = \n {\n new Aws.WafRegional.Inputs.RegexMatchSetRegexMatchTupleArgs\n {\n FieldToMatch = new Aws.WafRegional.Inputs.RegexMatchSetRegexMatchTupleFieldToMatchArgs\n {\n Data = \"User-Agent\",\n Type = \"HEADER\",\n },\n RegexPatternSetId = exampleRegexPatternSet.Id,\n TextTransformation = \"NONE\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRegexPatternSet, err := wafregional.NewRegexPatternSet(ctx, \"exampleRegexPatternSet\", \u0026wafregional.RegexPatternSetArgs{\n\t\t\tRegexPatternStrings: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewRegexMatchSet(ctx, \"exampleRegexMatchSet\", \u0026wafregional.RegexMatchSetArgs{\n\t\t\tRegexMatchTuples: wafregional.RegexMatchSetRegexMatchTupleArray{\n\t\t\t\t\u0026wafregional.RegexMatchSetRegexMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026wafregional.RegexMatchSetRegexMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tData: pulumi.String(\"User-Agent\"),\n\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t},\n\t\t\t\t\tRegexPatternSetId: exampleRegexPatternSet.ID(),\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n" }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests,\nthe location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n" }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests,\nthe location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering RegexMatchSet resources.\n", "properties": { "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n" }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests,\nthe location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "type": "object" } }, "aws:wafregional/regexPatternSet:RegexPatternSet": { "description": "Provides a WAF Regional Regex Pattern Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafregional.RegexPatternSet(\"example\", {\n regexPatternStrings: [\n \"one\",\n \"two\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.RegexPatternSet(\"example\", regex_pattern_strings=[\n \"one\",\n \"two\",\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.WafRegional.RegexPatternSet(\"example\", new Aws.WafRegional.RegexPatternSetArgs\n {\n RegexPatternStrings = \n {\n \"one\",\n \"two\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafregional.NewRegexPatternSet(ctx, \"example\", \u0026wafregional.RegexPatternSetArgs{\n\t\t\tRegexPatternStrings: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n" }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n" }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering RegexPatternSet resources.\n", "properties": { "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n" }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "type": "object" } }, "aws:wafregional/rule:Rule": { "description": "Provides an WAF Regional Rule Resource for use with Application Load Balancer.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.wafregional.Rule(\"wafrule\", {\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\", ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n}])\nwafrule = aws.wafregional.Rule(\"wafrule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"dataId\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new Aws.WafRegional.IpSetArgs\n {\n IpSetDescriptors = \n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n var wafrule = new Aws.WafRegional.Rule(\"wafrule\", new Aws.WafRegional.RuleArgs\n {\n MetricName = \"tfWAFRule\",\n Predicates = \n {\n new Aws.WafRegional.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewRule(ctx, \"wafrule\", \u0026wafregional.RuleArgs{\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: wafregional.RulePredicateArray{\n\t\t\t\t\u0026wafregional.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Nested Fields\n\n### `predicate`\n\nSee the [WAF Documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_Predicate.html) for more information.\n\n#### Arguments\n\n* `type` - (Required) The type of predicate in a rule. Valid values: `ByteMatch`, `GeoMatch`, `IPMatch`, `RegexMatch`, `SizeConstraint`, `SqlInjectionMatch`, or `XssMatch`\n* `data_id` - (Required) The unique identifier of a predicate, such as the ID of a `ByteMatchSet` or `IPSet`.\n* `negated` - (Required) Whether to use the settings or the negated settings that you specified in the objects.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF Regional Rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "metricName", "name" ], "inputProperties": { "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Rule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF Regional Rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:wafregional/ruleGroup:RuleGroup": { "description": "Provides a WAF Regional Rule Group Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRule = new aws.wafregional.Rule(\"example\", {\n metricName: \"example\",\n});\nconst exampleRuleGroup = new aws.wafregional.RuleGroup(\"example\", {\n activatedRules: [{\n action: {\n type: \"COUNT\",\n },\n priority: 50,\n ruleId: exampleRule.id,\n }],\n metricName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_rule = aws.wafregional.Rule(\"exampleRule\", metric_name=\"example\")\nexample_rule_group = aws.wafregional.RuleGroup(\"exampleRuleGroup\",\n activated_rules=[{\n \"action\": {\n \"type\": \"COUNT\",\n },\n \"priority\": 50,\n \"rule_id\": example_rule.id,\n }],\n metric_name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleRule = new Aws.WafRegional.Rule(\"exampleRule\", new Aws.WafRegional.RuleArgs\n {\n MetricName = \"example\",\n });\n var exampleRuleGroup = new Aws.WafRegional.RuleGroup(\"exampleRuleGroup\", new Aws.WafRegional.RuleGroupArgs\n {\n ActivatedRules = \n {\n new Aws.WafRegional.Inputs.RuleGroupActivatedRuleArgs\n {\n Action = new Aws.WafRegional.Inputs.RuleGroupActivatedRuleActionArgs\n {\n Type = \"COUNT\",\n },\n Priority = 50,\n RuleId = exampleRule.Id,\n },\n },\n MetricName = \"example\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRule, err := wafregional.NewRule(ctx, \"exampleRule\", \u0026wafregional.RuleArgs{\n\t\t\tMetricName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewRuleGroup(ctx, \"exampleRuleGroup\", \u0026wafregional.RuleGroupArgs{\n\t\t\tActivatedRules: wafregional.RuleGroupActivatedRuleArray{\n\t\t\t\t\u0026wafregional.RuleGroupActivatedRuleArgs{\n\t\t\t\t\tAction: \u0026wafregional.RuleGroupActivatedRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"COUNT\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(50),\n\t\t\t\t\tRuleId: exampleRule.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tMetricName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "arn": { "type": "string", "description": "The ARN of the WAF Regional Rule Group.\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n" }, "name": { "type": "string", "description": "A friendly name of the rule group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "metricName", "name" ], "inputProperties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n" }, "name": { "type": "string", "description": "A friendly name of the rule group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering RuleGroup resources.\n", "properties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "arn": { "type": "string", "description": "The ARN of the WAF Regional Rule Group.\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n" }, "name": { "type": "string", "description": "A friendly name of the rule group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:wafregional/sizeConstraintSet:SizeConstraintSet": { "description": "Provides a WAF Regional Size Constraint Set Resource for use with Application Load Balancer.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sizeConstraintSet = new aws.wafregional.SizeConstraintSet(\"size_constraint_set\", {\n sizeConstraints: [{\n comparisonOperator: \"EQ\",\n fieldToMatch: {\n type: \"BODY\",\n },\n size: 4096,\n textTransformation: \"NONE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsize_constraint_set = aws.wafregional.SizeConstraintSet(\"sizeConstraintSet\", size_constraints=[{\n \"comparison_operator\": \"EQ\",\n \"fieldToMatch\": {\n \"type\": \"BODY\",\n },\n \"size\": \"4096\",\n \"textTransformation\": \"NONE\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var sizeConstraintSet = new Aws.WafRegional.SizeConstraintSet(\"sizeConstraintSet\", new Aws.WafRegional.SizeConstraintSetArgs\n {\n SizeConstraints = \n {\n new Aws.WafRegional.Inputs.SizeConstraintSetSizeConstraintArgs\n {\n ComparisonOperator = \"EQ\",\n FieldToMatch = new Aws.WafRegional.Inputs.SizeConstraintSetSizeConstraintFieldToMatchArgs\n {\n Type = \"BODY\",\n },\n Size = 4096,\n TextTransformation = \"NONE\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafregional.NewSizeConstraintSet(ctx, \"sizeConstraintSet\", \u0026wafregional.SizeConstraintSetArgs{\n\t\t\tSizeConstraints: wafregional.SizeConstraintSetSizeConstraintArray{\n\t\t\t\t\u0026wafregional.SizeConstraintSetSizeConstraintArgs{\n\t\t\t\t\tComparisonOperator: pulumi.String(\"EQ\"),\n\t\t\t\t\tFieldToMatch: \u0026wafregional.SizeConstraintSetSizeConstraintFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BODY\"),\n\t\t\t\t\t},\n\t\t\t\t\tSize: pulumi.Int(4096),\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string" }, "name": { "type": "string", "description": "The name or description of the Size Constraint Set.\n" }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Specifies the parts of web requests that you want to inspect the size of.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Size Constraint Set.\n" }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Specifies the parts of web requests that you want to inspect the size of.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SizeConstraintSet resources.\n", "properties": { "arn": { "type": "string" }, "name": { "type": "string", "description": "The name or description of the Size Constraint Set.\n" }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Specifies the parts of web requests that you want to inspect the size of.\n" } }, "type": "object" } }, "aws:wafregional/sqlInjectionMatchSet:SqlInjectionMatchSet": { "description": "Provides a WAF Regional SQL Injection Match Set Resource for use with Application Load Balancer.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sqlInjectionMatchSet = new aws.wafregional.SqlInjectionMatchSet(\"sql_injection_match_set\", {\n sqlInjectionMatchTuples: [{\n fieldToMatch: {\n type: \"QUERY_STRING\",\n },\n textTransformation: \"URL_DECODE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsql_injection_match_set = aws.wafregional.SqlInjectionMatchSet(\"sqlInjectionMatchSet\", sql_injection_match_tuples=[{\n \"fieldToMatch\": {\n \"type\": \"QUERY_STRING\",\n },\n \"textTransformation\": \"URL_DECODE\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var sqlInjectionMatchSet = new Aws.WafRegional.SqlInjectionMatchSet(\"sqlInjectionMatchSet\", new Aws.WafRegional.SqlInjectionMatchSetArgs\n {\n SqlInjectionMatchTuples = \n {\n new Aws.WafRegional.Inputs.SqlInjectionMatchSetSqlInjectionMatchTupleArgs\n {\n FieldToMatch = new Aws.WafRegional.Inputs.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs\n {\n Type = \"QUERY_STRING\",\n },\n TextTransformation = \"URL_DECODE\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafregional.NewSqlInjectionMatchSet(ctx, \"sqlInjectionMatchSet\", \u0026wafregional.SqlInjectionMatchSetArgs{\n\t\t\tSqlInjectionMatchTuples: wafregional.SqlInjectionMatchSetSqlInjectionMatchTupleArray{\n\t\t\t\t\u0026wafregional.SqlInjectionMatchSetSqlInjectionMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026wafregional.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"QUERY_STRING\"),\n\t\t\t\t\t},\n\t\t\t\t\tTextTransformation: pulumi.String(\"URL_DECODE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n" }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n" }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SqlInjectionMatchSet resources.\n", "properties": { "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n" }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "type": "object" } }, "aws:wafregional/webAcl:WebAcl": { "description": "Provides a WAF Regional Web ACL Resource for use with Application Load Balancer.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Regular Rule\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.wafregional.Rule(\"wafrule\", {\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n});\nconst wafacl = new aws.wafregional.WebAcl(\"wafacl\", {\n defaultAction: {\n type: \"ALLOW\",\n },\n metricName: \"tfWebACL\",\n rules: [{\n action: {\n type: \"BLOCK\",\n },\n priority: 1,\n ruleId: wafrule.id,\n type: \"REGULAR\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\", ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n}])\nwafrule = aws.wafregional.Rule(\"wafrule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"dataId\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }])\nwafacl = aws.wafregional.WebAcl(\"wafacl\",\n default_action={\n \"type\": \"ALLOW\",\n },\n metric_name=\"tfWebACL\",\n rules=[{\n \"action\": {\n \"type\": \"BLOCK\",\n },\n \"priority\": 1,\n \"rule_id\": wafrule.id,\n \"type\": \"REGULAR\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new Aws.WafRegional.IpSetArgs\n {\n IpSetDescriptors = \n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n var wafrule = new Aws.WafRegional.Rule(\"wafrule\", new Aws.WafRegional.RuleArgs\n {\n MetricName = \"tfWAFRule\",\n Predicates = \n {\n new Aws.WafRegional.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n var wafacl = new Aws.WafRegional.WebAcl(\"wafacl\", new Aws.WafRegional.WebAclArgs\n {\n DefaultAction = new Aws.WafRegional.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n MetricName = \"tfWebACL\",\n Rules = \n {\n new Aws.WafRegional.Inputs.WebAclRuleArgs\n {\n Action = new Aws.WafRegional.Inputs.WebAclRuleActionArgs\n {\n Type = \"BLOCK\",\n },\n Priority = 1,\n RuleId = wafrule.Id,\n Type = \"REGULAR\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twafrule, err := wafregional.NewRule(ctx, \"wafrule\", \u0026wafregional.RuleArgs{\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: wafregional.RulePredicateArray{\n\t\t\t\t\u0026wafregional.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewWebAcl(ctx, \"wafacl\", \u0026wafregional.WebAclArgs{\n\t\t\tDefaultAction: \u0026wafregional.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tMetricName: pulumi.String(\"tfWebACL\"),\n\t\t\tRules: wafregional.WebAclRuleArray{\n\t\t\t\t\u0026wafregional.WebAclRuleArgs{\n\t\t\t\t\tAction: \u0026wafregional.WebAclRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BLOCK\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: wafrule.ID(),\n\t\t\t\t\tType: pulumi.String(\"REGULAR\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Group Rule\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafregional.WebAcl(\"example\", {\n defaultAction: {\n type: \"ALLOW\",\n },\n metricName: \"example\",\n rules: [{\n overrideAction: {\n type: \"NONE\",\n },\n priority: 1,\n ruleId: aws_wafregional_rule_group_example.id,\n type: \"GROUP\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.WebAcl(\"example\",\n default_action={\n \"type\": \"ALLOW\",\n },\n metric_name=\"example\",\n rules=[{\n \"overrideAction\": {\n \"type\": \"NONE\",\n },\n \"priority\": 1,\n \"rule_id\": aws_wafregional_rule_group[\"example\"][\"id\"],\n \"type\": \"GROUP\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.WafRegional.WebAcl(\"example\", new Aws.WafRegional.WebAclArgs\n {\n DefaultAction = new Aws.WafRegional.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n MetricName = \"example\",\n Rules = \n {\n new Aws.WafRegional.Inputs.WebAclRuleArgs\n {\n OverrideAction = new Aws.WafRegional.Inputs.WebAclRuleOverrideActionArgs\n {\n Type = \"NONE\",\n },\n Priority = 1,\n RuleId = aws_wafregional_rule_group.Example.Id,\n Type = \"GROUP\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafregional.NewWebAcl(ctx, \"example\", \u0026wafregional.WebAclArgs{\n\t\t\tDefaultAction: \u0026wafregional.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tMetricName: pulumi.String(\"example\"),\n\t\t\tRules: wafregional.WebAclRuleArray{\n\t\t\t\t\u0026wafregional.WebAclRuleArgs{\n\t\t\t\t\tOverrideAction: \u0026wafregional.WebAclRuleOverrideActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"NONE\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: pulumi.String(aws_wafregional_rule_group.Example.Id),\n\t\t\t\t\tType: pulumi.String(\"GROUP\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Logging\n\n\u003e *NOTE:* The Kinesis Firehose Delivery Stream name must begin with `aws-waf-logs-`. See the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) for more information about enabling WAF logging.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafregional.WebAcl(\"example\", {\n loggingConfiguration: {\n logDestination: aws_kinesis_firehose_delivery_stream_example.arn,\n redactedFields: {\n fieldToMatches: [\n {\n type: \"URI\",\n },\n {\n data: \"referer\",\n type: \"HEADER\",\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.WebAcl(\"example\", logging_configuration={\n \"log_destination\": aws_kinesis_firehose_delivery_stream[\"example\"][\"arn\"],\n \"redactedFields\": {\n \"fieldToMatch\": [\n {\n \"type\": \"URI\",\n },\n {\n \"data\": \"referer\",\n \"type\": \"HEADER\",\n },\n ],\n },\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.WafRegional.WebAcl(\"example\", new Aws.WafRegional.WebAclArgs\n {\n LoggingConfiguration = new Aws.WafRegional.Inputs.WebAclLoggingConfigurationArgs\n {\n LogDestination = aws_kinesis_firehose_delivery_stream.Example.Arn,\n RedactedFields = new Aws.WafRegional.Inputs.WebAclLoggingConfigurationRedactedFieldsArgs\n {\n FieldToMatch = \n {\n \n {\n { \"type\", \"URI\" },\n },\n \n {\n { \"data\", \"referer\" },\n { \"type\", \"HEADER\" },\n },\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafregional.NewWebAcl(ctx, \"example\", \u0026wafregional.WebAclArgs{\n\t\t\tLoggingConfiguration: \u0026wafregional.WebAclLoggingConfigurationArgs{\n\t\t\t\tLogDestination: pulumi.String(aws_kinesis_firehose_delivery_stream.Example.Arn),\n\t\t\t\tRedactedFields: \u0026wafregional.WebAclLoggingConfigurationRedactedFieldsArgs{\n\t\t\t\t\tFieldToMatch: pulumi.Array{\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"URI\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpulumi.Map{\n\t\t\t\t\t\t\t\"data\": pulumi.String(\"referer\"),\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"HEADER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the WAF Regional WebACL.\n" }, "defaultAction": { "$ref": "#/types/aws:wafregional/WebAclDefaultAction:WebAclDefaultAction", "description": "The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:wafregional/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n" }, "name": { "type": "string", "description": "The name or description of the web ACL.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/WebAclRule:WebAclRule" }, "description": "Set of configuration blocks containing rules for the web ACL. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "required": [ "arn", "defaultAction", "metricName", "name" ], "inputProperties": { "defaultAction": { "$ref": "#/types/aws:wafregional/WebAclDefaultAction:WebAclDefaultAction", "description": "The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:wafregional/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n" }, "name": { "type": "string", "description": "The name or description of the web ACL.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/WebAclRule:WebAclRule" }, "description": "Set of configuration blocks containing rules for the web ACL. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "requiredInputs": [ "defaultAction", "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebAcl resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the WAF Regional WebACL.\n" }, "defaultAction": { "$ref": "#/types/aws:wafregional/WebAclDefaultAction:WebAclDefaultAction", "description": "The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:wafregional/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n" }, "name": { "type": "string", "description": "The name or description of the web ACL.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/WebAclRule:WebAclRule" }, "description": "Set of configuration blocks containing rules for the web ACL. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object" } }, "aws:wafregional/webAclAssociation:WebAclAssociation": { "description": "Manages an association with WAF Regional Web ACL.\n\n\u003e **Note:** An Application Load Balancer can only be associated with one WAF Regional WebACL.\n\n## Application Load Balancer Association Example\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst fooRule = new aws.wafregional.Rule(\"foo\", {\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n});\nconst fooWebAcl = new aws.wafregional.WebAcl(\"foo\", {\n defaultAction: {\n type: \"ALLOW\",\n },\n metricName: \"foo\",\n rules: [{\n action: {\n type: \"BLOCK\",\n },\n priority: 1,\n ruleId: fooRule.id,\n }],\n});\nconst fooVpc = new aws.ec2.Vpc(\"foo\", {\n cidrBlock: \"10.1.0.0/16\",\n});\nconst available = pulumi.output(aws.getAvailabilityZones({ async: true }));\nconst fooSubnet = new aws.ec2.Subnet(\"foo\", {\n availabilityZone: available.apply(available =\u003e available.names[0]),\n cidrBlock: \"10.1.1.0/24\",\n vpcId: fooVpc.id,\n});\nconst bar = new aws.ec2.Subnet(\"bar\", {\n availabilityZone: available.apply(available =\u003e available.names[1]),\n cidrBlock: \"10.1.2.0/24\",\n vpcId: fooVpc.id,\n});\nconst fooLoadBalancer = new aws.alb.LoadBalancer(\"foo\", {\n internal: true,\n subnets: [\n fooSubnet.id,\n bar.id,\n ],\n});\nconst fooWebAclAssociation = new aws.wafregional.WebAclAssociation(\"foo\", {\n resourceArn: fooLoadBalancer.arn,\n webAclId: fooWebAcl.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\", ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n}])\nfoo_rule = aws.wafregional.Rule(\"fooRule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"dataId\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }])\nfoo_web_acl = aws.wafregional.WebAcl(\"fooWebAcl\",\n default_action={\n \"type\": \"ALLOW\",\n },\n metric_name=\"foo\",\n rules=[{\n \"action\": {\n \"type\": \"BLOCK\",\n },\n \"priority\": 1,\n \"rule_id\": foo_rule.id,\n }])\nfoo_vpc = aws.ec2.Vpc(\"fooVpc\", cidr_block=\"10.1.0.0/16\")\navailable = aws.get_availability_zones()\nfoo_subnet = aws.ec2.Subnet(\"fooSubnet\",\n availability_zone=available.names[0],\n cidr_block=\"10.1.1.0/24\",\n vpc_id=foo_vpc.id)\nbar = aws.ec2.Subnet(\"bar\",\n availability_zone=available.names[1],\n cidr_block=\"10.1.2.0/24\",\n vpc_id=foo_vpc.id)\nfoo_load_balancer = aws.alb.LoadBalancer(\"fooLoadBalancer\",\n internal=True,\n subnets=[\n foo_subnet.id,\n bar.id,\n ])\nfoo_web_acl_association = aws.wafregional.WebAclAssociation(\"fooWebAclAssociation\",\n resource_arn=foo_load_balancer.arn,\n web_acl_id=foo_web_acl.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new Aws.WafRegional.IpSetArgs\n {\n IpSetDescriptors = \n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n var fooRule = new Aws.WafRegional.Rule(\"fooRule\", new Aws.WafRegional.RuleArgs\n {\n MetricName = \"tfWAFRule\",\n Predicates = \n {\n new Aws.WafRegional.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n var fooWebAcl = new Aws.WafRegional.WebAcl(\"fooWebAcl\", new Aws.WafRegional.WebAclArgs\n {\n DefaultAction = new Aws.WafRegional.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n MetricName = \"foo\",\n Rules = \n {\n new Aws.WafRegional.Inputs.WebAclRuleArgs\n {\n Action = new Aws.WafRegional.Inputs.WebAclRuleActionArgs\n {\n Type = \"BLOCK\",\n },\n Priority = 1,\n RuleId = fooRule.Id,\n },\n },\n });\n var fooVpc = new Aws.Ec2.Vpc(\"fooVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n var available = Output.Create(Aws.GetAvailabilityZones.InvokeAsync());\n var fooSubnet = new Aws.Ec2.Subnet(\"fooSubnet\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = available.Apply(available =\u003e available.Names[0]),\n CidrBlock = \"10.1.1.0/24\",\n VpcId = fooVpc.Id,\n });\n var bar = new Aws.Ec2.Subnet(\"bar\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = available.Apply(available =\u003e available.Names[1]),\n CidrBlock = \"10.1.2.0/24\",\n VpcId = fooVpc.Id,\n });\n var fooLoadBalancer = new Aws.Alb.LoadBalancer(\"fooLoadBalancer\", new Aws.Alb.LoadBalancerArgs\n {\n Internal = true,\n Subnets = \n {\n fooSubnet.Id,\n bar.Id,\n },\n });\n var fooWebAclAssociation = new Aws.WafRegional.WebAclAssociation(\"fooWebAclAssociation\", new Aws.WafRegional.WebAclAssociationArgs\n {\n ResourceArn = fooLoadBalancer.Arn,\n WebAclId = fooWebAcl.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/alb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooRule, err := wafregional.NewRule(ctx, \"fooRule\", \u0026wafregional.RuleArgs{\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: wafregional.RulePredicateArray{\n\t\t\t\t\u0026wafregional.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooWebAcl, err := wafregional.NewWebAcl(ctx, \"fooWebAcl\", \u0026wafregional.WebAclArgs{\n\t\t\tDefaultAction: \u0026wafregional.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tMetricName: pulumi.String(\"foo\"),\n\t\t\tRules: wafregional.WebAclRuleArray{\n\t\t\t\t\u0026wafregional.WebAclRuleArgs{\n\t\t\t\t\tAction: \u0026wafregional.WebAclRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BLOCK\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: fooRule.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooVpc, err := ec2.NewVpc(ctx, \"fooVpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooSubnet, err := ec2.NewSubnet(ctx, \"fooSubnet\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t\tCidrBlock: pulumi.String(\"10.1.1.0/24\"),\n\t\t\tVpcId: fooVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewSubnet(ctx, \"bar\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(available.Names[1]),\n\t\t\tCidrBlock: pulumi.String(\"10.1.2.0/24\"),\n\t\t\tVpcId: fooVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooLoadBalancer, err := alb.NewLoadBalancer(ctx, \"fooLoadBalancer\", \u0026alb.LoadBalancerArgs{\n\t\t\tInternal: pulumi.Bool(true),\n\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\tfooSubnet.ID(),\n\t\t\t\tbar.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewWebAclAssociation(ctx, \"fooWebAclAssociation\", \u0026wafregional.WebAclAssociationArgs{\n\t\t\tResourceArn: fooLoadBalancer.Arn,\n\t\t\tWebAclId: fooWebAcl.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n## API Gateway Association Example\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst fooRule = new aws.wafregional.Rule(\"foo\", {\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n});\nconst fooWebAcl = new aws.wafregional.WebAcl(\"foo\", {\n defaultAction: {\n type: \"ALLOW\",\n },\n metricName: \"foo\",\n rules: [{\n action: {\n type: \"BLOCK\",\n },\n priority: 1,\n ruleId: fooRule.id,\n }],\n});\nconst testRestApi = new aws.apigateway.RestApi(\"test\", {});\nconst testResource = new aws.apigateway.Resource(\"test\", {\n parentId: testRestApi.rootResourceId,\n pathPart: \"test\",\n restApi: testRestApi.id,\n});\nconst testMethod = new aws.apigateway.Method(\"test\", {\n authorization: \"NONE\",\n httpMethod: \"GET\",\n resourceId: testResource.id,\n restApi: testRestApi.id,\n});\nconst testMethodResponse = new aws.apigateway.MethodResponse(\"test\", {\n httpMethod: testMethod.httpMethod,\n resourceId: testResource.id,\n restApi: testRestApi.id,\n statusCode: \"400\",\n});\nconst testIntegration = new aws.apigateway.Integration(\"test\", {\n httpMethod: testMethod.httpMethod,\n integrationHttpMethod: \"GET\",\n resourceId: testResource.id,\n restApi: testRestApi.id,\n type: \"HTTP\",\n uri: \"http://www.example.com\",\n});\nconst testIntegrationResponse = new aws.apigateway.IntegrationResponse(\"test\", {\n httpMethod: testIntegration.httpMethod,\n resourceId: testResource.id,\n restApi: testRestApi.id,\n statusCode: testMethodResponse.statusCode,\n});\nconst testDeployment = new aws.apigateway.Deployment(\"test\", {\n restApi: testRestApi.id,\n}, { dependsOn: [testIntegrationResponse] });\nconst testStage = new aws.apigateway.Stage(\"test\", {\n deployment: testDeployment.id,\n restApi: testRestApi.id,\n stageName: \"test\",\n});\nconst association = new aws.wafregional.WebAclAssociation(\"association\", {\n resourceArn: testStage.arn,\n webAclId: fooWebAcl.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\", ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n}])\nfoo_rule = aws.wafregional.Rule(\"fooRule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"dataId\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }])\nfoo_web_acl = aws.wafregional.WebAcl(\"fooWebAcl\",\n default_action={\n \"type\": \"ALLOW\",\n },\n metric_name=\"foo\",\n rules=[{\n \"action\": {\n \"type\": \"BLOCK\",\n },\n \"priority\": 1,\n \"rule_id\": foo_rule.id,\n }])\ntest_rest_api = aws.apigateway.RestApi(\"testRestApi\")\ntest_resource = aws.apigateway.Resource(\"testResource\",\n parent_id=test_rest_api.root_resource_id,\n path_part=\"test\",\n rest_api=test_rest_api.id)\ntest_method = aws.apigateway.Method(\"testMethod\",\n authorization=\"NONE\",\n http_method=\"GET\",\n resource_id=test_resource.id,\n rest_api=test_rest_api.id)\ntest_method_response = aws.apigateway.MethodResponse(\"testMethodResponse\",\n http_method=test_method.http_method,\n resource_id=test_resource.id,\n rest_api=test_rest_api.id,\n status_code=\"400\")\ntest_integration = aws.apigateway.Integration(\"testIntegration\",\n http_method=test_method.http_method,\n integration_http_method=\"GET\",\n resource_id=test_resource.id,\n rest_api=test_rest_api.id,\n type=\"HTTP\",\n uri=\"http://www.example.com\")\ntest_integration_response = aws.apigateway.IntegrationResponse(\"testIntegrationResponse\",\n http_method=test_integration.http_method,\n resource_id=test_resource.id,\n rest_api=test_rest_api.id,\n status_code=test_method_response.status_code)\ntest_deployment = aws.apigateway.Deployment(\"testDeployment\", rest_api=test_rest_api.id)\ntest_stage = aws.apigateway.Stage(\"testStage\",\n deployment=test_deployment.id,\n rest_api=test_rest_api.id,\n stage_name=\"test\")\nassociation = aws.wafregional.WebAclAssociation(\"association\",\n resource_arn=test_stage.arn,\n web_acl_id=foo_web_acl.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new Aws.WafRegional.IpSetArgs\n {\n IpSetDescriptors = \n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n var fooRule = new Aws.WafRegional.Rule(\"fooRule\", new Aws.WafRegional.RuleArgs\n {\n MetricName = \"tfWAFRule\",\n Predicates = \n {\n new Aws.WafRegional.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n var fooWebAcl = new Aws.WafRegional.WebAcl(\"fooWebAcl\", new Aws.WafRegional.WebAclArgs\n {\n DefaultAction = new Aws.WafRegional.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n MetricName = \"foo\",\n Rules = \n {\n new Aws.WafRegional.Inputs.WebAclRuleArgs\n {\n Action = new Aws.WafRegional.Inputs.WebAclRuleActionArgs\n {\n Type = \"BLOCK\",\n },\n Priority = 1,\n RuleId = fooRule.Id,\n },\n },\n });\n var testRestApi = new Aws.ApiGateway.RestApi(\"testRestApi\", new Aws.ApiGateway.RestApiArgs\n {\n });\n var testResource = new Aws.ApiGateway.Resource(\"testResource\", new Aws.ApiGateway.ResourceArgs\n {\n ParentId = testRestApi.RootResourceId,\n PathPart = \"test\",\n RestApi = testRestApi.Id,\n });\n var testMethod = new Aws.ApiGateway.Method(\"testMethod\", new Aws.ApiGateway.MethodArgs\n {\n Authorization = \"NONE\",\n HttpMethod = \"GET\",\n ResourceId = testResource.Id,\n RestApi = testRestApi.Id,\n });\n var testMethodResponse = new Aws.ApiGateway.MethodResponse(\"testMethodResponse\", new Aws.ApiGateway.MethodResponseArgs\n {\n HttpMethod = testMethod.HttpMethod,\n ResourceId = testResource.Id,\n RestApi = testRestApi.Id,\n StatusCode = \"400\",\n });\n var testIntegration = new Aws.ApiGateway.Integration(\"testIntegration\", new Aws.ApiGateway.IntegrationArgs\n {\n HttpMethod = testMethod.HttpMethod,\n IntegrationHttpMethod = \"GET\",\n ResourceId = testResource.Id,\n RestApi = testRestApi.Id,\n Type = \"HTTP\",\n Uri = \"http://www.example.com\",\n });\n var testIntegrationResponse = new Aws.ApiGateway.IntegrationResponse(\"testIntegrationResponse\", new Aws.ApiGateway.IntegrationResponseArgs\n {\n HttpMethod = testIntegration.HttpMethod,\n ResourceId = testResource.Id,\n RestApi = testRestApi.Id,\n StatusCode = testMethodResponse.StatusCode,\n });\n var testDeployment = new Aws.ApiGateway.Deployment(\"testDeployment\", new Aws.ApiGateway.DeploymentArgs\n {\n RestApi = testRestApi.Id,\n });\n var testStage = new Aws.ApiGateway.Stage(\"testStage\", new Aws.ApiGateway.StageArgs\n {\n Deployment = testDeployment.Id,\n RestApi = testRestApi.Id,\n StageName = \"test\",\n });\n var association = new Aws.WafRegional.WebAclAssociation(\"association\", new Aws.WafRegional.WebAclAssociationArgs\n {\n ResourceArn = testStage.Arn,\n WebAclId = fooWebAcl.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooRule, err := wafregional.NewRule(ctx, \"fooRule\", \u0026wafregional.RuleArgs{\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: wafregional.RulePredicateArray{\n\t\t\t\t\u0026wafregional.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooWebAcl, err := wafregional.NewWebAcl(ctx, \"fooWebAcl\", \u0026wafregional.WebAclArgs{\n\t\t\tDefaultAction: \u0026wafregional.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tMetricName: pulumi.String(\"foo\"),\n\t\t\tRules: wafregional.WebAclRuleArray{\n\t\t\t\t\u0026wafregional.WebAclRuleArgs{\n\t\t\t\t\tAction: \u0026wafregional.WebAclRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BLOCK\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: fooRule.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRestApi, err := apigateway.NewRestApi(ctx, \"testRestApi\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestResource, err := apigateway.NewResource(ctx, \"testResource\", \u0026apigateway.ResourceArgs{\n\t\t\tParentId: testRestApi.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"test\"),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestMethod, err := apigateway.NewMethod(ctx, \"testMethod\", \u0026apigateway.MethodArgs{\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tResourceId: testResource.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestMethodResponse, err := apigateway.NewMethodResponse(ctx, \"testMethodResponse\", \u0026apigateway.MethodResponseArgs{\n\t\t\tHttpMethod: testMethod.HttpMethod,\n\t\t\tResourceId: testResource.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tStatusCode: pulumi.String(\"400\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestIntegration, err := apigateway.NewIntegration(ctx, \"testIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tHttpMethod: testMethod.HttpMethod,\n\t\t\tIntegrationHttpMethod: pulumi.String(\"GET\"),\n\t\t\tResourceId: testResource.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tType: pulumi.String(\"HTTP\"),\n\t\t\tUri: pulumi.String(\"http://www.example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegrationResponse(ctx, \"testIntegrationResponse\", \u0026apigateway.IntegrationResponseArgs{\n\t\t\tHttpMethod: testIntegration.HttpMethod,\n\t\t\tResourceId: testResource.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tStatusCode: testMethodResponse.StatusCode,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestDeployment, err := apigateway.NewDeployment(ctx, \"testDeployment\", \u0026apigateway.DeploymentArgs{\n\t\t\tRestApi: testRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStage, err := apigateway.NewStage(ctx, \"testStage\", \u0026apigateway.StageArgs{\n\t\t\tDeployment: testDeployment.ID(),\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tStageName: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewWebAclAssociation(ctx, \"association\", \u0026wafregional.WebAclAssociationArgs{\n\t\t\tResourceArn: testStage.Arn,\n\t\t\tWebAclId: fooWebAcl.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "properties": { "resourceArn": { "type": "string", "description": "ARN of the resource to associate with. For example, an Application Load Balancer or API Gateway Stage.\n" }, "webAclId": { "type": "string", "description": "The ID of the WAF Regional WebACL to create an association.\n" } }, "required": [ "resourceArn", "webAclId" ], "inputProperties": { "resourceArn": { "type": "string", "description": "ARN of the resource to associate with. For example, an Application Load Balancer or API Gateway Stage.\n" }, "webAclId": { "type": "string", "description": "The ID of the WAF Regional WebACL to create an association.\n" } }, "requiredInputs": [ "resourceArn", "webAclId" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebAclAssociation resources.\n", "properties": { "resourceArn": { "type": "string", "description": "ARN of the resource to associate with. For example, an Application Load Balancer or API Gateway Stage.\n" }, "webAclId": { "type": "string", "description": "The ID of the WAF Regional WebACL to create an association.\n" } }, "type": "object" } }, "aws:wafregional/xssMatchSet:XssMatchSet": { "description": "Provides a WAF Regional XSS Match Set Resource for use with Application Load Balancer.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst xssMatchSet = new aws.wafregional.XssMatchSet(\"xss_match_set\", {\n xssMatchTuples: [\n {\n fieldToMatch: {\n type: \"URI\",\n },\n textTransformation: \"NONE\",\n },\n {\n fieldToMatch: {\n type: \"QUERY_STRING\",\n },\n textTransformation: \"NONE\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nxss_match_set = aws.wafregional.XssMatchSet(\"xssMatchSet\", xss_match_tuples=[\n {\n \"fieldToMatch\": {\n \"type\": \"URI\",\n },\n \"textTransformation\": \"NONE\",\n },\n {\n \"fieldToMatch\": {\n \"type\": \"QUERY_STRING\",\n },\n \"textTransformation\": \"NONE\",\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var xssMatchSet = new Aws.WafRegional.XssMatchSet(\"xssMatchSet\", new Aws.WafRegional.XssMatchSetArgs\n {\n XssMatchTuples = \n {\n new Aws.WafRegional.Inputs.XssMatchSetXssMatchTupleArgs\n {\n FieldToMatch = new Aws.WafRegional.Inputs.XssMatchSetXssMatchTupleFieldToMatchArgs\n {\n Type = \"URI\",\n },\n TextTransformation = \"NONE\",\n },\n new Aws.WafRegional.Inputs.XssMatchSetXssMatchTupleArgs\n {\n FieldToMatch = new Aws.WafRegional.Inputs.XssMatchSetXssMatchTupleFieldToMatchArgs\n {\n Type = \"QUERY_STRING\",\n },\n TextTransformation = \"NONE\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafregional.NewXssMatchSet(ctx, \"xssMatchSet\", \u0026wafregional.XssMatchSetArgs{\n\t\t\tXssMatchTuples: wafregional.XssMatchSetXssMatchTupleArray{\n\t\t\t\t\u0026wafregional.XssMatchSetXssMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026wafregional.XssMatchSetXssMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"URI\"),\n\t\t\t\t\t},\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t\t\u0026wafregional.XssMatchSetXssMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026wafregional.XssMatchSetXssMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"QUERY_STRING\"),\n\t\t\t\t\t},\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name of the set\n" }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the set\n" }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering XssMatchSet resources.\n", "properties": { "name": { "type": "string", "description": "The name of the set\n" }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "type": "object" } }, "aws:wafv2/ipSet:IpSet": { "description": "Provides a WAFv2 IP Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafv2.IpSet(\"example\", {\n addresses: [\n \"1.2.3.4/32\",\n \"5.6.7.8/32\",\n ],\n description: \"Example IP set\",\n ipAddressVersion: \"IPV4\",\n scope: \"REGIONAL\",\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.IpSet(\"example\",\n addresses=[\n \"1.2.3.4/32\",\n \"5.6.7.8/32\",\n ],\n description=\"Example IP set\",\n ip_address_version=\"IPV4\",\n scope=\"REGIONAL\",\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.WafV2.IpSet(\"example\", new Aws.WafV2.IpSetArgs\n {\n Addresses = \n {\n \"1.2.3.4/32\",\n \"5.6.7.8/32\",\n },\n Description = \"Example IP set\",\n IpAddressVersion = \"IPV4\",\n Scope = \"REGIONAL\",\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafv2.NewIpSet(ctx, \"example\", \u0026wafv2.IpSetArgs{\n\t\t\tAddresses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"1.2.3.4/32\"),\n\t\t\t\tpulumi.String(\"5.6.7.8/32\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"Example IP set\"),\n\t\t\tIpAddressVersion: pulumi.String(\"IPV4\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "Contains an array of strings that specify one or more IP addresses or blocks of IP addresses in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all address ranges for IP versions IPv4 and IPv6.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the cluster.\n" }, "description": { "type": "string", "description": "A friendly description of the IP set.\n" }, "ipAddressVersion": { "type": "string", "description": "Specify IPV4 or IPV6. Valid values are `IPV4` or `IPV6`.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "A friendly name of the IP set.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource.\n" } }, "required": [ "arn", "ipAddressVersion", "lockToken", "name", "scope" ], "inputProperties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "Contains an array of strings that specify one or more IP addresses or blocks of IP addresses in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all address ranges for IP versions IPv4 and IPv6.\n" }, "description": { "type": "string", "description": "A friendly description of the IP set.\n" }, "ipAddressVersion": { "type": "string", "description": "Specify IPV4 or IPV6. Valid values are `IPV4` or `IPV6`.\n" }, "name": { "type": "string", "description": "A friendly name of the IP set.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource.\n" } }, "requiredInputs": [ "ipAddressVersion", "scope" ], "stateInputs": { "description": "Input properties used for looking up and filtering IpSet resources.\n", "properties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "Contains an array of strings that specify one or more IP addresses or blocks of IP addresses in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all address ranges for IP versions IPv4 and IPv6.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the cluster.\n" }, "description": { "type": "string", "description": "A friendly description of the IP set.\n" }, "ipAddressVersion": { "type": "string", "description": "Specify IPV4 or IPV6. Valid values are `IPV4` or `IPV6`.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "A friendly name of the IP set.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource.\n" } }, "type": "object" } }, "aws:wafv2/regexPatternSet:RegexPatternSet": { "description": "Provides an AWS WAFv2 Regex Pattern Set Resource\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafv2.RegexPatternSet(\"example\", {\n description: \"Example regex pattern set\",\n regularExpressions: [\n {\n regexString: \"one\",\n },\n {\n regexString: \"two\",\n },\n ],\n scope: \"REGIONAL\",\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.RegexPatternSet(\"example\",\n description=\"Example regex pattern set\",\n regular_expressions=[\n {\n \"regexString\": \"one\",\n },\n {\n \"regexString\": \"two\",\n },\n ],\n scope=\"REGIONAL\",\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.WafV2.RegexPatternSet(\"example\", new Aws.WafV2.RegexPatternSetArgs\n {\n Description = \"Example regex pattern set\",\n RegularExpressions = \n {\n new Aws.WafV2.Inputs.RegexPatternSetRegularExpressionArgs\n {\n RegexString = \"one\",\n },\n new Aws.WafV2.Inputs.RegexPatternSetRegularExpressionArgs\n {\n RegexString = \"two\",\n },\n },\n Scope = \"REGIONAL\",\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = wafv2.NewRegexPatternSet(ctx, \"example\", \u0026wafv2.RegexPatternSetArgs{\n\t\t\tDescription: pulumi.String(\"Example regex pattern set\"),\n\t\t\tRegularExpressions: wafv2.RegexPatternSetRegularExpressionArray{\n\t\t\t\t\u0026wafv2.RegexPatternSetRegularExpressionArgs{\n\t\t\t\t\tRegexString: pulumi.String(\"one\"),\n\t\t\t\t},\n\t\t\t\t\u0026wafv2.RegexPatternSetRegularExpressionArgs{\n\t\t\t\t\tRegexString: pulumi.String(\"two\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the cluster.\n" }, "description": { "type": "string", "description": "A friendly description of the regular expression pattern set.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "A friendly name of the regular expression pattern set.\n" }, "regularExpressions": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RegexPatternSetRegularExpression:RegexPatternSetRegularExpression" }, "description": "One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. See Regular Expression below for details.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource.\n" } }, "required": [ "arn", "lockToken", "name", "scope" ], "inputProperties": { "description": { "type": "string", "description": "A friendly description of the regular expression pattern set.\n" }, "name": { "type": "string", "description": "A friendly name of the regular expression pattern set.\n" }, "regularExpressions": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RegexPatternSetRegularExpression:RegexPatternSetRegularExpression" }, "description": "One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. See Regular Expression below for details.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource.\n" } }, "requiredInputs": [ "scope" ], "stateInputs": { "description": "Input properties used for looking up and filtering RegexPatternSet resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the cluster.\n" }, "description": { "type": "string", "description": "A friendly description of the regular expression pattern set.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "A friendly name of the regular expression pattern set.\n" }, "regularExpressions": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RegexPatternSetRegularExpression:RegexPatternSetRegularExpression" }, "description": "One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. See Regular Expression below for details.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource.\n" } }, "type": "object" } }, "aws:wafv2/webAclAssociation:WebAclAssociation": { "description": "Creates a WAFv2 Web ACL Association.\n", "properties": { "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL. This must be an ARN of an Application Load Balancer or an Amazon API Gateway stage.\n" }, "webAclArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Web ACL that you want to associate with the resource.\n" } }, "required": [ "resourceArn", "webAclArn" ], "inputProperties": { "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL. This must be an ARN of an Application Load Balancer or an Amazon API Gateway stage.\n" }, "webAclArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Web ACL that you want to associate with the resource.\n" } }, "requiredInputs": [ "resourceArn", "webAclArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebAclAssociation resources.\n", "properties": { "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL. This must be an ARN of an Application Load Balancer or an Amazon API Gateway stage.\n" }, "webAclArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Web ACL that you want to associate with the resource.\n" } }, "type": "object" } }, "aws:worklink/fleet:Fleet": { "properties": { "arn": { "type": "string", "description": "The ARN of the created WorkLink Fleet.\n" }, "auditStreamArn": { "type": "string", "description": "The ARN of the Amazon Kinesis data stream that receives the audit events.\n" }, "companyCode": { "type": "string", "description": "The identifier used by users to sign in to the Amazon WorkLink app.\n" }, "createdTime": { "type": "string", "description": "The time that the fleet was created.\n" }, "deviceCaCertificate": { "type": "string", "description": "The certificate chain, including intermediate certificates and the root certificate authority certificate used to issue device certificates.\n" }, "displayName": { "type": "string", "description": "The name of the fleet.\n" }, "identityProvider": { "$ref": "#/types/aws:worklink/FleetIdentityProvider:FleetIdentityProvider", "description": "Provide this to allow manage the identity provider configuration for the fleet. Fields documented below.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the fleet was last updated.\n" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "network": { "$ref": "#/types/aws:worklink/FleetNetwork:FleetNetwork", "description": "Provide this to allow manage the company network configuration for the fleet. Fields documented below.\n" }, "optimizeForEndUserLocation": { "type": "boolean", "description": "The option to optimize for better performance by routing traffic through the closest AWS Region to users, which may be outside of your home Region. Defaults to `true`.\n" } }, "required": [ "arn", "companyCode", "createdTime", "lastUpdatedTime", "name" ], "inputProperties": { "auditStreamArn": { "type": "string", "description": "The ARN of the Amazon Kinesis data stream that receives the audit events.\n" }, "deviceCaCertificate": { "type": "string", "description": "The certificate chain, including intermediate certificates and the root certificate authority certificate used to issue device certificates.\n" }, "displayName": { "type": "string", "description": "The name of the fleet.\n" }, "identityProvider": { "$ref": "#/types/aws:worklink/FleetIdentityProvider:FleetIdentityProvider", "description": "Provide this to allow manage the identity provider configuration for the fleet. Fields documented below.\n" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "network": { "$ref": "#/types/aws:worklink/FleetNetwork:FleetNetwork", "description": "Provide this to allow manage the company network configuration for the fleet. Fields documented below.\n" }, "optimizeForEndUserLocation": { "type": "boolean", "description": "The option to optimize for better performance by routing traffic through the closest AWS Region to users, which may be outside of your home Region. Defaults to `true`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Fleet resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the created WorkLink Fleet.\n" }, "auditStreamArn": { "type": "string", "description": "The ARN of the Amazon Kinesis data stream that receives the audit events.\n" }, "companyCode": { "type": "string", "description": "The identifier used by users to sign in to the Amazon WorkLink app.\n" }, "createdTime": { "type": "string", "description": "The time that the fleet was created.\n" }, "deviceCaCertificate": { "type": "string", "description": "The certificate chain, including intermediate certificates and the root certificate authority certificate used to issue device certificates.\n" }, "displayName": { "type": "string", "description": "The name of the fleet.\n" }, "identityProvider": { "$ref": "#/types/aws:worklink/FleetIdentityProvider:FleetIdentityProvider", "description": "Provide this to allow manage the identity provider configuration for the fleet. Fields documented below.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the fleet was last updated.\n" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "network": { "$ref": "#/types/aws:worklink/FleetNetwork:FleetNetwork", "description": "Provide this to allow manage the company network configuration for the fleet. Fields documented below.\n" }, "optimizeForEndUserLocation": { "type": "boolean", "description": "The option to optimize for better performance by routing traffic through the closest AWS Region to users, which may be outside of your home Region. Defaults to `true`.\n" } }, "type": "object" } }, "aws:worklink/websiteCertificateAuthorityAssociation:WebsiteCertificateAuthorityAssociation": { "properties": { "certificate": { "type": "string", "description": "The root certificate of the Certificate Authority.\n" }, "displayName": { "type": "string", "description": "The certificate name to display.\n" }, "fleetArn": { "type": "string", "description": "The ARN of the fleet.\n" }, "websiteCaId": { "type": "string", "description": "A unique identifier for the Certificate Authority.\n" } }, "required": [ "certificate", "fleetArn", "websiteCaId" ], "inputProperties": { "certificate": { "type": "string", "description": "The root certificate of the Certificate Authority.\n" }, "displayName": { "type": "string", "description": "The certificate name to display.\n" }, "fleetArn": { "type": "string", "description": "The ARN of the fleet.\n" } }, "requiredInputs": [ "certificate", "fleetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebsiteCertificateAuthorityAssociation resources.\n", "properties": { "certificate": { "type": "string", "description": "The root certificate of the Certificate Authority.\n" }, "displayName": { "type": "string", "description": "The certificate name to display.\n" }, "fleetArn": { "type": "string", "description": "The ARN of the fleet.\n" }, "websiteCaId": { "type": "string", "description": "A unique identifier for the Certificate Authority.\n" } }, "type": "object" } }, "aws:workspaces/directory:Directory": { "description": "Provides a directory registration in AWS WorkSpaces Service\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainVpc = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n});\nconst private_a = new aws.ec2.Subnet(\"private-a\", {\n availabilityZone: \"us-east-1a\",\n cidrBlock: \"10.0.0.0/24\",\n vpcId: mainVpc.id,\n});\nconst private_b = new aws.ec2.Subnet(\"private-b\", {\n availabilityZone: \"us-east-1b\",\n cidrBlock: \"10.0.1.0/24\",\n vpcId: mainVpc.id,\n});\nconst mainDirectory = new aws.directoryservice.Directory(\"main\", {\n password: \"#S1ncerely\",\n size: \"Small\",\n vpcSettings: {\n subnetIds: [\n private_a.id,\n private_b.id,\n ],\n vpcId: mainVpc.id,\n },\n});\nconst mainWorkspacesDirectory = new aws.workspaces.Directory(\"main\", {\n directoryId: mainDirectory.id,\n selfServicePermissions: {\n increaseVolumeSize: true,\n rebuildWorkspace: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain_vpc = aws.ec2.Vpc(\"mainVpc\", cidr_block=\"10.0.0.0/16\")\nprivate_a = aws.ec2.Subnet(\"private-a\",\n availability_zone=\"us-east-1a\",\n cidr_block=\"10.0.0.0/24\",\n vpc_id=main_vpc.id)\nprivate_b = aws.ec2.Subnet(\"private-b\",\n availability_zone=\"us-east-1b\",\n cidr_block=\"10.0.1.0/24\",\n vpc_id=main_vpc.id)\nmain_directory = aws.directoryservice.Directory(\"mainDirectory\",\n password=\"#S1ncerely\",\n size=\"Small\",\n vpc_settings={\n \"subnet_ids\": [\n private_a.id,\n private_b.id,\n ],\n \"vpc_id\": main_vpc.id,\n })\nmain_workspaces_directory_directory = aws.workspaces.Directory(\"mainWorkspaces/directoryDirectory\",\n directory_id=main_directory.id,\n self_service_permissions={\n \"increaseVolumeSize\": True,\n \"rebuildWorkspace\": True,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var mainVpc = new Aws.Ec2.Vpc(\"mainVpc\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var private_a = new Aws.Ec2.Subnet(\"private-a\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-east-1a\",\n CidrBlock = \"10.0.0.0/24\",\n VpcId = mainVpc.Id,\n });\n var private_b = new Aws.Ec2.Subnet(\"private-b\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = \"us-east-1b\",\n CidrBlock = \"10.0.1.0/24\",\n VpcId = mainVpc.Id,\n });\n var mainDirectory = new Aws.DirectoryService.Directory(\"mainDirectory\", new Aws.DirectoryService.DirectoryArgs\n {\n Password = \"#S1ncerely\",\n Size = \"Small\",\n VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs\n {\n SubnetIds = \n {\n private_a.Id,\n private_b.Id,\n },\n VpcId = mainVpc.Id,\n },\n });\n var mainWorkspaces_directoryDirectory = new Aws.Workspaces.Directory(\"mainWorkspaces/directoryDirectory\", new Aws.Workspaces.DirectoryArgs\n {\n DirectoryId = mainDirectory.Id,\n SelfServicePermissions = new Aws.Workspaces.Inputs.DirectorySelfServicePermissionsArgs\n {\n IncreaseVolumeSize = true,\n RebuildWorkspace = true,\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "alias": { "type": "string", "description": "The directory alias.\n" }, "customerUserName": { "type": "string", "description": "The user name for the service account.\n" }, "directoryId": { "type": "string", "description": "The directory identifier for registration in WorkSpaces service.\n" }, "directoryName": { "type": "string", "description": "The name of the directory.\n" }, "directoryType": { "type": "string", "description": "The directory type.\n" }, "dnsIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses of the DNS servers for the directory.\n" }, "iamRoleId": { "type": "string", "description": "The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.\n" }, "ipGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the IP access control groups associated with the directory.\n" }, "registrationCode": { "type": "string", "description": "The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.\n" }, "selfServicePermissions": { "$ref": "#/types/aws:workspaces/DirectorySelfServicePermissions:DirectorySelfServicePermissions", "description": "The permissions to enable or disable self-service capabilities.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets where the directory resides.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory.\n" }, "workspaceSecurityGroupId": { "type": "string", "description": "The identifier of the security group that is assigned to new WorkSpaces.\n" } }, "required": [ "alias", "customerUserName", "directoryId", "directoryName", "directoryType", "dnsIpAddresses", "iamRoleId", "ipGroupIds", "registrationCode", "selfServicePermissions", "subnetIds", "workspaceSecurityGroupId" ], "inputProperties": { "directoryId": { "type": "string", "description": "The directory identifier for registration in WorkSpaces service.\n" }, "selfServicePermissions": { "$ref": "#/types/aws:workspaces/DirectorySelfServicePermissions:DirectorySelfServicePermissions", "description": "The permissions to enable or disable self-service capabilities.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets where the directory resides.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory.\n" } }, "requiredInputs": [ "directoryId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Directory resources.\n", "properties": { "alias": { "type": "string", "description": "The directory alias.\n" }, "customerUserName": { "type": "string", "description": "The user name for the service account.\n" }, "directoryId": { "type": "string", "description": "The directory identifier for registration in WorkSpaces service.\n" }, "directoryName": { "type": "string", "description": "The name of the directory.\n" }, "directoryType": { "type": "string", "description": "The directory type.\n" }, "dnsIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses of the DNS servers for the directory.\n" }, "iamRoleId": { "type": "string", "description": "The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.\n" }, "ipGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the IP access control groups associated with the directory.\n" }, "registrationCode": { "type": "string", "description": "The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.\n" }, "selfServicePermissions": { "$ref": "#/types/aws:workspaces/DirectorySelfServicePermissions:DirectorySelfServicePermissions", "description": "The permissions to enable or disable self-service capabilities.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets where the directory resides.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory.\n" }, "workspaceSecurityGroupId": { "type": "string", "description": "The identifier of the security group that is assigned to new WorkSpaces.\n" } }, "type": "object" } }, "aws:workspaces/ipGroup:IpGroup": { "description": "Provides an IP access control group in AWS WorkSpaces Service\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst contractors = new aws.workspaces.IpGroup(\"contractors\", {\n description: \"Contractors IP access control group\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncontractors = aws.workspaces.IpGroup(\"contractors\", description=\"Contractors IP access control group\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var contractors = new Aws.Workspaces.IpGroup(\"contractors\", new Aws.Workspaces.IpGroupArgs\n {\n Description = \"Contractors IP access control group\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = workspaces.NewIpGroup(ctx, \"contractors\", \u0026workspaces.IpGroupArgs{\n\t\t\tDescription: pulumi.String(\"Contractors IP access control group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "description": { "type": "string", "description": "The description.\n" }, "name": { "type": "string", "description": "The name of the IP group.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:workspaces/IpGroupRule:IpGroupRule" }, "description": "One or more pairs specifying the IP group rule (in CIDR format) from which web requests originate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "required": [ "name" ], "inputProperties": { "description": { "type": "string", "description": "The description.\n" }, "name": { "type": "string", "description": "The name of the IP group.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:workspaces/IpGroupRule:IpGroupRule" }, "description": "One or more pairs specifying the IP group rule (in CIDR format) from which web requests originate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "stateInputs": { "description": "Input properties used for looking up and filtering IpGroup resources.\n", "properties": { "description": { "type": "string", "description": "The description.\n" }, "name": { "type": "string", "description": "The name of the IP group.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:workspaces/IpGroupRule:IpGroupRule" }, "description": "One or more pairs specifying the IP group rule (in CIDR format) from which web requests originate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" } }, "aws:workspaces/workspace:Workspace": { "description": "Provides a workspace in [AWS Workspaces](https://docs.aws.amazon.com/workspaces/latest/adminguide/amazon-workspaces.html) Service\n\n\u003e **NOTE:** During deletion of an `aws.workspaces.Workspace` resource, the service role `workspaces_DefaultRole` must be attached to the\npolicy `arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess`, or it will leak the ENI that the Workspaces service creates for the Workspace.\n", "properties": { "bundleId": { "type": "string", "description": "The ID of the bundle for the WorkSpace.\n" }, "computerName": { "type": "string", "description": "The name of the WorkSpace, as seen by the operating system.\n" }, "directoryId": { "type": "string", "description": "The ID of the directory for the WorkSpace.\n" }, "ipAddress": { "type": "string", "description": "The IP address of the WorkSpace.\n" }, "rootVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the root volume is encrypted.\n" }, "state": { "type": "string", "description": "The operational state of the WorkSpace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags for the WorkSpace.\n" }, "userName": { "type": "string", "description": "The user name of the user for the WorkSpace. This user name must exist in the directory for the WorkSpace.\n" }, "userVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the user volume is encrypted.\n" }, "volumeEncryptionKey": { "type": "string", "description": "The symmetric AWS KMS customer master key (CMK) used to encrypt data stored on your WorkSpace. Amazon WorkSpaces does not support asymmetric CMKs.\n" }, "workspaceProperties": { "$ref": "#/types/aws:workspaces/WorkspaceWorkspaceProperties:WorkspaceWorkspaceProperties", "description": "The WorkSpace properties.\n" } }, "required": [ "bundleId", "computerName", "directoryId", "ipAddress", "state", "userName", "workspaceProperties" ], "inputProperties": { "bundleId": { "type": "string", "description": "The ID of the bundle for the WorkSpace.\n" }, "directoryId": { "type": "string", "description": "The ID of the directory for the WorkSpace.\n" }, "rootVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the root volume is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags for the WorkSpace.\n" }, "userName": { "type": "string", "description": "The user name of the user for the WorkSpace. This user name must exist in the directory for the WorkSpace.\n" }, "userVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the user volume is encrypted.\n" }, "volumeEncryptionKey": { "type": "string", "description": "The symmetric AWS KMS customer master key (CMK) used to encrypt data stored on your WorkSpace. Amazon WorkSpaces does not support asymmetric CMKs.\n" }, "workspaceProperties": { "$ref": "#/types/aws:workspaces/WorkspaceWorkspaceProperties:WorkspaceWorkspaceProperties", "description": "The WorkSpace properties.\n" } }, "requiredInputs": [ "bundleId", "directoryId", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Workspace resources.\n", "properties": { "bundleId": { "type": "string", "description": "The ID of the bundle for the WorkSpace.\n" }, "computerName": { "type": "string", "description": "The name of the WorkSpace, as seen by the operating system.\n" }, "directoryId": { "type": "string", "description": "The ID of the directory for the WorkSpace.\n" }, "ipAddress": { "type": "string", "description": "The IP address of the WorkSpace.\n" }, "rootVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the root volume is encrypted.\n" }, "state": { "type": "string", "description": "The operational state of the WorkSpace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags for the WorkSpace.\n" }, "userName": { "type": "string", "description": "The user name of the user for the WorkSpace. This user name must exist in the directory for the WorkSpace.\n" }, "userVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the user volume is encrypted.\n" }, "volumeEncryptionKey": { "type": "string", "description": "The symmetric AWS KMS customer master key (CMK) used to encrypt data stored on your WorkSpace. Amazon WorkSpaces does not support asymmetric CMKs.\n" }, "workspaceProperties": { "$ref": "#/types/aws:workspaces/WorkspaceWorkspaceProperties:WorkspaceWorkspaceProperties", "description": "The WorkSpace properties.\n" } }, "type": "object" } }, "aws:xray/samplingRule:SamplingRule": { "description": "Creates and manages an AWS XRay Sampling Rule.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.xray.SamplingRule(\"example\", {\n attributes: {\n Hello: \"Tris\",\n },\n fixedRate: 0.05,\n host: \"*\",\n httpMethod: \"*\",\n priority: 10000,\n reservoirSize: 1,\n resourceArn: \"*\",\n ruleName: \"example\",\n serviceName: \"*\",\n serviceType: \"*\",\n urlPath: \"*\",\n version: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.xray.SamplingRule(\"example\",\n attributes={\n \"Hello\": \"Tris\",\n },\n fixed_rate=0.05,\n host=\"*\",\n http_method=\"*\",\n priority=10000,\n reservoir_size=1,\n resource_arn=\"*\",\n rule_name=\"example\",\n service_name=\"*\",\n service_type=\"*\",\n url_path=\"*\",\n version=1)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = new Aws.Xray.SamplingRule(\"example\", new Aws.Xray.SamplingRuleArgs\n {\n Attributes = \n {\n { \"Hello\", \"Tris\" },\n },\n FixedRate = 0.05,\n Host = \"*\",\n HttpMethod = \"*\",\n Priority = 10000,\n ReservoirSize = 1,\n ResourceArn = \"*\",\n RuleName = \"example\",\n ServiceName = \"*\",\n ServiceType = \"*\",\n UrlPath = \"*\",\n Version = 1,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/xray\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err = xray.NewSamplingRule(ctx, \"example\", \u0026xray.SamplingRuleArgs{\n\t\t\tAttributes: pulumi.Map{\n\t\t\t\t\"Hello\": pulumi.String(\"Tris\"),\n\t\t\t},\n\t\t\tFixedRate: pulumi.Float64(0.05),\n\t\t\tHost: pulumi.String(\"*\"),\n\t\t\tHttpMethod: pulumi.String(\"*\"),\n\t\t\tPriority: pulumi.Int(10000),\n\t\t\tReservoirSize: pulumi.Int(1),\n\t\t\tResourceArn: pulumi.String(\"*\"),\n\t\t\tRuleName: pulumi.String(\"example\"),\n\t\t\tServiceName: pulumi.String(\"*\"),\n\t\t\tServiceType: pulumi.String(\"*\"),\n\t\t\tUrlPath: pulumi.String(\"*\"),\n\t\t\tVersion: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "arn": { "type": "string", "description": "The ARN of the sampling rule.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Matches attributes derived from the request.\n" }, "fixedRate": { "type": "number", "description": "The percentage of matching requests to instrument, after the reservoir is exhausted.\n" }, "host": { "type": "string", "description": "Matches the hostname from a request URL.\n" }, "httpMethod": { "type": "string", "description": "Matches the HTTP method of a request.\n" }, "priority": { "type": "integer", "description": "The priority of the sampling rule.\n" }, "reservoirSize": { "type": "integer", "description": "A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively.\n" }, "resourceArn": { "type": "string", "description": "Matches the ARN of the AWS resource on which the service runs.\n" }, "ruleName": { "type": "string", "description": "The name of the sampling rule.\n" }, "serviceName": { "type": "string", "description": "Matches the `name` that the service uses to identify itself in segments.\n" }, "serviceType": { "type": "string", "description": "Matches the `origin` that the service uses to identify its type in segments.\n" }, "urlPath": { "type": "string", "description": "Matches the path from a request URL.\n" }, "version": { "type": "integer", "description": "The version of the sampling rule format (`1` )\n" } }, "required": [ "arn", "fixedRate", "host", "httpMethod", "priority", "reservoirSize", "resourceArn", "serviceName", "serviceType", "urlPath", "version" ], "inputProperties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Matches attributes derived from the request.\n" }, "fixedRate": { "type": "number", "description": "The percentage of matching requests to instrument, after the reservoir is exhausted.\n" }, "host": { "type": "string", "description": "Matches the hostname from a request URL.\n" }, "httpMethod": { "type": "string", "description": "Matches the HTTP method of a request.\n" }, "priority": { "type": "integer", "description": "The priority of the sampling rule.\n" }, "reservoirSize": { "type": "integer", "description": "A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively.\n" }, "resourceArn": { "type": "string", "description": "Matches the ARN of the AWS resource on which the service runs.\n" }, "ruleName": { "type": "string", "description": "The name of the sampling rule.\n" }, "serviceName": { "type": "string", "description": "Matches the `name` that the service uses to identify itself in segments.\n" }, "serviceType": { "type": "string", "description": "Matches the `origin` that the service uses to identify its type in segments.\n" }, "urlPath": { "type": "string", "description": "Matches the path from a request URL.\n" }, "version": { "type": "integer", "description": "The version of the sampling rule format (`1` )\n" } }, "requiredInputs": [ "fixedRate", "host", "httpMethod", "priority", "reservoirSize", "resourceArn", "serviceName", "serviceType", "urlPath", "version" ], "stateInputs": { "description": "Input properties used for looking up and filtering SamplingRule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the sampling rule.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Matches attributes derived from the request.\n" }, "fixedRate": { "type": "number", "description": "The percentage of matching requests to instrument, after the reservoir is exhausted.\n" }, "host": { "type": "string", "description": "Matches the hostname from a request URL.\n" }, "httpMethod": { "type": "string", "description": "Matches the HTTP method of a request.\n" }, "priority": { "type": "integer", "description": "The priority of the sampling rule.\n" }, "reservoirSize": { "type": "integer", "description": "A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively.\n" }, "resourceArn": { "type": "string", "description": "Matches the ARN of the AWS resource on which the service runs.\n" }, "ruleName": { "type": "string", "description": "The name of the sampling rule.\n" }, "serviceName": { "type": "string", "description": "Matches the `name` that the service uses to identify itself in segments.\n" }, "serviceType": { "type": "string", "description": "Matches the `origin` that the service uses to identify its type in segments.\n" }, "urlPath": { "type": "string", "description": "Matches the path from a request URL.\n" }, "version": { "type": "integer", "description": "The version of the sampling rule format (`1` )\n" } }, "type": "object" } } }, "functions": { "aws:acm/getCertificate:getCertificate": { "description": "Use this data source to get the ARN of a certificate in AWS Certificate\nManager (ACM), you can reference\nit by domain without having to hard code the ARNs as input.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Find a RSA 4096 bit certificate\nconst example = pulumi.output(aws.acm.getCertificate({\n domain: \"tf.example.com\",\n keyTypes: [\"RSA_4096\"],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acm.get_certificate(domain=\"tf.example.com\",\n key_types=[\"RSA_4096\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Acm.GetCertificate.InvokeAsync(new Aws.Acm.GetCertificateArgs\n {\n Domain = \"tf.example.com\",\n KeyTypes = \n {\n \"RSA_4096\",\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acm.LookupCertificate(ctx, \u0026acm.LookupCertificateArgs{\n\t\t\tDomain: \"tf.example.com\",\n\t\t\tKeyTypes: []string{\n\t\t\t\t\"RSA_4096\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCertificate.\n", "properties": { "domain": { "type": "string", "description": "The domain of the certificate to look up. If no certificate is found with this name, an error will be returned.\n" }, "keyTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of key algorithms to filter certificates. By default, ACM does not return all certificate types when searching. Valid values are `RSA_1024`, `RSA_2048`, `RSA_4096`, `EC_prime256v1`, `EC_secp384r1`, and `EC_secp521r1`.\n" }, "mostRecent": { "type": "boolean", "description": "If set to true, it sorts the certificates matched by previous criteria by the NotBefore field, returning only the most recent one. If set to false, it returns an error if more than one certificate is found. Defaults to false.\n" }, "statuses": { "type": "array", "items": { "type": "string" }, "description": "A list of statuses on which to filter the returned list. Valid values are `PENDING_VALIDATION`, `ISSUED`,\n`INACTIVE`, `EXPIRED`, `VALIDATION_TIMED_OUT`, `REVOKED` and `FAILED`. If no value is specified, only certificates in the `ISSUED` state\nare returned.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags for the resource.\n" }, "types": { "type": "array", "items": { "type": "string" }, "description": "A list of types on which to filter the returned list. Valid values are `AMAZON_ISSUED` and `IMPORTED`.\n" } }, "type": "object", "required": [ "domain" ] }, "outputs": { "description": "A collection of values returned by getCertificate.\n", "properties": { "arn": { "type": "string", "description": "Set to the ARN of the found certificate, suitable for referencing in other resources that support ACM certificates.\n" }, "domain": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "keyTypes": { "type": "array", "items": { "type": "string" } }, "mostRecent": { "type": "boolean" }, "statuses": { "type": "array", "items": { "type": "string" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags for the resource.\n" }, "types": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "arn", "domain", "tags", "id" ] } }, "aws:acmpca/getCertificateAuthority:getCertificateAuthority": { "description": "Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.acmpca.getCertificateAuthority({\n arn: \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.get_certificate_authority(arn=\"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Acmpca.GetCertificateAuthority.InvokeAsync(new Aws.Acmpca.GetCertificateAuthorityArgs\n {\n Arn = \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acmpca.LookupCertificateAuthority(ctx, \u0026acmpca.LookupCertificateAuthorityArgs{\n\t\t\tArn: \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCertificateAuthority.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the certificate authority.\n" }, "revocationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:acmpca/getCertificateAuthorityRevocationConfiguration:getCertificateAuthorityRevocationConfiguration" }, "description": "Nested attribute containing revocation configuration.\n* `revocation_configuration.0.crl_configuration` - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.\n* `revocation_configuration.0.crl_configuration.0.custom_cname` - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.\n* `revocation_configuration.0.crl_configuration.0.enabled` - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.\n* `revocation_configuration.0.crl_configuration.0.expiration_in_days` - Number of days until a certificate expires.\n* `revocation_configuration.0.crl_configuration.0.s3_bucket_name` - Name of the S3 bucket that contains the CRL.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies a key-value map of user-defined tags that are attached to the certificate authority.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getCertificateAuthority.\n", "properties": { "arn": { "type": "string" }, "certificate": { "type": "string", "description": "Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.\n" }, "certificateChain": { "type": "string", "description": "Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.\n" }, "certificateSigningRequest": { "type": "string", "description": "The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "notAfter": { "type": "string", "description": "Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n" }, "notBefore": { "type": "string", "description": "Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n" }, "revocationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:acmpca/getCertificateAuthorityRevocationConfiguration:getCertificateAuthorityRevocationConfiguration" }, "description": "Nested attribute containing revocation configuration.\n* `revocation_configuration.0.crl_configuration` - Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.\n* `revocation_configuration.0.crl_configuration.0.custom_cname` - Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.\n* `revocation_configuration.0.crl_configuration.0.enabled` - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.\n* `revocation_configuration.0.crl_configuration.0.expiration_in_days` - Number of days until a certificate expires.\n* `revocation_configuration.0.crl_configuration.0.s3_bucket_name` - Name of the S3 bucket that contains the CRL.\n" }, "serial": { "type": "string", "description": "Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.\n" }, "status": { "type": "string", "description": "Status of the certificate authority.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies a key-value map of user-defined tags that are attached to the certificate authority.\n" }, "type": { "type": "string", "description": "The type of the certificate authority.\n" } }, "type": "object", "required": [ "arn", "certificate", "certificateChain", "certificateSigningRequest", "notAfter", "notBefore", "revocationConfigurations", "serial", "status", "tags", "type", "id" ] } }, "aws:alb/getListener:getListener": { "description": "\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\nProvides information about a Load Balancer Listener.\n\nThis data source can prove useful when a module accepts an LB Listener as an\ninput variable and needs to know the LB it is attached to, or other\ninformation specific to the listener in question.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst listenerArn = config.require(\"listenerArn\");\n\nconst listener = pulumi.output(aws.lb.getListener({\n arn: listenerArn,\n}, { async: true }));\nconst selected = pulumi.output(aws.lb.getLoadBalancer({\n name: \"default-public\",\n}, { async: true }));\nconst selected443 = selected.apply(selected =\u003e aws.lb.getListener({\n loadBalancerArn: selected.arn!,\n port: 443,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlistener_arn = config.require_object(\"listenerArn\")\nlistener = aws.lb.get_listener(arn=listener_arn)\nselected = aws.lb.get_load_balancer(name=\"default-public\")\nselected443 = aws.lb.get_listener(load_balancer_arn=selected.arn,\n port=443)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var listenerArn = config.RequireObject\u003cdynamic\u003e(\"listenerArn\");\n var listener = Output.Create(Aws.LB.GetListener.InvokeAsync(new Aws.LB.GetListenerArgs\n {\n Arn = listenerArn,\n }));\n var selected = Output.Create(Aws.LB.GetLoadBalancer.InvokeAsync(new Aws.LB.GetLoadBalancerArgs\n {\n Name = \"default-public\",\n }));\n var selected443 = selected.Apply(selected =\u003e Output.Create(Aws.LB.GetListener.InvokeAsync(new Aws.LB.GetListenerArgs\n {\n LoadBalancerArn = selected.Arn,\n Port = 443,\n })));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := listenerArn\n\t\t_, err := lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tArn: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt1 := \"default-public\"\n\t\tselected, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt2 := selected.Arn\n\t\topt3 := 443\n\t\t_, err := lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tLoadBalancerArn: \u0026opt2,\n\t\t\tPort: \u0026opt3,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getListener.\n", "properties": { "arn": { "type": "string", "description": "The arn of the listener. Required if `load_balancer_arn` and `port` is not set.\n" }, "loadBalancerArn": { "type": "string", "description": "The arn of the load balancer. Required if `arn` is not set.\n" }, "port": { "type": "integer", "description": "The port of the listener. Required if `arn` is not set.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getListener.\n", "properties": { "arn": { "type": "string" }, "certificateArn": { "type": "string" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultAction:getListenerDefaultAction" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "loadBalancerArn": { "type": "string" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "sslPolicy": { "type": "string" } }, "type": "object", "required": [ "arn", "certificateArn", "defaultActions", "loadBalancerArn", "port", "protocol", "sslPolicy", "id" ] } }, "aws:alb/getLoadBalancer:getLoadBalancer": { "description": "\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\nProvides information about a Load Balancer.\n\nThis data source can prove useful when a module accepts an LB as an input\nvariable and needs to, for example, determine the security groups associated\nwith it, etc.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbArn = config.get(\"lbArn\") || \"\";\nconst lbName = config.get(\"lbName\") || \"\";\n\nconst test = pulumi.output(aws.lb.getLoadBalancer({\n arn: lbArn,\n name: lbName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_arn = config.get(\"lbArn\")\nif lb_arn is None:\n lb_arn = \"\"\nlb_name = config.get(\"lbName\")\nif lb_name is None:\n lb_name = \"\"\ntest = aws.lb.get_load_balancer(arn=lb_arn,\n name=lb_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var lbArn = config.Get(\"lbArn\") ?? \"\";\n var lbName = config.Get(\"lbName\") ?? \"\";\n var test = Output.Create(Aws.LB.GetLoadBalancer.InvokeAsync(new Aws.LB.GetLoadBalancerArgs\n {\n Arn = lbArn,\n Name = lbName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := lbArn\n\t\topt1 := lbName\n\t\t_, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tArn: \u0026opt0,\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLoadBalancer.\n", "properties": { "arn": { "type": "string", "description": "The full ARN of the load balancer.\n" }, "name": { "type": "string", "description": "The unique name of the load balancer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLoadBalancer.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:alb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs" }, "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "dnsName": { "type": "string" }, "dropInvalidHeaderFields": { "type": "boolean" }, "enableDeletionProtection": { "type": "boolean" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "idleTimeout": { "type": "integer" }, "internal": { "type": "boolean" }, "ipAddressType": { "type": "string" }, "loadBalancerType": { "type": "string" }, "name": { "type": "string" }, "securityGroups": { "type": "array", "items": { "type": "string" } }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:alb/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping" } }, "subnets": { "type": "array", "items": { "type": "string" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" }, "zoneId": { "type": "string" } }, "type": "object", "required": [ "accessLogs", "arn", "arnSuffix", "dnsName", "dropInvalidHeaderFields", "enableDeletionProtection", "idleTimeout", "internal", "ipAddressType", "loadBalancerType", "name", "securityGroups", "subnetMappings", "subnets", "tags", "vpcId", "zoneId", "id" ] } }, "aws:alb/getTargetGroup:getTargetGroup": { "description": "\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\nProvides information about a Load Balancer Target Group.\n\nThis data source can prove useful when a module accepts an LB Target Group as an\ninput variable and needs to know its attributes. It can also be used to get the ARN of\nan LB Target Group for use in other resources, given LB Target Group name.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbTgArn = config.get(\"lbTgArn\") || \"\";\nconst lbTgName = config.get(\"lbTgName\") || \"\";\n\nconst test = pulumi.output(aws.lb.getTargetGroup({\n arn: lbTgArn,\n name: lbTgName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_tg_arn = config.get(\"lbTgArn\")\nif lb_tg_arn is None:\n lb_tg_arn = \"\"\nlb_tg_name = config.get(\"lbTgName\")\nif lb_tg_name is None:\n lb_tg_name = \"\"\ntest = aws.lb.get_target_group(arn=lb_tg_arn,\n name=lb_tg_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var lbTgArn = config.Get(\"lbTgArn\") ?? \"\";\n var lbTgName = config.Get(\"lbTgName\") ?? \"\";\n var test = Output.Create(Aws.LB.GetTargetGroup.InvokeAsync(new Aws.LB.GetTargetGroupArgs\n {\n Arn = lbTgArn,\n Name = lbTgName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := lbTgArn\n\t\topt1 := lbTgName\n\t\t_, err := lb.LookupTargetGroup(ctx, \u0026lb.LookupTargetGroupArgs{\n\t\t\tArn: \u0026opt0,\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getTargetGroup.\n", "properties": { "arn": { "type": "string", "description": "The full ARN of the target group.\n" }, "name": { "type": "string", "description": "The unique name of the target group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTargetGroup.\n", "properties": { "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "deregistrationDelay": { "type": "integer" }, "healthCheck": { "$ref": "#/types/aws:alb/getTargetGroupHealthCheck:getTargetGroupHealthCheck" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean" }, "loadBalancingAlgorithmType": { "type": "string" }, "name": { "type": "string" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "proxyProtocolV2": { "type": "boolean" }, "slowStart": { "type": "integer" }, "stickiness": { "$ref": "#/types/aws:alb/getTargetGroupStickiness:getTargetGroupStickiness" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "targetType": { "type": "string" }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "arn", "arnSuffix", "deregistrationDelay", "healthCheck", "lambdaMultiValueHeadersEnabled", "loadBalancingAlgorithmType", "name", "port", "protocol", "proxyProtocolV2", "slowStart", "stickiness", "tags", "targetType", "vpcId", "id" ] } }, "aws:apigateway/getKey:getKey": { "description": "Use this data source to get the name and value of a pre-existing API Key, for\nexample to supply credentials for a dependency microservice.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myApiKey = pulumi.output(aws.apigateway.getKey({\n id: \"ru3mpjgse6\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_api_key = aws.apigateway.get_key(id=\"ru3mpjgse6\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myApiKey = Output.Create(Aws.ApiGateway.GetKey.InvokeAsync(new Aws.ApiGateway.GetKeyArgs\n {\n Id = \"ru3mpjgse6\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.GetKey(ctx, \u0026apigateway.GetKeyArgs{\n\t\t\tId: \"ru3mpjgse6\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getKey.\n", "properties": { "id": { "type": "string", "description": "The ID of the API Key to look up.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the resource.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getKey.\n", "properties": { "createdDate": { "type": "string", "description": "The date and time when the API Key was created.\n" }, "description": { "type": "string", "description": "The description of the API Key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the API Key is enabled.\n" }, "id": { "type": "string", "description": "Set to the ID of the API Key.\n" }, "lastUpdatedDate": { "type": "string", "description": "The date and time when the API Key was last updated.\n" }, "name": { "type": "string", "description": "Set to the name of the API Key.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the resource.\n" }, "value": { "type": "string", "description": "Set to the value of the API Key.\n" } }, "type": "object", "required": [ "createdDate", "description", "enabled", "id", "lastUpdatedDate", "name", "tags", "value" ] } }, "aws:apigateway/getResource:getResource": { "description": "Use this data source to get the id of a Resource in API Gateway. \nTo fetch the Resource, you must provide the REST API id as well as the full path. \n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myRestApi = pulumi.output(aws.apigateway.getRestApi({\n name: \"my-rest-api\",\n}, { async: true }));\nconst myResource = myRestApi.apply(myRestApi =\u003e aws.apigateway.getResource({\n path: \"/endpoint/path\",\n restApiId: myRestApi.id,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_rest_api = aws.apigateway.get_rest_api(name=\"my-rest-api\")\nmy_resource = aws.apigateway.get_resource(path=\"/endpoint/path\",\n rest_api_id=my_rest_api.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myRestApi = Output.Create(Aws.ApiGateway.GetRestApi.InvokeAsync(new Aws.ApiGateway.GetRestApiArgs\n {\n Name = \"my-rest-api\",\n }));\n var myResource = myRestApi.Apply(myRestApi =\u003e Output.Create(Aws.ApiGateway.GetResource.InvokeAsync(new Aws.ApiGateway.GetResourceArgs\n {\n Path = \"/endpoint/path\",\n RestApiId = myRestApi.Id,\n })));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyRestApi, err := apigateway.LookupRestApi(ctx, \u0026apigateway.LookupRestApiArgs{\n\t\t\tName: \"my-rest-api\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err := apigateway.LookupResource(ctx, \u0026apigateway.LookupResourceArgs{\n\t\t\tPath: \"/endpoint/path\",\n\t\t\tRestApiId: myRestApi.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getResource.\n", "properties": { "path": { "type": "string", "description": "The full path of the resource. If no path is found, an error will be returned.\n" }, "restApiId": { "type": "string", "description": "The REST API id that owns the resource. If no REST API is found, an error will be returned.\n" } }, "type": "object", "required": [ "path", "restApiId" ] }, "outputs": { "description": "A collection of values returned by getResource.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "parentId": { "type": "string", "description": "Set to the ID of the parent Resource.\n" }, "path": { "type": "string" }, "pathPart": { "type": "string", "description": "Set to the path relative to the parent Resource.\n" }, "restApiId": { "type": "string" } }, "type": "object", "required": [ "parentId", "path", "pathPart", "restApiId", "id" ] } }, "aws:apigateway/getRestApi:getRestApi": { "description": "Use this data source to get the id and root_resource_id of a REST API in\nAPI Gateway. To fetch the REST API you must provide a name to match against. \nAs there is no unique name constraint on REST APIs this data source will \nerror if there is more than one match.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myRestApi = pulumi.output(aws.apigateway.getRestApi({\n name: \"my-rest-api\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_rest_api = aws.apigateway.get_rest_api(name=\"my-rest-api\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myRestApi = Output.Create(Aws.ApiGateway.GetRestApi.InvokeAsync(new Aws.ApiGateway.GetRestApiArgs\n {\n Name = \"my-rest-api\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.LookupRestApi(ctx, \u0026apigateway.LookupRestApiArgs{\n\t\t\tName: \"my-rest-api\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRestApi.\n", "properties": { "name": { "type": "string", "description": "The name of the REST API to look up. If no REST API is found with this name, an error will be returned. If multiple REST APIs are found with this name, an error will be returned.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRestApi.\n", "properties": { "apiKeySource": { "type": "string", "description": "The source of the API key for requests.\n" }, "arn": { "type": "string", "description": "The ARN of the REST API.\n" }, "binaryMediaTypes": { "type": "array", "items": { "type": "string" }, "description": "The list of binary media types supported by the REST API.\n" }, "description": { "type": "string", "description": "The description of the REST API.\n" }, "endpointConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:apigateway/getRestApiEndpointConfiguration:getRestApiEndpointConfiguration" }, "description": "The endpoint configuration of this RestApi showing the endpoint types of the API.\n" }, "executionArn": { "type": "string", "description": "The execution ARN part to be used in `lambda_permission`'s `source_arn` when allowing API Gateway to invoke a Lambda function, e.g. `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j`, which can be concatenated with allowed stage, method and resource path.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "minimumCompressionSize": { "type": "integer", "description": "Minimum response size to compress for the REST API.\n" }, "name": { "type": "string" }, "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the API Gateway.\n" }, "rootResourceId": { "type": "string", "description": "Set to the ID of the API Gateway Resource on the found REST API where the route matches '/'.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object", "required": [ "apiKeySource", "arn", "binaryMediaTypes", "description", "endpointConfigurations", "executionArn", "minimumCompressionSize", "name", "policy", "rootResourceId", "tags", "id" ] } }, "aws:apigateway/getVpcLink:getVpcLink": { "description": "Use this data source to get the id of a VPC Link in\nAPI Gateway. To fetch the VPC Link you must provide a name to match against. \nAs there is no unique name constraint on API Gateway VPC Links this data source will \nerror if there is more than one match.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myApiGatewayVpcLink = pulumi.output(aws.apigateway.getVpcLink({\n name: \"my-vpc-link\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_api_gateway_vpc_link = aws.apigateway.get_vpc_link(name=\"my-vpc-link\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myApiGatewayVpcLink = Output.Create(Aws.ApiGateway.GetVpcLink.InvokeAsync(new Aws.ApiGateway.GetVpcLinkArgs\n {\n Name = \"my-vpc-link\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.LookupVpcLink(ctx, \u0026apigateway.LookupVpcLinkArgs{\n\t\t\tName: \"my-vpc-link\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getVpcLink.\n", "properties": { "name": { "type": "string", "description": "The name of the API Gateway VPC Link to look up. If no API Gateway VPC Link is found with this name, an error will be returned. \nIf multiple API Gateway VPC Links are found with this name, an error will be returned.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getVpcLink.\n", "properties": { "description": { "type": "string", "description": "The description of the VPC link.\n" }, "id": { "type": "string", "description": "Set to the ID of the found API Gateway VPC Link.\n" }, "name": { "type": "string" }, "status": { "type": "string", "description": "The status of the VPC link.\n" }, "statusMessage": { "type": "string", "description": "The status message of the VPC link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "targetArns": { "type": "array", "items": { "type": "string" }, "description": "The list of network load balancer arns in the VPC targeted by the VPC link. Currently AWS only supports 1 target.\n" } }, "type": "object", "required": [ "description", "id", "name", "status", "statusMessage", "tags", "targetArns" ] } }, "aws:applicationloadbalancing/getListener:getListener": { "description": "\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\nProvides information about a Load Balancer Listener.\n\nThis data source can prove useful when a module accepts an LB Listener as an\ninput variable and needs to know the LB it is attached to, or other\ninformation specific to the listener in question.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst listenerArn = config.require(\"listenerArn\");\n\nconst listener = pulumi.output(aws.lb.getListener({\n arn: listenerArn,\n}, { async: true }));\nconst selected = pulumi.output(aws.lb.getLoadBalancer({\n name: \"default-public\",\n}, { async: true }));\nconst selected443 = selected.apply(selected =\u003e aws.lb.getListener({\n loadBalancerArn: selected.arn!,\n port: 443,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlistener_arn = config.require_object(\"listenerArn\")\nlistener = aws.lb.get_listener(arn=listener_arn)\nselected = aws.lb.get_load_balancer(name=\"default-public\")\nselected443 = aws.lb.get_listener(load_balancer_arn=selected.arn,\n port=443)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var listenerArn = config.RequireObject\u003cdynamic\u003e(\"listenerArn\");\n var listener = Output.Create(Aws.LB.GetListener.InvokeAsync(new Aws.LB.GetListenerArgs\n {\n Arn = listenerArn,\n }));\n var selected = Output.Create(Aws.LB.GetLoadBalancer.InvokeAsync(new Aws.LB.GetLoadBalancerArgs\n {\n Name = \"default-public\",\n }));\n var selected443 = selected.Apply(selected =\u003e Output.Create(Aws.LB.GetListener.InvokeAsync(new Aws.LB.GetListenerArgs\n {\n LoadBalancerArn = selected.Arn,\n Port = 443,\n })));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := listenerArn\n\t\t_, err := lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tArn: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt1 := \"default-public\"\n\t\tselected, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt2 := selected.Arn\n\t\topt3 := 443\n\t\t_, err := lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tLoadBalancerArn: \u0026opt2,\n\t\t\tPort: \u0026opt3,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getListener.\n", "properties": { "arn": { "type": "string", "description": "The arn of the listener. Required if `load_balancer_arn` and `port` is not set.\n" }, "loadBalancerArn": { "type": "string", "description": "The arn of the load balancer. Required if `arn` is not set.\n" }, "port": { "type": "integer", "description": "The port of the listener. Required if `arn` is not set.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getListener.\n", "properties": { "arn": { "type": "string" }, "certificateArn": { "type": "string" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/getListenerDefaultAction:getListenerDefaultAction" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "loadBalancerArn": { "type": "string" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "sslPolicy": { "type": "string" } }, "type": "object", "required": [ "arn", "certificateArn", "defaultActions", "loadBalancerArn", "port", "protocol", "sslPolicy", "id" ] }, "deprecationMessage": "aws.applicationloadbalancing.getListener has been deprecated in favor of aws.alb.getListener" }, "aws:applicationloadbalancing/getLoadBalancer:getLoadBalancer": { "description": "\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\nProvides information about a Load Balancer.\n\nThis data source can prove useful when a module accepts an LB as an input\nvariable and needs to, for example, determine the security groups associated\nwith it, etc.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbArn = config.get(\"lbArn\") || \"\";\nconst lbName = config.get(\"lbName\") || \"\";\n\nconst test = pulumi.output(aws.lb.getLoadBalancer({\n arn: lbArn,\n name: lbName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_arn = config.get(\"lbArn\")\nif lb_arn is None:\n lb_arn = \"\"\nlb_name = config.get(\"lbName\")\nif lb_name is None:\n lb_name = \"\"\ntest = aws.lb.get_load_balancer(arn=lb_arn,\n name=lb_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var lbArn = config.Get(\"lbArn\") ?? \"\";\n var lbName = config.Get(\"lbName\") ?? \"\";\n var test = Output.Create(Aws.LB.GetLoadBalancer.InvokeAsync(new Aws.LB.GetLoadBalancerArgs\n {\n Arn = lbArn,\n Name = lbName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := lbArn\n\t\topt1 := lbName\n\t\t_, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tArn: \u0026opt0,\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLoadBalancer.\n", "properties": { "arn": { "type": "string", "description": "The full ARN of the load balancer.\n" }, "name": { "type": "string", "description": "The unique name of the load balancer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLoadBalancer.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:applicationloadbalancing/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs" }, "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "dnsName": { "type": "string" }, "dropInvalidHeaderFields": { "type": "boolean" }, "enableDeletionProtection": { "type": "boolean" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "idleTimeout": { "type": "integer" }, "internal": { "type": "boolean" }, "ipAddressType": { "type": "string" }, "loadBalancerType": { "type": "string" }, "name": { "type": "string" }, "securityGroups": { "type": "array", "items": { "type": "string" } }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:applicationloadbalancing/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping" } }, "subnets": { "type": "array", "items": { "type": "string" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" }, "zoneId": { "type": "string" } }, "type": "object", "required": [ "accessLogs", "arn", "arnSuffix", "dnsName", "dropInvalidHeaderFields", "enableDeletionProtection", "idleTimeout", "internal", "ipAddressType", "loadBalancerType", "name", "securityGroups", "subnetMappings", "subnets", "tags", "vpcId", "zoneId", "id" ] }, "deprecationMessage": "aws.applicationloadbalancing.getLoadBalancer has been deprecated in favor of aws.alb.getLoadBalancer" }, "aws:applicationloadbalancing/getTargetGroup:getTargetGroup": { "description": "\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\nProvides information about a Load Balancer Target Group.\n\nThis data source can prove useful when a module accepts an LB Target Group as an\ninput variable and needs to know its attributes. It can also be used to get the ARN of\nan LB Target Group for use in other resources, given LB Target Group name.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbTgArn = config.get(\"lbTgArn\") || \"\";\nconst lbTgName = config.get(\"lbTgName\") || \"\";\n\nconst test = pulumi.output(aws.lb.getTargetGroup({\n arn: lbTgArn,\n name: lbTgName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_tg_arn = config.get(\"lbTgArn\")\nif lb_tg_arn is None:\n lb_tg_arn = \"\"\nlb_tg_name = config.get(\"lbTgName\")\nif lb_tg_name is None:\n lb_tg_name = \"\"\ntest = aws.lb.get_target_group(arn=lb_tg_arn,\n name=lb_tg_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var lbTgArn = config.Get(\"lbTgArn\") ?? \"\";\n var lbTgName = config.Get(\"lbTgName\") ?? \"\";\n var test = Output.Create(Aws.LB.GetTargetGroup.InvokeAsync(new Aws.LB.GetTargetGroupArgs\n {\n Arn = lbTgArn,\n Name = lbTgName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := lbTgArn\n\t\topt1 := lbTgName\n\t\t_, err := lb.LookupTargetGroup(ctx, \u0026lb.LookupTargetGroupArgs{\n\t\t\tArn: \u0026opt0,\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getTargetGroup.\n", "properties": { "arn": { "type": "string", "description": "The full ARN of the target group.\n" }, "name": { "type": "string", "description": "The unique name of the target group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTargetGroup.\n", "properties": { "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "deregistrationDelay": { "type": "integer" }, "healthCheck": { "$ref": "#/types/aws:applicationloadbalancing/getTargetGroupHealthCheck:getTargetGroupHealthCheck" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean" }, "loadBalancingAlgorithmType": { "type": "string" }, "name": { "type": "string" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "proxyProtocolV2": { "type": "boolean" }, "slowStart": { "type": "integer" }, "stickiness": { "$ref": "#/types/aws:applicationloadbalancing/getTargetGroupStickiness:getTargetGroupStickiness" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "targetType": { "type": "string" }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "arn", "arnSuffix", "deregistrationDelay", "healthCheck", "lambdaMultiValueHeadersEnabled", "loadBalancingAlgorithmType", "name", "port", "protocol", "proxyProtocolV2", "slowStart", "stickiness", "tags", "targetType", "vpcId", "id" ] }, "deprecationMessage": "aws.applicationloadbalancing.getTargetGroup has been deprecated in favor of aws.alb.getTargetGroup" }, "aws:autoscaling/getGroup:getGroup": { "description": "Use this data source to get information on an existing autoscaling group.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = pulumi.output(aws.autoscaling.getGroup({\n name: \"foo\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.autoscaling.get_group(name=\"foo\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = Output.Create(Aws.AutoScaling.GetGroup.InvokeAsync(new Aws.AutoScaling.GetGroupArgs\n {\n Name = \"foo\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.LookupGroup(ctx, \u0026autoscaling.LookupGroupArgs{\n\t\t\tName: \"foo\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getGroup.\n", "properties": { "name": { "type": "string", "description": "Specify the exact name of the desired autoscaling group.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getGroup.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Auto Scaling group.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "One or more Availability Zones for the group.\n" }, "defaultCooldown": { "type": "integer" }, "desiredCapacity": { "type": "integer", "description": "The desired size of the group.\n" }, "healthCheckGracePeriod": { "type": "integer", "description": "The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before checking the health status of an EC2 instance that has come into service.\n" }, "healthCheckType": { "type": "string", "description": "The service to use for the health checks. The valid values are EC2 and ELB.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "launchConfiguration": { "type": "string", "description": "The name of the associated launch configuration.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "One or more load balancers associated with the group.\n" }, "maxSize": { "type": "integer", "description": "The maximum size of the group.\n" }, "minSize": { "type": "integer", "description": "The minimum size of the group.\n" }, "name": { "type": "string", "description": "The name of the Auto Scaling group.\n" }, "newInstancesProtectedFromScaleIn": { "type": "boolean" }, "placementGroup": { "type": "string", "description": "The name of the placement group into which to launch your instances, if any. For more information, see Placement Groups (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "serviceLinkedRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the service-linked role that the Auto Scaling group uses to call other AWS services on your behalf.\n" }, "status": { "type": "string", "description": "The current state of the group when DeleteAutoScalingGroup is in progress.\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARN) of the target groups for your load balancer.\n" }, "terminationPolicies": { "type": "array", "items": { "type": "string" }, "description": "The termination policies for the group.\n" }, "vpcZoneIdentifier": { "type": "string", "description": "VPC ID for the group.\n" } }, "type": "object", "required": [ "arn", "availabilityZones", "defaultCooldown", "desiredCapacity", "healthCheckGracePeriod", "healthCheckType", "launchConfiguration", "loadBalancers", "maxSize", "minSize", "name", "newInstancesProtectedFromScaleIn", "placementGroup", "serviceLinkedRoleArn", "status", "targetGroupArns", "terminationPolicies", "vpcZoneIdentifier", "id" ] } }, "aws:backup/getPlan:getPlan": { "description": "Use this data source to get information on an existing backup plan.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.backup.getPlan({\n planId: \"tf_example_backup_plan_id\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.get_plan(plan_id=\"tf_example_backup_plan_id\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Backup.GetPlan.InvokeAsync(new Aws.Backup.GetPlanArgs\n {\n PlanId = \"tf_example_backup_plan_id\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.LookupPlan(ctx, \u0026backup.LookupPlanArgs{\n\t\t\tPlanId: \"tf_example_backup_plan_id\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getPlan.\n", "properties": { "planId": { "type": "string", "description": "The backup plan ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the plans you create.\n" } }, "type": "object", "required": [ "planId" ] }, "outputs": { "description": "A collection of values returned by getPlan.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the backup plan.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string", "description": "The display name of a backup plan.\n" }, "planId": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the plans you create.\n" }, "version": { "type": "string", "description": "Unique, randomly generated, Unicode, UTF-8 encoded string that serves as the version ID of the backup plan.\n" } }, "type": "object", "required": [ "arn", "name", "planId", "tags", "version", "id" ] } }, "aws:backup/getSelection:getSelection": { "description": "Use this data source to get information on an existing backup selection.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws_backup_plan_example.id.apply(id =\u003e aws.backup.getSelection({\n planId: id,\n selectionId: \"selection-id-example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.get_selection(plan_id=data[\"aws_backup_plan\"][\"example\"][\"id\"],\n selection_id=\"selection-id-example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Backup.GetSelection.InvokeAsync(new Aws.Backup.GetSelectionArgs\n {\n PlanId = data.Aws_backup_plan.Example.Id,\n SelectionId = \"selection-id-example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.LookupSelection(ctx, \u0026backup.LookupSelectionArgs{\n\t\t\tPlanId: data.Aws_backup_plan.Example.Id,\n\t\t\tSelectionId: \"selection-id-example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSelection.\n", "properties": { "planId": { "type": "string", "description": "The backup plan ID associated with the selection of resources.\n" }, "selectionId": { "type": "string", "description": "The backup selection ID.\n" } }, "type": "object", "required": [ "planId", "selectionId" ] }, "outputs": { "description": "A collection of values returned by getSelection.\n", "properties": { "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/access-control.html#managed-policies) for additional information about using AWS managed policies or creating custom policies attached to the IAM role.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string", "description": "The display name of a resource selection document.\n" }, "planId": { "type": "string" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan..\n" }, "selectionId": { "type": "string" } }, "type": "object", "required": [ "iamRoleArn", "name", "planId", "resources", "selectionId", "id" ] } }, "aws:backup/getVault:getVault": { "description": "Use this data source to get information on an existing backup vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.backup.getVault({\n name: \"example_backup_vault\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.get_vault(name=\"example_backup_vault\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Backup.GetVault.InvokeAsync(new Aws.Backup.GetVaultArgs\n {\n Name = \"example_backup_vault\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.LookupVault(ctx, \u0026backup.LookupVaultArgs{\n\t\t\tName: \"example_backup_vault\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getVault.\n", "properties": { "name": { "type": "string", "description": "The name of the backup vault.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getVault.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the vault.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "kmsKeyArn": { "type": "string", "description": "The server-side encryption key that is used to protect your backups.\n" }, "name": { "type": "string" }, "recoveryPoints": { "type": "integer", "description": "The number of recovery points that are stored in a backup vault.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create.\n" } }, "type": "object", "required": [ "arn", "kmsKeyArn", "name", "recoveryPoints", "tags", "id" ] } }, "aws:batch/getComputeEnvironment:getComputeEnvironment": { "description": "The Batch Compute Environment data source allows access to details of a specific\ncompute environment within AWS Batch.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst batch_mongo = pulumi.output(aws.batch.getComputeEnvironment({\n computeEnvironmentName: \"batch-mongo-production\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbatch_mongo = aws.batch.get_compute_environment(compute_environment_name=\"batch-mongo-production\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var batch_mongo = Output.Create(Aws.Batch.GetComputeEnvironment.InvokeAsync(new Aws.Batch.GetComputeEnvironmentArgs\n {\n ComputeEnvironmentName = \"batch-mongo-production\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.LookupComputeEnvironment(ctx, \u0026batch.LookupComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: \"batch-mongo-production\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getComputeEnvironment.\n", "properties": { "computeEnvironmentName": { "type": "string", "description": "The name of the Batch Compute Environment\n" } }, "type": "object", "required": [ "computeEnvironmentName" ] }, "outputs": { "description": "A collection of values returned by getComputeEnvironment.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the compute environment.\n" }, "computeEnvironmentName": { "type": "string" }, "ecsClusterArn": { "type": "string", "description": "The ARN of the underlying Amazon ECS cluster used by the compute environment.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "serviceRole": { "type": "string", "description": "The ARN of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.\n" }, "state": { "type": "string", "description": "The state of the compute environment (for example, `ENABLED` or `DISABLED`). If the state is `ENABLED`, then the compute environment accepts jobs from a queue and can scale out automatically based on queues.\n" }, "status": { "type": "string", "description": "The current status of the compute environment (for example, `CREATING` or `VALID`).\n" }, "statusReason": { "type": "string", "description": "A short, human-readable string to provide additional details about the current status of the compute environment.\n" }, "type": { "type": "string", "description": "The type of the compute environment (for example, `MANAGED` or `UNMANAGED`).\n" } }, "type": "object", "required": [ "arn", "computeEnvironmentName", "ecsClusterArn", "serviceRole", "state", "status", "statusReason", "type", "id" ] } }, "aws:batch/getJobQueue:getJobQueue": { "description": "The Batch Job Queue data source allows access to details of a specific\njob queue within AWS Batch.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test_queue = pulumi.output(aws.batch.getJobQueue({\n name: \"tf-test-batch-job-queue\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_queue = aws.batch.get_job_queue(name=\"tf-test-batch-job-queue\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test_queue = Output.Create(Aws.Batch.GetJobQueue.InvokeAsync(new Aws.Batch.GetJobQueueArgs\n {\n Name = \"tf-test-batch-job-queue\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.LookupJobQueue(ctx, \u0026batch.LookupJobQueueArgs{\n\t\t\tName: \"tf-test-batch-job-queue\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getJobQueue.\n", "properties": { "name": { "type": "string", "description": "The name of the job queue.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getJobQueue.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the job queue.\n" }, "computeEnvironmentOrders": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobQueueComputeEnvironmentOrder:getJobQueueComputeEnvironmentOrder" }, "description": "The compute environments that are attached to the job queue and the order in\nwhich job placement is preferred. Compute environments are selected for job placement in ascending order.\n* `compute_environment_order.#.order` - The order of the compute environment.\n* `compute_environment_order.#.compute_environment` - The ARN of the compute environment.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "priority": { "type": "integer", "description": "The priority of the job queue. Job queues with a higher priority are evaluated first when\nassociated with the same compute environment.\n" }, "state": { "type": "string", "description": "Describes the ability of the queue to accept new jobs (for example, `ENABLED` or `DISABLED`).\n" }, "status": { "type": "string", "description": "The current status of the job queue (for example, `CREATING` or `VALID`).\n" }, "statusReason": { "type": "string", "description": "A short, human-readable string to provide additional details about the current status\nof the job queue.\n" } }, "type": "object", "required": [ "arn", "computeEnvironmentOrders", "name", "priority", "state", "status", "statusReason", "id" ] } }, "aws:cloudformation/getExport:getExport": { "description": "The CloudFormation Export data source allows access to stack\nexports specified in the [Output](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/outputs-section-structure.html) section of the Cloudformation Template using the optional Export Property.\n\n \u003e Note: If you are trying to use a value from a Cloudformation Stack in the same deployment please use normal interpolation or Cloudformation Outputs. \n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst subnetId = pulumi.output(aws.cloudformation.getExport({\n name: \"mySubnetIdExportName\",\n}, { async: true }));\nconst web = new aws.ec2.Instance(\"web\", {\n ami: \"ami-abb07bcb\",\n instanceType: \"t1.micro\",\n subnetId: subnetId.value,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsubnet_id = aws.cloudformation.get_export(name=\"mySubnetIdExportName\")\nweb = aws.ec2.Instance(\"web\",\n ami=\"ami-abb07bcb\",\n instance_type=\"t1.micro\",\n subnet_id=subnet_id.value)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var subnetId = Output.Create(Aws.CloudFormation.GetExport.InvokeAsync(new Aws.CloudFormation.GetExportArgs\n {\n Name = \"mySubnetIdExportName\",\n }));\n var web = new Aws.Ec2.Instance(\"web\", new Aws.Ec2.InstanceArgs\n {\n Ami = \"ami-abb07bcb\",\n InstanceType = \"t1.micro\",\n SubnetId = subnetId.Apply(subnetId =\u003e subnetId.Value),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsubnetId, err := cloudformation.GetExport(ctx, \u0026cloudformation.GetExportArgs{\n\t\t\tName: \"mySubnetIdExportName\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"web\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-abb07bcb\"),\n\t\t\tInstanceType: pulumi.String(\"t1.micro\"),\n\t\t\tSubnetId: pulumi.String(subnetId.Value),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getExport.\n", "properties": { "name": { "type": "string", "description": "The name of the export as it appears in the console or from [list-exports](http://docs.aws.amazon.com/cli/latest/reference/cloudformation/list-exports.html)\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getExport.\n", "properties": { "exportingStackId": { "type": "string", "description": "The exporting_stack_id (AWS ARNs) equivalent `ExportingStackId` from [list-exports](http://docs.aws.amazon.com/cli/latest/reference/cloudformation/list-exports.html)\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "value": { "type": "string", "description": "The value from Cloudformation export identified by the export name found from [list-exports](http://docs.aws.amazon.com/cli/latest/reference/cloudformation/list-exports.html)\n" } }, "type": "object", "required": [ "exportingStackId", "name", "value", "id" ] } }, "aws:cloudformation/getStack:getStack": { "description": "The CloudFormation Stack data source allows access to stack\noutputs and other useful data including the template body.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst network = pulumi.output(aws.cloudformation.getStack({\n name: \"my-network-stack\",\n}, { async: true }));\nconst web = new aws.ec2.Instance(\"web\", {\n ami: \"ami-abb07bcb\",\n instanceType: \"t1.micro\",\n subnetId: network.apply(network =\u003e network.outputs[\"SubnetId\"]),\n tags: {\n Name: \"HelloWorld\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnetwork = aws.cloudformation.get_stack(name=\"my-network-stack\")\nweb = aws.ec2.Instance(\"web\",\n ami=\"ami-abb07bcb\",\n instance_type=\"t1.micro\",\n subnet_id=network.outputs[\"SubnetId\"],\n tags={\n \"Name\": \"HelloWorld\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var network = Output.Create(Aws.CloudFormation.GetStack.InvokeAsync(new Aws.CloudFormation.GetStackArgs\n {\n Name = \"my-network-stack\",\n }));\n var web = new Aws.Ec2.Instance(\"web\", new Aws.Ec2.InstanceArgs\n {\n Ami = \"ami-abb07bcb\",\n InstanceType = \"t1.micro\",\n SubnetId = network.Apply(network =\u003e network.Outputs.SubnetId),\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnetwork, err := cloudformation.LookupStack(ctx, \u0026cloudformation.LookupStackArgs{\n\t\t\tName: \"my-network-stack\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"web\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-abb07bcb\"),\n\t\t\tInstanceType: pulumi.String(\"t1.micro\"),\n\t\t\tSubnetId: pulumi.String(network.Outputs.SubnetId),\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getStack.\n", "properties": { "name": { "type": "string", "description": "The name of the stack\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags associated with this stack.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getStack.\n", "properties": { "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities\n" }, "description": { "type": "string", "description": "Description of the stack\n" }, "disableRollback": { "type": "boolean", "description": "Whether the rollback of the stack is disabled when stack creation fails\n" }, "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role used to create the stack.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "notificationArns": { "type": "array", "items": { "type": "string" }, "description": "A list of SNS topic ARNs to publish stack related events\n" }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of outputs from the stack.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of parameters that specify input parameters for the stack.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags associated with this stack.\n" }, "templateBody": { "type": "string", "description": "Structure containing the template body.\n" }, "timeoutInMinutes": { "type": "integer", "description": "The amount of time that can pass before the stack status becomes `CREATE_FAILED`\n" } }, "type": "object", "required": [ "capabilities", "description", "disableRollback", "iamRoleArn", "name", "notificationArns", "outputs", "parameters", "tags", "templateBody", "timeoutInMinutes", "id" ] } }, "aws:cloudfront/getDistribution:getDistribution": { "description": "Use this data source to retrieve information about a CloudFront distribution.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.output(aws.cloudfront.getDistribution({\n id: \"EDFDVBD632BHDS5\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cloudfront.get_distribution(id=\"EDFDVBD632BHDS5\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.CloudFront.GetDistribution.InvokeAsync(new Aws.CloudFront.GetDistributionArgs\n {\n Id = \"EDFDVBD632BHDS5\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupDistribution(ctx, \u0026cloudfront.LookupDistributionArgs{\n\t\t\tId: \"EDFDVBD632BHDS5\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getDistribution.\n", "properties": { "id": { "type": "string", "description": "The identifier for the distribution. For example: `EDFDVBD632BHDS5`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getDistribution.\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.\n" }, "domainName": { "type": "string", "description": "The domain name corresponding to the distribution. For\nexample: `d604721fxaaqy9.cloudfront.net`.\n" }, "enabled": { "type": "boolean" }, "etag": { "type": "string", "description": "The current version of the distribution's information. For example:\n`E2QWRUHAPOMQZL`.\n" }, "hostedZoneId": { "type": "string", "description": "The CloudFront Route 53 zone ID that can be used to\nroute an [Alias Resource Record Set][7] to. This attribute is simply an\nalias for the zone ID `Z2FDTNDATAQYW2`.\n" }, "id": { "type": "string", "description": "The identifier for the distribution. For example: `EDFDVBD632BHDS5`.\n" }, "inProgressValidationBatches": { "type": "integer", "description": "The number of invalidation batches\ncurrently in progress.\n" }, "lastModifiedTime": { "type": "string", "description": "The date and time the distribution was last modified.\n" }, "status": { "type": "string", "description": "The current status of the distribution. `Deployed` if the\ndistribution's information is fully propagated throughout the Amazon\nCloudFront system.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "arn", "domainName", "enabled", "etag", "hostedZoneId", "id", "inProgressValidationBatches", "lastModifiedTime", "status" ] } }, "aws:cloudhsmv2/getCluster:getCluster": { "description": "Use this data source to get information about a CloudHSM v2 cluster\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cluster = pulumi.output(aws.cloudhsmv2.getCluster({\n clusterId: \"cluster-testclusterid\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster = aws.cloudhsmv2.get_cluster(cluster_id=\"cluster-testclusterid\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var cluster = Output.Create(Aws.CloudHsmV2.GetCluster.InvokeAsync(new Aws.CloudHsmV2.GetClusterArgs\n {\n ClusterId = \"cluster-testclusterid\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudhsmv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudhsmv2.LookupCluster(ctx, \u0026cloudhsmv2.LookupClusterArgs{\n\t\t\tClusterId: \"cluster-testclusterid\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterId": { "type": "string", "description": "The id of Cloud HSM v2 cluster.\n" }, "clusterState": { "type": "string", "description": "The state of the cluster to be found.\n" } }, "type": "object", "required": [ "clusterId" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "clusterCertificates": { "$ref": "#/types/aws:cloudhsmv2/getClusterClusterCertificates:getClusterClusterCertificates", "description": "The list of cluster certificates.\n* `cluster_certificates.0.cluster_certificate` - The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster's owner.\n* `cluster_certificates.0.cluster_csr` - The certificate signing request (CSR). Available only in UNINITIALIZED state.\n* `cluster_certificates.0.aws_hardware_certificate` - The HSM hardware certificate issued (signed) by AWS CloudHSM.\n* `cluster_certificates.0.hsm_certificate` - The HSM certificate issued (signed) by the HSM hardware.\n* `cluster_certificates.0.manufacturer_hardware_certificate` - The HSM hardware certificate issued (signed) by the hardware manufacturer.\nThe number of available cluster certificates may vary depending on state of the cluster.\n" }, "clusterId": { "type": "string" }, "clusterState": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group associated with the CloudHSM cluster.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of subnets in which cluster operates.\n" }, "vpcId": { "type": "string", "description": "The id of the VPC that the CloudHSM cluster resides in.\n" } }, "type": "object", "required": [ "clusterCertificates", "clusterId", "clusterState", "securityGroupId", "subnetIds", "vpcId", "id" ] } }, "aws:cloudtrail/getServiceAccount:getServiceAccount": { "description": "Use this data source to get the Account ID of the [AWS CloudTrail Service Account](http://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-supported-regions.html)\nin a given region for the purpose of allowing CloudTrail to store trail data in S3.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = pulumi.output(aws.cloudtrail.getServiceAccount({ async: true }));\nconst bucket = new aws.s3.Bucket(\"bucket\", {\n forceDestroy: true,\n policy: pulumi.interpolate`{\n \"Version\": \"2008-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"Put bucket policy needed for trails\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"${main.arn}\"\n },\n \"Action\": \"s3:PutObject\",\n \"Resource\": \"arn:aws:s3:::tf-cloudtrail-logging-test-bucket/*\"\n },\n {\n \"Sid\": \"Get bucket policy needed for trails\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"${main.arn}\"\n },\n \"Action\": \"s3:GetBucketAcl\",\n \"Resource\": \"arn:aws:s3:::tf-cloudtrail-logging-test-bucket\"\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.cloudtrail.get_service_account()\nbucket = aws.s3.Bucket(\"bucket\",\n force_destroy=True,\n policy=f\"\"\"{{\n \"Version\": \"2008-10-17\",\n \"Statement\": [\n {{\n \"Sid\": \"Put bucket policy needed for trails\",\n \"Effect\": \"Allow\",\n \"Principal\": {{\n \"AWS\": \"{main.arn}\"\n }},\n \"Action\": \"s3:PutObject\",\n \"Resource\": \"arn:aws:s3:::tf-cloudtrail-logging-test-bucket/*\"\n }},\n {{\n \"Sid\": \"Get bucket policy needed for trails\",\n \"Effect\": \"Allow\",\n \"Principal\": {{\n \"AWS\": \"{main.arn}\"\n }},\n \"Action\": \"s3:GetBucketAcl\",\n \"Resource\": \"arn:aws:s3:::tf-cloudtrail-logging-test-bucket\"\n }}\n ]\n}}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = Output.Create(Aws.CloudTrail.GetServiceAccount.InvokeAsync());\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n ForceDestroy = true,\n Policy = Output.Tuple(main, main).Apply(values =\u003e\n {\n var main = values.Item1;\n var main1 = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2008-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Sid\"\": \"\"Put bucket policy needed for trails\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {{\n \"\"AWS\"\": \"\"{main.Arn}\"\"\n }},\n \"\"Action\"\": \"\"s3:PutObject\"\",\n \"\"Resource\"\": \"\"arn:aws:s3:::tf-cloudtrail-logging-test-bucket/*\"\"\n }},\n {{\n \"\"Sid\"\": \"\"Get bucket policy needed for trails\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {{\n \"\"AWS\"\": \"\"{main1.Arn}\"\"\n }},\n \"\"Action\"\": \"\"s3:GetBucketAcl\"\",\n \"\"Resource\"\": \"\"arn:aws:s3:::tf-cloudtrail-logging-test-bucket\"\"\n }}\n ]\n}}\n\n\";\n }),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := cloudtrail.GetServiceAccount(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Version\\\": \\\"2008-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"Put bucket policy needed for trails\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"AWS\\\": \\\"\", main.Arn, \"\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"s3:PutObject\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:s3:::tf-cloudtrail-logging-test-bucket/*\\\"\\n\", \" },\\n\", \" {\\n\", \" \\\"Sid\\\": \\\"Get bucket policy needed for trails\\\",\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"AWS\\\": \\\"\", main.Arn, \"\\\"\\n\", \" },\\n\", \" \\\"Action\\\": \\\"s3:GetBucketAcl\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:s3:::tf-cloudtrail-logging-test-bucket\\\"\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getServiceAccount.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS CloudTrail account ID is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getServiceAccount.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the AWS CloudTrail service account in the selected region.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "region": { "type": "string" } }, "type": "object", "required": [ "arn", "id" ] } }, "aws:cloudwatch/getLogGroup:getLogGroup": { "description": "Use this data source to get information about an AWS Cloudwatch Log Group\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.cloudwatch.getLogGroup({\n name: \"MyImportantLogs\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.get_log_group(name=\"MyImportantLogs\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.CloudWatch.GetLogGroup.InvokeAsync(new Aws.CloudWatch.GetLogGroupArgs\n {\n Name = \"MyImportantLogs\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.LookupLogGroup(ctx, \u0026cloudwatch.LookupLogGroupArgs{\n\t\t\tName: \"MyImportantLogs\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLogGroup.\n", "properties": { "name": { "type": "string", "description": "The name of the Cloudwatch log group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getLogGroup.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Cloudwatch log group\n" }, "creationTime": { "type": "integer", "description": "The creation time of the log group, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the KMS Key to use when encrypting log data.\n" }, "name": { "type": "string" }, "retentionInDays": { "type": "integer", "description": "The number of days log events retained in the specified log group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object", "required": [ "arn", "creationTime", "kmsKeyId", "name", "retentionInDays", "tags", "id" ] } }, "aws:codecommit/getRepository:getRepository": { "description": "The CodeCommit Repository data source allows the ARN, Repository ID, Repository URL for HTTP and Repository URL for SSH to be retrieved for an CodeCommit repository.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.output(aws.codecommit.getRepository({\n repositoryName: \"MyTestRepository\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.codecommit.get_repository(repository_name=\"MyTestRepository\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.CodeCommit.GetRepository.InvokeAsync(new Aws.CodeCommit.GetRepositoryArgs\n {\n RepositoryName = \"MyTestRepository\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codecommit.LookupRepository(ctx, \u0026codecommit.LookupRepositoryArgs{\n\t\t\tRepositoryName: \"MyTestRepository\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRepository.\n", "properties": { "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" } }, "type": "object", "required": [ "repositoryName" ] }, "outputs": { "description": "A collection of values returned by getRepository.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the repository\n" }, "cloneUrlHttp": { "type": "string", "description": "The URL to use for cloning the repository over HTTPS.\n" }, "cloneUrlSsh": { "type": "string", "description": "The URL to use for cloning the repository over SSH.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "repositoryId": { "type": "string", "description": "The ID of the repository\n" }, "repositoryName": { "type": "string" } }, "type": "object", "required": [ "arn", "cloneUrlHttp", "cloneUrlSsh", "repositoryId", "repositoryName", "id" ] } }, "aws:cognito/getUserPools:getUserPools": { "description": "Use this data source to get a list of cognito user pools.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selectedRestApi = pulumi.output(aws.apigateway.getRestApi({\n name: var_api_gateway_name,\n}, { async: true }));\nconst selectedUserPools = pulumi.output(aws.cognito.getUserPools({\n name: var_cognito_user_pool_name,\n}, { async: true }));\nconst cognito = new aws.apigateway.Authorizer(\"cognito\", {\n providerArns: selectedUserPools.arns,\n restApi: selectedRestApi.id,\n type: \"COGNITO_USER_POOLS\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected_rest_api = aws.apigateway.get_rest_api(name=var[\"api_gateway_name\"])\nselected_user_pools = aws.cognito.get_user_pools(name=var[\"cognito_user_pool_name\"])\ncognito = aws.apigateway.Authorizer(\"cognito\",\n provider_arns=selected_user_pools.arns,\n rest_api=selected_rest_api.id,\n type=\"COGNITO_USER_POOLS\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var selectedRestApi = Output.Create(Aws.ApiGateway.GetRestApi.InvokeAsync(new Aws.ApiGateway.GetRestApiArgs\n {\n Name = @var.Api_gateway_name,\n }));\n var selectedUserPools = Output.Create(Aws.Cognito.GetUserPools.InvokeAsync(new Aws.Cognito.GetUserPoolsArgs\n {\n Name = @var.Cognito_user_pool_name,\n }));\n var cognito = new Aws.ApiGateway.Authorizer(\"cognito\", new Aws.ApiGateway.AuthorizerArgs\n {\n ProviderArns = selectedUserPools.Apply(selectedUserPools =\u003e selectedUserPools.Arns),\n RestApi = selectedRestApi.Apply(selectedRestApi =\u003e selectedRestApi.Id),\n Type = \"COGNITO_USER_POOLS\",\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getUserPools.\n", "properties": { "name": { "type": "string", "description": "Name of the cognito user pools. Name is not a unique attribute for cognito user pool, so multiple pools might be returned with given name.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getUserPools.\n", "properties": { "arns": { "type": "array", "items": { "type": "string" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "The list of cognito user pool ids.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "arns", "ids", "name", "id" ] } }, "aws:cur/getReportDefinition:getReportDefinition": { "description": "Use this data source to get information on an AWS Cost and Usage Report Definition.\n\n\u003e *NOTE:* The AWS Cost and Usage Report service is only available in `us-east-1` currently.\n\n\u003e *NOTE:* If AWS Organizations is enabled, only the master account can use this resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst reportDefinition = pulumi.output(aws.cur.getReportDefinition({\n reportName: \"example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreport_definition = aws.cur.get_report_definition(report_name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var reportDefinition = Output.Create(Aws.Cur.GetReportDefinition.InvokeAsync(new Aws.Cur.GetReportDefinitionArgs\n {\n ReportName = \"example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cur\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cur.LookupReportDefinition(ctx, \u0026cur.LookupReportDefinitionArgs{\n\t\t\tReportName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getReportDefinition.\n", "properties": { "reportName": { "type": "string", "description": "The name of the report definition to match.\n" } }, "type": "object", "required": [ "reportName" ] }, "outputs": { "description": "A collection of values returned by getReportDefinition.\n", "properties": { "additionalArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of additional artifacts.\n" }, "additionalSchemaElements": { "type": "array", "items": { "type": "string" }, "description": "A list of schema elements.\n" }, "compression": { "type": "string", "description": "Preferred format for report.\n" }, "format": { "type": "string", "description": "Preferred compression format for report.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "reportName": { "type": "string" }, "s3Bucket": { "type": "string", "description": "Name of customer S3 bucket.\n" }, "s3Prefix": { "type": "string", "description": "Preferred report path prefix.\n" }, "s3Region": { "type": "string", "description": "Region of customer S3 bucket.\n" }, "timeUnit": { "type": "string", "description": "The frequency on which report data are measured and displayed.\n" } }, "type": "object", "required": [ "additionalArtifacts", "additionalSchemaElements", "compression", "format", "reportName", "s3Bucket", "s3Prefix", "s3Region", "timeUnit", "id" ] } }, "aws:directconnect/getGateway:getGateway": { "description": "Retrieve information about a Direct Connect Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.directconnect.getGateway({\n name: \"example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.get_gateway(name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.DirectConnect.GetGateway.InvokeAsync(new Aws.DirectConnect.GetGatewayArgs\n {\n Name = \"example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.LookupGateway(ctx, \u0026directconnect.LookupGatewayArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getGateway.\n", "properties": { "name": { "type": "string", "description": "The name of the gateway to retrieve.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getGateway.\n", "properties": { "amazonSideAsn": { "type": "string", "description": "The ASN on the Amazon side of the connection.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "ownerAccountId": { "type": "string", "description": "AWS Account ID of the gateway.\n" } }, "type": "object", "required": [ "amazonSideAsn", "name", "ownerAccountId", "id" ] } }, "aws:directoryservice/getDirectory:getDirectory": { "description": "Get attributes of AWS Directory Service directory (SimpleAD, Managed AD, AD Connector). It's especially useful to refer AWS Managed AD or on-premise AD in AD Connector configuration. \n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws_directory_service_directory_main.id.apply(id =\u003e aws.directoryservice.getDirectory({\n directoryId: id,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directoryservice.get_directory(directory_id=aws_directory_service_directory[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.DirectoryService.GetDirectory.InvokeAsync(new Aws.DirectoryService.GetDirectoryArgs\n {\n DirectoryId = aws_directory_service_directory.Main.Id,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directoryservice.LookupDirectory(ctx, \u0026directoryservice.LookupDirectoryArgs{\n\t\t\tDirectoryId: aws_directory_service_directory.Main.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getDirectory.\n", "properties": { "directoryId": { "type": "string", "description": "The ID of the directory.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the directory/connector.\n" } }, "type": "object", "required": [ "directoryId" ] }, "outputs": { "description": "A collection of values returned by getDirectory.\n", "properties": { "accessUrl": { "type": "string", "description": "The access URL for the directory/connector, such as http://alias.awsapps.com.\n" }, "alias": { "type": "string", "description": "The alias for the directory/connector, such as `d-991708b282.awsapps.com`.\n" }, "connectSettings": { "type": "array", "items": { "$ref": "#/types/aws:directoryservice/getDirectoryConnectSetting:getDirectoryConnectSetting" } }, "description": { "type": "string", "description": "A textual description for the directory/connector.\n" }, "directoryId": { "type": "string" }, "dnsIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "A list of IP addresses of the DNS servers for the directory/connector.\n" }, "edition": { "type": "string", "description": "(for `MicrosoftAD`) The Microsoft AD edition (`Standard` or `Enterprise`).\n" }, "enableSso": { "type": "boolean", "description": "The directory/connector single-sign on status.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string", "description": "The fully qualified name for the directory/connector.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group created by the directory/connector.\n" }, "shortName": { "type": "string", "description": "The short name of the directory/connector, such as `CORP`.\n" }, "size": { "type": "string", "description": "(for `SimpleAD` and `ADConnector`) The size of the directory/connector (`Small` or `Large`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the directory/connector.\n" }, "type": { "type": "string", "description": "The directory type (`SimpleAD`, `ADConnector` or `MicrosoftAD`).\n" }, "vpcSettings": { "type": "array", "items": { "$ref": "#/types/aws:directoryservice/getDirectoryVpcSetting:getDirectoryVpcSetting" } } }, "type": "object", "required": [ "accessUrl", "alias", "connectSettings", "description", "directoryId", "dnsIpAddresses", "edition", "enableSso", "name", "securityGroupId", "shortName", "size", "type", "vpcSettings", "id" ] } }, "aws:dynamodb/getTable:getTable": { "description": "Provides information about a DynamoDB table.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tableName = pulumi.output(aws.dynamodb.getTable({\n name: \"tableName\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntable_name = aws.dynamodb.get_table(name=\"tableName\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var tableName = Output.Create(Aws.DynamoDB.GetTable.InvokeAsync(new Aws.DynamoDB.GetTableArgs\n {\n Name = \"tableName\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.LookupTable(ctx, \u0026dynamodb.LookupTableArgs{\n\t\t\tName: \"tableName\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getTable.\n", "properties": { "name": { "type": "string", "description": "The name of the DynamoDB table.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dynamodb/getTableServerSideEncryption:getTableServerSideEncryption" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getTable.\n", "properties": { "arn": { "type": "string" }, "attributes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/getTableAttribute:getTableAttribute" } }, "billingMode": { "type": "string" }, "globalSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/getTableGlobalSecondaryIndex:getTableGlobalSecondaryIndex" } }, "hashKey": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "localSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/getTableLocalSecondaryIndex:getTableLocalSecondaryIndex" } }, "name": { "type": "string" }, "pointInTimeRecovery": { "$ref": "#/types/aws:dynamodb/getTablePointInTimeRecovery:getTablePointInTimeRecovery" }, "rangeKey": { "type": "string" }, "readCapacity": { "type": "integer" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/getTableReplica:getTableReplica" } }, "serverSideEncryption": { "$ref": "#/types/aws:dynamodb/getTableServerSideEncryption:getTableServerSideEncryption" }, "streamArn": { "type": "string" }, "streamEnabled": { "type": "boolean" }, "streamLabel": { "type": "string" }, "streamViewType": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "ttl": { "$ref": "#/types/aws:dynamodb/getTableTtl:getTableTtl" }, "writeCapacity": { "type": "integer" } }, "type": "object", "required": [ "arn", "attributes", "billingMode", "globalSecondaryIndexes", "hashKey", "localSecondaryIndexes", "name", "pointInTimeRecovery", "rangeKey", "readCapacity", "replicas", "serverSideEncryption", "streamArn", "streamEnabled", "streamLabel", "streamViewType", "tags", "ttl", "writeCapacity", "id" ] } }, "aws:ebs/getDefaultKmsKey:getDefaultKmsKey": { "description": "Use this data source to get the default EBS encryption KMS key in the current region.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.ebs.getDefaultKmsKey({ async: true }));\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n encrypted: true,\n kmsKeyId: current.keyArn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.ebs.get_default_kms_key()\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n encrypted=True,\n kms_key_id=current.key_arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.Ebs.GetDefaultKmsKey.InvokeAsync());\n var example = new Aws.Ebs.Volume(\"example\", new Aws.Ebs.VolumeArgs\n {\n AvailabilityZone = \"us-west-2a\",\n Encrypted = true,\n KmsKeyId = current.Apply(current =\u003e current.KeyArn),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := ebs.LookupDefaultKmsKey(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tEncrypted: pulumi.Bool(true),\n\t\t\tKmsKeyId: pulumi.String(current.KeyArn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getDefaultKmsKey.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "keyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the default KMS key uses to encrypt an EBS volume in this region when no key is specified in an API call that creates the volume and encryption by default is enabled.\n" } }, "type": "object", "required": [ "keyArn", "id" ] } }, "aws:ebs/getEbsVolumes:getEbsVolumes": { "description": "`aws.ebs.getEbsVolumes` provides identifying information for EBS volumes matching given criteria.\n\nThis data source can be useful for getting a list of volume IDs with (for example) matching tags.\n", "inputs": { "description": "A collection of arguments for invoking getEbsVolumes.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getEbsVolumesFilter:getEbsVolumesFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired volumes.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEbsVolumes.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getEbsVolumesFilter:getEbsVolumesFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "A set of all the EBS Volume IDs found. This data source will fail if\nno volumes match the provided criteria.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "ids", "id" ] } }, "aws:ebs/getEncryptionByDefault:getEncryptionByDefault": { "description": "Provides a way to check whether default EBS encryption is enabled for your AWS account in the current AWS region.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.ebs.getEncryptionByDefault({ async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.ebs.get_encryption_by_default()\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.Ebs.GetEncryptionByDefault.InvokeAsync());\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.LookupEncryptionByDefault(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getEncryptionByDefault.\n", "properties": { "enabled": { "type": "boolean", "description": "Whether or not default EBS encryption is enabled. Returns as `true` or `false`.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" } }, "type": "object", "required": [ "enabled", "id" ] } }, "aws:ebs/getSnapshot:getSnapshot": { "description": "Use this data source to get information about an EBS Snapshot for use when provisioning EBS Volumes\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ebsVolume = pulumi.output(aws.ebs.getSnapshot({\n filters: [\n {\n name: \"volume-size\",\n values: [\"40\"],\n },\n {\n name: \"tag:Name\",\n values: [\"Example\"],\n },\n ],\n mostRecent: true,\n owners: [\"self\"],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nebs_volume = aws.ebs.get_snapshot(filters=[\n {\n \"name\": \"volume-size\",\n \"values\": [\"40\"],\n },\n {\n \"name\": \"tag:Name\",\n \"values\": [\"Example\"],\n },\n ],\n most_recent=True,\n owners=[\"self\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ebsVolume = Output.Create(Aws.Ebs.GetSnapshot.InvokeAsync(new Aws.Ebs.GetSnapshotArgs\n {\n Filters = \n {\n new Aws.Ebs.Inputs.GetSnapshotFilterArgs\n {\n Name = \"volume-size\",\n Values = \n {\n \"40\",\n },\n },\n new Aws.Ebs.Inputs.GetSnapshotFilterArgs\n {\n Name = \"tag:Name\",\n Values = \n {\n \"Example\",\n },\n },\n },\n MostRecent = true,\n Owners = \n {\n \"self\",\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\t_, err := ebs.LookupSnapshot(ctx, \u0026ebs.LookupSnapshotArgs{\n\t\t\tFilters: []ebs.GetSnapshotFilter{\n\t\t\t\tebs.GetSnapshotFilter{\n\t\t\t\t\tName: \"volume-size\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"40\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tebs.GetSnapshotFilter{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Example\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tMostRecent: \u0026opt0,\n\t\t\tOwners: []string{\n\t\t\t\t\"self\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSnapshot.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getSnapshotFilter:getSnapshotFilter" }, "description": "One or more name/value pairs to filter off of. There are\nseveral valid keys, for a full reference, check out\n[describe-snapshots in the AWS CLI reference][1].\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most recent snapshot.\n" }, "owners": { "type": "array", "items": { "type": "string" }, "description": "Returns the snapshots owned by the specified owner id. Multiple owners can be specified.\n" }, "restorableByUserIds": { "type": "array", "items": { "type": "string" }, "description": "One or more AWS accounts IDs that can create volumes from the snapshot.\n" }, "snapshotIds": { "type": "array", "items": { "type": "string" }, "description": "Returns information on a specific snapshot_id.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSnapshot.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n" }, "description": { "type": "string", "description": "A description for the snapshot\n" }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getSnapshotFilter:getSnapshotFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "mostRecent": { "type": "boolean" }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the EBS snapshot owner.\n" }, "owners": { "type": "array", "items": { "type": "string" } }, "restorableByUserIds": { "type": "array", "items": { "type": "string" } }, "snapshotId": { "type": "string", "description": "The snapshot ID (e.g. snap-59fcb34e).\n" }, "snapshotIds": { "type": "array", "items": { "type": "string" } }, "state": { "type": "string", "description": "The snapshot state.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the resource.\n" }, "volumeId": { "type": "string", "description": "The volume ID (e.g. vol-59fcb34e).\n" }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "type": "object", "required": [ "arn", "dataEncryptionKeyId", "description", "encrypted", "kmsKeyId", "ownerAlias", "ownerId", "snapshotId", "state", "tags", "volumeId", "volumeSize", "id" ] } }, "aws:ebs/getSnapshotIds:getSnapshotIds": { "description": "Use this data source to get a list of EBS Snapshot IDs matching the specified\ncriteria.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ebsVolumes = pulumi.output(aws.ebs.getSnapshotIds({\n filters: [\n {\n name: \"volume-size\",\n values: [\"40\"],\n },\n {\n name: \"tag:Name\",\n values: [\"Example\"],\n },\n ],\n owners: [\"self\"],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nebs_volumes = aws.ebs.get_snapshot_ids(filters=[\n {\n \"name\": \"volume-size\",\n \"values\": [\"40\"],\n },\n {\n \"name\": \"tag:Name\",\n \"values\": [\"Example\"],\n },\n ],\n owners=[\"self\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ebsVolumes = Output.Create(Aws.Ebs.GetSnapshotIds.InvokeAsync(new Aws.Ebs.GetSnapshotIdsArgs\n {\n Filters = \n {\n new Aws.Ebs.Inputs.GetSnapshotIdsFilterArgs\n {\n Name = \"volume-size\",\n Values = \n {\n \"40\",\n },\n },\n new Aws.Ebs.Inputs.GetSnapshotIdsFilterArgs\n {\n Name = \"tag:Name\",\n Values = \n {\n \"Example\",\n },\n },\n },\n Owners = \n {\n \"self\",\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.GetSnapshotIds(ctx, \u0026ebs.GetSnapshotIdsArgs{\n\t\t\tFilters: []ebs.GetSnapshotIdsFilter{\n\t\t\t\tebs.GetSnapshotIdsFilter{\n\t\t\t\t\tName: \"volume-size\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"40\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tebs.GetSnapshotIdsFilter{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Example\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOwners: []string{\n\t\t\t\t\"self\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSnapshotIds.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getSnapshotIdsFilter:getSnapshotIdsFilter" }, "description": "One or more name/value pairs to filter off of. There are\nseveral valid keys, for a full reference, check out\n[describe-volumes in the AWS CLI reference][1].\n" }, "owners": { "type": "array", "items": { "type": "string" }, "description": "Returns the snapshots owned by the specified owner id. Multiple owners can be specified.\n" }, "restorableByUserIds": { "type": "array", "items": { "type": "string" }, "description": "One or more AWS accounts IDs that can create volumes from the snapshot.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSnapshotIds.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getSnapshotIdsFilter:getSnapshotIdsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" } }, "owners": { "type": "array", "items": { "type": "string" } }, "restorableByUserIds": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "ids", "id" ] } }, "aws:ebs/getVolume:getVolume": { "description": "Use this data source to get information about an EBS volume for use in other\nresources.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ebsVolume = pulumi.output(aws.ebs.getVolume({\n filters: [\n {\n name: \"volume-type\",\n values: [\"gp2\"],\n },\n {\n name: \"tag:Name\",\n values: [\"Example\"],\n },\n ],\n mostRecent: true,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nebs_volume = aws.ebs.get_volume(filters=[\n {\n \"name\": \"volume-type\",\n \"values\": [\"gp2\"],\n },\n {\n \"name\": \"tag:Name\",\n \"values\": [\"Example\"],\n },\n ],\n most_recent=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ebsVolume = Output.Create(Aws.Ebs.GetVolume.InvokeAsync(new Aws.Ebs.GetVolumeArgs\n {\n Filters = \n {\n new Aws.Ebs.Inputs.GetVolumeFilterArgs\n {\n Name = \"volume-type\",\n Values = \n {\n \"gp2\",\n },\n },\n new Aws.Ebs.Inputs.GetVolumeFilterArgs\n {\n Name = \"tag:Name\",\n Values = \n {\n \"Example\",\n },\n },\n },\n MostRecent = true,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\t_, err := ebs.LookupVolume(ctx, \u0026ebs.LookupVolumeArgs{\n\t\t\tFilters: []ebs.GetVolumeFilter{\n\t\t\t\tebs.GetVolumeFilter{\n\t\t\t\t\tName: \"volume-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"gp2\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tebs.GetVolumeFilter{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Example\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tMostRecent: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getVolume.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getVolumeFilter:getVolumeFilter" }, "description": "One or more name/value pairs to filter off of. There are\nseveral valid keys, for a full reference, check out\n[describe-volumes in the AWS CLI reference][1].\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most\nrecent Volume.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVolume.\n", "properties": { "arn": { "type": "string", "description": "The volume ARN (e.g. arn:aws:ec2:us-east-1:0123456789012:volume/vol-59fcb34e).\n" }, "availabilityZone": { "type": "string", "description": "The AZ where the EBS volume exists.\n" }, "encrypted": { "type": "boolean", "description": "Whether the disk is encrypted.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getVolumeFilter:getVolumeFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "iops": { "type": "integer", "description": "The amount of IOPS for the disk.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "mostRecent": { "type": "boolean" }, "multiAttachEnabled": { "type": "boolean", "description": "(Optional) Specifies whether Amazon EBS Multi-Attach is enabled.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "size": { "type": "integer", "description": "The size of the drive in GiBs.\n" }, "snapshotId": { "type": "string", "description": "The snapshot_id the EBS volume is based off.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the resource.\n" }, "volumeId": { "type": "string", "description": "The volume ID (e.g. vol-59fcb34e).\n" }, "volumeType": { "type": "string", "description": "The type of EBS volume.\n" } }, "type": "object", "required": [ "arn", "availabilityZone", "encrypted", "iops", "kmsKeyId", "multiAttachEnabled", "outpostArn", "size", "snapshotId", "tags", "volumeId", "volumeType", "id" ] } }, "aws:ec2/getCoipPool:getCoipPool": { "description": "Provides details about a specific EC2 Customer-Owned IP Pool.\n\nThis data source can prove useful when a module accepts a coip pool id as\nan input variable and needs to, for example, determine the CIDR block of that\nCOIP Pool.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example returns a specific coip pool ID\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst coipPoolId = config.require(\"coipPoolId\");\n\nconst selected = pulumi.output(aws.ec2.getCoipPool({\n id: coipPoolId,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ncoip_pool_id = config.require_object(\"coipPoolId\")\nselected = aws.ec2.get_coip_pool(id=coip_pool_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var coipPoolId = config.RequireObject\u003cdynamic\u003e(\"coipPoolId\");\n var selected = Output.Create(Aws.Ec2.GetCoipPool.InvokeAsync(new Aws.Ec2.GetCoipPoolArgs\n {\n Id = coipPoolId,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetCoipPool(ctx, \u0026ec2.GetCoipPoolArgs{\n\t\t\tId: coipPoolId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCoipPool.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getCoipPoolFilter:getCoipPoolFilter" } }, "localGatewayRouteTableId": { "type": "string", "description": "Local Gateway Route Table Id assigned to desired COIP Pool\n" }, "poolId": { "type": "string", "description": "The id of the specific COIP Pool to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags, each pair of which must exactly match\na pair on the desired COIP Pool.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCoipPool.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getCoipPoolFilter:getCoipPoolFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "localGatewayRouteTableId": { "type": "string" }, "poolCidrs": { "type": "array", "items": { "type": "string" }, "description": "Set of CIDR blocks in pool\n" }, "poolId": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "localGatewayRouteTableId", "poolCidrs", "poolId", "tags", "id" ] } }, "aws:ec2/getCoipPools:getCoipPools": { "description": "Provides information for multiple EC2 Customer-Owned IP Pools, such as their identifiers.\n", "inputs": { "description": "A collection of arguments for invoking getCoipPools.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getCoipPoolsFilter:getCoipPoolsFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags, each pair of which must exactly match\na pair on the desired aws_ec2_coip_pools.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCoipPools.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getCoipPoolsFilter:getCoipPoolsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "poolIds": { "type": "array", "items": { "type": "string" }, "description": "Set of COIP Pool Identifiers\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "poolIds", "tags", "id" ] } }, "aws:ec2/getCustomerGateway:getCustomerGateway": { "description": "Get an existing AWS Customer Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = pulumi.output(aws.ec2.getCustomerGateway({\n filters: [{\n name: \"tag:Name\",\n values: [\"foo-prod\"],\n }],\n}, { async: true }));\nconst main = new aws.ec2.VpnGateway(\"main\", {\n amazonSideAsn: \"7224\",\n vpcId: aws_vpc_main.id,\n});\nconst transit = new aws.ec2.VpnConnection(\"transit\", {\n customerGatewayId: foo.id!,\n staticRoutesOnly: false,\n type: foo.type,\n vpnGatewayId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.get_customer_gateway(filters=[{\n \"name\": \"tag:Name\",\n \"values\": [\"foo-prod\"],\n}])\nmain = aws.ec2.VpnGateway(\"main\",\n amazon_side_asn=7224,\n vpc_id=aws_vpc[\"main\"][\"id\"])\ntransit = aws.ec2.VpnConnection(\"transit\",\n customer_gateway_id=foo.id,\n static_routes_only=False,\n type=foo.type,\n vpn_gateway_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = Output.Create(Aws.Ec2.GetCustomerGateway.InvokeAsync(new Aws.Ec2.GetCustomerGatewayArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetCustomerGatewayFilterArgs\n {\n Name = \"tag:Name\",\n Values = \n {\n \"foo-prod\",\n },\n },\n },\n }));\n var main = new Aws.Ec2.VpnGateway(\"main\", new Aws.Ec2.VpnGatewayArgs\n {\n AmazonSideAsn = \"7224\",\n VpcId = aws_vpc.Main.Id,\n });\n var transit = new Aws.Ec2.VpnConnection(\"transit\", new Aws.Ec2.VpnConnectionArgs\n {\n CustomerGatewayId = foo.Apply(foo =\u003e foo.Id),\n StaticRoutesOnly = false,\n Type = foo.Apply(foo =\u003e foo.Type),\n VpnGatewayId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.LookupCustomerGateway(ctx, \u0026ec2.LookupCustomerGatewayArgs{\n\t\t\tFilters: []ec2.GetCustomerGatewayFilter{\n\t\t\t\tec2.GetCustomerGatewayFilter{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"foo-prod\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := ec2.NewVpnGateway(ctx, \"main\", \u0026ec2.VpnGatewayArgs{\n\t\t\tAmazonSideAsn: pulumi.String(\"7224\"),\n\t\t\tVpcId: pulumi.String(aws_vpc.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnConnection(ctx, \"transit\", \u0026ec2.VpnConnectionArgs{\n\t\t\tCustomerGatewayId: pulumi.String(foo.Id),\n\t\t\tStaticRoutesOnly: pulumi.Bool(false),\n\t\t\tType: pulumi.String(foo.Type),\n\t\t\tVpnGatewayId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCustomerGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getCustomerGatewayFilter:getCustomerGatewayFilter" }, "description": "One or more [name-value pairs][dcg-filters] to filter by.\n" }, "id": { "type": "string", "description": "The ID of the gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the gateway.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCustomerGateway.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the customer gateway.\n" }, "bgpAsn": { "type": "integer", "description": "(Optional) The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getCustomerGatewayFilter:getCustomerGatewayFilter" } }, "id": { "type": "string" }, "ipAddress": { "type": "string", "description": "(Optional) The IP address of the gateway's Internet-routable external interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the gateway.\n" }, "type": { "type": "string", "description": "(Optional) The type of customer gateway. The only type AWS supports at this time is \"ipsec.1\".\n" } }, "type": "object", "required": [ "arn", "bgpAsn", "ipAddress", "tags", "type" ] } }, "aws:ec2/getInstance:getInstance": { "description": "Use this data source to get the ID of an Amazon EC2 Instance for use in other\nresources.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = pulumi.output(aws.ec2.getInstance({\n filters: [\n {\n name: \"image-id\",\n values: [\"ami-xxxxxxxx\"],\n },\n {\n name: \"tag:Name\",\n values: [\"instance-name-tag\"],\n },\n ],\n instanceId: \"i-instanceid\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.get_instance(filters=[\n {\n \"name\": \"image-id\",\n \"values\": [\"ami-xxxxxxxx\"],\n },\n {\n \"name\": \"tag:Name\",\n \"values\": [\"instance-name-tag\"],\n },\n ],\n instance_id=\"i-instanceid\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = Output.Create(Aws.Ec2.GetInstance.InvokeAsync(new Aws.Ec2.GetInstanceArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetInstanceFilterArgs\n {\n Name = \"image-id\",\n Values = \n {\n \"ami-xxxxxxxx\",\n },\n },\n new Aws.Ec2.Inputs.GetInstanceFilterArgs\n {\n Name = \"tag:Name\",\n Values = \n {\n \"instance-name-tag\",\n },\n },\n },\n InstanceId = \"i-instanceid\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"i-instanceid\"\n\t\t_, err := ec2.LookupInstance(ctx, \u0026ec2.LookupInstanceArgs{\n\t\t\tFilters: []ec2.GetInstanceFilter{\n\t\t\t\tec2.GetInstanceFilter{\n\t\t\t\t\tName: \"image-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ami-xxxxxxxx\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tec2.GetInstanceFilter{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"instance-name-tag\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tInstanceId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getInstance.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceFilter:getInstanceFilter" }, "description": "One or more name/value pairs to use as filters. There are\nseveral valid keys, for a full reference, check out\n[describe-instances in the AWS CLI reference][1].\n" }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "getUserData": { "type": "boolean", "description": "Retrieve Base64 encoded User Data contents into the `user_data_base64` attribute. A SHA-1 hash of the User Data contents will always be present in the `user_data` attribute. Defaults to `false`.\n" }, "instanceId": { "type": "string", "description": "Specify the exact Instance ID with which to populate the data source.\n" }, "instanceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must\nexactly match a pair on the desired Instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags assigned to the Instance.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstance.\n", "properties": { "ami": { "type": "string", "description": "The ID of the AMI used to launch the instance.\n" }, "arn": { "type": "string", "description": "The ARN of the instance.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Whether or not the Instance is associated with a public IP address or not (Boolean).\n" }, "availabilityZone": { "type": "string", "description": "The availability zone of the Instance.\n" }, "creditSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceCreditSpecification:getInstanceCreditSpecification" }, "description": "The credit specification of the Instance.\n" }, "disableApiTermination": { "type": "boolean" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceEbsBlockDevice:getInstanceEbsBlockDevice" }, "description": "The EBS block device mappings of the Instance.\n" }, "ebsOptimized": { "type": "boolean", "description": "Whether the Instance is EBS optimized or not (Boolean).\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceEphemeralBlockDevice:getInstanceEphemeralBlockDevice" }, "description": "The ephemeral block device mappings of the Instance.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceFilter:getInstanceFilter" } }, "getPasswordData": { "type": "boolean" }, "getUserData": { "type": "boolean" }, "hostId": { "type": "string", "description": "The Id of the dedicated host the instance will be assigned to.\n" }, "iamInstanceProfile": { "type": "string", "description": "The name of the instance profile associated with the Instance.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "instanceId": { "type": "string" }, "instanceState": { "type": "string", "description": "The state of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`. See [Instance Lifecycle](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) for more information.\n" }, "instanceTags": { "type": "object", "additionalProperties": { "type": "string" } }, "instanceType": { "type": "string", "description": "The type of the Instance.\n" }, "keyName": { "type": "string", "description": "The key name of the Instance.\n" }, "metadataOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceMetadataOption:getInstanceMetadataOption" }, "description": "The metadata options of the Instance.\n" }, "monitoring": { "type": "boolean", "description": "Whether detailed monitoring is enabled or disabled for the Instance (Boolean).\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface that was created with the Instance.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "passwordData": { "type": "string", "description": "Base-64 encoded encrypted password data for the instance.\nUseful for getting the administrator password for instances running Microsoft Windows.\nThis attribute is only exported if `get_password_data` is true.\nSee [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "placementGroup": { "type": "string", "description": "The placement group of the Instance.\n" }, "privateDns": { "type": "string", "description": "The private DNS name assigned to the Instance. Can only be\nused inside the Amazon EC2, and only available if you've enabled DNS hostnames\nfor your VPC.\n" }, "privateIp": { "type": "string", "description": "The private IP address assigned to the Instance.\n" }, "publicDns": { "type": "string", "description": "The public DNS name assigned to the Instance. For EC2-VPC, this\nis only available if you've enabled DNS hostnames for your VPC.\n" }, "publicIp": { "type": "string", "description": "The public IP address assigned to the Instance, if applicable. **NOTE**: If you are using an `aws.ec2.Eip` with your instance, you should refer to the EIP's address directly and not use `public_ip`, as this field will change after the EIP is attached.\n" }, "rootBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceRootBlockDevice:getInstanceRootBlockDevice" }, "description": "The root block device mappings of the Instance\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Whether the network interface performs source/destination checking (Boolean).\n" }, "subnetId": { "type": "string", "description": "The VPC subnet ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags assigned to the Instance.\n" }, "tenancy": { "type": "string", "description": "The tenancy of the instance: `dedicated`, `default`, `host`.\n" }, "userData": { "type": "string", "description": "SHA-1 hash of User Data supplied to the Instance.\n" }, "userDataBase64": { "type": "string", "description": "Base64 encoded contents of User Data supplied to the Instance. This attribute is only exported if `get_user_data` is true.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups in a non-default VPC.\n" } }, "type": "object", "required": [ "ami", "arn", "associatePublicIpAddress", "availabilityZone", "creditSpecifications", "disableApiTermination", "ebsBlockDevices", "ebsOptimized", "ephemeralBlockDevices", "hostId", "iamInstanceProfile", "instanceState", "instanceTags", "instanceType", "keyName", "metadataOptions", "monitoring", "networkInterfaceId", "outpostArn", "passwordData", "placementGroup", "privateDns", "privateIp", "publicDns", "publicIp", "rootBlockDevices", "securityGroups", "sourceDestCheck", "subnetId", "tags", "tenancy", "userData", "userDataBase64", "vpcSecurityGroupIds", "id" ] } }, "aws:ec2/getInstanceTypeOffering:getInstanceTypeOffering": { "description": "Information about single EC2 Instance Type Offering.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2.getInstanceTypeOffering({\n filters: [{\n name: \"instance-type\",\n values: [\n \"t1.micro\",\n \"t2.micro\",\n \"t3.micro\",\n ],\n }],\n preferredInstanceTypes: [\n \"t3.micro\",\n \"t2.micro\",\n \"t1.micro\",\n ],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_instance_type_offering(filters=[{\n \"name\": \"instance-type\",\n \"values\": [\n \"t1.micro\",\n \"t2.micro\",\n \"t3.micro\",\n ],\n }],\n preferred_instance_types=[\n \"t3.micro\",\n \"t2.micro\",\n \"t1.micro\",\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2.GetInstanceTypeOffering.InvokeAsync(new Aws.Ec2.GetInstanceTypeOfferingArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetInstanceTypeOfferingFilterArgs\n {\n Name = \"instance-type\",\n Values = \n {\n \"t1.micro\",\n \"t2.micro\",\n \"t3.micro\",\n },\n },\n },\n PreferredInstanceTypes = \n {\n \"t3.micro\",\n \"t2.micro\",\n \"t1.micro\",\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetInstanceTypeOffering(ctx, \u0026ec2.GetInstanceTypeOfferingArgs{\n\t\t\tFilters: []ec2.GetInstanceTypeOfferingFilter{\n\t\t\t\tec2.GetInstanceTypeOfferingFilter{\n\t\t\t\t\tName: \"instance-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"t1.micro\",\n\t\t\t\t\t\t\"t2.micro\",\n\t\t\t\t\t\t\"t3.micro\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPreferredInstanceTypes: []string{\n\t\t\t\t\"t3.micro\",\n\t\t\t\t\"t2.micro\",\n\t\t\t\t\"t1.micro\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getInstanceTypeOffering.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceTypeOfferingFilter:getInstanceTypeOfferingFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypeOfferings.html) for supported filters. Detailed below.\n" }, "locationType": { "type": "string", "description": "Location type. Defaults to `region`. Valid values: `availability-zone`, `availability-zone-id`, and `region`.\n" }, "preferredInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred EC2 Instance Types. The first match in this list will be returned. If no preferred matches are found and the original search returned more than one result, an error is returned.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstanceTypeOffering.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceTypeOfferingFilter:getInstanceTypeOfferingFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "instanceType": { "type": "string", "description": "EC2 Instance Type.\n" }, "locationType": { "type": "string" }, "preferredInstanceTypes": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "instanceType", "id" ] } }, "aws:ec2/getInstanceTypeOfferings:getInstanceTypeOfferings": { "description": "Information about EC2 Instance Type Offerings.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2.getInstanceTypeOfferings({\n filters: [\n {\n name: \"instance-type\",\n values: [\n \"t2.micro\",\n \"t3.micro\",\n ],\n },\n {\n name: \"location\",\n values: [\"usw2-az4\"],\n },\n ],\n locationType: \"availability-zone-id\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_instance_type_offerings(filters=[\n {\n \"name\": \"instance-type\",\n \"values\": [\n \"t2.micro\",\n \"t3.micro\",\n ],\n },\n {\n \"name\": \"location\",\n \"values\": [\"usw2-az4\"],\n },\n ],\n location_type=\"availability-zone-id\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2.GetInstanceTypeOfferings.InvokeAsync(new Aws.Ec2.GetInstanceTypeOfferingsArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetInstanceTypeOfferingsFilterArgs\n {\n Name = \"instance-type\",\n Values = \n {\n \"t2.micro\",\n \"t3.micro\",\n },\n },\n new Aws.Ec2.Inputs.GetInstanceTypeOfferingsFilterArgs\n {\n Name = \"location\",\n Values = \n {\n \"usw2-az4\",\n },\n },\n },\n LocationType = \"availability-zone-id\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"availability-zone-id\"\n\t\t_, err := ec2.GetInstanceTypeOfferings(ctx, \u0026ec2.GetInstanceTypeOfferingsArgs{\n\t\t\tFilters: []ec2.GetInstanceTypeOfferingsFilter{\n\t\t\t\tec2.GetInstanceTypeOfferingsFilter{\n\t\t\t\t\tName: \"instance-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"t2.micro\",\n\t\t\t\t\t\t\"t3.micro\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tec2.GetInstanceTypeOfferingsFilter{\n\t\t\t\t\tName: \"location\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"usw2-az4\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tLocationType: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getInstanceTypeOfferings.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceTypeOfferingsFilter:getInstanceTypeOfferingsFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypeOfferings.html) for supported filters. Detailed below.\n" }, "locationType": { "type": "string", "description": "Location type. Defaults to `region`. Valid values: `availability-zone`, `availability-zone-id`, and `region`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstanceTypeOfferings.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceTypeOfferingsFilter:getInstanceTypeOfferingsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "instanceTypes": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Instance Types.\n" }, "locationType": { "type": "string" } }, "type": "object", "required": [ "instanceTypes", "id" ] } }, "aws:ec2/getInstances:getInstances": { "description": "Use this data source to get IDs or IPs of Amazon EC2 instances to be referenced elsewhere,\ne.g. to allow easier migration from another management solution\nor to make it easier for an operator to connect through bastion host(s).\n\n\u003e **Note:** It's strongly discouraged to use this data source for querying ephemeral\ninstances (e.g. managed via autoscaling group), as the output may change at any time\nand you'd need to re-run `apply` every time an instance comes up or dies.\n", "inputs": { "description": "A collection of arguments for invoking getInstances.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstancesFilter:getInstancesFilter" }, "description": "One or more name/value pairs to use as filters. There are\nseveral valid keys, for a full reference, check out\n[describe-instances in the AWS CLI reference][1].\n" }, "instanceStateNames": { "type": "array", "items": { "type": "string" }, "description": "A list of instance states that should be applicable to the desired instances. The permitted values are: `pending, running, shutting-down, stopped, stopping, terminated`. The default value is `running`.\n" }, "instanceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must\nexactly match a pair on desired instances.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstances.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstancesFilter:getInstancesFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "IDs of instances found through the filter\n" }, "instanceStateNames": { "type": "array", "items": { "type": "string" } }, "instanceTags": { "type": "object", "additionalProperties": { "type": "string" } }, "privateIps": { "type": "array", "items": { "type": "string" }, "description": "Private IP addresses of instances found through the filter\n" }, "publicIps": { "type": "array", "items": { "type": "string" }, "description": "Public IP addresses of instances found through the filter\n" } }, "type": "object", "required": [ "ids", "instanceTags", "privateIps", "publicIps", "id" ] } }, "aws:ec2/getInternetGateway:getInternetGateway": { "description": "`aws.ec2.InternetGateway` provides details about a specific Internet Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst vpcId = config.require(\"vpcId\");\n\nconst defaultInternetGateway = pulumi.output(aws.ec2.getInternetGateway({\n filters: [{\n name: \"attachment.vpc-id\",\n values: [vpcId],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nvpc_id = config.require_object(\"vpcId\")\ndefault = aws.ec2.get_internet_gateway(filters=[{\n \"name\": \"attachment.vpc-id\",\n \"values\": [vpc_id],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var vpcId = config.RequireObject\u003cdynamic\u003e(\"vpcId\");\n var @default = Output.Create(Aws.Ec2.GetInternetGateway.InvokeAsync(new Aws.Ec2.GetInternetGatewayArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetInternetGatewayFilterArgs\n {\n Name = \"attachment.vpc-id\",\n Values = \n {\n vpcId,\n },\n },\n },\n }));\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getInternetGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInternetGatewayFilter:getInternetGatewayFilter" }, "description": "Custom filter block as described below.\n" }, "internetGatewayId": { "type": "string", "description": "The id of the specific Internet Gateway to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired Internet Gateway.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInternetGateway.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Internet Gateway.\n" }, "attachments": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInternetGatewayAttachment:getInternetGatewayAttachment" } }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInternetGatewayFilter:getInternetGatewayFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "internetGatewayId": { "type": "string" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the internet gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "arn", "attachments", "internetGatewayId", "ownerId", "tags", "id" ] } }, "aws:ec2/getLaunchConfiguration:getLaunchConfiguration": { "description": "Provides information about a Launch Configuration.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = pulumi.output(aws.ec2.getLaunchConfiguration({\n name: \"test-launch-config\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.ec2.get_launch_configuration(name=\"test-launch-config\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ubuntu = Output.Create(Aws.Ec2.GetLaunchConfiguration.InvokeAsync(new Aws.Ec2.GetLaunchConfigurationArgs\n {\n Name = \"test-launch-config\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupLaunchConfiguration(ctx, \u0026ec2.LookupLaunchConfigurationArgs{\n\t\t\tName: \"test-launch-config\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLaunchConfiguration.\n", "properties": { "name": { "type": "string", "description": "The name of the launch configuration.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getLaunchConfiguration.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the launch configuration.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Whether a Public IP address is associated with the instance.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchConfigurationEbsBlockDevice:getLaunchConfigurationEbsBlockDevice" }, "description": "The EBS Block Devices attached to the instance.\n" }, "ebsOptimized": { "type": "boolean", "description": "Whether the launched EC2 instance will be EBS-optimized.\n" }, "enableMonitoring": { "type": "boolean", "description": "Whether Detailed Monitoring is Enabled.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchConfigurationEphemeralBlockDevice:getLaunchConfigurationEphemeralBlockDevice" }, "description": "The Ephemeral volumes on the instance.\n" }, "iamInstanceProfile": { "type": "string", "description": "The IAM Instance Profile to associate with launched instances.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "imageId": { "type": "string", "description": "The EC2 Image ID of the instance.\n" }, "instanceType": { "type": "string", "description": "The Instance Type of the instance to launch.\n" }, "keyName": { "type": "string", "description": "The Key Name that should be used for the instance.\n" }, "name": { "type": "string", "description": "The Name of the launch configuration.\n" }, "placementTenancy": { "type": "string", "description": "The Tenancy of the instance.\n" }, "rootBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchConfigurationRootBlockDevice:getLaunchConfigurationRootBlockDevice" }, "description": "The Root Block Device of the instance.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of associated Security Group IDS.\n" }, "spotPrice": { "type": "string", "description": "The Price to use for reserving Spot instances.\n" }, "userData": { "type": "string", "description": "The User Data of the instance.\n" }, "vpcClassicLinkId": { "type": "string", "description": "The ID of a ClassicLink-enabled VPC.\n" }, "vpcClassicLinkSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "The IDs of one or more Security Groups for the specified ClassicLink-enabled VPC.\n" } }, "type": "object", "required": [ "arn", "associatePublicIpAddress", "ebsBlockDevices", "ebsOptimized", "enableMonitoring", "ephemeralBlockDevices", "iamInstanceProfile", "imageId", "instanceType", "keyName", "name", "placementTenancy", "rootBlockDevices", "securityGroups", "spotPrice", "userData", "vpcClassicLinkId", "vpcClassicLinkSecurityGroups", "id" ] } }, "aws:ec2/getLaunchTemplate:getLaunchTemplate": { "description": "Provides information about a Launch Template.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultLaunchTemplate = pulumi.output(aws.ec2.getLaunchTemplate({\n name: \"my-launch-template\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.get_launch_template(name=\"my-launch-template\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = Output.Create(Aws.Ec2.GetLaunchTemplate.InvokeAsync(new Aws.Ec2.GetLaunchTemplateArgs\n {\n Name = \"my-launch-template\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"my-launch-template\"\n\t\t_, err := ec2.LookupLaunchTemplate(ctx, \u0026ec2.LookupLaunchTemplateArgs{\n\t\t\tName: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.output(aws.ec2.getLaunchTemplate({\n filters: [{\n name: \"launch-template-name\",\n values: [\"some-template\"],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_launch_template(filters=[{\n \"name\": \"launch-template-name\",\n \"values\": [\"some-template\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.Ec2.GetLaunchTemplate.InvokeAsync(new Aws.Ec2.GetLaunchTemplateArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetLaunchTemplateFilterArgs\n {\n Name = \"launch-template-name\",\n Values = \n {\n \"some-template\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupLaunchTemplate(ctx, \u0026ec2.LookupLaunchTemplateArgs{\n\t\t\tFilters: []ec2.GetLaunchTemplateFilter{\n\t\t\t\tec2.GetLaunchTemplateFilter{\n\t\t\t\t\tName: \"launch-template-name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"some-template\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLaunchTemplate.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateFilter:getLaunchTemplateFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribeLaunchTemplates API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match a pair on the desired Launch Template.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLaunchTemplate.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the launch template.\n" }, "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateBlockDeviceMapping:getLaunchTemplateBlockDeviceMapping" }, "description": "Specify volumes to attach to the instance besides the volumes specified by the AMI.\n" }, "creditSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateCreditSpecification:getLaunchTemplateCreditSpecification" }, "description": "Customize the credit specification of the instance. See Credit\nSpecification below for more details.\n" }, "defaultVersion": { "type": "integer", "description": "The default version of the launch template.\n" }, "description": { "type": "string", "description": "Description of the launch template.\n" }, "disableApiTermination": { "type": "boolean", "description": "If `true`, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination)\n" }, "ebsOptimized": { "type": "string", "description": "If `true`, the launched EC2 instance will be EBS-optimized.\n" }, "elasticGpuSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateElasticGpuSpecification:getLaunchTemplateElasticGpuSpecification" }, "description": "The elastic GPU to attach to the instance. See Elastic GPU\nbelow for more details.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateFilter:getLaunchTemplateFilter" } }, "hibernationOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateHibernationOption:getLaunchTemplateHibernationOption" }, "description": "The hibernation options for the instance.\n" }, "iamInstanceProfiles": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateIamInstanceProfile:getLaunchTemplateIamInstanceProfile" }, "description": "The IAM Instance Profile to launch the instance with. See Instance Profile\nbelow for more details.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "imageId": { "type": "string", "description": "The AMI from which to launch the instance.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Can be `stop` or `terminate`.\n(Default: `stop`).\n" }, "instanceMarketOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceMarketOption:getLaunchTemplateInstanceMarketOption" }, "description": "The market (purchasing) option for the instance.\nbelow for details.\n" }, "instanceType": { "type": "string", "description": "The type of the instance.\n" }, "kernelId": { "type": "string", "description": "The kernel ID.\n" }, "keyName": { "type": "string", "description": "The key name to use for the instance.\n" }, "latestVersion": { "type": "integer", "description": "The latest version of the launch template.\n" }, "metadataOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateMetadataOption:getLaunchTemplateMetadataOption" }, "description": "The metadata options for the instance.\n" }, "monitorings": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateMonitoring:getLaunchTemplateMonitoring" }, "description": "The monitoring option for the instance.\n" }, "name": { "type": "string" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateNetworkInterface:getLaunchTemplateNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network\nInterfaces below for more details.\n" }, "placements": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplatePlacement:getLaunchTemplatePlacement" }, "description": "The placement of the instance.\n" }, "ramDiskId": { "type": "string", "description": "The ID of the RAM disk.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names to associate with. If you are creating Instances in a VPC, use\n`vpc_security_group_ids` instead.\n" }, "tagSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateTagSpecification:getLaunchTemplateTagSpecification" }, "description": "The tags to apply to the resources during launch.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "(Optional) A map of tags to assign to the launch template.\n" }, "userData": { "type": "string", "description": "The Base64-encoded user data to provide when launching the instance.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with.\n" } }, "type": "object", "required": [ "arn", "blockDeviceMappings", "creditSpecifications", "defaultVersion", "description", "disableApiTermination", "ebsOptimized", "elasticGpuSpecifications", "hibernationOptions", "iamInstanceProfiles", "imageId", "instanceInitiatedShutdownBehavior", "instanceMarketOptions", "instanceType", "kernelId", "keyName", "latestVersion", "metadataOptions", "monitorings", "networkInterfaces", "placements", "ramDiskId", "securityGroupNames", "tagSpecifications", "tags", "userData", "vpcSecurityGroupIds", "id" ] } }, "aws:ec2/getLocalGateway:getLocalGateway": { "description": "Provides details about an EC2 Local Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example shows how one might accept a local gateway id as a variable.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst localGatewayId = config.require(\"localGatewayId\");\n\nconst selected = pulumi.output(aws.ec2.getLocalGateway({\n id: localGatewayId,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlocal_gateway_id = config.require_object(\"localGatewayId\")\nselected = aws.ec2.get_local_gateway(id=local_gateway_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var localGatewayId = config.RequireObject\u003cdynamic\u003e(\"localGatewayId\");\n var selected = Output.Create(Aws.Ec2.GetLocalGateway.InvokeAsync(new Aws.Ec2.GetLocalGatewayArgs\n {\n Id = localGatewayId,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := localGatewayId\n\t\t_, err := ec2.GetLocalGateway(ctx, \u0026ec2.GetLocalGatewayArgs{\n\t\t\tId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLocalGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayFilter:getLocalGatewayFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "The id of the specific Local Gateway to retrieve.\n" }, "state": { "type": "string", "description": "The current state of the desired Local Gateway.\nCan be either `\"pending\"` or `\"available\"`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags, each pair of which must exactly match\na pair on the desired Local Gateway.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayFilter:getLocalGatewayFilter" } }, "id": { "type": "string" }, "outpostArn": { "type": "string", "description": "Amazon Resource Name (ARN) of Outpost\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that owns the Local Gateway.\n" }, "state": { "type": "string", "description": "State of the local gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "id", "outpostArn", "ownerId", "state", "tags" ] } }, "aws:ec2/getLocalGatewayRouteTable:getLocalGatewayRouteTable": { "description": "Provides details about an EC2 Local Gateway Route Table.\n\nThis data source can prove useful when a module accepts a local gateway route table id as\nan input variable and needs to, for example, find the associated Outpost or Local Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example returns a specific local gateway route table ID\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst awsEc2LocalGatewayRouteTable = config.require(\"awsEc2LocalGatewayRouteTable\");\n\nconst selected = pulumi.output(aws.ec2.getLocalGatewayRouteTable({\n localGatewayRouteTableId: awsEc2LocalGatewayRouteTable,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\naws_ec2_local_gateway_route_table = config.require_object(\"awsEc2LocalGatewayRouteTable\")\nselected = aws.ec2.get_local_gateway_route_table(local_gateway_route_table_id=aws_ec2_local_gateway_route_table)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var awsEc2LocalGatewayRouteTable = config.RequireObject\u003cdynamic\u003e(\"awsEc2LocalGatewayRouteTable\");\n var selected = Output.Create(Aws.Ec2.GetLocalGatewayRouteTable.InvokeAsync(new Aws.Ec2.GetLocalGatewayRouteTableArgs\n {\n LocalGatewayRouteTableId = awsEc2LocalGatewayRouteTable,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := awsEc2LocalGatewayRouteTable\n\t\t_, err := ec2.GetLocalGatewayRouteTable(ctx, \u0026ec2.GetLocalGatewayRouteTableArgs{\n\t\t\tLocalGatewayRouteTableId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLocalGatewayRouteTable.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayRouteTableFilter:getLocalGatewayRouteTableFilter" } }, "localGatewayId": { "type": "string", "description": "The id of the specific local gateway route table to retrieve.\n" }, "localGatewayRouteTableId": { "type": "string", "description": "Local Gateway Route Table Id assigned to desired local gateway route table\n" }, "outpostArn": { "type": "string", "description": "The arn of the Outpost the local gateway route table is associated with.\n" }, "state": { "type": "string", "description": "The state of the local gateway route table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags, each pair of which must exactly match\na pair on the desired local gateway route table.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGatewayRouteTable.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayRouteTableFilter:getLocalGatewayRouteTableFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "localGatewayId": { "type": "string" }, "localGatewayRouteTableId": { "type": "string" }, "outpostArn": { "type": "string" }, "state": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "localGatewayId", "localGatewayRouteTableId", "outpostArn", "state", "tags", "id" ] } }, "aws:ec2/getLocalGatewayRouteTables:getLocalGatewayRouteTables": { "description": "Provides information for multiple EC2 Local Gateway Route Tables, such as their identifiers.\n", "inputs": { "description": "A collection of arguments for invoking getLocalGatewayRouteTables.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayRouteTablesFilter:getLocalGatewayRouteTablesFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags, each pair of which must exactly match\na pair on the desired local gateway route table.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGatewayRouteTables.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayRouteTablesFilter:getLocalGatewayRouteTablesFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "Set of Local Gateway Route Table identifiers\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "ids", "tags", "id" ] } }, "aws:ec2/getLocalGatewayVirtualInterface:getLocalGatewayVirtualInterface": { "description": "Provides details about an EC2 Local Gateway Virtual Interface. More information can be found in the [Outposts User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#routing).\n", "inputs": { "description": "A collection of arguments for invoking getLocalGatewayVirtualInterface.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceFilter:getLocalGatewayVirtualInterfaceFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayVirtualInterfaces.html) for supported filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of EC2 Local Gateway Virtual Interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags, each pair of which must exactly match a pair on the desired local gateway route table.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGatewayVirtualInterface.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceFilter:getLocalGatewayVirtualInterfaceFilter" } }, "id": { "type": "string" }, "localAddress": { "type": "string", "description": "Local address.\n" }, "localBgpAsn": { "type": "integer", "description": "Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the EC2 Local Gateway.\n" }, "localGatewayId": { "type": "string", "description": "Identifier of the EC2 Local Gateway.\n" }, "localGatewayVirtualInterfaceIds": { "type": "array", "items": { "type": "string" } }, "peerAddress": { "type": "string", "description": "Peer address.\n" }, "peerBgpAsn": { "type": "integer", "description": "Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the peer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vlan": { "type": "integer", "description": "Virtual Local Area Network.\n" } }, "type": "object", "required": [ "id", "localAddress", "localBgpAsn", "localGatewayId", "localGatewayVirtualInterfaceIds", "peerAddress", "peerBgpAsn", "tags", "vlan" ] } }, "aws:ec2/getLocalGatewayVirtualInterfaceGroup:getLocalGatewayVirtualInterfaceGroup": { "description": "Provides details about an EC2 Local Gateway Virtual Interface Group. More information can be found in the [Outposts User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#routing).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getLocalGatewayVirtualInterfaceGroup({\n localGatewayId: data.aws_ec2_local_gateway.example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_local_gateway_virtual_interface_group(local_gateway_id=data[\"aws_ec2_local_gateway\"][\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2.GetLocalGatewayVirtualInterfaceGroup.InvokeAsync(new Aws.Ec2.GetLocalGatewayVirtualInterfaceGroupArgs\n {\n LocalGatewayId = data.Aws_ec2_local_gateway.Example.Id,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := data.Aws_ec2_local_gateway.Example.Id\n\t\t_, err := ec2.GetLocalGatewayVirtualInterfaceGroup(ctx, \u0026ec2.GetLocalGatewayVirtualInterfaceGroupArgs{\n\t\t\tLocalGatewayId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLocalGatewayVirtualInterfaceGroup.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceGroupFilter:getLocalGatewayVirtualInterfaceGroupFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayVirtualInterfaceGroups.html) for supported filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of EC2 Local Gateway Virtual Interface Group.\n" }, "localGatewayId": { "type": "string", "description": "Identifier of EC2 Local Gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags, each pair of which must exactly match a pair on the desired local gateway route table.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGatewayVirtualInterfaceGroup.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceGroupFilter:getLocalGatewayVirtualInterfaceGroupFilter" } }, "id": { "type": "string" }, "localGatewayId": { "type": "string" }, "localGatewayVirtualInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Local Gateway Virtual Interface identifiers.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "id", "localGatewayId", "localGatewayVirtualInterfaceIds", "tags" ] } }, "aws:ec2/getLocalGatewayVirtualInterfaceGroups:getLocalGatewayVirtualInterfaceGroups": { "description": "Provides details about multiple EC2 Local Gateway Virtual Interface Groups, such as identifiers. More information can be found in the [Outposts User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#routing).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst all = pulumi.output(aws.ec2.getLocalGatewayVirtualInterfaceGroups({ async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nall = aws.ec2.get_local_gateway_virtual_interface_groups()\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var all = Output.Create(Aws.Ec2.GetLocalGatewayVirtualInterfaceGroups.InvokeAsync());\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetLocalGatewayVirtualInterfaceGroups(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLocalGatewayVirtualInterfaceGroups.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceGroupsFilter:getLocalGatewayVirtualInterfaceGroupsFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayVirtualInterfaceGroups.html) for supported filters. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags, each pair of which must exactly match a pair on the desired local gateway route table.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGatewayVirtualInterfaceGroups.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceGroupsFilter:getLocalGatewayVirtualInterfaceGroupsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Local Gateway Virtual Interface Group identifiers.\n" }, "localGatewayVirtualInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Local Gateway Virtual Interface identifiers.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "ids", "localGatewayVirtualInterfaceIds", "tags", "id" ] } }, "aws:ec2/getLocalGateways:getLocalGateways": { "description": "Provides information for multiple EC2 Local Gateways, such as their identifiers.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example retrieves Local Gateways with a resource tag of `service` set to `production`.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooLocalGateways = pulumi.output(aws.ec2.getLocalGateways({\n tags: {\n service: \"production\",\n },\n}, { async: true }));\n\nexport const foo = fooLocalGateways.ids;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_local_gateways = aws.ec2.get_local_gateways(tags={\n \"service\": \"production\",\n})\npulumi.export(\"foo\", foo_local_gateways.ids)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var fooLocalGateways = Output.Create(Aws.Ec2.GetLocalGateways.InvokeAsync(new Aws.Ec2.GetLocalGatewaysArgs\n {\n Tags = \n {\n { \"service\", \"production\" },\n },\n }));\n this.Foo = fooLocalGateways.Apply(fooLocalGateways =\u003e fooLocalGateways.Ids);\n }\n\n [Output(\"foo\")]\n public Output\u003cstring\u003e Foo { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooLocalGateways, err := ec2.GetLocalGateways(ctx, \u0026ec2.GetLocalGatewaysArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"service\": \"production\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"foo\", fooLocalGateways.Ids)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLocalGateways.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewaysFilter:getLocalGatewaysFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags, each pair of which must exactly match\na pair on the desired local_gateways.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGateways.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewaysFilter:getLocalGatewaysFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "Set of all the Local Gateway identifiers\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "ids", "tags", "id" ] } }, "aws:ec2/getNatGateway:getNatGateway": { "description": "Provides details about a specific Nat Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst subnetId = config.require(\"subnetId\");\n\nconst defaultNatGateway = aws_subnet_public.id.apply(id =\u003e aws.ec2.getNatGateway({\n subnetId: id,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsubnet_id = config.require_object(\"subnetId\")\ndefault = aws.ec2.get_nat_gateway(subnet_id=aws_subnet[\"public\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var subnetId = config.RequireObject\u003cdynamic\u003e(\"subnetId\");\n var @default = Output.Create(Aws.Ec2.GetNatGateway.InvokeAsync(new Aws.Ec2.GetNatGatewayArgs\n {\n SubnetId = aws_subnet.Public.Id,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := aws_subnet.Public.Id\n\t\t_, err := ec2.LookupNatGateway(ctx, \u0026ec2.LookupNatGatewayArgs{\n\t\t\tSubnetId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nUsage with tags:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultNatGateway = aws_subnet_public.id.apply(id =\u003e aws.ec2.getNatGateway({\n subnetId: id,\n tags: {\n Name: \"gw NAT\",\n },\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.get_nat_gateway(subnet_id=aws_subnet[\"public\"][\"id\"],\n tags={\n \"Name\": \"gw NAT\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var @default = Output.Create(Aws.Ec2.GetNatGateway.InvokeAsync(new Aws.Ec2.GetNatGatewayArgs\n {\n SubnetId = aws_subnet.Public.Id,\n Tags = \n {\n { \"Name\", \"gw NAT\" },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := aws_subnet.Public.Id\n\t\t_, err := ec2.LookupNatGateway(ctx, \u0026ec2.LookupNatGatewayArgs{\n\t\t\tSubnetId: \u0026opt0,\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Name\": \"gw NAT\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getNatGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNatGatewayFilter:getNatGatewayFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "The id of the specific Nat Gateway to retrieve.\n" }, "state": { "type": "string", "description": "The state of the NAT gateway (pending | failed | available | deleting | deleted ).\n" }, "subnetId": { "type": "string", "description": "The id of subnet that the Nat Gateway resides in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired Nat Gateway.\n" }, "vpcId": { "type": "string", "description": "The id of the VPC that the Nat Gateway resides in.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNatGateway.\n", "properties": { "allocationId": { "type": "string", "description": "The Id of the EIP allocated to the selected Nat Gateway.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNatGatewayFilter:getNatGatewayFilter" } }, "id": { "type": "string" }, "networkInterfaceId": { "type": "string", "description": "The Id of the ENI allocated to the selected Nat Gateway.\n" }, "privateIp": { "type": "string", "description": "The private Ip address of the selected Nat Gateway.\n" }, "publicIp": { "type": "string", "description": "The public Ip (EIP) address of the selected Nat Gateway.\n" }, "state": { "type": "string" }, "subnetId": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "allocationId", "id", "networkInterfaceId", "privateIp", "publicIp", "state", "subnetId", "tags", "vpcId" ] } }, "aws:ec2/getNetworkAcls:getNetworkAcls": { "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following shows outputing all network ACL ids in a vpc.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleNetworkAcls = pulumi.output(aws.ec2.getNetworkAcls({\n vpcId: var_vpc_id,\n}, { async: true }));\n\nexport const example = exampleNetworkAcls.ids;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_network_acls = aws.ec2.get_network_acls(vpc_id=var[\"vpc_id\"])\npulumi.export(\"example\", example_network_acls.ids)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleNetworkAcls = Output.Create(Aws.Ec2.GetNetworkAcls.InvokeAsync(new Aws.Ec2.GetNetworkAclsArgs\n {\n VpcId = @var.Vpc_id,\n }));\n this.Example = exampleNetworkAcls.Apply(exampleNetworkAcls =\u003e exampleNetworkAcls.Ids);\n }\n\n [Output(\"example\")]\n public Output\u003cstring\u003e Example { get; set; }\n}\n```\n\nThe following example retrieves a list of all network ACL ids in a VPC with a custom\ntag of `Tier` set to a value of \"Private\".\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2.getNetworkAcls({\n tags: {\n Tier: \"Private\",\n },\n vpcId: var_vpc_id,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_acls(tags={\n \"Tier\": \"Private\",\n },\n vpc_id=var[\"vpc_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2.GetNetworkAcls.InvokeAsync(new Aws.Ec2.GetNetworkAclsArgs\n {\n Tags = \n {\n { \"Tier\", \"Private\" },\n },\n VpcId = @var.Vpc_id,\n }));\n }\n\n}\n```\n\nThe following example retrieves a network ACL id in a VPC which associated\nwith specific subnet.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws_subnet_test.id.apply(id =\u003e aws.ec2.getNetworkAcls({\n filters: [{\n name: \"association.subnet-id\",\n values: [id],\n }],\n vpcId: var_vpc_id,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_acls(filters=[{\n \"name\": \"association.subnet-id\",\n \"values\": [aws_subnet[\"test\"][\"id\"]],\n }],\n vpc_id=var[\"vpc_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2.GetNetworkAcls.InvokeAsync(new Aws.Ec2.GetNetworkAclsArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetNetworkAclsFilterArgs\n {\n Name = \"association.subnet-id\",\n Values = \n {\n aws_subnet.Test.Id,\n },\n },\n },\n VpcId = @var.Vpc_id,\n }));\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getNetworkAcls.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkAclsFilter:getNetworkAclsFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired network ACLs.\n" }, "vpcId": { "type": "string", "description": "The VPC ID that you want to filter from.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNetworkAcls.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkAclsFilter:getNetworkAclsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "A list of all the network ACL ids found. This data source will fail if none are found.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "ids", "tags", "id" ] } }, "aws:ec2/getNetworkInterface:getNetworkInterface": { "description": "Use this data source to get information about a Network Interface.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = pulumi.output(aws.ec2.getNetworkInterface({\n id: \"eni-01234567\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.ec2.get_network_interface(id=\"eni-01234567\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bar = Output.Create(Aws.Ec2.GetNetworkInterface.InvokeAsync(new Aws.Ec2.GetNetworkInterfaceArgs\n {\n Id = \"eni-01234567\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"eni-01234567\"\n\t\t_, err := ec2.LookupNetworkInterface(ctx, \u0026ec2.LookupNetworkInterfaceArgs{\n\t\t\tId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getNetworkInterface.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInterfaceFilter:getNetworkInterfaceFilter" }, "description": "One or more name/value pairs to filter off of. There are several valid keys, for a full reference, check out [describe-network-interfaces](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-network-interfaces.html) in the AWS CLI reference.\n" }, "id": { "type": "string", "description": "The identifier for the network interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any tags assigned to the network interface.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNetworkInterface.\n", "properties": { "associations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInterfaceAssociation:getNetworkInterfaceAssociation" }, "description": "The association information for an Elastic IP address (IPv4) associated with the network interface. See supported fields below.\n" }, "attachments": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInterfaceAttachment:getNetworkInterfaceAttachment" } }, "availabilityZone": { "type": "string", "description": "The Availability Zone.\n" }, "description": { "type": "string", "description": "Description of the network interface.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInterfaceFilter:getNetworkInterfaceFilter" } }, "id": { "type": "string" }, "interfaceType": { "type": "string", "description": "The type of interface.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 addresses to assign to the ENI.\n" }, "macAddress": { "type": "string", "description": "The MAC address.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the owner of the network interface.\n" }, "privateDnsName": { "type": "string", "description": "The private DNS name.\n" }, "privateIp": { "type": "string", "description": "The private IPv4 address of the network interface within the subnet.\n" }, "privateIps": { "type": "array", "items": { "type": "string" }, "description": "The private IPv4 addresses associated with the network interface.\n" }, "requesterId": { "type": "string", "description": "The ID of the entity that launched the instance on your behalf.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The list of security groups for the network interface.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any tags assigned to the network interface.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC.\n" } }, "type": "object", "required": [ "associations", "attachments", "availabilityZone", "description", "id", "interfaceType", "ipv6Addresses", "macAddress", "outpostArn", "ownerId", "privateDnsName", "privateIp", "privateIps", "requesterId", "securityGroups", "subnetId", "tags", "vpcId" ] } }, "aws:ec2/getNetworkInterfaces:getNetworkInterfaces": { "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following shows outputing all network interface ids in a region.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleNetworkInterfaces = pulumi.output(aws.ec2.getNetworkInterfaces({ async: true }));\n\nexport const example = exampleNetworkInterfaces.ids;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_network_interfaces = aws.ec2.get_network_interfaces()\npulumi.export(\"example\", example_network_interfaces.ids)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleNetworkInterfaces = Output.Create(Aws.Ec2.GetNetworkInterfaces.InvokeAsync());\n this.Example = exampleNetworkInterfaces.Apply(exampleNetworkInterfaces =\u003e exampleNetworkInterfaces.Ids);\n }\n\n [Output(\"example\")]\n public Output\u003cstring\u003e Example { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleNetworkInterfaces, err := ec2.GetNetworkInterfaces(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"example\", exampleNetworkInterfaces.Ids)\n\t\treturn nil\n\t})\n}\n```\n\nThe following example retrieves a list of all network interface ids with a custom tag of `Name` set to a value of `test`.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2.getNetworkInterfaces({\n tags: {\n Name: \"test\",\n },\n}, { async: true }));\n\nexport const example1 = example.ids;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_interfaces(tags={\n \"Name\": \"test\",\n})\npulumi.export(\"example1\", example.ids)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2.GetNetworkInterfaces.InvokeAsync(new Aws.Ec2.GetNetworkInterfacesArgs\n {\n Tags = \n {\n { \"Name\", \"test\" },\n },\n }));\n this.Example1 = example.Apply(example =\u003e example.Ids);\n }\n\n [Output(\"example1\")]\n public Output\u003cstring\u003e Example1 { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.GetNetworkInterfaces(ctx, \u0026ec2.GetNetworkInterfacesArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Name\": \"test\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"example1\", example.Ids)\n\t\treturn nil\n\t})\n}\n```\n\nThe following example retrieves a network interface ids which associated\nwith specific subnet.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleNetworkInterfaces = aws_subnet_test.id.apply(id =\u003e aws.ec2.getNetworkInterfaces({\n filters: [{\n name: \"subnet-id\",\n values: [id],\n }],\n}, { async: true }));\n\nexport const example = exampleNetworkInterfaces.ids;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_network_interfaces = aws.ec2.get_network_interfaces(filters=[{\n \"name\": \"subnet-id\",\n \"values\": [aws_subnet[\"test\"][\"id\"]],\n}])\npulumi.export(\"example\", example_network_interfaces.ids)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleNetworkInterfaces = Output.Create(Aws.Ec2.GetNetworkInterfaces.InvokeAsync(new Aws.Ec2.GetNetworkInterfacesArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetNetworkInterfacesFilterArgs\n {\n Name = \"subnet-id\",\n Values = \n {\n aws_subnet.Test.Id,\n },\n },\n },\n }));\n this.Example = exampleNetworkInterfaces.Apply(exampleNetworkInterfaces =\u003e exampleNetworkInterfaces.Ids);\n }\n\n [Output(\"example\")]\n public Output\u003cstring\u003e Example { get; set; }\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getNetworkInterfaces.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInterfacesFilter:getNetworkInterfacesFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired network interfaces.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNetworkInterfaces.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInterfacesFilter:getNetworkInterfacesFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "A list of all the network interface ids found. This data source will fail if none are found.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "ids", "tags", "id" ] } }, "aws:ec2/getRoute:getRoute": { "description": "`aws.ec2.Route` provides details about a specific Route.\n\nThis resource can prove useful when finding the resource\nassociated with a CIDR. For example, finding the peering\nconnection associated with a CIDR value.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example shows how one might use a CIDR value to find a network interface id\nand use this to create a data source of that network interface.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst subnetId = config.require(\"subnetId\");\n\nconst selected = pulumi.output(aws.ec2.getRouteTable({\n subnetId: subnetId,\n}, { async: true }));\nconst route = aws_route_table_selected.id.apply(id =\u003e aws.ec2.getRoute({\n destinationCidrBlock: \"10.0.1.0/24\",\n routeTableId: id,\n}, { async: true }));\nconst interfaceNetworkInterface = route.apply(route =\u003e aws.ec2.getNetworkInterface({\n networkInterfaceId: route.networkInterfaceId!,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsubnet_id = config.require_object(\"subnetId\")\nselected = aws.ec2.get_route_table(subnet_id=subnet_id)\nroute = aws.ec2.get_route(destination_cidr_block=\"10.0.1.0/24\",\n route_table_id=aws_route_table[\"selected\"][\"id\"])\ninterface = aws.ec2.get_network_interface(network_interface_id=route.network_interface_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var subnetId = config.RequireObject\u003cdynamic\u003e(\"subnetId\");\n var selected = Output.Create(Aws.Ec2.GetRouteTable.InvokeAsync(new Aws.Ec2.GetRouteTableArgs\n {\n SubnetId = subnetId,\n }));\n var route = Output.Create(Aws.Ec2.GetRoute.InvokeAsync(new Aws.Ec2.GetRouteArgs\n {\n DestinationCidrBlock = \"10.0.1.0/24\",\n RouteTableId = aws_route_table.Selected.Id,\n }));\n var @interface = Output.Create(Aws.Ec2.GetNetworkInterface.InvokeAsync(new Aws.Ec2.GetNetworkInterfaceArgs\n {\n NetworkInterfaceId = route.Apply(route =\u003e route.NetworkInterfaceId),\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := subnetId\n\t\t_, err := ec2.LookupRouteTable(ctx, \u0026ec2.LookupRouteTableArgs{\n\t\t\tSubnetId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt1 := \"10.0.1.0/24\"\n\t\troute, err := ec2.LookupRoute(ctx, \u0026ec2.LookupRouteArgs{\n\t\t\tDestinationCidrBlock: \u0026opt1,\n\t\t\tRouteTableId: aws_route_table.Selected.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err := ec2.LookupNetworkInterface(ctx, \u0026ec2.LookupNetworkInterfaceArgs{\n\t\t\tNetworkInterfaceId: route.NetworkInterfaceId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRoute.\n", "properties": { "destinationCidrBlock": { "type": "string", "description": "The CIDR block of the Route belonging to the Route Table.\n" }, "destinationIpv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block of the Route belonging to the Route Table.\n" }, "egressOnlyGatewayId": { "type": "string", "description": "The Egress Only Gateway ID of the Route belonging to the Route Table.\n" }, "gatewayId": { "type": "string", "description": "The Gateway ID of the Route belonging to the Route Table.\n" }, "instanceId": { "type": "string", "description": "The Instance ID of the Route belonging to the Route Table.\n" }, "natGatewayId": { "type": "string", "description": "The NAT Gateway ID of the Route belonging to the Route Table.\n" }, "networkInterfaceId": { "type": "string", "description": "The Network Interface ID of the Route belonging to the Route Table.\n" }, "routeTableId": { "type": "string", "description": "The id of the specific Route Table containing the Route entry.\n" }, "transitGatewayId": { "type": "string", "description": "The EC2 Transit Gateway ID of the Route belonging to the Route Table.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The VPC Peering Connection ID of the Route belonging to the Route Table.\n" } }, "type": "object", "required": [ "routeTableId" ] }, "outputs": { "description": "A collection of values returned by getRoute.\n", "properties": { "destinationCidrBlock": { "type": "string" }, "destinationIpv6CidrBlock": { "type": "string" }, "egressOnlyGatewayId": { "type": "string" }, "gatewayId": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "instanceId": { "type": "string" }, "natGatewayId": { "type": "string" }, "networkInterfaceId": { "type": "string" }, "routeTableId": { "type": "string" }, "transitGatewayId": { "type": "string" }, "vpcPeeringConnectionId": { "type": "string" } }, "type": "object", "required": [ "destinationCidrBlock", "destinationIpv6CidrBlock", "egressOnlyGatewayId", "gatewayId", "instanceId", "natGatewayId", "networkInterfaceId", "routeTableId", "transitGatewayId", "vpcPeeringConnectionId", "id" ] } }, "aws:ec2/getRouteTable:getRouteTable": { "description": "`aws.ec2.RouteTable` provides details about a specific Route Table.\n\nThis resource can prove useful when a module accepts a Subnet id as\nan input variable and needs to, for example, add a route in\nthe Route Table.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example shows how one might accept a Route Table id as a variable\nand use this data source to obtain the data necessary to create a route.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst subnetId = config.require(\"subnetId\");\n\nconst selected = pulumi.output(aws.ec2.getRouteTable({\n subnetId: subnetId,\n}, { async: true }));\nconst route = new aws.ec2.Route(\"route\", {\n destinationCidrBlock: \"10.0.1.0/22\",\n routeTableId: selected.id,\n vpcPeeringConnectionId: \"pcx-45ff3dc1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsubnet_id = config.require_object(\"subnetId\")\nselected = aws.ec2.get_route_table(subnet_id=subnet_id)\nroute = aws.ec2.Route(\"route\",\n destination_cidr_block=\"10.0.1.0/22\",\n route_table_id=selected.id,\n vpc_peering_connection_id=\"pcx-45ff3dc1\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var subnetId = config.RequireObject\u003cdynamic\u003e(\"subnetId\");\n var selected = Output.Create(Aws.Ec2.GetRouteTable.InvokeAsync(new Aws.Ec2.GetRouteTableArgs\n {\n SubnetId = subnetId,\n }));\n var route = new Aws.Ec2.Route(\"route\", new Aws.Ec2.RouteArgs\n {\n DestinationCidrBlock = \"10.0.1.0/22\",\n RouteTableId = selected.Apply(selected =\u003e selected.Id),\n VpcPeeringConnectionId = \"pcx-45ff3dc1\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := subnetId\n\t\tselected, err := ec2.LookupRouteTable(ctx, \u0026ec2.LookupRouteTableArgs{\n\t\t\tSubnetId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewRoute(ctx, \"route\", \u0026ec2.RouteArgs{\n\t\t\tDestinationCidrBlock: pulumi.String(\"10.0.1.0/22\"),\n\t\t\tRouteTableId: pulumi.String(selected.Id),\n\t\t\tVpcPeeringConnectionId: pulumi.String(\"pcx-45ff3dc1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRouteTable.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getRouteTableFilter:getRouteTableFilter" }, "description": "Custom filter block as described below.\n" }, "gatewayId": { "type": "string", "description": "The id of an Internet Gateway or Virtual Private Gateway which is connected to the Route Table (not exported if not passed as a parameter).\n" }, "routeTableId": { "type": "string", "description": "The id of the specific Route Table to retrieve.\n" }, "subnetId": { "type": "string", "description": "The id of a Subnet which is connected to the Route Table (not exported if not passed as a parameter).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired Route Table.\n" }, "vpcId": { "type": "string", "description": "The id of the VPC that the desired Route Table belongs to.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRouteTable.\n", "properties": { "associations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getRouteTableAssociation:getRouteTableAssociation" } }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getRouteTableFilter:getRouteTableFilter" } }, "gatewayId": { "type": "string", "description": "The Gateway ID. Only set when associated with an Internet Gateway or Virtual Private Gateway.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the route table\n" }, "routeTableId": { "type": "string", "description": "The Route Table ID.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getRouteTableRoute:getRouteTableRoute" } }, "subnetId": { "type": "string", "description": "The Subnet ID. Only set when associated with a Subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "associations", "gatewayId", "ownerId", "routeTableId", "routes", "subnetId", "tags", "vpcId", "id" ] } }, "aws:ec2/getRouteTables:getRouteTables": { "description": "This resource can be useful for getting back a list of route table ids to be referenced elsewhere.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following adds a route for a particular cidr block to every (private\nkops) route table in a specified vpc to use a particular vpc peering\nconnection.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst rts = pulumi.output(aws.ec2.getRouteTables({\n filters: [{\n name: \"tag:kubernetes.io/kops/role\",\n values: [\"private*\"],\n }],\n vpcId: var_vpc_id,\n}, { async: true }));\nconst route: aws.ec2.Route[] = [];\nfor (let i = 0; i \u003c rts.apply(rts =\u003e rts.ids.length); i++) {\n route.push(new aws.ec2.Route(`r-${i}`, {\n destinationCidrBlock: \"10.0.1.0/22\",\n routeTableId: rts.apply(rts =\u003e rts.ids[i]),\n vpcPeeringConnectionId: \"pcx-0e9a7a9ecd137dc54\",\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nrts = aws.ec2.get_route_tables(filters=[{\n \"name\": \"tag:kubernetes.io/kops/role\",\n \"values\": [\"private*\"],\n }],\n vpc_id=var[\"vpc_id\"])\nroute = []\nfor range in [{\"value\": i} for i in range(0, len(rts.ids))]:\n route.append(aws.ec2.Route(f\"route-{range['value']}\",\n destination_cidr_block=\"10.0.1.0/22\",\n route_table_id=rts.ids[range[\"value\"]],\n vpc_peering_connection_id=\"pcx-0e9a7a9ecd137dc54\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Threading.Tasks;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dict = Output.Create(Initialize());\n }\n\n private async Task\u003cIDictionary\u003cstring, Output\u003cstring\u003e\u003e\u003e Initialize()\n {\n var rts = await Aws.Ec2.GetRouteTables.InvokeAsync(new Aws.Ec2.GetRouteTablesArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetRouteTablesFilterArgs\n {\n Name = \"tag:kubernetes.io/kops/role\",\n Values = \n {\n \"private*\",\n },\n },\n },\n VpcId = @var.Vpc_id,\n });\n var route = new List\u003cAws.Ec2.Route\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c rts.Ids.Length; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n route.Add(new Aws.Ec2.Route($\"route-{range.Value}\", new Aws.Ec2.RouteArgs\n {\n DestinationCidrBlock = \"10.0.1.0/22\",\n RouteTableId = rts.Ids[range.Value],\n VpcPeeringConnectionId = \"pcx-0e9a7a9ecd137dc54\",\n }));\n }\n\n return new Dictionary\u003cstring, Output\u003cstring\u003e\u003e\n {\n };\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRouteTables.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getRouteTablesFilter:getRouteTablesFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired route tables.\n" }, "vpcId": { "type": "string", "description": "The VPC ID that you want to filter from.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRouteTables.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getRouteTablesFilter:getRouteTablesFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "A set of all the route table ids found. This data source will fail if none are found.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "ids", "tags", "id" ] } }, "aws:ec2/getSecurityGroup:getSecurityGroup": { "description": "`aws.ec2.SecurityGroup` provides details about a specific Security Group.\n\nThis resource can prove useful when a module accepts a Security Group id as\nan input variable and needs to, for example, determine the id of the\nVPC that the security group belongs to.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example shows how one might accept a Security Group id as a variable\nand use this data source to obtain the data necessary to create a subnet.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst securityGroupId = config.require(\"securityGroupId\");\n\nconst selected = pulumi.output(aws.ec2.getSecurityGroup({\n id: securityGroupId,\n}, { async: true }));\nconst subnet = new aws.ec2.Subnet(\"subnet\", {\n cidrBlock: \"10.0.1.0/24\",\n vpcId: selected.vpcId!,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsecurity_group_id = config.require_object(\"securityGroupId\")\nselected = aws.ec2.get_security_group(id=security_group_id)\nsubnet = aws.ec2.Subnet(\"subnet\",\n cidr_block=\"10.0.1.0/24\",\n vpc_id=selected.vpc_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var securityGroupId = config.RequireObject\u003cdynamic\u003e(\"securityGroupId\");\n var selected = Output.Create(Aws.Ec2.GetSecurityGroup.InvokeAsync(new Aws.Ec2.GetSecurityGroupArgs\n {\n Id = securityGroupId,\n }));\n var subnet = new Aws.Ec2.Subnet(\"subnet\", new Aws.Ec2.SubnetArgs\n {\n CidrBlock = \"10.0.1.0/24\",\n VpcId = selected.Apply(selected =\u003e selected.VpcId),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := securityGroupId\n\t\tselected, err := ec2.LookupSecurityGroup(ctx, \u0026ec2.LookupSecurityGroupArgs{\n\t\t\tId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSubnet(ctx, \"subnet\", \u0026ec2.SubnetArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\tVpcId: pulumi.String(selected.VpcId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSecurityGroup.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSecurityGroupFilter:getSecurityGroupFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "The id of the specific security group to retrieve.\n" }, "name": { "type": "string", "description": "The name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired security group.\n" }, "vpcId": { "type": "string", "description": "The id of the VPC that the desired security group belongs to.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSecurityGroup.\n", "properties": { "arn": { "type": "string", "description": "The computed ARN of the security group.\n" }, "description": { "type": "string", "description": "The description of the security group.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSecurityGroupFilter:getSecurityGroupFilter" } }, "id": { "type": "string" }, "name": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "arn", "description", "id", "name", "tags", "vpcId" ] } }, "aws:ec2/getSecurityGroups:getSecurityGroups": { "description": "Use this data source to get IDs and VPC membership of Security Groups that are created\noutside of this provider.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.output(aws.ec2.getSecurityGroups({\n tags: {\n Application: \"k8s\",\n Environment: \"dev\",\n },\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_security_groups(tags={\n \"Application\": \"k8s\",\n \"Environment\": \"dev\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.Ec2.GetSecurityGroups.InvokeAsync(new Aws.Ec2.GetSecurityGroupsArgs\n {\n Tags = \n {\n { \"Application\", \"k8s\" },\n { \"Environment\", \"dev\" },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetSecurityGroups(ctx, \u0026ec2.GetSecurityGroupsArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Application\": \"k8s\",\n\t\t\t\t\"Environment\": \"dev\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.output(aws.ec2.getSecurityGroups({\n filters: [\n {\n name: \"group-name\",\n values: [\"*nodes*\"],\n },\n {\n name: \"vpc-id\",\n values: [var_vpc_id],\n },\n ],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_security_groups(filters=[\n {\n \"name\": \"group-name\",\n \"values\": [\"*nodes*\"],\n },\n {\n \"name\": \"vpc-id\",\n \"values\": [var[\"vpc_id\"]],\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.Ec2.GetSecurityGroups.InvokeAsync(new Aws.Ec2.GetSecurityGroupsArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetSecurityGroupsFilterArgs\n {\n Name = \"group-name\",\n Values = \n {\n \"*nodes*\",\n },\n },\n new Aws.Ec2.Inputs.GetSecurityGroupsFilterArgs\n {\n Name = \"vpc-id\",\n Values = \n {\n @var.Vpc_id,\n },\n },\n },\n }));\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSecurityGroups.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSecurityGroupsFilter:getSecurityGroupsFilter" }, "description": "One or more name/value pairs to use as filters. There are\nseveral valid keys, for a full reference, check out\n[describe-security-groups in the AWS CLI reference][1].\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match for\ndesired security groups.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSecurityGroups.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSecurityGroupsFilter:getSecurityGroupsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "IDs of the matches security groups.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcIds": { "type": "array", "items": { "type": "string" }, "description": "The VPC IDs of the matched security groups. The data source's tag or filter *will span VPCs*\nunless the `vpc-id` filter is also used.\n" } }, "type": "object", "required": [ "ids", "tags", "vpcIds", "id" ] } }, "aws:ec2/getSubnet:getSubnet": { "description": "`aws.ec2.Subnet` provides details about a specific VPC subnet.\n\nThis resource can prove useful when a module accepts a subnet id as\nan input variable and needs to, for example, determine the id of the\nVPC that the subnet belongs to.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example shows how one might accept a subnet id as a variable\nand use this data source to obtain the data necessary to create a security\ngroup that allows connections from hosts in that subnet.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst subnetId = config.require(\"subnetId\");\n\nconst selected = pulumi.output(aws.ec2.getSubnet({\n id: subnetId,\n}, { async: true }));\nconst subnet = new aws.ec2.SecurityGroup(\"subnet\", {\n ingress: [{\n cidrBlocks: [selected.cidrBlock!],\n fromPort: 80,\n protocol: \"tcp\",\n toPort: 80,\n }],\n vpcId: selected.vpcId!,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsubnet_id = config.require_object(\"subnetId\")\nselected = aws.ec2.get_subnet(id=subnet_id)\nsubnet = aws.ec2.SecurityGroup(\"subnet\",\n ingress=[{\n \"cidr_blocks\": [selected.cidr_block],\n \"from_port\": 80,\n \"protocol\": \"tcp\",\n \"to_port\": 80,\n }],\n vpc_id=selected.vpc_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var subnetId = config.RequireObject\u003cdynamic\u003e(\"subnetId\");\n var selected = Output.Create(Aws.Ec2.GetSubnet.InvokeAsync(new Aws.Ec2.GetSubnetArgs\n {\n Id = subnetId,\n }));\n var subnet = new Aws.Ec2.SecurityGroup(\"subnet\", new Aws.Ec2.SecurityGroupArgs\n {\n Ingress = \n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n CidrBlocks = \n {\n selected.Apply(selected =\u003e selected.CidrBlock),\n },\n FromPort = 80,\n Protocol = \"tcp\",\n ToPort = 80,\n },\n },\n VpcId = selected.Apply(selected =\u003e selected.VpcId),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := subnetId\n\t\tselected, err := ec2.LookupSubnet(ctx, \u0026ec2.LookupSubnetArgs{\n\t\t\tId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSecurityGroup(ctx, \"subnet\", \u0026ec2.SecurityGroupArgs{\n\t\t\tIngress: ec2.SecurityGroupIngressArray{\n\t\t\t\t\u0026ec2.SecurityGroupIngressArgs{\n\t\t\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(selected.CidrBlock),\n\t\t\t\t\t},\n\t\t\t\t\tFromPort: pulumi.Int(80),\n\t\t\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tToPort: pulumi.Int(80),\n\t\t\t\t},\n\t\t\t},\n\t\t\tVpcId: pulumi.String(selected.VpcId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSubnet.\n", "properties": { "availabilityZone": { "type": "string", "description": "The availability zone where the\nsubnet must reside.\n" }, "availabilityZoneId": { "type": "string", "description": "The ID of the Availability Zone for the subnet.\n" }, "cidrBlock": { "type": "string", "description": "The cidr block of the desired subnet.\n" }, "defaultForAz": { "type": "boolean", "description": "Boolean constraint for whether the desired\nsubnet must be the default subnet for its associated availability zone.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSubnetFilter:getSubnetFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "The id of the specific subnet to retrieve.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The Ipv6 cidr block of the desired subnet\n" }, "state": { "type": "string", "description": "The state that the desired subnet must have.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired subnet.\n" }, "vpcId": { "type": "string", "description": "The id of the VPC that the desired subnet belongs to.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSubnet.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the subnet.\n" }, "assignIpv6AddressOnCreation": { "type": "boolean" }, "availabilityZone": { "type": "string" }, "availabilityZoneId": { "type": "string" }, "cidrBlock": { "type": "string" }, "defaultForAz": { "type": "boolean" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSubnetFilter:getSubnetFilter" } }, "id": { "type": "string" }, "ipv6CidrBlock": { "type": "string" }, "ipv6CidrBlockAssociationId": { "type": "string" }, "mapPublicIpOnLaunch": { "type": "boolean" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the subnet.\n" }, "state": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "arn", "assignIpv6AddressOnCreation", "availabilityZone", "availabilityZoneId", "cidrBlock", "defaultForAz", "id", "ipv6CidrBlock", "ipv6CidrBlockAssociationId", "mapPublicIpOnLaunch", "outpostArn", "ownerId", "state", "tags", "vpcId" ] } }, "aws:ec2/getSubnetIds:getSubnetIds": { "description": "`aws.ec2.getSubnetIds` provides a set of ids for a vpc_id\n\nThis resource can be useful for getting back a set of subnet ids for a vpc.\n", "inputs": { "description": "A collection of arguments for invoking getSubnetIds.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSubnetIdsFilter:getSubnetIdsFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired subnets.\n" }, "vpcId": { "type": "string", "description": "The VPC ID that you want to filter from.\n" } }, "type": "object", "required": [ "vpcId" ] }, "outputs": { "description": "A collection of values returned by getSubnetIds.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSubnetIdsFilter:getSubnetIdsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "A set of all the subnet ids found. This data source will fail if none are found.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "ids", "tags", "vpcId", "id" ] } }, "aws:ec2/getVpc:getVpc": { "description": "`aws.ec2.Vpc` provides details about a specific VPC.\n\nThis resource can prove useful when a module accepts a vpc id as\nan input variable and needs to, for example, determine the CIDR block of that\nVPC.\n", "inputs": { "description": "A collection of arguments for invoking getVpc.\n", "properties": { "cidrBlock": { "type": "string", "description": "The cidr block of the desired VPC.\n" }, "default": { "type": "boolean", "description": "Boolean constraint on whether the desired VPC is\nthe default VPC for the region.\n" }, "dhcpOptionsId": { "type": "string", "description": "The DHCP options id of the desired VPC.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcFilter:getVpcFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "The id of the specific VPC to retrieve.\n" }, "state": { "type": "string", "description": "The current state of the desired VPC.\nCan be either `\"pending\"` or `\"available\"`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired VPC.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpc.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of VPC\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block for the association.\n" }, "cidrBlockAssociations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcCidrBlockAssociation:getVpcCidrBlockAssociation" } }, "default": { "type": "boolean" }, "dhcpOptionsId": { "type": "string" }, "enableDnsHostnames": { "type": "boolean", "description": "Whether or not the VPC has DNS hostname support\n" }, "enableDnsSupport": { "type": "boolean", "description": "Whether or not the VPC has DNS support\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcFilter:getVpcFilter" } }, "id": { "type": "string" }, "instanceTenancy": { "type": "string", "description": "The allowed tenancy of instances launched into the\nselected VPC. May be any of `\"default\"`, `\"dedicated\"`, or `\"host\"`.\n" }, "ipv6AssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n" }, "mainRouteTableId": { "type": "string", "description": "The ID of the main route table associated with this VPC.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC.\n" }, "state": { "type": "string", "description": "The State of the association.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "arn", "cidrBlock", "cidrBlockAssociations", "default", "dhcpOptionsId", "enableDnsHostnames", "enableDnsSupport", "id", "instanceTenancy", "ipv6AssociationId", "ipv6CidrBlock", "mainRouteTableId", "ownerId", "state", "tags" ] } }, "aws:ec2/getVpcDhcpOptions:getVpcDhcpOptions": { "description": "Retrieve information about an EC2 DHCP Options configuration.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Lookup by DHCP Options ID\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2.getVpcDhcpOptions({\n dhcpOptionsId: \"dopts-12345678\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_vpc_dhcp_options(dhcp_options_id=\"dopts-12345678\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2.GetVpcDhcpOptions.InvokeAsync(new Aws.Ec2.GetVpcDhcpOptionsArgs\n {\n DhcpOptionsId = \"dopts-12345678\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"dopts-12345678\"\n\t\t_, err := ec2.LookupVpcDhcpOptions(ctx, \u0026ec2.LookupVpcDhcpOptionsArgs{\n\t\t\tDhcpOptionsId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Lookup by Filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2.getVpcDhcpOptions({\n filters: [\n {\n name: \"key\",\n values: [\"domain-name\"],\n },\n {\n name: \"value\",\n values: [\"example.com\"],\n },\n ],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_vpc_dhcp_options(filters=[\n {\n \"name\": \"key\",\n \"values\": [\"domain-name\"],\n },\n {\n \"name\": \"value\",\n \"values\": [\"example.com\"],\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2.GetVpcDhcpOptions.InvokeAsync(new Aws.Ec2.GetVpcDhcpOptionsArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetVpcDhcpOptionsFilterArgs\n {\n Name = \"key\",\n Values = \n {\n \"domain-name\",\n },\n },\n new Aws.Ec2.Inputs.GetVpcDhcpOptionsFilterArgs\n {\n Name = \"value\",\n Values = \n {\n \"example.com\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupVpcDhcpOptions(ctx, \u0026ec2.LookupVpcDhcpOptionsArgs{\n\t\t\tFilters: []ec2.GetVpcDhcpOptionsFilter{\n\t\t\t\tec2.GetVpcDhcpOptionsFilter{\n\t\t\t\t\tName: \"key\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"domain-name\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tec2.GetVpcDhcpOptionsFilter{\n\t\t\t\t\tName: \"value\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getVpcDhcpOptions.\n", "properties": { "dhcpOptionsId": { "type": "string", "description": "The EC2 DHCP Options ID.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcDhcpOptionsFilter:getVpcDhcpOptionsFilter" }, "description": "List of custom filters as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcDhcpOptions.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DHCP Options Set.\n" }, "dhcpOptionsId": { "type": "string", "description": "EC2 DHCP Options ID\n" }, "domainName": { "type": "string", "description": "The suffix domain name to used when resolving non Fully Qualified Domain Names. e.g. the `search` value in the `/etc/resolv.conf` file.\n" }, "domainNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of name servers.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcDhcpOptionsFilter:getVpcDhcpOptionsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "netbiosNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of NETBIOS name servers.\n" }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n" }, "ntpServers": { "type": "array", "items": { "type": "string" }, "description": "List of NTP servers.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the DHCP options set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "arn", "dhcpOptionsId", "domainName", "domainNameServers", "netbiosNameServers", "netbiosNodeType", "ntpServers", "ownerId", "tags", "id" ] } }, "aws:ec2/getVpcEndpoint:getVpcEndpoint": { "description": "The VPC Endpoint data source provides details about\na specific VPC endpoint.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Declare the data source\nconst s3 = aws_vpc_foo.id.apply(id =\u003e aws.ec2.getVpcEndpoint({\n serviceName: \"com.amazonaws.us-west-2.s3\",\n vpcId: id,\n}, { async: true }));\nconst privateS3 = new aws.ec2.VpcEndpointRouteTableAssociation(\"private_s3\", {\n routeTableId: aws_route_table_private.id,\n vpcEndpointId: s3.id!,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.ec2.get_vpc_endpoint(service_name=\"com.amazonaws.us-west-2.s3\",\n vpc_id=aws_vpc[\"foo\"][\"id\"])\nprivate_s3 = aws.ec2.VpcEndpointRouteTableAssociation(\"privateS3\",\n route_table_id=aws_route_table[\"private\"][\"id\"],\n vpc_endpoint_id=s3.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var s3 = Output.Create(Aws.Ec2.GetVpcEndpoint.InvokeAsync(new Aws.Ec2.GetVpcEndpointArgs\n {\n ServiceName = \"com.amazonaws.us-west-2.s3\",\n VpcId = aws_vpc.Foo.Id,\n }));\n var privateS3 = new Aws.Ec2.VpcEndpointRouteTableAssociation(\"privateS3\", new Aws.Ec2.VpcEndpointRouteTableAssociationArgs\n {\n RouteTableId = aws_route_table.Private.Id,\n VpcEndpointId = s3.Apply(s3 =\u003e s3.Id),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"com.amazonaws.us-west-2.s3\"\n\t\topt1 := aws_vpc.Foo.Id\n\t\ts3, err := ec2.LookupVpcEndpoint(ctx, \u0026ec2.LookupVpcEndpointArgs{\n\t\t\tServiceName: \u0026opt0,\n\t\t\tVpcId: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcEndpointRouteTableAssociation(ctx, \"privateS3\", \u0026ec2.VpcEndpointRouteTableAssociationArgs{\n\t\t\tRouteTableId: pulumi.String(aws_route_table.Private.Id),\n\t\t\tVpcEndpointId: pulumi.String(s3.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getVpcEndpoint.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcEndpointFilter:getVpcEndpointFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "The ID of the specific VPC Endpoint to retrieve.\n" }, "serviceName": { "type": "string", "description": "The service name of the specific VPC Endpoint to retrieve. For AWS services the service name is usually in the form `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.\u003cregion\u003e.notebook`).\n" }, "state": { "type": "string", "description": "The state of the specific VPC Endpoint to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the specific VPC Endpoint to retrieve.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the specific VPC Endpoint is used.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcEndpoint.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC endpoint.\n" }, "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type `Gateway`.\n" }, "dnsEntries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcEndpointDnsEntry:getVpcEndpointDnsEntry" }, "description": "The DNS entries for the VPC Endpoint. Applicable for endpoints of type `Interface`. DNS blocks are documented below.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcEndpointFilter:getVpcEndpointFilter" } }, "id": { "type": "string" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type `Interface`.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC endpoint.\n" }, "policy": { "type": "string", "description": "The policy document associated with the VPC Endpoint. Applicable for endpoints of type `Gateway`.\n" }, "prefixListId": { "type": "string", "description": "The prefix list ID of the exposed AWS service. Applicable for endpoints of type `Gateway`.\n" }, "privateDnsEnabled": { "type": "boolean", "description": "Whether or not the VPC is associated with a private hosted zone - `true` or `false`. Applicable for endpoints of type `Interface`.\n" }, "requesterManaged": { "type": "boolean", "description": "Whether or not the VPC Endpoint is being managed by its service - `true` or `false`.\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "One or more route tables associated with the VPC Endpoint. Applicable for endpoints of type `Gateway`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more security groups associated with the network interfaces. Applicable for endpoints of type `Interface`.\n" }, "serviceName": { "type": "string" }, "state": { "type": "string" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "One or more subnets in which the VPC Endpoint is located. Applicable for endpoints of type `Interface`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcEndpointType": { "type": "string", "description": "The VPC Endpoint type, `Gateway` or `Interface`.\n" }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "arn", "cidrBlocks", "dnsEntries", "id", "networkInterfaceIds", "ownerId", "policy", "prefixListId", "privateDnsEnabled", "requesterManaged", "routeTableIds", "securityGroupIds", "serviceName", "state", "subnetIds", "tags", "vpcEndpointType", "vpcId" ] } }, "aws:ec2/getVpcEndpointService:getVpcEndpointService": { "description": "The VPC Endpoint Service data source details about a specific service that\ncan be specified when creating a VPC endpoint within the region configured in the provider.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### AWS Service\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Declare the data source\nconst s3 = pulumi.output(aws.ec2.getVpcEndpointService({\n service: \"s3\",\n}, { async: true }));\n// Create a VPC\nconst foo = new aws.ec2.Vpc(\"foo\", {\n cidrBlock: \"10.0.0.0/16\",\n});\n// Create a VPC endpoint\nconst ep = new aws.ec2.VpcEndpoint(\"ep\", {\n serviceName: s3.serviceName!,\n vpcId: foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.ec2.get_vpc_endpoint_service(service=\"s3\")\n# Create a VPC\nfoo = aws.ec2.Vpc(\"foo\", cidr_block=\"10.0.0.0/16\")\n# Create a VPC endpoint\nep = aws.ec2.VpcEndpoint(\"ep\",\n service_name=s3.service_name,\n vpc_id=foo.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var s3 = Output.Create(Aws.Ec2.GetVpcEndpointService.InvokeAsync(new Aws.Ec2.GetVpcEndpointServiceArgs\n {\n Service = \"s3\",\n }));\n // Create a VPC\n var foo = new Aws.Ec2.Vpc(\"foo\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n // Create a VPC endpoint\n var ep = new Aws.Ec2.VpcEndpoint(\"ep\", new Aws.Ec2.VpcEndpointArgs\n {\n ServiceName = s3.Apply(s3 =\u003e s3.ServiceName),\n VpcId = foo.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"s3\"\n\t\ts3, err := ec2.LookupVpcEndpointService(ctx, \u0026ec2.LookupVpcEndpointServiceArgs{\n\t\t\tService: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewVpc(ctx, \"foo\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcEndpoint(ctx, \"ep\", \u0026ec2.VpcEndpointArgs{\n\t\t\tServiceName: pulumi.String(s3.ServiceName),\n\t\t\tVpcId: foo.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Non-AWS Service\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst custome = pulumi.output(aws.ec2.getVpcEndpointService({\n serviceName: \"com.amazonaws.vpce.us-west-2.vpce-svc-0e87519c997c63cd8\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncustome = aws.ec2.get_vpc_endpoint_service(service_name=\"com.amazonaws.vpce.us-west-2.vpce-svc-0e87519c997c63cd8\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var custome = Output.Create(Aws.Ec2.GetVpcEndpointService.InvokeAsync(new Aws.Ec2.GetVpcEndpointServiceArgs\n {\n ServiceName = \"com.amazonaws.vpce.us-west-2.vpce-svc-0e87519c997c63cd8\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"com.amazonaws.vpce.us-west-2.vpce-svc-0e87519c997c63cd8\"\n\t\t_, err := ec2.LookupVpcEndpointService(ctx, \u0026ec2.LookupVpcEndpointServiceArgs{\n\t\t\tServiceName: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.output(aws.ec2.getVpcEndpointService({\n filters: [{\n name: \"service-name\",\n values: [\"some-service\"],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_vpc_endpoint_service(filters=[{\n \"name\": \"service-name\",\n \"values\": [\"some-service\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.Ec2.GetVpcEndpointService.InvokeAsync(new Aws.Ec2.GetVpcEndpointServiceArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetVpcEndpointServiceFilterArgs\n {\n Name = \"service-name\",\n Values = \n {\n \"some-service\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupVpcEndpointService(ctx, \u0026ec2.LookupVpcEndpointServiceArgs{\n\t\t\tFilters: []ec2.GetVpcEndpointServiceFilter{\n\t\t\t\tec2.GetVpcEndpointServiceFilter{\n\t\t\t\t\tName: \"service-name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"some-service\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getVpcEndpointService.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcEndpointServiceFilter:getVpcEndpointServiceFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "service": { "type": "string", "description": "The common name of an AWS service (e.g. `s3`).\n" }, "serviceName": { "type": "string", "description": "The service name that is specified when creating a VPC endpoint. For AWS services the service name is usually in the form `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.\u003cregion\u003e.notebook`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match a pair on the desired VPC Endpoint Service.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcEndpointService.\n", "properties": { "acceptanceRequired": { "type": "boolean", "description": "Whether or not VPC endpoint connection requests to the service must be accepted by the service owner - `true` or `false`.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC endpoint service.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The Availability Zones in which the service is available.\n" }, "baseEndpointDnsNames": { "type": "array", "items": { "type": "string" }, "description": "The DNS names for the service.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcEndpointServiceFilter:getVpcEndpointServiceFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "managesVpcEndpoints": { "type": "boolean", "description": "Whether or not the service manages its VPC endpoints - `true` or `false`.\n" }, "owner": { "type": "string", "description": "The AWS account ID of the service owner or `amazon`.\n" }, "privateDnsName": { "type": "string", "description": "The private DNS name for the service.\n" }, "service": { "type": "string" }, "serviceId": { "type": "string", "description": "The ID of the endpoint service.\n" }, "serviceName": { "type": "string" }, "serviceType": { "type": "string", "description": "The service type, `Gateway` or `Interface`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n" }, "vpcEndpointPolicySupported": { "type": "boolean", "description": "Whether or not the service supports endpoint policies - `true` or `false`.\n" } }, "type": "object", "required": [ "acceptanceRequired", "arn", "availabilityZones", "baseEndpointDnsNames", "managesVpcEndpoints", "owner", "privateDnsName", "serviceId", "serviceName", "serviceType", "tags", "vpcEndpointPolicySupported", "id" ] } }, "aws:ec2/getVpcPeeringConnection:getVpcPeeringConnection": { "description": "The VPC Peering Connection data source provides details about\na specific VPC peering connection.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Declare the data source\nconst pc = aws_vpc_foo.id.apply(id =\u003e aws.ec2.getVpcPeeringConnection({\n peerCidrBlock: \"10.0.1.0/22\",\n vpcId: id,\n}, { async: true }));\n// Create a route table\nconst rt = new aws.ec2.RouteTable(\"rt\", {\n vpcId: aws_vpc_foo.id,\n});\n// Create a route\nconst route = new aws.ec2.Route(\"r\", {\n destinationCidrBlock: pc.peerCidrBlock!,\n routeTableId: rt.id,\n vpcPeeringConnectionId: pc.id!,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npc = aws.ec2.get_vpc_peering_connection(peer_cidr_block=\"10.0.1.0/22\",\n vpc_id=aws_vpc[\"foo\"][\"id\"])\n# Create a route table\nrt = aws.ec2.RouteTable(\"rt\", vpc_id=aws_vpc[\"foo\"][\"id\"])\n# Create a route\nroute = aws.ec2.Route(\"route\",\n destination_cidr_block=pc.peer_cidr_block,\n route_table_id=rt.id,\n vpc_peering_connection_id=pc.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var pc = Output.Create(Aws.Ec2.GetVpcPeeringConnection.InvokeAsync(new Aws.Ec2.GetVpcPeeringConnectionArgs\n {\n PeerCidrBlock = \"10.0.1.0/22\",\n VpcId = aws_vpc.Foo.Id,\n }));\n // Create a route table\n var rt = new Aws.Ec2.RouteTable(\"rt\", new Aws.Ec2.RouteTableArgs\n {\n VpcId = aws_vpc.Foo.Id,\n });\n // Create a route\n var route = new Aws.Ec2.Route(\"route\", new Aws.Ec2.RouteArgs\n {\n DestinationCidrBlock = pc.Apply(pc =\u003e pc.PeerCidrBlock),\n RouteTableId = rt.Id,\n VpcPeeringConnectionId = pc.Apply(pc =\u003e pc.Id),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"10.0.1.0/22\"\n\t\topt1 := aws_vpc.Foo.Id\n\t\tpc, err := ec2.LookupVpcPeeringConnection(ctx, \u0026ec2.LookupVpcPeeringConnectionArgs{\n\t\t\tPeerCidrBlock: \u0026opt0,\n\t\t\tVpcId: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trt, err := ec2.NewRouteTable(ctx, \"rt\", \u0026ec2.RouteTableArgs{\n\t\t\tVpcId: pulumi.String(aws_vpc.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewRoute(ctx, \"route\", \u0026ec2.RouteArgs{\n\t\t\tDestinationCidrBlock: pulumi.String(pc.PeerCidrBlock),\n\t\t\tRouteTableId: rt.ID(),\n\t\t\tVpcPeeringConnectionId: pulumi.String(pc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getVpcPeeringConnection.\n", "properties": { "cidrBlock": { "type": "string", "description": "The CIDR block of the requester VPC of the specific VPC Peering Connection to retrieve.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcPeeringConnectionFilter:getVpcPeeringConnectionFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "The ID of the specific VPC Peering Connection to retrieve.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the owner of the requester VPC of the specific VPC Peering Connection to retrieve.\n" }, "peerCidrBlock": { "type": "string", "description": "The CIDR block of the accepter VPC of the specific VPC Peering Connection to retrieve.\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the owner of the accepter VPC of the specific VPC Peering Connection to retrieve.\n" }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC of the specific VPC Peering Connection to retrieve.\n" }, "peerVpcId": { "type": "string", "description": "The ID of the accepter VPC of the specific VPC Peering Connection to retrieve.\n" }, "region": { "type": "string", "description": "The region of the requester VPC of the specific VPC Peering Connection to retrieve.\n" }, "status": { "type": "string", "description": "The status of the specific VPC Peering Connection to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired VPC Peering Connection.\n" }, "vpcId": { "type": "string", "description": "The ID of the requester VPC of the specific VPC Peering Connection to retrieve.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcPeeringConnection.\n", "properties": { "accepter": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the accepter VPC.\n" }, "cidrBlock": { "type": "string" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcPeeringConnectionFilter:getVpcPeeringConnectionFilter" } }, "id": { "type": "string" }, "ownerId": { "type": "string" }, "peerCidrBlock": { "type": "string" }, "peerOwnerId": { "type": "string" }, "peerRegion": { "type": "string" }, "peerVpcId": { "type": "string" }, "region": { "type": "string" }, "requester": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the requester VPC.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "accepter", "cidrBlock", "id", "ownerId", "peerCidrBlock", "peerOwnerId", "peerRegion", "peerVpcId", "region", "requester", "status", "tags", "vpcId" ] } }, "aws:ec2/getVpcs:getVpcs": { "description": "This resource can be useful for getting back a list of VPC Ids for a region.\n\nThe following example retrieves a list of VPC Ids with a custom tag of `service` set to a value of \"production\".\n", "inputs": { "description": "A collection of arguments for invoking getVpcs.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcsFilter:getVpcsFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired vpcs.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcs.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcsFilter:getVpcsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "A list of all the VPC Ids found. This data source will fail if none are found.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "ids", "tags", "id" ] } }, "aws:ec2/getVpnGateway:getVpnGateway": { "description": "The VPN Gateway data source provides details about\na specific VPN gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = pulumi.output(aws.ec2.getVpnGateway({\n filters: [{\n name: \"tag:Name\",\n values: [\"vpn-gw\"],\n }],\n}, { async: true }));\n\nexport const vpnGatewayId = selected.id!;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.ec2.get_vpn_gateway(filters=[{\n \"name\": \"tag:Name\",\n \"values\": [\"vpn-gw\"],\n}])\npulumi.export(\"vpnGatewayId\", selected.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var selected = Output.Create(Aws.Ec2.GetVpnGateway.InvokeAsync(new Aws.Ec2.GetVpnGatewayArgs\n {\n Filters = \n {\n new Aws.Ec2.Inputs.GetVpnGatewayFilterArgs\n {\n Name = \"tag:Name\",\n Values = \n {\n \"vpn-gw\",\n },\n },\n },\n }));\n this.VpnGatewayId = selected.Apply(selected =\u003e selected.Id);\n }\n\n [Output(\"vpnGatewayId\")]\n public Output\u003cstring\u003e VpnGatewayId { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tselected, err := ec2.LookupVpnGateway(ctx, \u0026ec2.LookupVpnGatewayArgs{\n\t\t\tFilters: []ec2.GetVpnGatewayFilter{\n\t\t\t\tec2.GetVpnGatewayFilter{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"vpn-gw\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"vpnGatewayId\", selected.Id)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getVpnGateway.\n", "properties": { "amazonSideAsn": { "type": "string", "description": "The Autonomous System Number (ASN) for the Amazon side of the specific VPN Gateway to retrieve.\n" }, "attachedVpcId": { "type": "string", "description": "The ID of a VPC attached to the specific VPN Gateway to retrieve.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone of the specific VPN Gateway to retrieve.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpnGatewayFilter:getVpnGatewayFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "The ID of the specific VPN Gateway to retrieve.\n" }, "state": { "type": "string", "description": "The state of the specific VPN Gateway to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match\na pair on the desired VPN Gateway.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpnGateway.\n", "properties": { "amazonSideAsn": { "type": "string" }, "arn": { "type": "string" }, "attachedVpcId": { "type": "string" }, "availabilityZone": { "type": "string" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpnGatewayFilter:getVpnGatewayFilter" } }, "id": { "type": "string" }, "state": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "amazonSideAsn", "arn", "attachedVpcId", "availabilityZone", "id", "state", "tags" ] } }, "aws:ec2transitgateway/getDirectConnectGatewayAttachment:getDirectConnectGatewayAttachment": { "description": "Get information on an EC2 Transit Gateway's attachment to a Direct Connect Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### By Transit Gateway and Direct Connect Gateway Identifiers\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.all([aws_dx_gateway_example.id, aws_ec2_transit_gateway_example.id]).apply(([aws_dx_gateway_exampleId, aws_ec2_transit_gateway_exampleId]) =\u003e aws.ec2transitgateway.getDirectConnectGatewayAttachment({\n dxGatewayId: aws_dx_gateway_exampleId,\n transitGatewayId: aws_ec2_transit_gateway_exampleId,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_direct_connect_gateway_attachment(dx_gateway_id=aws_dx_gateway[\"example\"][\"id\"],\n transit_gateway_id=aws_ec2_transit_gateway[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2TransitGateway.GetDirectConnectGatewayAttachment.InvokeAsync(new Aws.Ec2TransitGateway.GetDirectConnectGatewayAttachmentArgs\n {\n DxGatewayId = aws_dx_gateway.Example.Id,\n TransitGatewayId = aws_ec2_transit_gateway.Example.Id,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := aws_dx_gateway.Example.Id\n\t\topt1 := aws_ec2_transit_gateway.Example.Id\n\t\t_, err := ec2transitgateway.GetDirectConnectGatewayAttachment(ctx, \u0026ec2transitgateway.GetDirectConnectGatewayAttachmentArgs{\n\t\t\tDxGatewayId: \u0026opt0,\n\t\t\tTransitGatewayId: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getDirectConnectGatewayAttachment.\n", "properties": { "dxGatewayId": { "type": "string", "description": "Identifier of the Direct Connect Gateway.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getDirectConnectGatewayAttachmentFilter:getDirectConnectGatewayAttachmentFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match a pair on the desired Transit Gateway Direct Connect Gateway Attachment.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of the EC2 Transit Gateway.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getDirectConnectGatewayAttachment.\n", "properties": { "dxGatewayId": { "type": "string" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getDirectConnectGatewayAttachmentFilter:getDirectConnectGatewayAttachmentFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Attachment\n" }, "transitGatewayId": { "type": "string" } }, "type": "object", "required": [ "tags", "id" ] } }, "aws:ec2transitgateway/getPeeringAttachment:getPeeringAttachment": { "description": "Get information on an EC2 Transit Gateway Peering Attachment.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### By Filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2transitgateway.getPeeringAttachment({\n filters: [{\n name: \"transit-gateway-attachment-id\",\n values: [\"tgw-attach-12345678\"],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_peering_attachment(filters=[{\n \"name\": \"transit-gateway-attachment-id\",\n \"values\": [\"tgw-attach-12345678\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2TransitGateway.GetPeeringAttachment.InvokeAsync(new Aws.Ec2TransitGateway.GetPeeringAttachmentArgs\n {\n Filters = \n {\n new Aws.Ec2TransitGateway.Inputs.GetPeeringAttachmentFilterArgs\n {\n Name = \"transit-gateway-attachment-id\",\n Values = \n {\n \"tgw-attach-12345678\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupPeeringAttachment(ctx, \u0026ec2transitgateway.LookupPeeringAttachmentArgs{\n\t\t\tFilters: []ec2transitgateway.GetPeeringAttachmentFilter{\n\t\t\t\tec2transitgateway.GetPeeringAttachmentFilter{\n\t\t\t\t\tName: \"transit-gateway-attachment-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"tgw-attach-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### By Identifier\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst attachment = pulumi.output(aws.ec2transitgateway.getPeeringAttachment({\n id: \"tgw-attach-12345678\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nattachment = aws.ec2transitgateway.get_peering_attachment(id=\"tgw-attach-12345678\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var attachment = Output.Create(Aws.Ec2TransitGateway.GetPeeringAttachment.InvokeAsync(new Aws.Ec2TransitGateway.GetPeeringAttachmentArgs\n {\n Id = \"tgw-attach-12345678\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"tgw-attach-12345678\"\n\t\t_, err := ec2transitgateway.LookupPeeringAttachment(ctx, \u0026ec2transitgateway.LookupPeeringAttachmentArgs{\n\t\t\tId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getPeeringAttachment.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getPeeringAttachmentFilter:getPeeringAttachmentFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of the EC2 Transit Gateway Peering Attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags, each pair of which must exactly match\na pair on the specific EC2 Transit Gateway Peering Attachment to retrieve.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getPeeringAttachment.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getPeeringAttachmentFilter:getPeeringAttachmentFilter" } }, "id": { "type": "string" }, "peerAccountId": { "type": "string", "description": "Identifier of the peer AWS account\n" }, "peerRegion": { "type": "string", "description": "Identifier of the peer AWS region\n" }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of the peer EC2 Transit Gateway\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "transitGatewayId": { "type": "string", "description": "Identifier of the local EC2 Transit Gateway\n" } }, "type": "object", "required": [ "peerAccountId", "peerRegion", "peerTransitGatewayId", "tags", "transitGatewayId" ] } }, "aws:ec2transitgateway/getRouteTable:getRouteTable": { "description": "Get information on an EC2 Transit Gateway Route Table.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### By Filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2transitgateway.getRouteTable({\n filters: [\n {\n name: \"default-association-route-table\",\n values: [\"true\"],\n },\n {\n name: \"transit-gateway-id\",\n values: [\"tgw-12345678\"],\n },\n ],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_route_table(filters=[\n {\n \"name\": \"default-association-route-table\",\n \"values\": [\"true\"],\n },\n {\n \"name\": \"transit-gateway-id\",\n \"values\": [\"tgw-12345678\"],\n },\n])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2TransitGateway.GetRouteTable.InvokeAsync(new Aws.Ec2TransitGateway.GetRouteTableArgs\n {\n Filters = \n {\n new Aws.Ec2TransitGateway.Inputs.GetRouteTableFilterArgs\n {\n Name = \"default-association-route-table\",\n Values = \n {\n \"true\",\n },\n },\n new Aws.Ec2TransitGateway.Inputs.GetRouteTableFilterArgs\n {\n Name = \"transit-gateway-id\",\n Values = \n {\n \"tgw-12345678\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupRouteTable(ctx, \u0026ec2transitgateway.LookupRouteTableArgs{\n\t\t\tFilters: []ec2transitgateway.GetRouteTableFilter{\n\t\t\t\tec2transitgateway.GetRouteTableFilter{\n\t\t\t\t\tName: \"default-association-route-table\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"true\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tec2transitgateway.GetRouteTableFilter{\n\t\t\t\t\tName: \"transit-gateway-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"tgw-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### By Identifier\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2transitgateway.getRouteTable({\n id: \"tgw-rtb-12345678\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_route_table(id=\"tgw-rtb-12345678\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2TransitGateway.GetRouteTable.InvokeAsync(new Aws.Ec2TransitGateway.GetRouteTableArgs\n {\n Id = \"tgw-rtb-12345678\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"tgw-rtb-12345678\"\n\t\t_, err := ec2transitgateway.LookupRouteTable(ctx, \u0026ec2transitgateway.LookupRouteTableArgs{\n\t\t\tId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRouteTable.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTableFilter:getRouteTableFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of the EC2 Transit Gateway Route Table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Route Table\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRouteTable.\n", "properties": { "defaultAssociationRouteTable": { "type": "boolean", "description": "Boolean whether this is the default association route table for the EC2 Transit Gateway\n" }, "defaultPropagationRouteTable": { "type": "boolean", "description": "Boolean whether this is the default propagation route table for the EC2 Transit Gateway\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTableFilter:getRouteTableFilter" } }, "id": { "type": "string", "description": "EC2 Transit Gateway Route Table identifier\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Route Table\n" }, "transitGatewayId": { "type": "string", "description": "EC2 Transit Gateway identifier\n" } }, "type": "object", "required": [ "defaultAssociationRouteTable", "defaultPropagationRouteTable", "tags", "transitGatewayId" ] } }, "aws:ec2transitgateway/getTransitGateway:getTransitGateway": { "description": "Get information on an EC2 Transit Gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### By Filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2transitgateway.getTransitGateway({\n filters: [{\n name: \"options.amazon-side-asn\",\n values: [\"64512\"],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_transit_gateway(filters=[{\n \"name\": \"options.amazon-side-asn\",\n \"values\": [\"64512\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2TransitGateway.GetTransitGateway.InvokeAsync(new Aws.Ec2TransitGateway.GetTransitGatewayArgs\n {\n Filters = \n {\n new Aws.Ec2TransitGateway.Inputs.GetTransitGatewayFilterArgs\n {\n Name = \"options.amazon-side-asn\",\n Values = \n {\n \"64512\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupTransitGateway(ctx, \u0026ec2transitgateway.LookupTransitGatewayArgs{\n\t\t\tFilters: []ec2transitgateway.GetTransitGatewayFilter{\n\t\t\t\tec2transitgateway.GetTransitGatewayFilter{\n\t\t\t\t\tName: \"options.amazon-side-asn\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"64512\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### By Identifier\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2transitgateway.getTransitGateway({\n id: \"tgw-12345678\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_transit_gateway(id=\"tgw-12345678\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2TransitGateway.GetTransitGateway.InvokeAsync(new Aws.Ec2TransitGateway.GetTransitGatewayArgs\n {\n Id = \"tgw-12345678\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"tgw-12345678\"\n\t\t_, err := ec2transitgateway.LookupTransitGateway(ctx, \u0026ec2transitgateway.LookupTransitGatewayArgs{\n\t\t\tId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getTransitGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getTransitGatewayFilter:getTransitGatewayFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of the EC2 Transit Gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTransitGateway.\n", "properties": { "amazonSideAsn": { "type": "integer", "description": "Private Autonomous System Number (ASN) for the Amazon side of a BGP session\n" }, "arn": { "type": "string", "description": "EC2 Transit Gateway Amazon Resource Name (ARN)\n" }, "associationDefaultRouteTableId": { "type": "string", "description": "Identifier of the default association route table\n" }, "autoAcceptSharedAttachments": { "type": "string", "description": "Whether resource attachment requests are automatically accepted.\n" }, "defaultRouteTableAssociation": { "type": "string", "description": "Whether resource attachments are automatically associated with the default association route table.\n" }, "defaultRouteTablePropagation": { "type": "string", "description": "Whether resource attachments automatically propagate routes to the default propagation route table.\n" }, "description": { "type": "string", "description": "Description of the EC2 Transit Gateway\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getTransitGatewayFilter:getTransitGatewayFilter" } }, "id": { "type": "string", "description": "EC2 Transit Gateway identifier\n" }, "ownerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 Transit Gateway\n" }, "propagationDefaultRouteTableId": { "type": "string", "description": "Identifier of the default propagation route table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway\n" }, "vpnEcmpSupport": { "type": "string", "description": "Whether VPN Equal Cost Multipath Protocol support is enabled.\n" } }, "type": "object", "required": [ "amazonSideAsn", "arn", "associationDefaultRouteTableId", "autoAcceptSharedAttachments", "defaultRouteTableAssociation", "defaultRouteTablePropagation", "description", "dnsSupport", "ownerId", "propagationDefaultRouteTableId", "tags", "vpnEcmpSupport" ] } }, "aws:ec2transitgateway/getVpcAttachment:getVpcAttachment": { "description": "Get information on an EC2 Transit Gateway VPC Attachment.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### By Filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2transitgateway.getVpcAttachment({\n filters: [{\n name: \"vpc-id\",\n values: [\"vpc-12345678\"],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_vpc_attachment(filters=[{\n \"name\": \"vpc-id\",\n \"values\": [\"vpc-12345678\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2TransitGateway.GetVpcAttachment.InvokeAsync(new Aws.Ec2TransitGateway.GetVpcAttachmentArgs\n {\n Filters = \n {\n new Aws.Ec2TransitGateway.Inputs.GetVpcAttachmentFilterArgs\n {\n Name = \"vpc-id\",\n Values = \n {\n \"vpc-12345678\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupVpcAttachment(ctx, \u0026ec2transitgateway.LookupVpcAttachmentArgs{\n\t\t\tFilters: []ec2transitgateway.GetVpcAttachmentFilter{\n\t\t\t\tec2transitgateway.GetVpcAttachmentFilter{\n\t\t\t\t\tName: \"vpc-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"vpc-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### By Identifier\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ec2transitgateway.getVpcAttachment({\n id: \"tgw-attach-12345678\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_vpc_attachment(id=\"tgw-attach-12345678\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2TransitGateway.GetVpcAttachment.InvokeAsync(new Aws.Ec2TransitGateway.GetVpcAttachmentArgs\n {\n Id = \"tgw-attach-12345678\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"tgw-attach-12345678\"\n\t\t_, err := ec2transitgateway.LookupVpcAttachment(ctx, \u0026ec2transitgateway.LookupVpcAttachmentArgs{\n\t\t\tId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getVpcAttachment.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getVpcAttachmentFilter:getVpcAttachmentFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of the EC2 Transit Gateway VPC Attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcAttachment.\n", "properties": { "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getVpcAttachmentFilter:getVpcAttachmentFilter" } }, "id": { "type": "string", "description": "EC2 Transit Gateway VPC Attachment identifier\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment\n" }, "transitGatewayId": { "type": "string", "description": "EC2 Transit Gateway identifier\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" }, "vpcOwnerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 VPC.\n" } }, "type": "object", "required": [ "dnsSupport", "ipv6Support", "subnetIds", "tags", "transitGatewayId", "vpcId", "vpcOwnerId" ] } }, "aws:ec2transitgateway/getVpnAttachment:getVpnAttachment": { "description": "Get information on an EC2 Transit Gateway VPN Attachment.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### By Transit Gateway and VPN Connection Identifiers\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.all([aws_ec2_transit_gateway_example.id, aws_vpn_connection_example.id]).apply(([aws_ec2_transit_gateway_exampleId, aws_vpn_connection_exampleId]) =\u003e aws.ec2transitgateway.getVpnAttachment({\n transitGatewayId: aws_ec2_transit_gateway_exampleId,\n vpnConnectionId: aws_vpn_connection_exampleId,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_vpn_attachment(transit_gateway_id=aws_ec2_transit_gateway[\"example\"][\"id\"],\n vpn_connection_id=aws_vpn_connection[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ec2TransitGateway.GetVpnAttachment.InvokeAsync(new Aws.Ec2TransitGateway.GetVpnAttachmentArgs\n {\n TransitGatewayId = aws_ec2_transit_gateway.Example.Id,\n VpnConnectionId = aws_vpn_connection.Example.Id,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := aws_ec2_transit_gateway.Example.Id\n\t\topt1 := aws_vpn_connection.Example.Id\n\t\t_, err := ec2transitgateway.GetVpnAttachment(ctx, \u0026ec2transitgateway.GetVpnAttachmentArgs{\n\t\t\tTransitGatewayId: \u0026opt0,\n\t\t\tVpnConnectionId: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.output(aws.ec2transitgateway.getVpnAttachment({\n filters: [{\n name: \"resource-id\",\n values: [\"some-resource\"],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2transitgateway.get_vpn_attachment(filters=[{\n \"name\": \"resource-id\",\n \"values\": [\"some-resource\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.Ec2TransitGateway.GetVpnAttachment.InvokeAsync(new Aws.Ec2TransitGateway.GetVpnAttachmentArgs\n {\n Filters = \n {\n new Aws.Ec2TransitGateway.Inputs.GetVpnAttachmentFilterArgs\n {\n Name = \"resource-id\",\n Values = \n {\n \"some-resource\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.GetVpnAttachment(ctx, \u0026ec2transitgateway.GetVpnAttachmentArgs{\n\t\t\tFilters: []ec2transitgateway.GetVpnAttachmentFilter{\n\t\t\t\tec2transitgateway.GetVpnAttachmentFilter{\n\t\t\t\t\tName: \"resource-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"some-resource\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getVpnAttachment.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getVpnAttachmentFilter:getVpnAttachmentFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match a pair on the desired Transit Gateway VPN Attachment.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of the EC2 Transit Gateway.\n" }, "vpnConnectionId": { "type": "string", "description": "Identifier of the EC2 VPN Connection.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpnAttachment.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getVpnAttachmentFilter:getVpnAttachmentFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPN Attachment\n" }, "transitGatewayId": { "type": "string" }, "vpnConnectionId": { "type": "string" } }, "type": "object", "required": [ "tags", "id" ] } }, "aws:ecr/getAuthorizationToken:getAuthorizationToken": { "description": "The ECR Authorization Token data source allows the authorization token, proxy endpoint, token expiration date, user name and password to be retrieved for an ECR repository.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst token = pulumi.output(aws.ecr.getAuthorizationToken({ async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntoken = aws.ecr.get_authorization_token()\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var token = Output.Create(Aws.Ecr.GetAuthorizationToken.InvokeAsync());\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.GetAuthorizationToken(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAuthorizationToken.\n", "properties": { "registryId": { "type": "string", "description": "AWS account ID of the ECR Repository. If not specified the default account is assumed.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAuthorizationToken.\n", "properties": { "authorizationToken": { "type": "string", "description": "Temporary IAM authentication credentials to access the ECR repository encoded in base64 in the form of `user_name:password`.\n" }, "expiresAt": { "type": "string", "description": "The time in UTC RFC3339 format when the authorization token expires.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "password": { "type": "string", "description": "Password decoded from the authorization token.\n" }, "proxyEndpoint": { "type": "string", "description": "The registry URL to use in the docker login command.\n" }, "registryId": { "type": "string" }, "userName": { "type": "string", "description": "User name decoded from the authorization token.\n" } }, "type": "object", "required": [ "authorizationToken", "expiresAt", "password", "proxyEndpoint", "userName", "id" ] } }, "aws:ecr/getCredentials:getCredentials": { "inputs": { "description": "A collection of arguments for invoking getCredentials.\n", "properties": { "registryId": { "type": "string" } }, "type": "object", "required": [ "registryId" ] }, "outputs": { "description": "A collection of values returned by getCredentials.\n", "properties": { "authorizationToken": { "type": "string" }, "expiresAt": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "proxyEndpoint": { "type": "string" }, "registryId": { "type": "string" } }, "type": "object", "required": [ "authorizationToken", "expiresAt", "proxyEndpoint", "registryId", "id" ] } }, "aws:ecr/getImage:getImage": { "description": "The ECR Image data source allows the details of an image with a particular tag or digest to be retrieved.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceImage = pulumi.output(aws.ecr.getImage({\n imageTag: \"latest\",\n repositoryName: \"my/service\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservice_image = aws.ecr.get_image(image_tag=\"latest\",\n repository_name=\"my/service\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var serviceImage = Output.Create(Aws.Ecr.GetImage.InvokeAsync(new Aws.Ecr.GetImageArgs\n {\n ImageTag = \"latest\",\n RepositoryName = \"my/service\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"latest\"\n\t\t_, err := ecr.GetImage(ctx, \u0026ecr.GetImageArgs{\n\t\t\tImageTag: \u0026opt0,\n\t\t\tRepositoryName: \"my/service\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getImage.\n", "properties": { "imageDigest": { "type": "string", "description": "The sha256 digest of the image manifest. At least one of `image_digest` or `image_tag` must be specified.\n" }, "imageTag": { "type": "string", "description": "The tag associated with this image. At least one of `image_digest` or `image_tag` must be specified.\n" }, "registryId": { "type": "string", "description": "The ID of the Registry where the repository resides.\n" }, "repositoryName": { "type": "string", "description": "The name of the ECR Repository.\n" } }, "type": "object", "required": [ "repositoryName" ] }, "outputs": { "description": "A collection of values returned by getImage.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "imageDigest": { "type": "string" }, "imagePushedAt": { "type": "integer", "description": "The date and time, expressed as a unix timestamp, at which the current image was pushed to the repository.\n" }, "imageSizeInBytes": { "type": "integer", "description": "The size, in bytes, of the image in the repository.\n" }, "imageTag": { "type": "string" }, "imageTags": { "type": "array", "items": { "type": "string" }, "description": "The list of tags associated with this image.\n" }, "registryId": { "type": "string" }, "repositoryName": { "type": "string" } }, "type": "object", "required": [ "imageDigest", "imagePushedAt", "imageSizeInBytes", "imageTags", "registryId", "repositoryName", "id" ] } }, "aws:ecr/getRepository:getRepository": { "description": "The ECR Repository data source allows the ARN, Repository URI and Registry ID to be retrieved for an ECR repository.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst service = pulumi.output(aws.ecr.getRepository({\n name: \"ecr-repository\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservice = aws.ecr.get_repository(name=\"ecr-repository\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var service = Output.Create(Aws.Ecr.GetRepository.InvokeAsync(new Aws.Ecr.GetRepositoryArgs\n {\n Name = \"ecr-repository\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.LookupRepository(ctx, \u0026ecr.LookupRepositoryArgs{\n\t\t\tName: \"ecr-repository\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRepository.\n", "properties": { "name": { "type": "string", "description": "The name of the ECR Repository.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRepository.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the repository.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repositoryUrl": { "type": "string", "description": "The URL of the repository (in the form `aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "arn", "name", "registryId", "repositoryUrl", "tags", "id" ] } }, "aws:ecs/getCluster:getCluster": { "description": "The ECS Cluster data source allows access to details of a specific\ncluster within an AWS ECS service.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecs_mongo = pulumi.output(aws.ecs.getCluster({\n clusterName: \"ecs-mongo-production\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_mongo = aws.ecs.get_cluster(cluster_name=\"ecs-mongo-production\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ecs_mongo = Output.Create(Aws.Ecs.GetCluster.InvokeAsync(new Aws.Ecs.GetClusterArgs\n {\n ClusterName = \"ecs-mongo-production\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.LookupCluster(ctx, \u0026ecs.LookupClusterArgs{\n\t\t\tClusterName: \"ecs-mongo-production\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterName": { "type": "string", "description": "The name of the ECS Cluster\n" } }, "type": "object", "required": [ "clusterName" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the ECS Cluster\n" }, "clusterName": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "pendingTasksCount": { "type": "integer", "description": "The number of pending tasks for the ECS Cluster\n" }, "registeredContainerInstancesCount": { "type": "integer", "description": "The number of registered container instances for the ECS Cluster\n" }, "runningTasksCount": { "type": "integer", "description": "The number of running tasks for the ECS Cluster\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:ecs/getClusterSetting:getClusterSetting" }, "description": "The settings associated with the ECS Cluster.\n" }, "status": { "type": "string", "description": "The status of the ECS Cluster\n" } }, "type": "object", "required": [ "arn", "clusterName", "pendingTasksCount", "registeredContainerInstancesCount", "runningTasksCount", "settings", "status", "id" ] } }, "aws:ecs/getContainerDefinition:getContainerDefinition": { "description": "The ECS container definition data source allows access to details of\na specific container within an AWS ECS service.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecs_mongo = aws_ecs_task_definition_mongo.id.apply(id =\u003e aws.ecs.getContainerDefinition({\n containerName: \"mongodb\",\n taskDefinition: id,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_mongo = aws.ecs.get_container_definition(container_name=\"mongodb\",\n task_definition=aws_ecs_task_definition[\"mongo\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ecs_mongo = Output.Create(Aws.Ecs.GetContainerDefinition.InvokeAsync(new Aws.Ecs.GetContainerDefinitionArgs\n {\n ContainerName = \"mongodb\",\n TaskDefinition = aws_ecs_task_definition.Mongo.Id,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.GetContainerDefinition(ctx, \u0026ecs.GetContainerDefinitionArgs{\n\t\t\tContainerName: \"mongodb\",\n\t\t\tTaskDefinition: aws_ecs_task_definition.Mongo.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getContainerDefinition.\n", "properties": { "containerName": { "type": "string", "description": "The name of the container definition\n" }, "taskDefinition": { "type": "string", "description": "The ARN of the task definition which contains the container\n" } }, "type": "object", "required": [ "containerName", "taskDefinition" ] }, "outputs": { "description": "A collection of values returned by getContainerDefinition.\n", "properties": { "containerName": { "type": "string" }, "cpu": { "type": "integer", "description": "The CPU limit for this container definition\n" }, "disableNetworking": { "type": "boolean", "description": "Indicator if networking is disabled\n" }, "dockerLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Set docker labels\n" }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The environment in use\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "image": { "type": "string", "description": "The docker image in use, including the digest\n" }, "imageDigest": { "type": "string", "description": "The digest of the docker image in use\n" }, "memory": { "type": "integer", "description": "The memory limit for this container definition\n" }, "memoryReservation": { "type": "integer", "description": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under contention, Docker attempts to keep the container memory to this soft limit\n" }, "taskDefinition": { "type": "string" } }, "type": "object", "required": [ "containerName", "cpu", "disableNetworking", "dockerLabels", "environment", "image", "imageDigest", "memory", "memoryReservation", "taskDefinition", "id" ] } }, "aws:ecs/getService:getService": { "description": "The ECS Service data source allows access to details of a specific\nService within a AWS ECS Cluster.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws_ecs_cluster_example.arn.apply(arn =\u003e aws.ecs.getService({\n clusterArn: arn,\n serviceName: \"example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.get_service(cluster_arn=data[\"aws_ecs_cluster\"][\"example\"][\"arn\"],\n service_name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ecs.GetService.InvokeAsync(new Aws.Ecs.GetServiceArgs\n {\n ClusterArn = data.Aws_ecs_cluster.Example.Arn,\n ServiceName = \"example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.LookupService(ctx, \u0026ecs.LookupServiceArgs{\n\t\t\tClusterArn: data.Aws_ecs_cluster.Example.Arn,\n\t\t\tServiceName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getService.\n", "properties": { "clusterArn": { "type": "string", "description": "The arn of the ECS Cluster\n" }, "serviceName": { "type": "string", "description": "The name of the ECS Service\n" } }, "type": "object", "required": [ "clusterArn", "serviceName" ] }, "outputs": { "description": "A collection of values returned by getService.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the ECS Service\n" }, "clusterArn": { "type": "string" }, "desiredCount": { "type": "integer", "description": "The number of tasks for the ECS Service\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "launchType": { "type": "string", "description": "The launch type for the ECS Service\n" }, "schedulingStrategy": { "type": "string", "description": "The scheduling strategy for the ECS Service\n" }, "serviceName": { "type": "string" }, "taskDefinition": { "type": "string", "description": "The family for the latest ACTIVE revision\n" } }, "type": "object", "required": [ "arn", "clusterArn", "desiredCount", "launchType", "schedulingStrategy", "serviceName", "taskDefinition", "id" ] } }, "aws:ecs/getTaskDefinition:getTaskDefinition": { "description": "The ECS task definition data source allows access to details of\na specific AWS ECS task definition.\n\n", "inputs": { "description": "A collection of arguments for invoking getTaskDefinition.\n", "properties": { "taskDefinition": { "type": "string", "description": "The family for the latest ACTIVE revision, family and revision (family:revision) for a specific revision in the family, the ARN of the task definition to access to.\n" } }, "type": "object", "required": [ "taskDefinition" ] }, "outputs": { "description": "A collection of values returned by getTaskDefinition.\n", "properties": { "family": { "type": "string", "description": "The family of this task definition\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "networkMode": { "type": "string", "description": "The Docker networking mode to use for the containers in this task.\n" }, "revision": { "type": "integer", "description": "The revision of this task definition\n" }, "status": { "type": "string", "description": "The status of this task definition\n" }, "taskDefinition": { "type": "string" }, "taskRoleArn": { "type": "string", "description": "The ARN of the IAM role that containers in this task can assume\n" } }, "type": "object", "required": [ "family", "networkMode", "revision", "status", "taskDefinition", "taskRoleArn", "id" ] } }, "aws:efs/getAccessPoint:getAccessPoint": { "description": "Provides information about an Elastic File System (EFS) Access Point.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.output(aws.efs.getAccessPoint({\n accessPointId: \"fsap-12345678\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.efs.get_access_point(access_point_id=\"fsap-12345678\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.Efs.GetAccessPoint.InvokeAsync(new Aws.Efs.GetAccessPointArgs\n {\n AccessPointId = \"fsap-12345678\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := efs.LookupAccessPoint(ctx, \u0026efs.LookupAccessPointArgs{\n\t\t\tAccessPointId: \"fsap-12345678\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAccessPoint.\n", "properties": { "accessPointId": { "type": "string", "description": "The ID that identifies the file system.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" } }, "type": "object", "required": [ "accessPointId" ] }, "outputs": { "description": "A collection of values returned by getAccessPoint.\n", "properties": { "accessPointId": { "type": "string" }, "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "fileSystemArn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the file system for which the access point is intended.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ownerId": { "type": "string" }, "posixUsers": { "type": "array", "items": { "$ref": "#/types/aws:efs/getAccessPointPosixUser:getAccessPointPosixUser" }, "description": "Single element list containing operating system user and group applied to all file system requests made using the access point.\n" }, "rootDirectories": { "type": "array", "items": { "$ref": "#/types/aws:efs/getAccessPointRootDirectory:getAccessPointRootDirectory" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" } }, "type": "object", "required": [ "accessPointId", "arn", "fileSystemArn", "fileSystemId", "ownerId", "posixUsers", "rootDirectories", "id" ] } }, "aws:efs/getAccessPoints:getAccessPoints": { "description": "Provides information about multiple Elastic File System (EFS) Access Points.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.output(aws.efs.getAccessPoints({\n fileSystemId: \"fs-12345678\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.efs.get_access_points(file_system_id=\"fs-12345678\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.Efs.GetAccessPoints.InvokeAsync(new Aws.Efs.GetAccessPointsArgs\n {\n FileSystemId = \"fs-12345678\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := efs.GetAccessPoints(ctx, \u0026efs.GetAccessPointsArgs{\n\t\t\tFileSystemId: \"fs-12345678\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAccessPoints.\n", "properties": { "fileSystemId": { "type": "string", "description": "EFS File System identifier.\n" } }, "type": "object", "required": [ "fileSystemId" ] }, "outputs": { "description": "A collection of values returned by getAccessPoints.\n", "properties": { "arns": { "type": "array", "items": { "type": "string" }, "description": "Set of Amazon Resource Names (ARNs).\n" }, "fileSystemId": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "Set of identifiers.\n" } }, "type": "object", "required": [ "arns", "fileSystemId", "ids", "id" ] } }, "aws:efs/getFileSystem:getFileSystem": { "description": "Provides information about an Elastic File System (EFS) File System.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst fileSystemId = config.get(\"fileSystemId\") || \"\";\n\nconst byId = pulumi.output(aws.efs.getFileSystem({\n fileSystemId: fileSystemId,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nfile_system_id = config.get(\"fileSystemId\")\nif file_system_id is None:\n file_system_id = \"\"\nby_id = aws.efs.get_file_system(file_system_id=file_system_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var fileSystemId = config.Get(\"fileSystemId\") ?? \"\";\n var byId = Output.Create(Aws.Efs.GetFileSystem.InvokeAsync(new Aws.Efs.GetFileSystemArgs\n {\n FileSystemId = fileSystemId,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := fileSystemId\n\t\t_, err := efs.LookupFileSystem(ctx, \u0026efs.LookupFileSystemArgs{\n\t\t\tFileSystemId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getFileSystem.\n", "properties": { "creationToken": { "type": "string", "description": "Restricts the list to the file system with this creation token.\n" }, "fileSystemId": { "type": "string", "description": "The ID that identifies the file system (e.g. fs-ccfc0d65).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getFileSystem.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "creationToken": { "type": "string" }, "dnsName": { "type": "string", "description": "The DNS name for the filesystem per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n" }, "encrypted": { "type": "boolean", "description": "Whether EFS is encrypted.\n" }, "fileSystemId": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "lifecyclePolicy": { "$ref": "#/types/aws:efs/getFileSystemLifecyclePolicy:getFileSystemLifecyclePolicy", "description": "A file system [lifecycle policy](https://docs.aws.amazon.com/efs/latest/ug/API_LifecyclePolicy.html) object.\n" }, "performanceMode": { "type": "string", "description": "The file system performance mode.\n" }, "provisionedThroughputInMibps": { "type": "number", "description": "The throughput, measured in MiB/s, that you want to provision for the file system.\n* `tags` -A map of tags to assign to the file system.\n" }, "sizeInBytes": { "type": "integer", "description": "The current byte count used by the file system.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "throughputMode": { "type": "string", "description": "Throughput mode for the file system.\n" } }, "type": "object", "required": [ "arn", "creationToken", "dnsName", "encrypted", "fileSystemId", "kmsKeyId", "lifecyclePolicy", "performanceMode", "provisionedThroughputInMibps", "sizeInBytes", "tags", "throughputMode", "id" ] } }, "aws:efs/getMountTarget:getMountTarget": { "description": "Provides information about an Elastic File System Mount Target (EFS).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst mountTargetId = config.get(\"mountTargetId\") || \"\";\n\nconst byId = pulumi.output(aws.efs.getMountTarget({\n mountTargetId: mountTargetId,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nmount_target_id = config.get(\"mountTargetId\")\nif mount_target_id is None:\n mount_target_id = \"\"\nby_id = aws.efs.get_mount_target(mount_target_id=mount_target_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var mountTargetId = config.Get(\"mountTargetId\") ?? \"\";\n var byId = Output.Create(Aws.Efs.GetMountTarget.InvokeAsync(new Aws.Efs.GetMountTargetArgs\n {\n MountTargetId = mountTargetId,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := efs.LookupMountTarget(ctx, \u0026efs.LookupMountTargetArgs{\n\t\t\tMountTargetId: mountTargetId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getMountTarget.\n", "properties": { "mountTargetId": { "type": "string", "description": "ID of the mount target that you want to have described\n" } }, "type": "object", "required": [ "mountTargetId" ] }, "outputs": { "description": "A collection of values returned by getMountTarget.\n", "properties": { "availabilityZoneId": { "type": "string", "description": "The unique and consistent identifier of the Availability Zone (AZ) that the mount target resides in.\n" }, "availabilityZoneName": { "type": "string", "description": "The name of the Availability Zone (AZ) that the mount target resides in.\n" }, "dnsName": { "type": "string", "description": "The DNS name for the EFS file system.\n" }, "fileSystemArn": { "type": "string", "description": "Amazon Resource Name of the file system for which the mount target is intended.\n" }, "fileSystemId": { "type": "string", "description": "ID of the file system for which the mount target is intended.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ipAddress": { "type": "string", "description": "Address at which the file system may be mounted via the mount target.\n" }, "mountTargetDnsName": { "type": "string", "description": "The DNS name for the given subnet/AZ per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n" }, "mountTargetId": { "type": "string" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface that Amazon EFS created when it created the mount target.\n" }, "ownerId": { "type": "string", "description": "AWS account ID that owns the resource.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security group IDs attached to the mount target.\n" }, "subnetId": { "type": "string", "description": "ID of the mount target's subnet.\n" } }, "type": "object", "required": [ "availabilityZoneId", "availabilityZoneName", "dnsName", "fileSystemArn", "fileSystemId", "ipAddress", "mountTargetDnsName", "mountTargetId", "networkInterfaceId", "ownerId", "securityGroups", "subnetId", "id" ] } }, "aws:eks/getCluster:getCluster": { "description": "Retrieve information about an EKS Cluster.\n", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "name": { "type": "string", "description": "The name of the cluster\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the cluster.\n" }, "certificateAuthority": { "$ref": "#/types/aws:eks/getClusterCertificateAuthority:getClusterCertificateAuthority", "description": "Nested attribute containing `certificate-authority-data` for your cluster.\n" }, "createdAt": { "type": "string", "description": "The Unix epoch time stamp in seconds for when the cluster was created.\n" }, "enabledClusterLogTypes": { "type": "array", "items": { "type": "string" }, "description": "The enabled control plane logs.\n" }, "endpoint": { "type": "string", "description": "The endpoint for your Kubernetes API server.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "identities": { "type": "array", "items": { "$ref": "#/types/aws:eks/getClusterIdentity:getClusterIdentity" }, "description": "Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. For an example using this information to enable IAM Roles for Service Accounts, see the `aws.eks.Cluster` resource documentation.\n" }, "name": { "type": "string" }, "platformVersion": { "type": "string", "description": "The platform version for the cluster.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.\n" }, "status": { "type": "string", "description": "The status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" }, "version": { "type": "string", "description": "The Kubernetes server version for the cluster.\n" }, "vpcConfig": { "$ref": "#/types/aws:eks/getClusterVpcConfig:getClusterVpcConfig", "description": "Nested list containing VPC configuration for the cluster.\n" } }, "type": "object", "required": [ "arn", "certificateAuthority", "createdAt", "enabledClusterLogTypes", "endpoint", "identities", "name", "platformVersion", "roleArn", "status", "tags", "version", "vpcConfig", "id" ] } }, "aws:eks/getClusterAuth:getClusterAuth": { "description": "Get an authentication token to communicate with an EKS cluster.\n\nUses IAM credentials from the AWS provider to generate a temporary token that is compatible with\n[AWS IAM Authenticator](https://github.com/kubernetes-sigs/aws-iam-authenticator) authentication.\nThis can be used to authenticate to an EKS cluster or to a cluster that has the AWS IAM Authenticator\nserver configured.\n", "inputs": { "description": "A collection of arguments for invoking getClusterAuth.\n", "properties": { "name": { "type": "string", "description": "The name of the cluster\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getClusterAuth.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "token": { "type": "string", "description": "The token to use to authenticate with the cluster.\n" } }, "type": "object", "required": [ "name", "token", "id" ] } }, "aws:elasticache/getCluster:getCluster": { "description": "Use this data source to get information about an Elasticache Cluster\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myCluster = pulumi.output(aws.elasticache.getCluster({\n clusterId: \"my-cluster-id\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_cluster = aws.elasticache.get_cluster(cluster_id=\"my-cluster-id\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myCluster = Output.Create(Aws.ElastiCache.GetCluster.InvokeAsync(new Aws.ElastiCache.GetClusterArgs\n {\n ClusterId = \"my-cluster-id\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.LookupCluster(ctx, \u0026elasticache.LookupClusterArgs{\n\t\t\tClusterId: \"my-cluster-id\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterId": { "type": "string", "description": "Group identifier.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags assigned to the resource\n" } }, "type": "object", "required": [ "clusterId" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "arn": { "type": "string" }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the cache cluster.\n" }, "cacheNodes": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/getClusterCacheNode:getClusterCacheNode" }, "description": "List of node objects including `id`, `address`, `port` and `availability_zone`.\nReferenceable e.g. as `${data.aws_elasticache_cluster.bar.cache_nodes.0.address}`\n" }, "clusterAddress": { "type": "string", "description": "(Memcached only) The DNS name of the cache cluster without the port appended.\n" }, "clusterId": { "type": "string" }, "configurationEndpoint": { "type": "string", "description": "(Memcached only) The configuration endpoint to allow host discovery.\n" }, "engine": { "type": "string", "description": "Name of the cache engine.\n" }, "engineVersion": { "type": "string", "description": "Version number of the cache engine.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed.\n" }, "nodeType": { "type": "string", "description": "The cluster node type.\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic that ElastiCache notifications get sent to.\n" }, "numCacheNodes": { "type": "integer", "description": "The number of cache nodes that the cache cluster has.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group associated with this cache cluster.\n" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will\naccept connections.\n" }, "replicationGroupId": { "type": "string", "description": "The replication group to which this cache cluster belongs.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List VPC security groups associated with the cache cluster.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "List of security group names associated with this cache cluster.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which ElastiCache will\nretain automatic cache cluster snapshots before deleting them.\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which ElastiCache will\nbegin taking a daily snapshot of the cache cluster.\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group associated to the cache cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags assigned to the resource\n" } }, "type": "object", "required": [ "arn", "availabilityZone", "cacheNodes", "clusterAddress", "clusterId", "configurationEndpoint", "engine", "engineVersion", "maintenanceWindow", "nodeType", "notificationTopicArn", "numCacheNodes", "parameterGroupName", "port", "replicationGroupId", "securityGroupIds", "securityGroupNames", "snapshotRetentionLimit", "snapshotWindow", "subnetGroupName", "tags", "id" ] } }, "aws:elasticache/getReplicationGroup:getReplicationGroup": { "description": "Use this data source to get information about an Elasticache Replication Group.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = pulumi.output(aws.elasticache.getReplicationGroup({\n replicationGroupId: \"example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.elasticache.get_replication_group(replication_group_id=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bar = Output.Create(Aws.ElastiCache.GetReplicationGroup.InvokeAsync(new Aws.ElastiCache.GetReplicationGroupArgs\n {\n ReplicationGroupId = \"example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.LookupReplicationGroup(ctx, \u0026elasticache.LookupReplicationGroupArgs{\n\t\t\tReplicationGroupId: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getReplicationGroup.\n", "properties": { "replicationGroupId": { "type": "string", "description": "The identifier for the replication group.\n" } }, "type": "object", "required": [ "replicationGroupId" ] }, "outputs": { "description": "A collection of values returned by getReplicationGroup.\n", "properties": { "authTokenEnabled": { "type": "boolean", "description": "A flag that enables using an AuthToken (password) when issuing Redis commands.\n" }, "automaticFailoverEnabled": { "type": "boolean", "description": "A flag whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails.\n" }, "configurationEndpointAddress": { "type": "string", "description": "The configuration endpoint address to allow host discovery.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "memberClusters": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of all the nodes that are part of this replication group.\n" }, "nodeType": { "type": "string", "description": "The cluster node type.\n" }, "numberCacheClusters": { "type": "integer", "description": "The number of cache clusters that the replication group has.\n" }, "port": { "type": "integer", "description": "The port number on which the configuration endpoint will accept connections.\n" }, "primaryEndpointAddress": { "type": "string", "description": "The endpoint of the primary node in this node group (shard).\n" }, "replicationGroupDescription": { "type": "string", "description": "The description of the replication group.\n" }, "replicationGroupId": { "type": "string", "description": "The identifier for the replication group.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which ElastiCache retains automatic cache cluster snapshots before deleting them.\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n" } }, "type": "object", "required": [ "authTokenEnabled", "automaticFailoverEnabled", "configurationEndpointAddress", "memberClusters", "nodeType", "numberCacheClusters", "port", "primaryEndpointAddress", "replicationGroupDescription", "replicationGroupId", "snapshotRetentionLimit", "snapshotWindow", "id" ] } }, "aws:elasticbeanstalk/getApplication:getApplication": { "description": "Retrieve information about an Elastic Beanstalk Application.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.elasticbeanstalk.getApplication({\n name: \"example\",\n}, { async: true }));\n\nexport const arn = example.arn;\nexport const description = example.description;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticbeanstalk.get_application(name=\"example\")\npulumi.export(\"arn\", example.arn)\npulumi.export(\"description\", example.description)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.ElasticBeanstalk.GetApplication.InvokeAsync(new Aws.ElasticBeanstalk.GetApplicationArgs\n {\n Name = \"example\",\n }));\n this.Arn = example.Apply(example =\u003e example.Arn);\n this.Description = example.Apply(example =\u003e example.Description);\n }\n\n [Output(\"arn\")]\n public Output\u003cstring\u003e Arn { get; set; }\n [Output(\"description\")]\n public Output\u003cstring\u003e Description { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := elasticbeanstalk.LookupApplication(ctx, \u0026elasticbeanstalk.LookupApplicationArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"arn\", example.Arn)\n\t\tctx.Export(\"description\", example.Description)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getApplication.\n", "properties": { "name": { "type": "string", "description": "The name of the application\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getApplication.\n", "properties": { "appversionLifecycle": { "$ref": "#/types/aws:elasticbeanstalk/getApplicationAppversionLifecycle:getApplicationAppversionLifecycle" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the application.\n" }, "description": { "type": "string", "description": "Short description of the application\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "appversionLifecycle", "arn", "description", "name", "id" ] } }, "aws:elasticbeanstalk/getHostedZone:getHostedZone": { "description": "Use this data source to get the ID of an [elastic beanstalk hosted zone](http://docs.aws.amazon.com/general/latest/gr/rande.html#elasticbeanstalk_region).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.elasticbeanstalk.getHostedZone({ async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.elasticbeanstalk.get_hosted_zone()\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.ElasticBeanstalk.GetHostedZone.InvokeAsync());\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticbeanstalk.GetHostedZone(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getHostedZone.\n", "properties": { "region": { "type": "string", "description": "The region you'd like the zone for. By default, fetches the current region.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getHostedZone.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "region": { "type": "string", "description": "The region of the hosted zone.\n" } }, "type": "object", "required": [ "id" ] } }, "aws:elasticbeanstalk/getSolutionStack:getSolutionStack": { "description": "Use this data source to get the name of a elastic beanstalk solution stack.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst multiDocker = pulumi.output(aws.elasticbeanstalk.getSolutionStack({\n mostRecent: true,\n nameRegex: \"^64bit Amazon Linux (.*) Multi-container Docker (.*)$\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmulti_docker = aws.elasticbeanstalk.get_solution_stack(most_recent=True,\n name_regex=\"^64bit Amazon Linux (.*) Multi-container Docker (.*)$\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var multiDocker = Output.Create(Aws.ElasticBeanstalk.GetSolutionStack.InvokeAsync(new Aws.ElasticBeanstalk.GetSolutionStackArgs\n {\n MostRecent = true,\n NameRegex = \"^64bit Amazon Linux (.*) Multi-container Docker (.*)$\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\t_, err := elasticbeanstalk.GetSolutionStack(ctx, \u0026elasticbeanstalk.GetSolutionStackArgs{\n\t\t\tMostRecent: \u0026opt0,\n\t\t\tNameRegex: fmt.Sprintf(\"%v%v\", \"^64bit Amazon Linux (.*) Multi-container Docker (.*)\", \"$\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSolutionStack.\n", "properties": { "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most\nrecent solution stack.\n" }, "nameRegex": { "type": "string", "description": "A regex string to apply to the solution stack list returned\nby AWS. See [Elastic Beanstalk Supported Platforms][beanstalk-platforms] from\nAWS documentation for reference solution stack names.\n" } }, "type": "object", "required": [ "nameRegex" ] }, "outputs": { "description": "A collection of values returned by getSolutionStack.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "mostRecent": { "type": "boolean" }, "name": { "type": "string", "description": "The name of the solution stack.\n" }, "nameRegex": { "type": "string" } }, "type": "object", "required": [ "name", "nameRegex", "id" ] } }, "aws:elasticloadbalancing/getHostedZoneId:getHostedZoneId": { "description": "Use this data source to get the HostedZoneId of the AWS Elastic Load Balancing HostedZoneId\nin a given region for the purpose of using in an AWS Route53 Alias.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = pulumi.output(aws.elb.getHostedZoneId({ async: true }));\nconst www = new aws.route53.Record(\"www\", {\n aliases: [{\n evaluateTargetHealth: true,\n name: aws_elb_main.dnsName,\n zoneId: main.id,\n }],\n name: \"example.com\",\n type: \"A\",\n zoneId: aws_route53_zone_primary.zoneId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.elb.get_hosted_zone_id()\nwww = aws.route53.Record(\"www\",\n aliases=[{\n \"evaluateTargetHealth\": True,\n \"name\": aws_elb[\"main\"][\"dns_name\"],\n \"zone_id\": main.id,\n }],\n name=\"example.com\",\n type=\"A\",\n zone_id=aws_route53_zone[\"primary\"][\"zone_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = Output.Create(Aws.Elb.GetHostedZoneId.InvokeAsync());\n var www = new Aws.Route53.Record(\"www\", new Aws.Route53.RecordArgs\n {\n Aliases = \n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n EvaluateTargetHealth = true,\n Name = aws_elb.Main.Dns_name,\n ZoneId = main.Apply(main =\u003e main.Id),\n },\n },\n Name = \"example.com\",\n Type = \"A\",\n ZoneId = aws_route53_zone.Primary.Zone_id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := elb.GetHostedZoneId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t\tName: pulumi.String(aws_elb.Main.Dns_name),\n\t\t\t\t\tZoneId: pulumi.String(main.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t\tType: pulumi.String(\"A\"),\n\t\t\tZoneId: pulumi.String(aws_route53_zone.Primary.Zone_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getHostedZoneId.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS ELB HostedZoneId is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getHostedZoneId.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "region": { "type": "string" } }, "type": "object", "required": [ "id" ] }, "deprecationMessage": "aws.elasticloadbalancing.getHostedZoneId has been deprecated in favor of aws.elb.getHostedZoneId" }, "aws:elasticloadbalancing/getLoadBalancer:getLoadBalancer": { "description": "Provides information about a \"classic\" Elastic Load Balancer (ELB).\nSee `LB` Data Source if you are looking for \"v2\"\nApplication Load Balancer (ALB) or Network Load Balancer (NLB).\n\nThis data source can prove useful when a module accepts an LB as an input\nvariable and needs to, for example, determine the security groups associated\nwith it, etc.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbName = config.get(\"lbName\") || \"\";\n\nconst test = pulumi.output(aws.elb.getLoadBalancer({\n name: lbName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_name = config.get(\"lbName\")\nif lb_name is None:\n lb_name = \"\"\ntest = aws.elb.get_load_balancer(name=lb_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var lbName = config.Get(\"lbName\") ?? \"\";\n var test = Output.Create(Aws.Elb.GetLoadBalancer.InvokeAsync(new Aws.Elb.GetLoadBalancerArgs\n {\n Name = lbName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elb.LookupLoadBalancer(ctx, \u0026elb.LookupLoadBalancerArgs{\n\t\t\tName: lbName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLoadBalancer.\n", "properties": { "name": { "type": "string", "description": "The unique name of the load balancer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getLoadBalancer.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elasticloadbalancing/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs" }, "arn": { "type": "string" }, "availabilityZones": { "type": "array", "items": { "type": "string" } }, "connectionDraining": { "type": "boolean" }, "connectionDrainingTimeout": { "type": "integer" }, "crossZoneLoadBalancing": { "type": "boolean" }, "dnsName": { "type": "string" }, "healthCheck": { "$ref": "#/types/aws:elasticloadbalancing/getLoadBalancerHealthCheck:getLoadBalancerHealthCheck" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "idleTimeout": { "type": "integer" }, "instances": { "type": "array", "items": { "type": "string" } }, "internal": { "type": "boolean" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancing/getLoadBalancerListener:getLoadBalancerListener" } }, "name": { "type": "string" }, "securityGroups": { "type": "array", "items": { "type": "string" } }, "sourceSecurityGroup": { "type": "string" }, "sourceSecurityGroupId": { "type": "string" }, "subnets": { "type": "array", "items": { "type": "string" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "zoneId": { "type": "string" } }, "type": "object", "required": [ "accessLogs", "arn", "availabilityZones", "connectionDraining", "connectionDrainingTimeout", "crossZoneLoadBalancing", "dnsName", "healthCheck", "idleTimeout", "instances", "internal", "listeners", "name", "securityGroups", "sourceSecurityGroup", "sourceSecurityGroupId", "subnets", "tags", "zoneId", "id" ] }, "deprecationMessage": "aws.elasticloadbalancing.getLoadBalancer has been deprecated in favor of aws.elb.getLoadBalancer" }, "aws:elasticloadbalancing/getServiceAccount:getServiceAccount": { "description": "Use this data source to get the Account ID of the [AWS Elastic Load Balancing Service Account](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy)\nin a given region for the purpose of whitelisting in S3 bucket policy.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = pulumi.output(aws.elb.getServiceAccount({ async: true }));\nconst elbLogs = new aws.s3.Bucket(\"elb_logs\", {\n acl: \"private\",\n policy: pulumi.interpolate`{\n \"Id\": \"Policy\",\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*\",\n \"Principal\": {\n \"AWS\": [\n \"${main.arn}\"\n ]\n }\n }\n ]\n}\n`,\n});\nconst bar = new aws.elb.LoadBalancer(\"bar\", {\n accessLogs: {\n bucket: elbLogs.bucket,\n interval: 5,\n },\n availabilityZones: [\"us-west-2a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.elb.get_service_account()\nelb_logs = aws.s3.Bucket(\"elbLogs\",\n acl=\"private\",\n policy=f\"\"\"{{\n \"Id\": \"Policy\",\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*\",\n \"Principal\": {{\n \"AWS\": [\n \"{main.arn}\"\n ]\n }}\n }}\n ]\n}}\n\n\"\"\")\nbar = aws.elb.LoadBalancer(\"bar\",\n access_logs={\n \"bucket\": elb_logs.bucket,\n \"interval\": 5,\n },\n availability_zones=[\"us-west-2a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 80,\n \"lbProtocol\": \"http\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = Output.Create(Aws.Elb.GetServiceAccount.InvokeAsync());\n var elbLogs = new Aws.S3.Bucket(\"elbLogs\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n Policy = main.Apply(main =\u003e @$\"{{\n \"\"Id\"\": \"\"Policy\"\",\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": [\n \"\"s3:PutObject\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*\"\",\n \"\"Principal\"\": {{\n \"\"AWS\"\": [\n \"\"{main.Arn}\"\"\n ]\n }}\n }}\n ]\n}}\n\n\"),\n });\n var bar = new Aws.Elb.LoadBalancer(\"bar\", new Aws.Elb.LoadBalancerArgs\n {\n AccessLogs = new Aws.Elb.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = elbLogs.BucketName,\n Interval = 5,\n },\n AvailabilityZones = \n {\n \"us-west-2a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := elb.GetServiceAccount(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\telbLogs, err := s3.NewBucket(ctx, \"elbLogs\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Id\\\": \\\"Policy\\\",\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"s3:PutObject\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"AWS\\\": [\\n\", \" \\\"\", main.Arn, \"\\\"\\n\", \" ]\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancer(ctx, \"bar\", \u0026elb.LoadBalancerArgs{\n\t\t\tAccessLogs: \u0026elb.LoadBalancerAccessLogsArgs{\n\t\t\t\tBucket: elbLogs.Bucket,\n\t\t\t\tInterval: pulumi.Int(5),\n\t\t\t},\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getServiceAccount.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS ELB account ID is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getServiceAccount.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the AWS ELB service account in the selected region.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "region": { "type": "string" } }, "type": "object", "required": [ "arn", "id" ] }, "deprecationMessage": "aws.elasticloadbalancing.getServiceAccount has been deprecated in favor of aws.elb.getServiceAccount" }, "aws:elasticloadbalancingv2/getListener:getListener": { "description": "\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\nProvides information about a Load Balancer Listener.\n\nThis data source can prove useful when a module accepts an LB Listener as an\ninput variable and needs to know the LB it is attached to, or other\ninformation specific to the listener in question.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst listenerArn = config.require(\"listenerArn\");\n\nconst listener = pulumi.output(aws.lb.getListener({\n arn: listenerArn,\n}, { async: true }));\nconst selected = pulumi.output(aws.lb.getLoadBalancer({\n name: \"default-public\",\n}, { async: true }));\nconst selected443 = selected.apply(selected =\u003e aws.lb.getListener({\n loadBalancerArn: selected.arn!,\n port: 443,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlistener_arn = config.require_object(\"listenerArn\")\nlistener = aws.lb.get_listener(arn=listener_arn)\nselected = aws.lb.get_load_balancer(name=\"default-public\")\nselected443 = aws.lb.get_listener(load_balancer_arn=selected.arn,\n port=443)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var listenerArn = config.RequireObject\u003cdynamic\u003e(\"listenerArn\");\n var listener = Output.Create(Aws.LB.GetListener.InvokeAsync(new Aws.LB.GetListenerArgs\n {\n Arn = listenerArn,\n }));\n var selected = Output.Create(Aws.LB.GetLoadBalancer.InvokeAsync(new Aws.LB.GetLoadBalancerArgs\n {\n Name = \"default-public\",\n }));\n var selected443 = selected.Apply(selected =\u003e Output.Create(Aws.LB.GetListener.InvokeAsync(new Aws.LB.GetListenerArgs\n {\n LoadBalancerArn = selected.Arn,\n Port = 443,\n })));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := listenerArn\n\t\t_, err := lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tArn: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt1 := \"default-public\"\n\t\tselected, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt2 := selected.Arn\n\t\topt3 := 443\n\t\t_, err := lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tLoadBalancerArn: \u0026opt2,\n\t\t\tPort: \u0026opt3,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getListener.\n", "properties": { "arn": { "type": "string", "description": "The arn of the listener. Required if `load_balancer_arn` and `port` is not set.\n" }, "loadBalancerArn": { "type": "string", "description": "The arn of the load balancer. Required if `arn` is not set.\n" }, "port": { "type": "integer", "description": "The port of the listener. Required if `arn` is not set.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getListener.\n", "properties": { "arn": { "type": "string" }, "certificateArn": { "type": "string" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/getListenerDefaultAction:getListenerDefaultAction" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "loadBalancerArn": { "type": "string" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "sslPolicy": { "type": "string" } }, "type": "object", "required": [ "arn", "certificateArn", "defaultActions", "loadBalancerArn", "port", "protocol", "sslPolicy", "id" ] }, "deprecationMessage": "aws.elasticloadbalancingv2.getListener has been deprecated in favor of aws.lb.getListener" }, "aws:elasticloadbalancingv2/getLoadBalancer:getLoadBalancer": { "description": "\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\nProvides information about a Load Balancer.\n\nThis data source can prove useful when a module accepts an LB as an input\nvariable and needs to, for example, determine the security groups associated\nwith it, etc.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbArn = config.get(\"lbArn\") || \"\";\nconst lbName = config.get(\"lbName\") || \"\";\n\nconst test = pulumi.output(aws.lb.getLoadBalancer({\n arn: lbArn,\n name: lbName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_arn = config.get(\"lbArn\")\nif lb_arn is None:\n lb_arn = \"\"\nlb_name = config.get(\"lbName\")\nif lb_name is None:\n lb_name = \"\"\ntest = aws.lb.get_load_balancer(arn=lb_arn,\n name=lb_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var lbArn = config.Get(\"lbArn\") ?? \"\";\n var lbName = config.Get(\"lbName\") ?? \"\";\n var test = Output.Create(Aws.LB.GetLoadBalancer.InvokeAsync(new Aws.LB.GetLoadBalancerArgs\n {\n Arn = lbArn,\n Name = lbName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := lbArn\n\t\topt1 := lbName\n\t\t_, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tArn: \u0026opt0,\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLoadBalancer.\n", "properties": { "arn": { "type": "string", "description": "The full ARN of the load balancer.\n" }, "name": { "type": "string", "description": "The unique name of the load balancer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLoadBalancer.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elasticloadbalancingv2/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs" }, "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "dnsName": { "type": "string" }, "dropInvalidHeaderFields": { "type": "boolean" }, "enableDeletionProtection": { "type": "boolean" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "idleTimeout": { "type": "integer" }, "internal": { "type": "boolean" }, "ipAddressType": { "type": "string" }, "loadBalancerType": { "type": "string" }, "name": { "type": "string" }, "securityGroups": { "type": "array", "items": { "type": "string" } }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:elasticloadbalancingv2/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping" } }, "subnets": { "type": "array", "items": { "type": "string" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" }, "zoneId": { "type": "string" } }, "type": "object", "required": [ "accessLogs", "arn", "arnSuffix", "dnsName", "dropInvalidHeaderFields", "enableDeletionProtection", "idleTimeout", "internal", "ipAddressType", "loadBalancerType", "name", "securityGroups", "subnetMappings", "subnets", "tags", "vpcId", "zoneId", "id" ] }, "deprecationMessage": "aws.elasticloadbalancingv2.getLoadBalancer has been deprecated in favor of aws.lb.getLoadBalancer" }, "aws:elasticloadbalancingv2/getTargetGroup:getTargetGroup": { "description": "\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\nProvides information about a Load Balancer Target Group.\n\nThis data source can prove useful when a module accepts an LB Target Group as an\ninput variable and needs to know its attributes. It can also be used to get the ARN of\nan LB Target Group for use in other resources, given LB Target Group name.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbTgArn = config.get(\"lbTgArn\") || \"\";\nconst lbTgName = config.get(\"lbTgName\") || \"\";\n\nconst test = pulumi.output(aws.lb.getTargetGroup({\n arn: lbTgArn,\n name: lbTgName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_tg_arn = config.get(\"lbTgArn\")\nif lb_tg_arn is None:\n lb_tg_arn = \"\"\nlb_tg_name = config.get(\"lbTgName\")\nif lb_tg_name is None:\n lb_tg_name = \"\"\ntest = aws.lb.get_target_group(arn=lb_tg_arn,\n name=lb_tg_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var lbTgArn = config.Get(\"lbTgArn\") ?? \"\";\n var lbTgName = config.Get(\"lbTgName\") ?? \"\";\n var test = Output.Create(Aws.LB.GetTargetGroup.InvokeAsync(new Aws.LB.GetTargetGroupArgs\n {\n Arn = lbTgArn,\n Name = lbTgName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := lbTgArn\n\t\topt1 := lbTgName\n\t\t_, err := lb.LookupTargetGroup(ctx, \u0026lb.LookupTargetGroupArgs{\n\t\t\tArn: \u0026opt0,\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getTargetGroup.\n", "properties": { "arn": { "type": "string", "description": "The full ARN of the target group.\n" }, "name": { "type": "string", "description": "The unique name of the target group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTargetGroup.\n", "properties": { "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "deregistrationDelay": { "type": "integer" }, "healthCheck": { "$ref": "#/types/aws:elasticloadbalancingv2/getTargetGroupHealthCheck:getTargetGroupHealthCheck" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean" }, "loadBalancingAlgorithmType": { "type": "string" }, "name": { "type": "string" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "proxyProtocolV2": { "type": "boolean" }, "slowStart": { "type": "integer" }, "stickiness": { "$ref": "#/types/aws:elasticloadbalancingv2/getTargetGroupStickiness:getTargetGroupStickiness" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "targetType": { "type": "string" }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "arn", "arnSuffix", "deregistrationDelay", "healthCheck", "lambdaMultiValueHeadersEnabled", "loadBalancingAlgorithmType", "name", "port", "protocol", "proxyProtocolV2", "slowStart", "stickiness", "tags", "targetType", "vpcId", "id" ] }, "deprecationMessage": "aws.elasticloadbalancingv2.getTargetGroup has been deprecated in favor of aws.lb.getTargetGroup" }, "aws:elasticsearch/getDomain:getDomain": { "description": "Use this data source to get information about an Elasticsearch Domain\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDomain = pulumi.output(aws.elasticsearch.getDomain({\n domainName: \"my-domain-name\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_domain = aws.elasticsearch.get_domain(domain_name=\"my-domain-name\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var myDomain = Output.Create(Aws.ElasticSearch.GetDomain.InvokeAsync(new Aws.ElasticSearch.GetDomainArgs\n {\n DomainName = \"my-domain-name\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticsearch.LookupDomain(ctx, \u0026elasticsearch.LookupDomainArgs{\n\t\t\tDomainName: \"my-domain-name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getDomain.\n", "properties": { "domainName": { "type": "string", "description": "Name of the domain.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags assigned to the domain.\n" } }, "type": "object", "required": [ "domainName" ] }, "outputs": { "description": "A collection of values returned by getDomain.\n", "properties": { "accessPolicies": { "type": "string", "description": "The policy document attached to the domain.\n" }, "advancedOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the domain.\n" }, "clusterConfigs": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainClusterConfig:getDomainClusterConfig" }, "description": "Cluster configuration of the domain.\n" }, "cognitoOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainCognitoOption:getDomainCognitoOption" }, "description": "Domain Amazon Cognito Authentication options for Kibana.\n" }, "created": { "type": "boolean", "description": "Status of the creation of the domain.\n" }, "deleted": { "type": "boolean", "description": "Status of the deletion of the domain.\n" }, "domainId": { "type": "string", "description": "Unique identifier for the domain.\n" }, "domainName": { "type": "string" }, "ebsOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainEbsOption:getDomainEbsOption" }, "description": "EBS Options for the instances in the domain.\n" }, "elasticsearchVersion": { "type": "string", "description": "ElasticSearch version for the domain.\n" }, "encryptionAtRests": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainEncryptionAtRest:getDomainEncryptionAtRest" }, "description": "Domain encryption at rest related options.\n" }, "endpoint": { "type": "string", "description": "Domain-specific endpoint used to submit index, search, and data upload requests.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "kibanaEndpoint": { "type": "string", "description": "Domain-specific endpoint used to access the Kibana application.\n" }, "logPublishingOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainLogPublishingOption:getDomainLogPublishingOption" }, "description": "Domain log publishing related options.\n" }, "nodeToNodeEncryptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainNodeToNodeEncryption:getDomainNodeToNodeEncryption" }, "description": "Domain in transit encryption related options.\n" }, "processing": { "type": "boolean", "description": "Status of a configuration change in the domain.\n* `snapshot_options` – Domain snapshot related options.\n" }, "snapshotOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainSnapshotOption:getDomainSnapshotOption" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags assigned to the domain.\n" }, "vpcOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainVpcOption:getDomainVpcOption" }, "description": "VPC Options for private Elasticsearch domains.\n" } }, "type": "object", "required": [ "accessPolicies", "advancedOptions", "arn", "clusterConfigs", "cognitoOptions", "created", "deleted", "domainId", "domainName", "ebsOptions", "elasticsearchVersion", "encryptionAtRests", "endpoint", "kibanaEndpoint", "logPublishingOptions", "nodeToNodeEncryptions", "processing", "snapshotOptions", "tags", "vpcOptions", "id" ] } }, "aws:elb/getHostedZoneId:getHostedZoneId": { "description": "Use this data source to get the HostedZoneId of the AWS Elastic Load Balancing HostedZoneId\nin a given region for the purpose of using in an AWS Route53 Alias.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = pulumi.output(aws.elb.getHostedZoneId({ async: true }));\nconst www = new aws.route53.Record(\"www\", {\n aliases: [{\n evaluateTargetHealth: true,\n name: aws_elb_main.dnsName,\n zoneId: main.id,\n }],\n name: \"example.com\",\n type: \"A\",\n zoneId: aws_route53_zone_primary.zoneId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.elb.get_hosted_zone_id()\nwww = aws.route53.Record(\"www\",\n aliases=[{\n \"evaluateTargetHealth\": True,\n \"name\": aws_elb[\"main\"][\"dns_name\"],\n \"zone_id\": main.id,\n }],\n name=\"example.com\",\n type=\"A\",\n zone_id=aws_route53_zone[\"primary\"][\"zone_id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = Output.Create(Aws.Elb.GetHostedZoneId.InvokeAsync());\n var www = new Aws.Route53.Record(\"www\", new Aws.Route53.RecordArgs\n {\n Aliases = \n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n EvaluateTargetHealth = true,\n Name = aws_elb.Main.Dns_name,\n ZoneId = main.Apply(main =\u003e main.Id),\n },\n },\n Name = \"example.com\",\n Type = \"A\",\n ZoneId = aws_route53_zone.Primary.Zone_id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := elb.GetHostedZoneId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t\tName: pulumi.String(aws_elb.Main.Dns_name),\n\t\t\t\t\tZoneId: pulumi.String(main.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t\tType: pulumi.String(\"A\"),\n\t\t\tZoneId: pulumi.String(aws_route53_zone.Primary.Zone_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getHostedZoneId.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS ELB HostedZoneId is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getHostedZoneId.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "region": { "type": "string" } }, "type": "object", "required": [ "id" ] } }, "aws:elb/getLoadBalancer:getLoadBalancer": { "description": "Provides information about a \"classic\" Elastic Load Balancer (ELB).\nSee `LB` Data Source if you are looking for \"v2\"\nApplication Load Balancer (ALB) or Network Load Balancer (NLB).\n\nThis data source can prove useful when a module accepts an LB as an input\nvariable and needs to, for example, determine the security groups associated\nwith it, etc.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbName = config.get(\"lbName\") || \"\";\n\nconst test = pulumi.output(aws.elb.getLoadBalancer({\n name: lbName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_name = config.get(\"lbName\")\nif lb_name is None:\n lb_name = \"\"\ntest = aws.elb.get_load_balancer(name=lb_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var lbName = config.Get(\"lbName\") ?? \"\";\n var test = Output.Create(Aws.Elb.GetLoadBalancer.InvokeAsync(new Aws.Elb.GetLoadBalancerArgs\n {\n Name = lbName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elb.LookupLoadBalancer(ctx, \u0026elb.LookupLoadBalancerArgs{\n\t\t\tName: lbName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLoadBalancer.\n", "properties": { "name": { "type": "string", "description": "The unique name of the load balancer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getLoadBalancer.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs" }, "arn": { "type": "string" }, "availabilityZones": { "type": "array", "items": { "type": "string" } }, "connectionDraining": { "type": "boolean" }, "connectionDrainingTimeout": { "type": "integer" }, "crossZoneLoadBalancing": { "type": "boolean" }, "dnsName": { "type": "string" }, "healthCheck": { "$ref": "#/types/aws:elb/getLoadBalancerHealthCheck:getLoadBalancerHealthCheck" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "idleTimeout": { "type": "integer" }, "instances": { "type": "array", "items": { "type": "string" } }, "internal": { "type": "boolean" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elb/getLoadBalancerListener:getLoadBalancerListener" } }, "name": { "type": "string" }, "securityGroups": { "type": "array", "items": { "type": "string" } }, "sourceSecurityGroup": { "type": "string" }, "sourceSecurityGroupId": { "type": "string" }, "subnets": { "type": "array", "items": { "type": "string" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "zoneId": { "type": "string" } }, "type": "object", "required": [ "accessLogs", "arn", "availabilityZones", "connectionDraining", "connectionDrainingTimeout", "crossZoneLoadBalancing", "dnsName", "healthCheck", "idleTimeout", "instances", "internal", "listeners", "name", "securityGroups", "sourceSecurityGroup", "sourceSecurityGroupId", "subnets", "tags", "zoneId", "id" ] } }, "aws:elb/getServiceAccount:getServiceAccount": { "description": "Use this data source to get the Account ID of the [AWS Elastic Load Balancing Service Account](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy)\nin a given region for the purpose of whitelisting in S3 bucket policy.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = pulumi.output(aws.elb.getServiceAccount({ async: true }));\nconst elbLogs = new aws.s3.Bucket(\"elb_logs\", {\n acl: \"private\",\n policy: pulumi.interpolate`{\n \"Id\": \"Policy\",\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*\",\n \"Principal\": {\n \"AWS\": [\n \"${main.arn}\"\n ]\n }\n }\n ]\n}\n`,\n});\nconst bar = new aws.elb.LoadBalancer(\"bar\", {\n accessLogs: {\n bucket: elbLogs.bucket,\n interval: 5,\n },\n availabilityZones: [\"us-west-2a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.elb.get_service_account()\nelb_logs = aws.s3.Bucket(\"elbLogs\",\n acl=\"private\",\n policy=f\"\"\"{{\n \"Id\": \"Policy\",\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*\",\n \"Principal\": {{\n \"AWS\": [\n \"{main.arn}\"\n ]\n }}\n }}\n ]\n}}\n\n\"\"\")\nbar = aws.elb.LoadBalancer(\"bar\",\n access_logs={\n \"bucket\": elb_logs.bucket,\n \"interval\": 5,\n },\n availability_zones=[\"us-west-2a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instanceProtocol\": \"http\",\n \"lb_port\": 80,\n \"lbProtocol\": \"http\",\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = Output.Create(Aws.Elb.GetServiceAccount.InvokeAsync());\n var elbLogs = new Aws.S3.Bucket(\"elbLogs\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n Policy = main.Apply(main =\u003e @$\"{{\n \"\"Id\"\": \"\"Policy\"\",\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": [\n \"\"s3:PutObject\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*\"\",\n \"\"Principal\"\": {{\n \"\"AWS\"\": [\n \"\"{main.Arn}\"\"\n ]\n }}\n }}\n ]\n}}\n\n\"),\n });\n var bar = new Aws.Elb.LoadBalancer(\"bar\", new Aws.Elb.LoadBalancerArgs\n {\n AccessLogs = new Aws.Elb.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = elbLogs.BucketName,\n Interval = 5,\n },\n AvailabilityZones = \n {\n \"us-west-2a\",\n },\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := elb.GetServiceAccount(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\telbLogs, err := s3.NewBucket(ctx, \"elbLogs\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Id\\\": \\\"Policy\\\",\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"s3:PutObject\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"AWS\\\": [\\n\", \" \\\"\", main.Arn, \"\\\"\\n\", \" ]\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancer(ctx, \"bar\", \u0026elb.LoadBalancerArgs{\n\t\t\tAccessLogs: \u0026elb.LoadBalancerAccessLogsArgs{\n\t\t\t\tBucket: elbLogs.Bucket,\n\t\t\t\tInterval: pulumi.Int(5),\n\t\t\t},\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getServiceAccount.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS ELB account ID is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getServiceAccount.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the AWS ELB service account in the selected region.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "region": { "type": "string" } }, "type": "object", "required": [ "arn", "id" ] } }, "aws:glue/getScript:getScript": { "description": "Use this data source to generate a Glue script from a Directed Acyclic Graph (DAG).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Generate Python Script\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.all([aws_glue_catalog_database_source.name, aws_glue_catalog_table_source.name, aws_glue_catalog_database_destination.name, aws_glue_catalog_table_destination.name, aws_glue_catalog_database_destination.name, aws_glue_catalog_table_destination.name]).apply(([aws_glue_catalog_database_sourceName, aws_glue_catalog_table_sourceName, aws_glue_catalog_database_destinationName, aws_glue_catalog_table_destinationName, aws_glue_catalog_database_destinationName1, aws_glue_catalog_table_destinationName1]) =\u003e aws.glue.getScript({\n dagEdges: [\n {\n source: \"datasource0\",\n target: \"applymapping1\",\n },\n {\n source: \"applymapping1\",\n target: \"selectfields2\",\n },\n {\n source: \"selectfields2\",\n target: \"resolvechoice3\",\n },\n {\n source: \"resolvechoice3\",\n target: \"datasink4\",\n },\n ],\n dagNodes: [\n {\n args: [\n {\n name: \"database\",\n value: `\"${aws_glue_catalog_database_sourceName}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${aws_glue_catalog_table_sourceName}\"`,\n },\n ],\n id: \"datasource0\",\n nodeType: \"DataSource\",\n },\n {\n args: [{\n name: \"mapping\",\n value: \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n }],\n id: \"applymapping1\",\n nodeType: \"ApplyMapping\",\n },\n {\n args: [{\n name: \"paths\",\n value: \"[\\\"column1\\\"]\",\n }],\n id: \"selectfields2\",\n nodeType: \"SelectFields\",\n },\n {\n args: [\n {\n name: \"choice\",\n value: \"\\\"MATCH_CATALOG\\\"\",\n },\n {\n name: \"database\",\n value: `\"${aws_glue_catalog_database_destinationName}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${aws_glue_catalog_table_destinationName}\"`,\n },\n ],\n id: \"resolvechoice3\",\n nodeType: \"ResolveChoice\",\n },\n {\n args: [\n {\n name: \"database\",\n value: `\"${aws_glue_catalog_database_destinationName1}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${aws_glue_catalog_table_destinationName1}\"`,\n },\n ],\n id: \"datasink4\",\n nodeType: \"DataSink\",\n },\n ],\n language: \"PYTHON\",\n}, { async: true }));\n\nexport const pythonScript = example.pythonScript;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.get_script(dag_edges=[\n {\n \"source\": \"datasource0\",\n \"target\": \"applymapping1\",\n },\n {\n \"source\": \"applymapping1\",\n \"target\": \"selectfields2\",\n },\n {\n \"source\": \"selectfields2\",\n \"target\": \"resolvechoice3\",\n },\n {\n \"source\": \"resolvechoice3\",\n \"target\": \"datasink4\",\n },\n ],\n dag_nodes=[\n {\n \"args\": [\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{aws_glue_catalog_database['source']['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{aws_glue_catalog_table['source']['name']}\\\"\",\n },\n ],\n \"id\": \"datasource0\",\n \"node_type\": \"DataSource\",\n },\n {\n \"args\": [{\n \"name\": \"mapping\",\n \"value\": \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n }],\n \"id\": \"applymapping1\",\n \"node_type\": \"ApplyMapping\",\n },\n {\n \"args\": [{\n \"name\": \"paths\",\n \"value\": \"[\\\"column1\\\"]\",\n }],\n \"id\": \"selectfields2\",\n \"node_type\": \"SelectFields\",\n },\n {\n \"args\": [\n {\n \"name\": \"choice\",\n \"value\": \"\\\"MATCH_CATALOG\\\"\",\n },\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{aws_glue_catalog_database['destination']['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{aws_glue_catalog_table['destination']['name']}\\\"\",\n },\n ],\n \"id\": \"resolvechoice3\",\n \"node_type\": \"ResolveChoice\",\n },\n {\n \"args\": [\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{aws_glue_catalog_database['destination']['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{aws_glue_catalog_table['destination']['name']}\\\"\",\n },\n ],\n \"id\": \"datasink4\",\n \"node_type\": \"DataSink\",\n },\n ],\n language=\"PYTHON\")\npulumi.export(\"pythonScript\", example.python_script)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Glue.GetScript.InvokeAsync(new Aws.Glue.GetScriptArgs\n {\n DagEdges = \n {\n new Aws.Glue.Inputs.GetScriptDagEdgeArgs\n {\n Source = \"datasource0\",\n Target = \"applymapping1\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeArgs\n {\n Source = \"applymapping1\",\n Target = \"selectfields2\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeArgs\n {\n Source = \"selectfields2\",\n Target = \"resolvechoice3\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeArgs\n {\n Source = \"resolvechoice3\",\n Target = \"datasink4\",\n },\n },\n DagNodes = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgs\n {\n Args = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"database\",\n Value = $\"\\\"{aws_glue_catalog_database.Source.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{aws_glue_catalog_table.Source.Name}\\\"\",\n },\n },\n Id = \"datasource0\",\n NodeType = \"DataSource\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgs\n {\n Args = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"mapping\",\n Value = \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n },\n },\n Id = \"applymapping1\",\n NodeType = \"ApplyMapping\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgs\n {\n Args = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"paths\",\n Value = \"[\\\"column1\\\"]\",\n },\n },\n Id = \"selectfields2\",\n NodeType = \"SelectFields\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgs\n {\n Args = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"choice\",\n Value = \"\\\"MATCH_CATALOG\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"database\",\n Value = $\"\\\"{aws_glue_catalog_database.Destination.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{aws_glue_catalog_table.Destination.Name}\\\"\",\n },\n },\n Id = \"resolvechoice3\",\n NodeType = \"ResolveChoice\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgs\n {\n Args = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"database\",\n Value = $\"\\\"{aws_glue_catalog_database.Destination.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{aws_glue_catalog_table.Destination.Name}\\\"\",\n },\n },\n Id = \"datasink4\",\n NodeType = \"DataSink\",\n },\n },\n Language = \"PYTHON\",\n }));\n this.PythonScript = example.Apply(example =\u003e example.PythonScript);\n }\n\n [Output(\"pythonScript\")]\n public Output\u003cstring\u003e PythonScript { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"PYTHON\"\n\t\texample, err := glue.GetScript(ctx, \u0026glue.GetScriptArgs{\n\t\t\tDagEdges: []glue.GetScriptDagEdge{\n\t\t\t\tglue.GetScriptDagEdge{\n\t\t\t\t\tSource: \"datasource0\",\n\t\t\t\t\tTarget: \"applymapping1\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagEdge{\n\t\t\t\t\tSource: \"applymapping1\",\n\t\t\t\t\tTarget: \"selectfields2\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagEdge{\n\t\t\t\t\tSource: \"selectfields2\",\n\t\t\t\t\tTarget: \"resolvechoice3\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagEdge{\n\t\t\t\t\tSource: \"resolvechoice3\",\n\t\t\t\t\tTarget: \"datasink4\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tDagNodes: []glue.GetScriptDagNode{\n\t\t\t\tglue.GetScriptDagNode{\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_database.Source.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_table.Source.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tId: \"datasource0\",\n\t\t\t\t\tNodeType: \"DataSource\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagNode{\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"mapping\",\n\t\t\t\t\t\t\tValue: \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tId: \"applymapping1\",\n\t\t\t\t\tNodeType: \"ApplyMapping\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagNode{\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"paths\",\n\t\t\t\t\t\t\tValue: \"[\\\"column1\\\"]\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tId: \"selectfields2\",\n\t\t\t\t\tNodeType: \"SelectFields\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagNode{\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"choice\",\n\t\t\t\t\t\t\tValue: \"\\\"MATCH_CATALOG\\\"\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_database.Destination.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_table.Destination.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tId: \"resolvechoice3\",\n\t\t\t\t\tNodeType: \"ResolveChoice\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagNode{\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_database.Destination.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_table.Destination.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tId: \"datasink4\",\n\t\t\t\t\tNodeType: \"DataSink\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tLanguage: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"pythonScript\", example.PythonScript)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Generate Scala Code\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.all([aws_glue_catalog_database_source.name, aws_glue_catalog_table_source.name, aws_glue_catalog_database_destination.name, aws_glue_catalog_table_destination.name, aws_glue_catalog_database_destination.name, aws_glue_catalog_table_destination.name]).apply(([aws_glue_catalog_database_sourceName, aws_glue_catalog_table_sourceName, aws_glue_catalog_database_destinationName, aws_glue_catalog_table_destinationName, aws_glue_catalog_database_destinationName1, aws_glue_catalog_table_destinationName1]) =\u003e aws.glue.getScript({\n dagEdges: [\n {\n source: \"datasource0\",\n target: \"applymapping1\",\n },\n {\n source: \"applymapping1\",\n target: \"selectfields2\",\n },\n {\n source: \"selectfields2\",\n target: \"resolvechoice3\",\n },\n {\n source: \"resolvechoice3\",\n target: \"datasink4\",\n },\n ],\n dagNodes: [\n {\n args: [\n {\n name: \"database\",\n value: `\"${aws_glue_catalog_database_sourceName}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${aws_glue_catalog_table_sourceName}\"`,\n },\n ],\n id: \"datasource0\",\n nodeType: \"DataSource\",\n },\n {\n args: [{\n name: \"mappings\",\n value: \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n }],\n id: \"applymapping1\",\n nodeType: \"ApplyMapping\",\n },\n {\n args: [{\n name: \"paths\",\n value: \"[\\\"column1\\\"]\",\n }],\n id: \"selectfields2\",\n nodeType: \"SelectFields\",\n },\n {\n args: [\n {\n name: \"choice\",\n value: \"\\\"MATCH_CATALOG\\\"\",\n },\n {\n name: \"database\",\n value: `\"${aws_glue_catalog_database_destinationName}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${aws_glue_catalog_table_destinationName}\"`,\n },\n ],\n id: \"resolvechoice3\",\n nodeType: \"ResolveChoice\",\n },\n {\n args: [\n {\n name: \"database\",\n value: `\"${aws_glue_catalog_database_destinationName1}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${aws_glue_catalog_table_destinationName1}\"`,\n },\n ],\n id: \"datasink4\",\n nodeType: \"DataSink\",\n },\n ],\n language: \"SCALA\",\n}, { async: true }));\n\nexport const scalaCode = example.scalaCode;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.get_script(dag_edges=[\n {\n \"source\": \"datasource0\",\n \"target\": \"applymapping1\",\n },\n {\n \"source\": \"applymapping1\",\n \"target\": \"selectfields2\",\n },\n {\n \"source\": \"selectfields2\",\n \"target\": \"resolvechoice3\",\n },\n {\n \"source\": \"resolvechoice3\",\n \"target\": \"datasink4\",\n },\n ],\n dag_nodes=[\n {\n \"args\": [\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{aws_glue_catalog_database['source']['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{aws_glue_catalog_table['source']['name']}\\\"\",\n },\n ],\n \"id\": \"datasource0\",\n \"node_type\": \"DataSource\",\n },\n {\n \"args\": [{\n \"name\": \"mappings\",\n \"value\": \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n }],\n \"id\": \"applymapping1\",\n \"node_type\": \"ApplyMapping\",\n },\n {\n \"args\": [{\n \"name\": \"paths\",\n \"value\": \"[\\\"column1\\\"]\",\n }],\n \"id\": \"selectfields2\",\n \"node_type\": \"SelectFields\",\n },\n {\n \"args\": [\n {\n \"name\": \"choice\",\n \"value\": \"\\\"MATCH_CATALOG\\\"\",\n },\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{aws_glue_catalog_database['destination']['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{aws_glue_catalog_table['destination']['name']}\\\"\",\n },\n ],\n \"id\": \"resolvechoice3\",\n \"node_type\": \"ResolveChoice\",\n },\n {\n \"args\": [\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{aws_glue_catalog_database['destination']['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{aws_glue_catalog_table['destination']['name']}\\\"\",\n },\n ],\n \"id\": \"datasink4\",\n \"node_type\": \"DataSink\",\n },\n ],\n language=\"SCALA\")\npulumi.export(\"scalaCode\", example.scala_code)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Glue.GetScript.InvokeAsync(new Aws.Glue.GetScriptArgs\n {\n DagEdges = \n {\n new Aws.Glue.Inputs.GetScriptDagEdgeArgs\n {\n Source = \"datasource0\",\n Target = \"applymapping1\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeArgs\n {\n Source = \"applymapping1\",\n Target = \"selectfields2\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeArgs\n {\n Source = \"selectfields2\",\n Target = \"resolvechoice3\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeArgs\n {\n Source = \"resolvechoice3\",\n Target = \"datasink4\",\n },\n },\n DagNodes = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgs\n {\n Args = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"database\",\n Value = $\"\\\"{aws_glue_catalog_database.Source.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{aws_glue_catalog_table.Source.Name}\\\"\",\n },\n },\n Id = \"datasource0\",\n NodeType = \"DataSource\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgs\n {\n Args = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"mappings\",\n Value = \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n },\n },\n Id = \"applymapping1\",\n NodeType = \"ApplyMapping\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgs\n {\n Args = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"paths\",\n Value = \"[\\\"column1\\\"]\",\n },\n },\n Id = \"selectfields2\",\n NodeType = \"SelectFields\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgs\n {\n Args = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"choice\",\n Value = \"\\\"MATCH_CATALOG\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"database\",\n Value = $\"\\\"{aws_glue_catalog_database.Destination.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{aws_glue_catalog_table.Destination.Name}\\\"\",\n },\n },\n Id = \"resolvechoice3\",\n NodeType = \"ResolveChoice\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgs\n {\n Args = \n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"database\",\n Value = $\"\\\"{aws_glue_catalog_database.Destination.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{aws_glue_catalog_table.Destination.Name}\\\"\",\n },\n },\n Id = \"datasink4\",\n NodeType = \"DataSink\",\n },\n },\n Language = \"SCALA\",\n }));\n this.ScalaCode = example.Apply(example =\u003e example.ScalaCode);\n }\n\n [Output(\"scalaCode\")]\n public Output\u003cstring\u003e ScalaCode { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"SCALA\"\n\t\texample, err := glue.GetScript(ctx, \u0026glue.GetScriptArgs{\n\t\t\tDagEdges: []glue.GetScriptDagEdge{\n\t\t\t\tglue.GetScriptDagEdge{\n\t\t\t\t\tSource: \"datasource0\",\n\t\t\t\t\tTarget: \"applymapping1\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagEdge{\n\t\t\t\t\tSource: \"applymapping1\",\n\t\t\t\t\tTarget: \"selectfields2\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagEdge{\n\t\t\t\t\tSource: \"selectfields2\",\n\t\t\t\t\tTarget: \"resolvechoice3\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagEdge{\n\t\t\t\t\tSource: \"resolvechoice3\",\n\t\t\t\t\tTarget: \"datasink4\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tDagNodes: []glue.GetScriptDagNode{\n\t\t\t\tglue.GetScriptDagNode{\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_database.Source.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_table.Source.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tId: \"datasource0\",\n\t\t\t\t\tNodeType: \"DataSource\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagNode{\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"mappings\",\n\t\t\t\t\t\t\tValue: \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tId: \"applymapping1\",\n\t\t\t\t\tNodeType: \"ApplyMapping\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagNode{\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"paths\",\n\t\t\t\t\t\t\tValue: \"[\\\"column1\\\"]\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tId: \"selectfields2\",\n\t\t\t\t\tNodeType: \"SelectFields\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagNode{\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"choice\",\n\t\t\t\t\t\t\tValue: \"\\\"MATCH_CATALOG\\\"\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_database.Destination.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_table.Destination.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tId: \"resolvechoice3\",\n\t\t\t\t\tNodeType: \"ResolveChoice\",\n\t\t\t\t},\n\t\t\t\tglue.GetScriptDagNode{\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_database.Destination.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tglue.GetScriptDagNodeArg{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"%v%v%v\", \"\\\"\", aws_glue_catalog_table.Destination.Name, \"\\\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tId: \"datasink4\",\n\t\t\t\t\tNodeType: \"DataSink\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tLanguage: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"scalaCode\", example.ScalaCode)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getScript.\n", "properties": { "dagEdges": { "type": "array", "items": { "$ref": "#/types/aws:glue/getScriptDagEdge:getScriptDagEdge" }, "description": "A list of the edges in the DAG. Defined below.\n" }, "dagNodes": { "type": "array", "items": { "$ref": "#/types/aws:glue/getScriptDagNode:getScriptDagNode" }, "description": "A list of the nodes in the DAG. Defined below.\n" }, "language": { "type": "string", "description": "The programming language of the resulting code from the DAG. Defaults to `PYTHON`. Valid values are `PYTHON` and `SCALA`.\n" } }, "type": "object", "required": [ "dagEdges", "dagNodes" ] }, "outputs": { "description": "A collection of values returned by getScript.\n", "properties": { "dagEdges": { "type": "array", "items": { "$ref": "#/types/aws:glue/getScriptDagEdge:getScriptDagEdge" } }, "dagNodes": { "type": "array", "items": { "$ref": "#/types/aws:glue/getScriptDagNode:getScriptDagNode" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "language": { "type": "string" }, "pythonScript": { "type": "string", "description": "The Python script generated from the DAG when the `language` argument is set to `PYTHON`.\n" }, "scalaCode": { "type": "string", "description": "The Scala code generated from the DAG when the `language` argument is set to `SCALA`.\n" } }, "type": "object", "required": [ "dagEdges", "dagNodes", "pythonScript", "scalaCode", "id" ] } }, "aws:guardduty/getDetector:getDetector": { "description": "Retrieve information about a GuardDuty detector.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.guardduty.getDetector({ async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.guardduty.get_detector()\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.GuardDuty.GetDetector.InvokeAsync());\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := guardduty.LookupDetector(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getDetector.\n", "properties": { "id": { "type": "string", "description": "The ID of the detector.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getDetector.\n", "properties": { "findingPublishingFrequency": { "type": "string", "description": "The frequency of notifications sent about subsequent finding occurrences.\n" }, "id": { "type": "string" }, "serviceRoleArn": { "type": "string", "description": "The service-linked role that grants GuardDuty access to the resources in the AWS account.\n" }, "status": { "type": "string", "description": "The current status of the detector.\n" } }, "type": "object", "required": [ "findingPublishingFrequency", "serviceRoleArn", "status" ] } }, "aws:iam/getAccountAlias:getAccountAlias": { "description": "The IAM Account Alias data source allows access to the account alias\nfor the effective account in which this provider is working.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.iam.getAccountAlias({ async: true }));\n\nexport const accountId = current.accountAlias;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.iam.get_account_alias()\npulumi.export(\"accountId\", current.account_alias)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.Iam.GetAccountAlias.InvokeAsync());\n this.AccountId = current.Apply(current =\u003e current.AccountAlias);\n }\n\n [Output(\"accountId\")]\n public Output\u003cstring\u003e AccountId { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := iam.LookupAccountAlias(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"accountId\", current.AccountAlias)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getAccountAlias.\n", "properties": { "accountAlias": { "type": "string", "description": "The alias associated with the AWS account.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" } }, "type": "object", "required": [ "accountAlias", "id" ] } }, "aws:iam/getGroup:getGroup": { "description": "This data source can be used to fetch information about a specific\nIAM group. By using this data source, you can reference IAM group\nproperties without having to hard code ARNs as input.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.iam.getGroup({\n groupName: \"an_example_group_name\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_group(group_name=\"an_example_group_name\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Iam.GetGroup.InvokeAsync(new Aws.Iam.GetGroupArgs\n {\n GroupName = \"an_example_group_name\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupGroup(ctx, \u0026iam.LookupGroupArgs{\n\t\t\tGroupName: \"an_example_group_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getGroup.\n", "properties": { "groupName": { "type": "string", "description": "The friendly IAM group name to match.\n" } }, "type": "object", "required": [ "groupName" ] }, "outputs": { "description": "A collection of values returned by getGroup.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the iam user.\n" }, "groupId": { "type": "string", "description": "The stable and unique string identifying the group.\n" }, "groupName": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "path": { "type": "string", "description": "The path to the iam user.\n" }, "users": { "type": "array", "items": { "$ref": "#/types/aws:iam/getGroupUser:getGroupUser" }, "description": "List of objects containing group member information. See supported fields below.\n" } }, "type": "object", "required": [ "arn", "groupId", "groupName", "path", "users", "id" ] } }, "aws:iam/getInstanceProfile:getInstanceProfile": { "description": "This data source can be used to fetch information about a specific\nIAM instance profile. By using this data source, you can reference IAM\ninstance profile properties without having to hard code ARNs as input.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.iam.getInstanceProfile({\n name: \"an_example_instance_profile_name\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_instance_profile(name=\"an_example_instance_profile_name\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Iam.GetInstanceProfile.InvokeAsync(new Aws.Iam.GetInstanceProfileArgs\n {\n Name = \"an_example_instance_profile_name\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupInstanceProfile(ctx, \u0026iam.LookupInstanceProfileArgs{\n\t\t\tName: \"an_example_instance_profile_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getInstanceProfile.\n", "properties": { "name": { "type": "string", "description": "The friendly IAM instance profile name to match.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getInstanceProfile.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the instance profile.\n" }, "createDate": { "type": "string", "description": "The string representation of the date the instance profile\nwas created.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "path": { "type": "string", "description": "The path to the instance profile.\n" }, "roleArn": { "type": "string", "description": "The role arn associated with this instance profile.\n" }, "roleId": { "type": "string", "description": "The role id associated with this instance profile.\n" }, "roleName": { "type": "string", "description": "The role name associated with this instance profile.\n" } }, "type": "object", "required": [ "arn", "createDate", "name", "path", "roleArn", "roleId", "roleName", "id" ] } }, "aws:iam/getPolicy:getPolicy": { "description": "This data source can be used to fetch information about a specific\nIAM policy.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.iam.getPolicy({\n arn: \"arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy(arn=\"arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Iam.GetPolicy.InvokeAsync(new Aws.Iam.GetPolicyArgs\n {\n Arn = \"arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupPolicy(ctx, \u0026iam.LookupPolicyArgs{\n\t\t\tArn: \"arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getPolicy.\n", "properties": { "arn": { "type": "string", "description": "ARN of the IAM policy.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getPolicy.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the policy.\n" }, "description": { "type": "string", "description": "The description of the policy.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string", "description": "The name of the IAM policy.\n" }, "path": { "type": "string", "description": "The path to the policy.\n" }, "policy": { "type": "string", "description": "The policy document of the policy.\n" } }, "type": "object", "required": [ "arn", "description", "name", "path", "policy", "id" ] } }, "aws:iam/getPolicyDocument:getPolicyDocument": { "description": "Generates an IAM policy document in JSON format.\n\nThis is a data source which can be used to construct a JSON representation of\nan IAM policy document, for use with resources which expect policy documents,\nsuch as the `aws.iam.Policy` resource.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplePolicyDocument = pulumi.output(aws.iam.getPolicyDocument({\n statements: [\n {\n actions: [\n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\",\n ],\n resources: [\"arn:aws:s3:::*\"],\n sid: \"1\",\n },\n {\n actions: [\"s3:ListBucket\"],\n conditions: [{\n test: \"StringLike\",\n values: [\n \"\",\n \"home/\",\n \"home/\u0026{aws:username}/\",\n ],\n variable: \"s3:prefix\",\n }],\n resources: [`arn:aws:s3:::${var_s3_bucket_name}`],\n },\n {\n actions: [\"s3:*\"],\n resources: [\n `arn:aws:s3:::${var_s3_bucket_name}/home/\u0026{aws:username}`,\n `arn:aws:s3:::${var_s3_bucket_name}/home/\u0026{aws:username}/*`,\n ],\n },\n ],\n}, { async: true }));\nconst examplePolicy = new aws.iam.Policy(\"example\", {\n path: \"/\",\n policy: examplePolicyDocument.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_policy_document = aws.iam.get_policy_document(statements=[\n {\n \"actions\": [\n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\",\n ],\n \"resources\": [\"arn:aws:s3:::*\"],\n \"sid\": \"1\",\n },\n {\n \"actions\": [\"s3:ListBucket\"],\n \"condition\": [{\n \"test\": \"StringLike\",\n \"values\": [\n \"\",\n \"home/\",\n \"home/\u0026{aws:username}/\",\n ],\n \"variable\": \"s3:prefix\",\n }],\n \"resources\": [f\"arn:aws:s3:::{var['s3_bucket_name']}\"],\n },\n {\n \"actions\": [\"s3:*\"],\n \"resources\": [\n f\"arn:aws:s3:::{var['s3_bucket_name']}/home/\u0026{{aws:username}}\",\n f\"arn:aws:s3:::{var['s3_bucket_name']}/home/\u0026{{aws:username}}/*\",\n ],\n },\n])\nexample_policy = aws.iam.Policy(\"examplePolicy\",\n path=\"/\",\n policy=example_policy_document.json)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var examplePolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\",\n },\n Resources = \n {\n \"arn:aws:s3:::*\",\n },\n Sid = \"1\",\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:ListBucket\",\n },\n Condition = \n {\n \n {\n { \"test\", \"StringLike\" },\n { \"values\", \n {\n \"\",\n \"home/\",\n \"home/\u0026{aws:username}/\",\n } },\n { \"variable\", \"s3:prefix\" },\n },\n },\n Resources = \n {\n $\"arn:aws:s3:::{@var.S3_bucket_name}\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:*\",\n },\n Resources = \n {\n $\"arn:aws:s3:::{@var.S3_bucket_name}/home/\u0026{{aws:username}}\",\n $\"arn:aws:s3:::{@var.S3_bucket_name}/home/\u0026{{aws:username}}/*\",\n },\n },\n },\n }));\n var examplePolicy = new Aws.Iam.Policy(\"examplePolicy\", new Aws.Iam.PolicyArgs\n {\n Path = \"/\",\n Policy = examplePolicyDocument.Apply(examplePolicyDocument =\u003e examplePolicyDocument.Json),\n });\n }\n\n}\n```\n\nUsing this data source to generate policy documents is *optional*. It is also\nvalid to use literal JSON strings within your configuration, or to use the\n`file` interpolation function to read a raw JSON policy document from a file.\n\n## Context Variable Interpolation\n\nThe IAM policy document format allows context variables to be interpolated\ninto various strings within a statement. The native IAM policy document format\nuses `${...}`-style syntax that is in conflict with interpolation\nsyntax, so this data source instead uses `\u0026{...}` syntax for interpolations that\nshould be processed by AWS rather than by this provider.\n\n## Wildcard Principal\n\nIn order to define wildcard principal (a.k.a. anonymous user) use `type = \"*\"` and\n`identifiers = [\"*\"]`. In that case the rendered json will contain `\"Principal\": \"*\"`.\nNote, that even though the [IAM Documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html)\nstates that `\"Principal\": \"*\"` and `\"Principal\": {\"AWS\": \"*\"}` are equivalent,\nthose principals have different behavior for IAM Role Trust Policy. Therefore\nthis provider will normalize the principal field only in above-mentioned case and principals\nlike `type = \"AWS\"` and `identifiers = [\"*\"]` will be rendered as `\"Principal\": {\"AWS\": \"*\"}`.\n\n## Example with Multiple Principals\n\nShowing how you can use this as an assume role policy as well as showing how you can specify multiple principal blocks with different types.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst eventStreamBucketRoleAssumeRolePolicy = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [\n {\n identifiers: [\"firehose.amazonaws.com\"],\n type: \"Service\",\n },\n {\n identifiers: [var_trusted_role_arn],\n type: \"AWS\",\n },\n {\n identifiers: [\n `arn:aws:iam::${var_account_id}:saml-provider/${var_provider_name}`,\n \"cognito-identity.amazonaws.com\",\n ],\n type: \"Federated\",\n },\n ],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nevent_stream_bucket_role_assume_role_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [\n {\n \"identifiers\": [\"firehose.amazonaws.com\"],\n \"type\": \"Service\",\n },\n {\n \"identifiers\": [var[\"trusted_role_arn\"]],\n \"type\": \"AWS\",\n },\n {\n \"identifiers\": [\n f\"arn:aws:iam::{var['account_id']}:saml-provider/{var['provider_name']}\",\n \"cognito-identity.amazonaws.com\",\n ],\n \"type\": \"Federated\",\n },\n ],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var eventStreamBucketRoleAssumeRolePolicy = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"sts:AssumeRole\",\n },\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"firehose.amazonaws.com\",\n },\n Type = \"Service\",\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n @var.Trusted_role_arn,\n },\n Type = \"AWS\",\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n $\"arn:aws:iam::{@var.Account_id}:saml-provider/{@var.Provider_name}\",\n \"cognito-identity.amazonaws.com\",\n },\n Type = \"Federated\",\n },\n },\n },\n },\n }));\n }\n\n}\n```\n\n## Example with Source and Override\n\nShowing how you can use `source_json` and `override_json`\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst source = pulumi.output(aws.iam.getPolicyDocument({\n statements: [\n {\n actions: [\"ec2:*\"],\n resources: [\"*\"],\n },\n {\n actions: [\"s3:*\"],\n resources: [\"*\"],\n sid: \"SidToOverwrite\",\n },\n ],\n}, { async: true }));\nconst sourceJsonExample = source.apply(source =\u003e aws.iam.getPolicyDocument({\n sourceJson: source.json,\n statements: [{\n actions: [\"s3:*\"],\n resources: [\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n ],\n sid: \"SidToOverwrite\",\n }],\n}, { async: true }));\nconst override = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"s3:*\"],\n resources: [\"*\"],\n sid: \"SidToOverwrite\",\n }],\n}, { async: true }));\nconst overrideJsonExample = override.apply(override =\u003e aws.iam.getPolicyDocument({\n overrideJson: override.json,\n statements: [\n {\n actions: [\"ec2:*\"],\n resources: [\"*\"],\n },\n {\n actions: [\"s3:*\"],\n resources: [\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n ],\n sid: \"SidToOverwrite\",\n },\n ],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsource = aws.iam.get_policy_document(statements=[\n {\n \"actions\": [\"ec2:*\"],\n \"resources\": [\"*\"],\n },\n {\n \"actions\": [\"s3:*\"],\n \"resources\": [\"*\"],\n \"sid\": \"SidToOverwrite\",\n },\n])\nsource_json_example = aws.iam.get_policy_document(source_json=source.json,\n statements=[{\n \"actions\": [\"s3:*\"],\n \"resources\": [\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n ],\n \"sid\": \"SidToOverwrite\",\n }])\noverride = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"s3:*\"],\n \"resources\": [\"*\"],\n \"sid\": \"SidToOverwrite\",\n}])\noverride_json_example = aws.iam.get_policy_document(override_json=override.json,\n statements=[\n {\n \"actions\": [\"ec2:*\"],\n \"resources\": [\"*\"],\n },\n {\n \"actions\": [\"s3:*\"],\n \"resources\": [\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n ],\n \"sid\": \"SidToOverwrite\",\n },\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var source = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"ec2:*\",\n },\n Resources = \n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:*\",\n },\n Resources = \n {\n \"*\",\n },\n Sid = \"SidToOverwrite\",\n },\n },\n }));\n var sourceJsonExample = source.Apply(source =\u003e Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n SourceJson = source.Json,\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:*\",\n },\n Resources = \n {\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n },\n Sid = \"SidToOverwrite\",\n },\n },\n })));\n var @override = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:*\",\n },\n Resources = \n {\n \"*\",\n },\n Sid = \"SidToOverwrite\",\n },\n },\n }));\n var overrideJsonExample = @override.Apply(@override =\u003e Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n OverrideJson = @override.Json,\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"ec2:*\",\n },\n Resources = \n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:*\",\n },\n Resources = \n {\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n },\n Sid = \"SidToOverwrite\",\n },\n },\n })));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsource, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t\tSid: \"SidToOverwrite\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt0 := source.Json\n\t\t_, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tSourceJson: \u0026opt0,\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:s3:::somebucket\",\n\t\t\t\t\t\t\"arn:aws:s3:::somebucket/*\",\n\t\t\t\t\t},\n\t\t\t\t\tSid: \"SidToOverwrite\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\toverride, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t\tSid: \"SidToOverwrite\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt1 := override.Json\n\t\t_, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tOverrideJson: \u0026opt1,\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:s3:::somebucket\",\n\t\t\t\t\t\t\"arn:aws:s3:::somebucket/*\",\n\t\t\t\t\t},\n\t\t\t\t\tSid: \"SidToOverwrite\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n`data.aws_iam_policy_document.source_json_example.json` will evaluate to:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing Pulumi;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n\n`data.aws_iam_policy_document.override_json_example.json` will evaluate to:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing Pulumi;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n\nYou can also combine `source_json` and `override_json` in the same document.\n\n## Example without Statement\n\nUse without a `statement`:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst source = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"ec2:DescribeAccountAttributes\"],\n resources: [\"*\"],\n sid: \"OverridePlaceholder\",\n }],\n}, { async: true }));\nconst override = pulumi.output(aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"s3:GetObject\"],\n resources: [\"*\"],\n sid: \"OverridePlaceholder\",\n }],\n}, { async: true }));\nconst politik = pulumi.all([override, source]).apply(([override, source]) =\u003e aws.iam.getPolicyDocument({\n overrideJson: override.json,\n sourceJson: source.json,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsource = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"ec2:DescribeAccountAttributes\"],\n \"resources\": [\"*\"],\n \"sid\": \"OverridePlaceholder\",\n}])\noverride = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"s3:GetObject\"],\n \"resources\": [\"*\"],\n \"sid\": \"OverridePlaceholder\",\n}])\npolitik = aws.iam.get_policy_document(override_json=override.json,\n source_json=source.json)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var source = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"ec2:DescribeAccountAttributes\",\n },\n Resources = \n {\n \"*\",\n },\n Sid = \"OverridePlaceholder\",\n },\n },\n }));\n var @override = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:GetObject\",\n },\n Resources = \n {\n \"*\",\n },\n Sid = \"OverridePlaceholder\",\n },\n },\n }));\n var politik = Output.Tuple(@override, source).Apply(values =\u003e\n {\n var @override = values.Item1;\n var source = values.Item2;\n return Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n OverrideJson = @override.Json,\n SourceJson = source.Json,\n }));\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsource, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:DescribeAccountAttributes\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t\tSid: \"OverridePlaceholder\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\toverride, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t\tSid: \"OverridePlaceholder\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt0 := override.Json\n\t\topt1 := source.Json\n\t\t_, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tOverrideJson: \u0026opt0,\n\t\t\tSourceJson: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n`data.aws_iam_policy_document.politik.json` will evaluate to:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing Pulumi;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n", "inputs": { "description": "A collection of arguments for invoking getPolicyDocument.\n", "properties": { "overrideJson": { "type": "string", "description": "An IAM policy document to import and override the\ncurrent policy document. Statements with non-blank `sid`s in the override\ndocument will overwrite statements with the same `sid` in the current document.\nStatements without an `sid` cannot be overwritten.\n" }, "policyId": { "type": "string", "description": "An ID for the policy document.\n" }, "sourceJson": { "type": "string", "description": "An IAM policy document to import as a base for the\ncurrent policy document. Statements with non-blank `sid`s in the current\npolicy document will overwrite statements with the same `sid` in the source\njson. Statements without an `sid` cannot be overwritten.\n" }, "statements": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPolicyDocumentStatement:getPolicyDocumentStatement" }, "description": "A nested configuration block (described below)\nconfiguring one *statement* to be included in the policy document.\n" }, "version": { "type": "string", "description": "IAM policy document version. Valid values: `2008-10-17`, `2012-10-17`. Defaults to `2012-10-17`. For more information, see the [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html).\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getPolicyDocument.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "json": { "type": "string", "description": "The above arguments serialized as a standard JSON policy document.\n" }, "overrideJson": { "type": "string" }, "policyId": { "type": "string" }, "sourceJson": { "type": "string" }, "statements": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPolicyDocumentStatement:getPolicyDocumentStatement" } }, "version": { "type": "string" } }, "type": "object", "required": [ "json", "id" ] } }, "aws:iam/getRole:getRole": { "description": "This data source can be used to fetch information about a specific\nIAM role. By using this data source, you can reference IAM role\nproperties without having to hard code ARNs as input.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.iam.getRole({\n name: \"an_example_role_name\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_role(name=\"an_example_role_name\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Iam.GetRole.InvokeAsync(new Aws.Iam.GetRoleArgs\n {\n Name = \"an_example_role_name\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupRole(ctx, \u0026iam.LookupRoleArgs{\n\t\t\tName: \"an_example_role_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRole.\n", "properties": { "name": { "type": "string", "description": "The friendly IAM role name to match.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags attached to the role.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRole.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the role.\n" }, "assumeRolePolicy": { "type": "string", "description": "The policy document associated with the role.\n" }, "createDate": { "type": "string", "description": "Creation date of the role in RFC 3339 format.\n" }, "description": { "type": "string", "description": "Description for the role.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "maxSessionDuration": { "type": "integer", "description": "Maximum session duration.\n" }, "name": { "type": "string" }, "path": { "type": "string", "description": "The path to the role.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags attached to the role.\n" }, "uniqueId": { "type": "string", "description": "The stable and unique string identifying the role.\n" } }, "type": "object", "required": [ "arn", "assumeRolePolicy", "createDate", "description", "maxSessionDuration", "name", "path", "permissionsBoundary", "tags", "uniqueId", "id" ] } }, "aws:iam/getServerCertificate:getServerCertificate": { "description": "Use this data source to lookup information about IAM Server Certificates.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst my_domain = pulumi.output(aws.iam.getServerCertificate({\n latest: true,\n namePrefix: \"my-domain.org\",\n}, { async: true }));\nconst elb = new aws.elb.LoadBalancer(\"elb\", {\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"https\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: my_domain.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_domain = aws.iam.get_server_certificate(latest=True,\n name_prefix=\"my-domain.org\")\nelb = aws.elb.LoadBalancer(\"elb\", listeners=[{\n \"instance_port\": 8000,\n \"instanceProtocol\": \"https\",\n \"lb_port\": 443,\n \"lbProtocol\": \"https\",\n \"sslCertificateId\": my_domain.arn,\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var my_domain = Output.Create(Aws.Iam.GetServerCertificate.InvokeAsync(new Aws.Iam.GetServerCertificateArgs\n {\n Latest = true,\n NamePrefix = \"my-domain.org\",\n }));\n var elb = new Aws.Elb.LoadBalancer(\"elb\", new Aws.Elb.LoadBalancerArgs\n {\n Listeners = \n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"https\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = my_domain.Apply(my_domain =\u003e my_domain.Arn),\n },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Import \n\nThe import function will read in certificate body, certificate chain (if it exists), id, name, path, and arn. \nIt will not retrieve the private key which is not available through the AWS API.\n", "inputs": { "description": "A collection of arguments for invoking getServerCertificate.\n", "properties": { "latest": { "type": "boolean", "description": "sort results by expiration date. returns the certificate with expiration date in furthest in the future.\n" }, "name": { "type": "string", "description": "exact name of the cert to lookup\n" }, "namePrefix": { "type": "string", "description": "prefix of cert to filter by\n" }, "pathPrefix": { "type": "string", "description": "prefix of path to filter by\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getServerCertificate.\n", "properties": { "arn": { "type": "string" }, "certificateBody": { "type": "string" }, "certificateChain": { "type": "string" }, "expirationDate": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "latest": { "type": "boolean" }, "name": { "type": "string" }, "namePrefix": { "type": "string" }, "path": { "type": "string" }, "pathPrefix": { "type": "string" }, "uploadDate": { "type": "string" } }, "type": "object", "required": [ "arn", "certificateBody", "certificateChain", "expirationDate", "name", "path", "uploadDate", "id" ] } }, "aws:iam/getUser:getUser": { "description": "This data source can be used to fetch information about a specific\nIAM user. By using this data source, you can reference IAM user\nproperties without having to hard code ARNs or unique IDs as input.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.iam.getUser({\n userName: \"an_example_user_name\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_user(user_name=\"an_example_user_name\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Iam.GetUser.InvokeAsync(new Aws.Iam.GetUserArgs\n {\n UserName = \"an_example_user_name\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupUser(ctx, \u0026iam.LookupUserArgs{\n\t\t\tUserName: \"an_example_user_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getUser.\n", "properties": { "userName": { "type": "string", "description": "The friendly IAM user name to match.\n" } }, "type": "object", "required": [ "userName" ] }, "outputs": { "description": "A collection of values returned by getUser.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS for this user.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "path": { "type": "string", "description": "Path in which this user was created.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the user.\n" }, "userId": { "type": "string", "description": "The unique ID assigned by AWS for this user.\n" }, "userName": { "type": "string", "description": "The name associated to this User\n" } }, "type": "object", "required": [ "arn", "path", "permissionsBoundary", "userId", "userName", "id" ] } }, "aws:index/getAmi:getAmi": { "description": "Use this data source to get the ID of a registered AMI for use in other\nresources.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.getAmi({\n executableUsers: [\"self\"],\n filters: [\n {\n name: \"name\",\n values: [\"myami-*\"],\n },\n {\n name: \"root-device-type\",\n values: [\"ebs\"],\n },\n {\n name: \"virtualization-type\",\n values: [\"hvm\"],\n },\n ],\n mostRecent: true,\n nameRegex: \"^myami-\\\\d{3}\",\n owners: [\"self\"],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.get_ami(executable_users=[\"self\"],\n filters=[\n {\n \"name\": \"name\",\n \"values\": [\"myami-*\"],\n },\n {\n \"name\": \"root-device-type\",\n \"values\": [\"ebs\"],\n },\n {\n \"name\": \"virtualization-type\",\n \"values\": [\"hvm\"],\n },\n ],\n most_recent=True,\n name_regex=\"^myami-\\\\d{3}\",\n owners=[\"self\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.GetAmi.InvokeAsync(new Aws.GetAmiArgs\n {\n ExecutableUsers = \n {\n \"self\",\n },\n Filters = \n {\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"name\",\n Values = \n {\n \"myami-*\",\n },\n },\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"root-device-type\",\n Values = \n {\n \"ebs\",\n },\n },\n new Aws.Inputs.GetAmiFilterArgs\n {\n Name = \"virtualization-type\",\n Values = \n {\n \"hvm\",\n },\n },\n },\n MostRecent = true,\n NameRegex = \"^myami-\\\\d{3}\",\n Owners = \n {\n \"self\",\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\topt1 := \"^myami-\\\\d{3}\"\n\t\t_, err := aws.GetAmi(ctx, \u0026aws.GetAmiArgs{\n\t\t\tExecutableUsers: []string{\n\t\t\t\t\"self\",\n\t\t\t},\n\t\t\tFilters: []aws.GetAmiFilter{\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"myami-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"root-device-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ebs\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\taws.GetAmiFilter{\n\t\t\t\t\tName: \"virtualization-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"hvm\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tMostRecent: \u0026opt0,\n\t\t\tNameRegex: \u0026opt1,\n\t\t\tOwners: []string{\n\t\t\t\t\"self\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAmi.\n", "properties": { "executableUsers": { "type": "array", "items": { "type": "string" }, "description": "Limit search to users with *explicit* launch permission on\nthe image. Valid items are the numeric account ID or `self`.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getAmiFilter:getAmiFilter" }, "description": "One or more name/value pairs to filter off of. There are\nseveral valid keys, for a full reference, check out\n[describe-images in the AWS CLI reference][1].\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most\nrecent AMI.\n" }, "nameRegex": { "type": "string", "description": "A regex string to apply to the AMI list returned\nby AWS. This allows more advanced filtering not supported from the AWS API. This\nfiltering is done locally on what AWS returns, and could have a performance\nimpact if the result is large. It is recommended to combine this with other\noptions to narrow down the list AWS returns.\n" }, "owners": { "type": "array", "items": { "type": "string" }, "description": "List of AMI owners to limit search. At least 1 value must be specified. Valid values: an AWS account ID, `self` (the current account), or an AWS owner alias (e.g. `amazon`, `aws-marketplace`, `microsoft`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any tags assigned to the image.\n* `tags.#.key` - The key name of the tag.\n* `tags.#.value` - The value of the tag.\n" } }, "type": "object", "required": [ "owners" ] }, "outputs": { "description": "A collection of values returned by getAmi.\n", "properties": { "architecture": { "type": "string", "description": "The OS architecture of the AMI (ie: `i386` or `x86_64`).\n" }, "arn": { "type": "string", "description": "The ARN of the AMI.\n" }, "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:/getAmiBlockDeviceMapping:getAmiBlockDeviceMapping" }, "description": "The block device mappings of the AMI.\n* `block_device_mappings.#.device_name` - The physical name of the device.\n* `block_device_mappings.#.ebs.delete_on_termination` - `true` if the EBS volume\nwill be deleted on termination.\n* `block_device_mappings.#.ebs.encrypted` - `true` if the EBS volume\nis encrypted.\n* `block_device_mappings.#.ebs.iops` - `0` if the EBS volume is\nnot a provisioned IOPS image, otherwise the supported IOPS count.\n* `block_device_mappings.#.ebs.snapshot_id` - The ID of the snapshot.\n* `block_device_mappings.#.ebs.volume_size` - The size of the volume, in GiB.\n* `block_device_mappings.#.ebs.volume_type` - The volume type.\n* `block_device_mappings.#.no_device` - Suppresses the specified device\nincluded in the block device mapping of the AMI.\n* `block_device_mappings.#.virtual_name` - The virtual device name (for\ninstance stores).\n" }, "creationDate": { "type": "string", "description": "The date and time the image was created.\n" }, "description": { "type": "string", "description": "The description of the AMI that was provided during image\ncreation.\n" }, "executableUsers": { "type": "array", "items": { "type": "string" } }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getAmiFilter:getAmiFilter" } }, "hypervisor": { "type": "string", "description": "The hypervisor type of the image.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "imageId": { "type": "string", "description": "The ID of the AMI. Should be the same as the resource `id`.\n" }, "imageLocation": { "type": "string", "description": "The location of the AMI.\n" }, "imageOwnerAlias": { "type": "string", "description": "The AWS account alias (for example, `amazon`, `self`) or\nthe AWS account ID of the AMI owner.\n" }, "imageType": { "type": "string", "description": "The type of image.\n" }, "kernelId": { "type": "string", "description": "The kernel associated with the image, if any. Only applicable\nfor machine images.\n" }, "mostRecent": { "type": "boolean" }, "name": { "type": "string", "description": "The name of the AMI that was provided during image creation.\n" }, "nameRegex": { "type": "string" }, "ownerId": { "type": "string", "description": "The AWS account ID of the image owner.\n" }, "owners": { "type": "array", "items": { "type": "string" } }, "platform": { "type": "string", "description": "The value is Windows for `Windows` AMIs; otherwise blank.\n" }, "productCodes": { "type": "array", "items": { "$ref": "#/types/aws:/getAmiProductCode:getAmiProductCode" }, "description": "Any product codes associated with the AMI.\n* `product_codes.#.product_code_id` - The product code.\n* `product_codes.#.product_code_type` - The type of product code.\n" }, "public": { "type": "boolean", "description": "`true` if the image has public launch permissions.\n" }, "ramdiskId": { "type": "string", "description": "The RAM disk associated with the image, if any. Only applicable\nfor machine images.\n" }, "rootDeviceName": { "type": "string", "description": "The device name of the root device.\n" }, "rootDeviceType": { "type": "string", "description": "The type of root device (ie: `ebs` or `instance-store`).\n" }, "rootSnapshotId": { "type": "string", "description": "The snapshot id associated with the root device, if any\n(only applies to `ebs` root devices).\n" }, "sriovNetSupport": { "type": "string", "description": "Specifies whether enhanced networking is enabled.\n" }, "state": { "type": "string", "description": "The current state of the AMI. If the state is `available`, the image\nis successfully registered and can be used to launch an instance.\n" }, "stateReason": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Describes a state change. Fields are `UNSET` if not available.\n* `state_reason.code` - The reason code for the state change.\n* `state_reason.message` - The message for the state change.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any tags assigned to the image.\n* `tags.#.key` - The key name of the tag.\n* `tags.#.value` - The value of the tag.\n" }, "virtualizationType": { "type": "string", "description": "The type of virtualization of the AMI (ie: `hvm` or\n`paravirtual`).\n" } }, "type": "object", "required": [ "architecture", "arn", "blockDeviceMappings", "creationDate", "description", "hypervisor", "imageId", "imageLocation", "imageOwnerAlias", "imageType", "kernelId", "name", "ownerId", "owners", "platform", "productCodes", "public", "ramdiskId", "rootDeviceName", "rootDeviceType", "rootSnapshotId", "sriovNetSupport", "state", "stateReason", "tags", "virtualizationType", "id" ] } }, "aws:index/getAmiIds:getAmiIds": { "description": "Use this data source to get a list of AMI IDs matching the specified criteria.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = pulumi.output(aws.getAmiIds({\n filters: [{\n name: \"name\",\n values: [\"ubuntu/images/ubuntu-*-*-amd64-server-*\"],\n }],\n owners: [\"099720109477\"],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.get_ami_ids(filters=[{\n \"name\": \"name\",\n \"values\": [\"ubuntu/images/ubuntu-*-*-amd64-server-*\"],\n }],\n owners=[\"099720109477\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ubuntu = Output.Create(Aws.GetAmiIds.InvokeAsync(new Aws.GetAmiIdsArgs\n {\n Filters = \n {\n new Aws.Inputs.GetAmiIdsFilterArgs\n {\n Name = \"name\",\n Values = \n {\n \"ubuntu/images/ubuntu-*-*-amd64-server-*\",\n },\n },\n },\n Owners = \n {\n \"099720109477\",\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetAmiIds(ctx, \u0026aws.GetAmiIdsArgs{\n\t\t\tFilters: []aws.GetAmiIdsFilter{\n\t\t\t\taws.GetAmiIdsFilter{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ubuntu/images/ubuntu-*-*-amd64-server-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOwners: []string{\n\t\t\t\t\"099720109477\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAmiIds.\n", "properties": { "executableUsers": { "type": "array", "items": { "type": "string" }, "description": "Limit search to users with *explicit* launch\npermission on the image. Valid items are the numeric account ID or `self`.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getAmiIdsFilter:getAmiIdsFilter" }, "description": "One or more name/value pairs to filter off of. There\nare several valid keys, for a full reference, check out\n[describe-images in the AWS CLI reference][1].\n" }, "nameRegex": { "type": "string", "description": "A regex string to apply to the AMI list returned\nby AWS. This allows more advanced filtering not supported from the AWS API.\nThis filtering is done locally on what AWS returns, and could have a performance\nimpact if the result is large. It is recommended to combine this with other\noptions to narrow down the list AWS returns.\n" }, "owners": { "type": "array", "items": { "type": "string" }, "description": "List of AMI owners to limit search. At least 1 value must be specified. Valid values: an AWS account ID, `self` (the current account), or an AWS owner alias (e.g. `amazon`, `aws-marketplace`, `microsoft`).\n" }, "sortAscending": { "type": "boolean", "description": "Used to sort AMIs by creation time.\n" } }, "type": "object", "required": [ "owners" ] }, "outputs": { "description": "A collection of values returned by getAmiIds.\n", "properties": { "executableUsers": { "type": "array", "items": { "type": "string" } }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getAmiIdsFilter:getAmiIdsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" } }, "nameRegex": { "type": "string" }, "owners": { "type": "array", "items": { "type": "string" } }, "sortAscending": { "type": "boolean" } }, "type": "object", "required": [ "ids", "owners", "id" ] } }, "aws:index/getArn:getArn": { "description": "Parses an Amazon Resource Name (ARN) into its constituent parts.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dbInstance = pulumi.output(aws.getArn({\n arn: \"arn:aws:rds:eu-west-1:123456789012:db:mysql-db\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndb_instance = aws.get_arn(arn=\"arn:aws:rds:eu-west-1:123456789012:db:mysql-db\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dbInstance = Output.Create(Aws.GetArn.InvokeAsync(new Aws.GetArnArgs\n {\n Arn = \"arn:aws:rds:eu-west-1:123456789012:db:mysql-db\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetArn(ctx, \u0026aws.GetArnArgs{\n\t\t\tArn: \"arn:aws:rds:eu-west-1:123456789012:db:mysql-db\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getArn.\n", "properties": { "arn": { "type": "string", "description": "The ARN to parse.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getArn.\n", "properties": { "account": { "type": "string", "description": "The [ID](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html) of the AWS account that owns the resource, without the hyphens.\n" }, "arn": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "partition": { "type": "string", "description": "The partition that the resource is in.\n" }, "region": { "type": "string", "description": "The region the resource resides in.\nNote that the ARNs for some resources do not require a region, so this component might be omitted.\n" }, "resource": { "type": "string", "description": "The content of this part of the ARN varies by service.\nIt often includes an indicator of the type of resource—for example, an IAM user or Amazon RDS database —followed by a slash (/) or a colon (:), followed by the resource name itself.\n" }, "service": { "type": "string", "description": "The [service namespace](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) that identifies the AWS product.\n" } }, "type": "object", "required": [ "account", "arn", "partition", "region", "resource", "service", "id" ] } }, "aws:index/getAutoscalingGroups:getAutoscalingGroups": { "description": "The Autoscaling Groups data source allows access to the list of AWS\nASGs within a specific region. This will allow you to pass a list of AutoScaling Groups to other resources.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst groups = pulumi.output(aws.getAutoscalingGroups({\n filters: [\n {\n name: \"key\",\n values: [\"Team\"],\n },\n {\n name: \"value\",\n values: [\"Pets\"],\n },\n ],\n}, { async: true }));\nconst slackNotifications = new aws.autoscaling.Notification(\"slack_notifications\", {\n groupNames: groups.names,\n notifications: [\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n ],\n topicArn: \"TOPIC ARN\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngroups = aws.get_autoscaling_groups(filters=[\n {\n \"name\": \"key\",\n \"values\": [\"Team\"],\n },\n {\n \"name\": \"value\",\n \"values\": [\"Pets\"],\n },\n])\nslack_notifications = aws.autoscaling.Notification(\"slackNotifications\",\n group_names=groups.names,\n notifications=[\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n ],\n topic_arn=\"TOPIC ARN\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var groups = Output.Create(Aws.GetAutoscalingGroups.InvokeAsync(new Aws.GetAutoscalingGroupsArgs\n {\n Filters = \n {\n new Aws.Inputs.GetAutoscalingGroupsFilterArgs\n {\n Name = \"key\",\n Values = \n {\n \"Team\",\n },\n },\n new Aws.Inputs.GetAutoscalingGroupsFilterArgs\n {\n Name = \"value\",\n Values = \n {\n \"Pets\",\n },\n },\n },\n }));\n var slackNotifications = new Aws.AutoScaling.Notification(\"slackNotifications\", new Aws.AutoScaling.NotificationArgs\n {\n GroupNames = groups.Apply(groups =\u003e groups.Names),\n Notifications = \n {\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n },\n TopicArn = \"TOPIC ARN\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgroups, err := aws.GetAutoscalingGroups(ctx, \u0026aws.GetAutoscalingGroupsArgs{\n\t\t\tFilters: []aws.GetAutoscalingGroupsFilter{\n\t\t\t\taws.GetAutoscalingGroupsFilter{\n\t\t\t\t\tName: \"key\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Team\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\taws.GetAutoscalingGroupsFilter{\n\t\t\t\t\tName: \"value\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Pets\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewNotification(ctx, \"slackNotifications\", \u0026autoscaling.NotificationArgs{\n\t\t\tGroupNames: toPulumiStringArray(groups.Names),\n\t\t\tNotifications: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCH\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_TERMINATE\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\"),\n\t\t\t},\n\t\t\tTopicArn: pulumi.String(\"TOPIC ARN\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\nfunc toPulumiStringArray(arr []string) pulumi.StringArray {\n\tvar pulumiArr pulumi.StringArray\n\tfor _, v := range arr {\n\t\tpulumiArr = append(pulumiArr, pulumi.String(v))\n\t}\n\treturn pulumiArr\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAutoscalingGroups.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getAutoscalingGroupsFilter:getAutoscalingGroupsFilter" }, "description": "A filter used to scope the list e.g. by tags. See [related docs](http://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_Filter.html).\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAutoscalingGroups.\n", "properties": { "arns": { "type": "array", "items": { "type": "string" }, "description": "A list of the Autoscaling Groups Arns in the current region.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getAutoscalingGroupsFilter:getAutoscalingGroupsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "names": { "type": "array", "items": { "type": "string" }, "description": "A list of the Autoscaling Groups in the current region.\n" } }, "type": "object", "required": [ "arns", "names", "id" ] } }, "aws:index/getAvailabilityZone:getAvailabilityZone": { "description": "`aws.getAvailabilityZone` provides details about a specific availability zone (AZ)\nin the current region.\n\nThis can be used both to validate an availability zone given in a variable\nand to split the AZ name into its component parts of an AWS region and an\nAZ identifier letter. The latter may be useful e.g. for implementing a\nconsistent subnet numbering scheme across several regions by mapping both\nthe region and the subnet letter to network numbers.\n\nThis is different from the `aws.getAvailabilityZones` (plural) data source,\nwhich provides a list of the available zones.\n", "inputs": { "description": "A collection of arguments for invoking getAvailabilityZone.\n", "properties": { "allAvailabilityZones": { "type": "boolean", "description": "Set to `true` to include all Availability Zones and Local Zones regardless of your opt in status.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getAvailabilityZoneFilter:getAvailabilityZoneFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html).\n" }, "state": { "type": "string", "description": "A specific availability zone state to require. May be any of `\"available\"`, `\"information\"` or `\"impaired\"`.\n" }, "zoneId": { "type": "string", "description": "The zone ID of the availability zone to select.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAvailabilityZone.\n", "properties": { "allAvailabilityZones": { "type": "boolean" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getAvailabilityZoneFilter:getAvailabilityZoneFilter" } }, "groupName": { "type": "string", "description": "For Availability Zones, this is the same value as the Region name. For Local Zones, the name of the associated group, for example `us-west-2-lax-1`.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "nameSuffix": { "type": "string", "description": "The part of the AZ name that appears after the region name, uniquely identifying the AZ within its region.\n" }, "networkBorderGroup": { "type": "string", "description": "The name of the location from which the address is advertised.\n" }, "optInStatus": { "type": "string", "description": "For Availability Zones, this always has the value of `opt-in-not-required`. For Local Zones, this is the opt in status. The possible values are `opted-in` and `not-opted-in`.\n" }, "region": { "type": "string", "description": "The region where the selected availability zone resides. This is always the region selected on the provider, since this data source searches only within that region.\n" }, "state": { "type": "string" }, "zoneId": { "type": "string" } }, "type": "object", "required": [ "groupName", "name", "nameSuffix", "networkBorderGroup", "optInStatus", "region", "state", "zoneId", "id" ] } }, "aws:index/getAvailabilityZones:getAvailabilityZones": { "description": "The Availability Zones data source allows access to the list of AWS\nAvailability Zones which can be accessed by an AWS account within the region\nconfigured in the provider.\n\nThis is different from the `aws.getAvailabilityZone` (singular) data source,\nwhich provides some details about a specific availability zone.\n\n\u003e When [Local Zones](https://aws.amazon.com/about-aws/global-infrastructure/localzones/) are enabled in a region, by default the API and this data source include both Local Zones and Availability Zones. To return only Availability Zones, see the example section below.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### By State\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n});\nconst primary = new aws.ec2.Subnet(\"primary\", {availabilityZone: available.then(available =\u003e available.names[0])});\n// ...\nconst secondary = new aws.ec2.Subnet(\"secondary\", {availabilityZone: available.then(available =\u003e available.names[1])});\n// ...\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\")\nprimary = aws.ec2.Subnet(\"primary\", availability_zone=available.names[0])\n# ...\nsecondary = aws.ec2.Subnet(\"secondary\", availability_zone=available.names[1])\n# ...\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var available = Output.Create(Aws.GetAvailabilityZones.InvokeAsync(new Aws.GetAvailabilityZonesArgs\n {\n State = \"available\",\n }));\n var primary = new Aws.Ec2.Subnet(\"primary\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = available.Apply(available =\u003e available.Names[0]),\n });\n // ...\n var secondary = new Aws.Ec2.Subnet(\"secondary\", new Aws.Ec2.SubnetArgs\n {\n AvailabilityZone = available.Apply(available =\u003e available.Names[1]),\n });\n // ...\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"available\"\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSubnet(ctx, \"primary\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSubnet(ctx, \"secondary\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(available.Names[1]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### By Filter\n\nAll Local Zones (regardless of opt-in status):\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.getAvailabilityZones({\n allAvailabilityZones: true,\n filters: [{\n name: \"opt-in-status\",\n values: [\n \"not-opted-in\",\n \"opted-in\",\n ],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.get_availability_zones(all_availability_zones=True,\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\n \"not-opted-in\",\n \"opted-in\",\n ],\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.GetAvailabilityZones.InvokeAsync(new Aws.GetAvailabilityZonesArgs\n {\n AllAvailabilityZones = true,\n Filters = \n {\n new Aws.Inputs.GetAvailabilityZonesFilterArgs\n {\n Name = \"opt-in-status\",\n Values = \n {\n \"not-opted-in\",\n \"opted-in\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\t_, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tAllAvailabilityZones: \u0026opt0,\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\taws.GetAvailabilityZonesFilter{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"not-opted-in\",\n\t\t\t\t\t\t\"opted-in\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nOnly Availability Zones (no Local Zones):\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.getAvailabilityZones({\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.get_availability_zones(filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"opt-in-not-required\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.GetAvailabilityZones.InvokeAsync(new Aws.GetAvailabilityZonesArgs\n {\n Filters = \n {\n new Aws.Inputs.GetAvailabilityZonesFilterArgs\n {\n Name = \"opt-in-status\",\n Values = \n {\n \"opt-in-not-required\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\taws.GetAvailabilityZonesFilter{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAvailabilityZones.\n", "properties": { "allAvailabilityZones": { "type": "boolean", "description": "Set to `true` to include all Availability Zones and Local Zones regardless of your opt in status.\n" }, "blacklistedNames": { "type": "array", "items": { "type": "string" }, "description": "List of blacklisted Availability Zone names.\n" }, "blacklistedZoneIds": { "type": "array", "items": { "type": "string" }, "description": "List of blacklisted Availability Zone IDs.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getAvailabilityZonesFilter:getAvailabilityZonesFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "groupNames": { "type": "array", "items": { "type": "string" } }, "state": { "type": "string", "description": "Allows to filter list of Availability Zones based on their\ncurrent state. Can be either `\"available\"`, `\"information\"`, `\"impaired\"` or\n`\"unavailable\"`. By default the list includes a complete set of Availability Zones\nto which the underlying AWS account has access, regardless of their state.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAvailabilityZones.\n", "properties": { "allAvailabilityZones": { "type": "boolean" }, "blacklistedNames": { "type": "array", "items": { "type": "string" } }, "blacklistedZoneIds": { "type": "array", "items": { "type": "string" } }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getAvailabilityZonesFilter:getAvailabilityZonesFilter" } }, "groupNames": { "type": "array", "items": { "type": "string" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "names": { "type": "array", "items": { "type": "string" }, "description": "A list of the Availability Zone names available to the account.\n" }, "state": { "type": "string" }, "zoneIds": { "type": "array", "items": { "type": "string" }, "description": "A list of the Availability Zone IDs available to the account.\n" } }, "type": "object", "required": [ "names", "zoneIds", "id" ] } }, "aws:index/getBillingServiceAccount:getBillingServiceAccount": { "description": "Use this data source to get the Account ID of the [AWS Billing and Cost Management Service Account](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-getting-started.html#step-2) for the purpose of whitelisting in S3 bucket policy.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = pulumi.output(aws.getBillingServiceAccount({ async: true }));\nconst billingLogs = new aws.s3.Bucket(\"billing_logs\", {\n acl: \"private\",\n policy: pulumi.interpolate`{\n \"Id\": \"Policy\",\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"s3:GetBucketAcl\", \"s3:GetBucketPolicy\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:s3:::my-billing-tf-test-bucket\",\n \"Principal\": {\n \"AWS\": [\n \"${main.arn}\"\n ]\n }\n },\n {\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:s3:::my-billing-tf-test-bucket/*\",\n \"Principal\": {\n \"AWS\": [\n \"${main.arn}\"\n ]\n }\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.get_billing_service_account()\nbilling_logs = aws.s3.Bucket(\"billingLogs\",\n acl=\"private\",\n policy=f\"\"\"{{\n \"Id\": \"Policy\",\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": [\n \"s3:GetBucketAcl\", \"s3:GetBucketPolicy\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:s3:::my-billing-tf-test-bucket\",\n \"Principal\": {{\n \"AWS\": [\n \"{main.arn}\"\n ]\n }}\n }},\n {{\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:s3:::my-billing-tf-test-bucket/*\",\n \"Principal\": {{\n \"AWS\": [\n \"{main.arn}\"\n ]\n }}\n }}\n ]\n}}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = Output.Create(Aws.GetBillingServiceAccount.InvokeAsync());\n var billingLogs = new Aws.S3.Bucket(\"billingLogs\", new Aws.S3.BucketArgs\n {\n Acl = \"private\",\n Policy = Output.Tuple(main, main).Apply(values =\u003e\n {\n var main = values.Item1;\n var main1 = values.Item2;\n return @$\"{{\n \"\"Id\"\": \"\"Policy\"\",\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": [\n \"\"s3:GetBucketAcl\"\", \"\"s3:GetBucketPolicy\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"arn:aws:s3:::my-billing-tf-test-bucket\"\",\n \"\"Principal\"\": {{\n \"\"AWS\"\": [\n \"\"{main.Arn}\"\"\n ]\n }}\n }},\n {{\n \"\"Action\"\": [\n \"\"s3:PutObject\"\"\n ],\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"arn:aws:s3:::my-billing-tf-test-bucket/*\"\",\n \"\"Principal\"\": {{\n \"\"AWS\"\": [\n \"\"{main1.Arn}\"\"\n ]\n }}\n }}\n ]\n}}\n\n\";\n }),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := aws.GetBillingServiceAccount(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucket(ctx, \"billingLogs\", \u0026s3.BucketArgs{\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \" \\\"Id\\\": \\\"Policy\\\",\\n\", \" \\\"Version\\\": \\\"2012-10-17\\\",\\n\", \" \\\"Statement\\\": [\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"s3:GetBucketAcl\\\", \\\"s3:GetBucketPolicy\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:s3:::my-billing-tf-test-bucket\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"AWS\\\": [\\n\", \" \\\"\", main.Arn, \"\\\"\\n\", \" ]\\n\", \" }\\n\", \" },\\n\", \" {\\n\", \" \\\"Action\\\": [\\n\", \" \\\"s3:PutObject\\\"\\n\", \" ],\\n\", \" \\\"Effect\\\": \\\"Allow\\\",\\n\", \" \\\"Resource\\\": \\\"arn:aws:s3:::my-billing-tf-test-bucket/*\\\",\\n\", \" \\\"Principal\\\": {\\n\", \" \\\"AWS\\\": [\\n\", \" \\\"\", main.Arn, \"\\\"\\n\", \" ]\\n\", \" }\\n\", \" }\\n\", \" ]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getBillingServiceAccount.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the AWS billing service account.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" } }, "type": "object", "required": [ "arn", "id" ] } }, "aws:index/getCallerIdentity:getCallerIdentity": { "description": "Use this data source to get the access to the effective Account ID, User ID, and ARN in\nwhich this provider is authorized.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.getCallerIdentity({ async: true }));\n\nexport const accountId = current.accountId;\nexport const callerArn = current.arn;\nexport const callerUser = current.userId;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\npulumi.export(\"accountId\", current.account_id)\npulumi.export(\"callerArn\", current.arn)\npulumi.export(\"callerUser\", current.user_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n this.AccountId = current.Apply(current =\u003e current.AccountId);\n this.CallerArn = current.Apply(current =\u003e current.Arn);\n this.CallerUser = current.Apply(current =\u003e current.UserId);\n }\n\n [Output(\"accountId\")]\n public Output\u003cstring\u003e AccountId { get; set; }\n [Output(\"callerArn\")]\n public Output\u003cstring\u003e CallerArn { get; set; }\n [Output(\"callerUser\")]\n public Output\u003cstring\u003e CallerUser { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"accountId\", current.AccountId)\n\t\tctx.Export(\"callerArn\", current.Arn)\n\t\tctx.Export(\"callerUser\", current.UserId)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getCallerIdentity.\n", "properties": { "accountId": { "type": "string", "description": "The AWS Account ID number of the account that owns or contains the calling entity.\n" }, "arn": { "type": "string", "description": "The AWS ARN associated with the calling entity.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "userId": { "type": "string", "description": "The unique identifier of the calling entity.\n" } }, "type": "object", "required": [ "accountId", "arn", "userId", "id" ] } }, "aws:index/getCanonicalUserId:getCanonicalUserId": { "description": "The Canonical User ID data source allows access to the [canonical user ID](http://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html)\nfor the effective account in which this provider is working. \n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.getCanonicalUserId({ async: true }));\n\nexport const canonicalUserId = current.id;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_canonical_user_id()\npulumi.export(\"canonicalUserId\", current.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetCanonicalUserId.InvokeAsync());\n this.CanonicalUserId = current.Apply(current =\u003e current.Id);\n }\n\n [Output(\"canonicalUserId\")]\n public Output\u003cstring\u003e CanonicalUserId { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCanonicalUserId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"canonicalUserId\", current.Id)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getCanonicalUserId.\n", "properties": { "displayName": { "type": "string", "description": "The human-friendly name linked to the canonical user ID. The bucket owner's display name. **NOTE:** [This value](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTServiceGET.html) is only included in the response in the US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Ireland), and South America (São Paulo) regions.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" } }, "type": "object", "required": [ "displayName", "id" ] } }, "aws:index/getElasticIp:getElasticIp": { "description": "`aws.ec2.Eip` provides details about a specific Elastic IP.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Search By Allocation ID (VPC only)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byAllocationId = pulumi.output(aws.getElasticIp({\n id: \"eipalloc-12345678\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_allocation_id = aws.get_elastic_ip(id=\"eipalloc-12345678\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var byAllocationId = Output.Create(Aws.GetElasticIp.InvokeAsync(new Aws.GetElasticIpArgs\n {\n Id = \"eipalloc-12345678\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"eipalloc-12345678\"\n\t\t_, err := aws.GetElasticIp(ctx, \u0026aws.GetElasticIpArgs{\n\t\t\tId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Search By Filters (EC2-Classic or VPC)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byFilter = pulumi.output(aws.getElasticIp({\n filters: [{\n name: \"tag:Name\",\n values: [\"exampleNameTagValue\"],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_filter = aws.get_elastic_ip(filters=[{\n \"name\": \"tag:Name\",\n \"values\": [\"exampleNameTagValue\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var byFilter = Output.Create(Aws.GetElasticIp.InvokeAsync(new Aws.GetElasticIpArgs\n {\n Filters = \n {\n new Aws.Inputs.GetElasticIpFilterArgs\n {\n Name = \"tag:Name\",\n Values = \n {\n \"exampleNameTagValue\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetElasticIp(ctx, \u0026aws.GetElasticIpArgs{\n\t\t\tFilters: []aws.GetElasticIpFilter{\n\t\t\t\taws.GetElasticIpFilter{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"exampleNameTagValue\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Search By Public IP (EC2-Classic or VPC)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byPublicIp = pulumi.output(aws.getElasticIp({\n publicIp: \"1.2.3.4\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_public_ip = aws.get_elastic_ip(public_ip=\"1.2.3.4\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var byPublicIp = Output.Create(Aws.GetElasticIp.InvokeAsync(new Aws.GetElasticIpArgs\n {\n PublicIp = \"1.2.3.4\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"1.2.3.4\"\n\t\t_, err := aws.GetElasticIp(ctx, \u0026aws.GetElasticIpArgs{\n\t\t\tPublicIp: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Search By Tags (EC2-Classic or VPC)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byTags = pulumi.output(aws.getElasticIp({\n tags: {\n Name: \"exampleNameTagValue\",\n },\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_tags = aws.get_elastic_ip(tags={\n \"Name\": \"exampleNameTagValue\",\n})\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var byTags = Output.Create(Aws.GetElasticIp.InvokeAsync(new Aws.GetElasticIpArgs\n {\n Tags = \n {\n { \"Name\", \"exampleNameTagValue\" },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetElasticIp(ctx, \u0026aws.GetElasticIpArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Name\": \"exampleNameTagValue\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getElasticIp.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getElasticIpFilter:getElasticIpFilter" }, "description": "One or more name/value pairs to use as filters. There are several valid keys, for a full reference, check out the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html).\n" }, "id": { "type": "string", "description": "The allocation id of the specific VPC EIP to retrieve. If a classic EIP is required, do NOT set `id`, only set `public_ip`\n" }, "publicIp": { "type": "string", "description": "The public IP of the specific EIP to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags, each pair of which must exactly match a pair on the desired Elastic IP\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getElasticIp.\n", "properties": { "associationId": { "type": "string", "description": "The ID representing the association of the address with an instance in a VPC.\n" }, "customerOwnedIp": { "type": "string", "description": "Customer Owned IP.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "The ID of a Customer Owned IP Pool. For more on customer owned IP addressed check out [Customer-owned IP addresses guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#ip-addressing)\n" }, "domain": { "type": "string", "description": "Indicates whether the address is for use in EC2-Classic (standard) or in a VPC (vpc).\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getElasticIpFilter:getElasticIpFilter" } }, "id": { "type": "string", "description": "If VPC Elastic IP, the allocation identifier. If EC2-Classic Elastic IP, the public IP address.\n" }, "instanceId": { "type": "string", "description": "The ID of the instance that the address is associated with (if any).\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface.\n" }, "networkInterfaceOwnerId": { "type": "string", "description": "The ID of the AWS account that owns the network interface.\n" }, "privateDns": { "type": "string", "description": "The Private DNS associated with the Elastic IP address.\n" }, "privateIp": { "type": "string", "description": "The private IP address associated with the Elastic IP address.\n" }, "publicDns": { "type": "string", "description": "Public DNS associated with the Elastic IP address.\n" }, "publicIp": { "type": "string", "description": "Public IP address of Elastic IP.\n" }, "publicIpv4Pool": { "type": "string", "description": "The ID of an address pool.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags associated with Elastic IP.\n" } }, "type": "object", "required": [ "associationId", "customerOwnedIp", "customerOwnedIpv4Pool", "domain", "id", "instanceId", "networkInterfaceId", "networkInterfaceOwnerId", "privateDns", "privateIp", "publicDns", "publicIp", "publicIpv4Pool", "tags" ] } }, "aws:index/getIpRanges:getIpRanges": { "description": "Use this data source to get the IP ranges of various AWS products and services. For more information about the contents of this data source and required JSON syntax if referencing a custom URL, see the [AWS IP Address Ranges documention](https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst europeanEc2 = aws.getIpRanges({\n regions: [\n \"eu-west-1\",\n \"eu-central-1\",\n ],\n services: [\"ec2\"],\n});\nconst fromEurope = new aws.ec2.SecurityGroup(\"fromEurope\", {\n ingress: [{\n fromPort: \"443\",\n toPort: \"443\",\n protocol: \"tcp\",\n cidrBlocks: europeanEc2.then(europeanEc2 =\u003e europeanEc2.cidrBlocks),\n ipv6CidrBlocks: europeanEc2.then(europeanEc2 =\u003e europeanEc2.ipv6CidrBlocks),\n }],\n tags: {\n CreateDate: europeanEc2.then(europeanEc2 =\u003e europeanEc2.createDate),\n SyncToken: europeanEc2.then(europeanEc2 =\u003e europeanEc2.syncToken),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\neuropean_ec2 = aws.get_ip_ranges(regions=[\n \"eu-west-1\",\n \"eu-central-1\",\n ],\n services=[\"ec2\"])\nfrom_europe = aws.ec2.SecurityGroup(\"fromEurope\",\n ingress=[{\n \"from_port\": \"443\",\n \"to_port\": \"443\",\n \"protocol\": \"tcp\",\n \"cidr_blocks\": european_ec2.cidr_blocks,\n \"ipv6_cidr_blocks\": european_ec2.ipv6_cidr_blocks,\n }],\n tags={\n \"CreateDate\": european_ec2.create_date,\n \"SyncToken\": european_ec2.sync_token,\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var europeanEc2 = Output.Create(Aws.GetIpRanges.InvokeAsync(new Aws.GetIpRangesArgs\n {\n Regions = \n {\n \"eu-west-1\",\n \"eu-central-1\",\n },\n Services = \n {\n \"ec2\",\n },\n }));\n var fromEurope = new Aws.Ec2.SecurityGroup(\"fromEurope\", new Aws.Ec2.SecurityGroupArgs\n {\n Ingress = \n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n FromPort = 443,\n ToPort = 443,\n Protocol = \"tcp\",\n CidrBlocks = europeanEc2.Apply(europeanEc2 =\u003e europeanEc2.CidrBlocks),\n Ipv6CidrBlocks = europeanEc2.Apply(europeanEc2 =\u003e europeanEc2.Ipv6CidrBlocks),\n },\n },\n Tags = \n {\n { \"CreateDate\", europeanEc2.Apply(europeanEc2 =\u003e europeanEc2.CreateDate) },\n { \"SyncToken\", europeanEc2.Apply(europeanEc2 =\u003e europeanEc2.SyncToken) },\n },\n });\n }\n\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getIpRanges.\n", "properties": { "regions": { "type": "array", "items": { "type": "string" }, "description": "Filter IP ranges by regions (or include all regions, if\nomitted). Valid items are `global` (for `cloudfront`) as well as all AWS regions\n(e.g. `eu-central-1`)\n" }, "services": { "type": "array", "items": { "type": "string" }, "description": "Filter IP ranges by services. Valid items are `amazon`\n(for amazon.com), `amazon_connect`, `api_gateway`, `cloud9`, `cloudfront`,\n`codebuild`, `dynamodb`, `ec2`, `ec2_instance_connect`, `globalaccelerator`,\n`route53`, `route53_healthchecks`, `s3` and `workspaces_gateways`. See the\n[`service` attribute][2] documentation for other possible values.\n" }, "url": { "type": "string", "description": "Custom URL for source JSON file. Syntax must match [AWS IP Address Ranges documention](https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html). Defaults to `https://ip-ranges.amazonaws.com/ip-ranges.json`.\n" } }, "type": "object", "required": [ "services" ] }, "outputs": { "description": "A collection of values returned by getIpRanges.\n", "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The lexically ordered list of CIDR blocks.\n" }, "createDate": { "type": "string", "description": "The publication time of the IP ranges (e.g. `2016-08-03-23-46-05`).\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The lexically ordered list of IPv6 CIDR blocks.\n" }, "regions": { "type": "array", "items": { "type": "string" } }, "services": { "type": "array", "items": { "type": "string" } }, "syncToken": { "type": "integer", "description": "The publication time of the IP ranges, in Unix epoch time format\n(e.g. `1470267965`).\n" }, "url": { "type": "string" } }, "type": "object", "required": [ "cidrBlocks", "createDate", "ipv6CidrBlocks", "services", "syncToken", "id" ] } }, "aws:index/getPartition:getPartition": { "description": "Use this data source to lookup current AWS partition in which this provider is working\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.getPartition({ async: true }));\nconst s3Policy = current.apply(current =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"s3:ListBucket\"],\n resources: [`arn:${current.partition}:s3:::my-bucket`],\n sid: \"1\",\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_partition()\ns3_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"s3:ListBucket\"],\n \"resources\": [f\"arn:{current.partition}:s3:::my-bucket\"],\n \"sid\": \"1\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetPartition.InvokeAsync());\n var s3Policy = current.Apply(current =\u003e Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"s3:ListBucket\",\n },\n Resources = \n {\n $\"arn:{current.Partition}:s3:::my-bucket\",\n },\n Sid = \"1\",\n },\n },\n })));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\tiam.GetPolicyDocumentStatement{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"%v%v%v\", \"arn:\", current.Partition, \":s3:::my-bucket\"),\n\t\t\t\t\t},\n\t\t\t\t\tSid: \"1\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getPartition.\n", "properties": { "dnsSuffix": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "partition": { "type": "string" } }, "type": "object", "required": [ "dnsSuffix", "partition", "id" ] } }, "aws:index/getPrefixList:getPrefixList": { "description": "`aws.getPrefixList` provides details about a specific prefix list (PL)\nin the current region.\n\nThis can be used both to validate a prefix list given in a variable\nand to obtain the CIDR blocks (IP address ranges) for the associated\nAWS service. The latter may be useful e.g. for adding network ACL\nrules.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst privateS3VpcEndpoint = new aws.ec2.VpcEndpoint(\"private_s3\", {\n serviceName: \"com.amazonaws.us-west-2.s3\",\n vpcId: aws_vpc_foo.id,\n});\nconst privateS3PrefixList = privateS3VpcEndpoint.prefixListId.apply(prefixListId =\u003e aws.getPrefixList({\n prefixListId: prefixListId,\n}, { async: true }));\nconst bar = new aws.ec2.NetworkAcl(\"bar\", {\n vpcId: aws_vpc_foo.id,\n});\nconst privateS3NetworkAclRule = new aws.ec2.NetworkAclRule(\"private_s3\", {\n cidrBlock: privateS3PrefixList.apply(privateS3PrefixList =\u003e privateS3PrefixList.cidrBlocks[0]),\n egress: false,\n fromPort: 443,\n networkAclId: bar.id,\n protocol: \"tcp\",\n ruleAction: \"allow\",\n ruleNumber: 200,\n toPort: 443,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprivate_s3_vpc_endpoint = aws.ec2.VpcEndpoint(\"privateS3VpcEndpoint\",\n service_name=\"com.amazonaws.us-west-2.s3\",\n vpc_id=aws_vpc[\"foo\"][\"id\"])\nprivate_s3_prefix_list = private_s3_vpc_endpoint.prefix_list_id.apply(lambda prefix_list_id: aws.get_prefix_list(prefix_list_id=prefix_list_id))\nbar = aws.ec2.NetworkAcl(\"bar\", vpc_id=aws_vpc[\"foo\"][\"id\"])\nprivate_s3_network_acl_rule = aws.ec2.NetworkAclRule(\"privateS3NetworkAclRule\",\n cidr_block=private_s3_prefix_list.cidr_blocks[0],\n egress=False,\n from_port=443,\n network_acl_id=bar.id,\n protocol=\"tcp\",\n rule_action=\"allow\",\n rule_number=200,\n to_port=443)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var privateS3VpcEndpoint = new Aws.Ec2.VpcEndpoint(\"privateS3VpcEndpoint\", new Aws.Ec2.VpcEndpointArgs\n {\n ServiceName = \"com.amazonaws.us-west-2.s3\",\n VpcId = aws_vpc.Foo.Id,\n });\n var privateS3PrefixList = privateS3VpcEndpoint.PrefixListId.Apply(prefixListId =\u003e Aws.GetPrefixList.InvokeAsync(new Aws.GetPrefixListArgs\n {\n PrefixListId = prefixListId,\n }));\n var bar = new Aws.Ec2.NetworkAcl(\"bar\", new Aws.Ec2.NetworkAclArgs\n {\n VpcId = aws_vpc.Foo.Id,\n });\n var privateS3NetworkAclRule = new Aws.Ec2.NetworkAclRule(\"privateS3NetworkAclRule\", new Aws.Ec2.NetworkAclRuleArgs\n {\n CidrBlock = privateS3PrefixList.Apply(privateS3PrefixList =\u003e privateS3PrefixList.CidrBlocks[0]),\n Egress = false,\n FromPort = 443,\n NetworkAclId = bar.Id,\n Protocol = \"tcp\",\n RuleAction = \"allow\",\n RuleNumber = 200,\n ToPort = 443,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprivateS3VpcEndpoint, err := ec2.NewVpcEndpoint(ctx, \"privateS3VpcEndpoint\", \u0026ec2.VpcEndpointArgs{\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.s3\"),\n\t\t\tVpcId: pulumi.String(aws_vpc.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewNetworkAcl(ctx, \"bar\", \u0026ec2.NetworkAclArgs{\n\t\t\tVpcId: pulumi.String(aws_vpc.Foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewNetworkAclRule(ctx, \"privateS3NetworkAclRule\", \u0026ec2.NetworkAclRuleArgs{\n\t\t\tCidrBlock: privateS3PrefixList.ApplyT(func(privateS3PrefixList aws.GetPrefixListResult) (string, error) {\n\t\t\t\treturn privateS3PrefixList.CidrBlocks[0], nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tEgress: pulumi.Bool(false),\n\t\t\tFromPort: pulumi.Int(443),\n\t\t\tNetworkAclId: bar.ID(),\n\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\tRuleAction: pulumi.String(\"allow\"),\n\t\t\tRuleNumber: pulumi.Int(200),\n\t\t\tToPort: pulumi.Int(443),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Filter\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.output(aws.getPrefixList({\n filters: [{\n name: \"prefix-list-id\",\n values: [\"pl-68a54001\"],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.get_prefix_list(filters=[{\n \"name\": \"prefix-list-id\",\n \"values\": [\"pl-68a54001\"],\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.GetPrefixList.InvokeAsync(new Aws.GetPrefixListArgs\n {\n Filters = \n {\n new Aws.Inputs.GetPrefixListFilterArgs\n {\n Name = \"prefix-list-id\",\n Values = \n {\n \"pl-68a54001\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetPrefixList(ctx, \u0026aws.GetPrefixListArgs{\n\t\t\tFilters: []aws.GetPrefixListFilter{\n\t\t\t\taws.GetPrefixListFilter{\n\t\t\t\t\tName: \"prefix-list-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"pl-68a54001\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getPrefixList.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getPrefixListFilter:getPrefixListFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "name": { "type": "string", "description": "The name of the filter field. Valid values can be found in the [EC2 DescribePrefixLists API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrefixLists.html).\n" }, "prefixListId": { "type": "string", "description": "The ID of the prefix list to select.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getPrefixList.\n", "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The list of CIDR blocks for the AWS service associated with the prefix list.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getPrefixListFilter:getPrefixListFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string", "description": "The name of the selected prefix list.\n" }, "prefixListId": { "type": "string" } }, "type": "object", "required": [ "cidrBlocks", "name", "id" ] } }, "aws:index/getRegion:getRegion": { "description": "`aws.getRegion` provides details about a specific AWS region.\n\nAs well as validating a given region name this resource can be used to\ndiscover the name of the region configured within the provider. The latter\ncan be useful in a child module which is inheriting an AWS provider\nconfiguration from its parent module.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example shows how the resource might be used to obtain\nthe name of the AWS region configured on the provider.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.getRegion({ async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetRegion.InvokeAsync());\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRegion.\n", "properties": { "endpoint": { "type": "string", "description": "The EC2 endpoint of the region to select.\n" }, "name": { "type": "string", "description": "The full name of the region to select.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRegion.\n", "properties": { "description": { "type": "string", "description": "The region's description in this format: \"Location (Region name)\".\n" }, "endpoint": { "type": "string", "description": "The EC2 endpoint for the selected region.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string", "description": "The name of the selected region.\n" } }, "type": "object", "required": [ "description", "endpoint", "name", "id" ] } }, "aws:index/getRegions:getRegions": { "description": "Provides information about AWS Regions. Can be used to filter regions i.e. by Opt-In status or only regions enabled for current account. To get details like endpoint and description of each region the data source can be combined with the `aws.getRegion` data source.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nEnabled AWS Regions:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.getRegions({ async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_regions()\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetRegions.InvokeAsync());\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetRegions(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nAll the regions regardless of the availability\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.getRegions({\n allRegions: true,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_regions(all_regions=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetRegions.InvokeAsync(new Aws.GetRegionsArgs\n {\n AllRegions = true,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\t_, err := aws.GetRegions(ctx, \u0026aws.GetRegionsArgs{\n\t\t\tAllRegions: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nTo see regions that are filtered by `\"not-opted-in\"`, the `all_regions` argument needs to be set to `true` or no results will be returned.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = pulumi.output(aws.getRegions({\n allRegions: true,\n filters: [{\n name: \"opt-in-status\",\n values: [\"not-opted-in\"],\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_regions(all_regions=True,\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"not-opted-in\"],\n }])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetRegions.InvokeAsync(new Aws.GetRegionsArgs\n {\n AllRegions = true,\n Filters = \n {\n new Aws.Inputs.GetRegionsFilterArgs\n {\n Name = \"opt-in-status\",\n Values = \n {\n \"not-opted-in\",\n },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\t_, err := aws.GetRegions(ctx, \u0026aws.GetRegionsArgs{\n\t\t\tAllRegions: \u0026opt0,\n\t\t\tFilters: []aws.GetRegionsFilter{\n\t\t\t\taws.GetRegionsFilter{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"not-opted-in\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRegions.\n", "properties": { "allRegions": { "type": "boolean", "description": "If true the source will query all regions regardless of availability.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getRegionsFilter:getRegionsFilter" }, "description": "Configuration block(s) to use as filters. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRegions.\n", "properties": { "allRegions": { "type": "boolean" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:/getRegionsFilter:getRegionsFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "names": { "type": "array", "items": { "type": "string" }, "description": "Names of regions that meets the criteria.\n" } }, "type": "object", "required": [ "names", "id" ] } }, "aws:inspector/getRulesPackages:getRulesPackages": { "description": "The AWS Inspector Rules Packages data source allows access to the list of AWS\nInspector Rules Packages which can be used by AWS Inspector within the region\nconfigured in the provider.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Declare the data source\nconst rules = pulumi.output(aws.inspector.getRulesPackages({ async: true }));\n// e.g. Use in aws_inspector_assessment_template\nconst group = new aws.inspector.ResourceGroup(\"group\", {\n tags: {\n test: \"test\",\n },\n});\nconst assessmentAssessmentTarget = new aws.inspector.AssessmentTarget(\"assessment\", {\n resourceGroupArn: group.arn,\n});\nconst assessmentAssessmentTemplate = new aws.inspector.AssessmentTemplate(\"assessment\", {\n duration: 60,\n rulesPackageArns: rules.arns,\n targetArn: assessmentAssessmentTarget.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nrules = aws.inspector.get_rules_packages()\n# e.g. Use in aws_inspector_assessment_template\ngroup = aws.inspector.ResourceGroup(\"group\", tags={\n \"test\": \"test\",\n})\nassessment_assessment_target = aws.inspector.AssessmentTarget(\"assessmentAssessmentTarget\", resource_group_arn=group.arn)\nassessment_assessment_template = aws.inspector.AssessmentTemplate(\"assessmentAssessmentTemplate\",\n duration=\"60\",\n rules_package_arns=rules.arns,\n target_arn=assessment_assessment_target.arn)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var rules = Output.Create(Aws.Inspector.GetRulesPackages.InvokeAsync());\n // e.g. Use in aws_inspector_assessment_template\n var @group = new Aws.Inspector.ResourceGroup(\"group\", new Aws.Inspector.ResourceGroupArgs\n {\n Tags = \n {\n { \"test\", \"test\" },\n },\n });\n var assessmentAssessmentTarget = new Aws.Inspector.AssessmentTarget(\"assessmentAssessmentTarget\", new Aws.Inspector.AssessmentTargetArgs\n {\n ResourceGroupArn = @group.Arn,\n });\n var assessmentAssessmentTemplate = new Aws.Inspector.AssessmentTemplate(\"assessmentAssessmentTemplate\", new Aws.Inspector.AssessmentTemplateArgs\n {\n Duration = 60,\n RulesPackageArns = rules.Apply(rules =\u003e rules.Arns),\n TargetArn = assessmentAssessmentTarget.Arn,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/inspector\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trules, err := inspector.GetRulesPackages(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroup, err := inspector.NewResourceGroup(ctx, \"group\", \u0026inspector.ResourceGroupArgs{\n\t\t\tTags: pulumi.Map{\n\t\t\t\t\"test\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassessmentAssessmentTarget, err := inspector.NewAssessmentTarget(ctx, \"assessmentAssessmentTarget\", \u0026inspector.AssessmentTargetArgs{\n\t\t\tResourceGroupArn: group.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = inspector.NewAssessmentTemplate(ctx, \"assessmentAssessmentTemplate\", \u0026inspector.AssessmentTemplateArgs{\n\t\t\tDuration: pulumi.Int(60),\n\t\t\tRulesPackageArns: toPulumiStringArray(rules.Arns),\n\t\t\tTargetArn: assessmentAssessmentTarget.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\nfunc toPulumiStringArray(arr []string) pulumi.StringArray {\n\tvar pulumiArr pulumi.StringArray\n\tfor _, v := range arr {\n\t\tpulumiArr = append(pulumiArr, pulumi.String(v))\n\t}\n\treturn pulumiArr\n}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getRulesPackages.\n", "properties": { "arns": { "type": "array", "items": { "type": "string" }, "description": "A list of the AWS Inspector Rules Packages arns available in the AWS region.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" } }, "type": "object", "required": [ "arns", "id" ] } }, "aws:iot/getEndpoint:getEndpoint": { "description": "Returns a unique endpoint specific to the AWS account making the call.\n", "inputs": { "description": "A collection of arguments for invoking getEndpoint.\n", "properties": { "endpointType": { "type": "string", "description": "Endpoint type. Valid values: `iot:CredentialProvider`, `iot:Data`, `iot:Data-ATS`, `iot:Job`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEndpoint.\n", "properties": { "endpointAddress": { "type": "string", "description": "The endpoint based on `endpoint_type`:\n* No `endpoint_type`: Either `iot:Data` or `iot:Data-ATS` [depending on region](https://aws.amazon.com/blogs/iot/aws-iot-core-ats-endpoints/)\n* `iot:CredentialsProvider`: `IDENTIFIER.credentials.iot.REGION.amazonaws.com`\n* `iot:Data`: `IDENTIFIER.iot.REGION.amazonaws.com`\n* `iot:Data-ATS`: `IDENTIFIER-ats.iot.REGION.amazonaws.com`\n* `iot:Job`: `IDENTIFIER.jobs.iot.REGION.amazonaws.com`\n" }, "endpointType": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" } }, "type": "object", "required": [ "endpointAddress", "id" ] } }, "aws:kinesis/getStream:getStream": { "description": "Use this data source to get information about a Kinesis Stream for use in other\nresources.\n\nFor more details, see the [Amazon Kinesis Documentation](https://aws.amazon.com/documentation/kinesis/).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst stream = pulumi.output(aws.kinesis.getStream({\n name: \"stream-name\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nstream = aws.kinesis.get_stream(name=\"stream-name\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var stream = Output.Create(Aws.Kinesis.GetStream.InvokeAsync(new Aws.Kinesis.GetStreamArgs\n {\n Name = \"stream-name\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.LookupStream(ctx, \u0026kinesis.LookupStreamArgs{\n\t\t\tName: \"stream-name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getStream.\n", "properties": { "name": { "type": "string", "description": "The name of the Kinesis Stream.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assigned to the stream.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getStream.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Kinesis Stream (same as id).\n" }, "closedShards": { "type": "array", "items": { "type": "string" }, "description": "The list of shard ids in the CLOSED state. See [Shard State](https://docs.aws.amazon.com/streams/latest/dev/kinesis-using-sdk-java-after-resharding.html#kinesis-using-sdk-java-resharding-data-routing) for more.\n" }, "creationTimestamp": { "type": "integer", "description": "The approximate UNIX timestamp that the stream was created.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string", "description": "The name of the Kinesis Stream.\n" }, "openShards": { "type": "array", "items": { "type": "string" }, "description": "The list of shard ids in the OPEN state. See [Shard State](https://docs.aws.amazon.com/streams/latest/dev/kinesis-using-sdk-java-after-resharding.html#kinesis-using-sdk-java-resharding-data-routing) for more.\n" }, "retentionPeriod": { "type": "integer", "description": "Length of time (in hours) data records are accessible after they are added to the stream.\n" }, "shardLevelMetrics": { "type": "array", "items": { "type": "string" }, "description": "A list of shard-level CloudWatch metrics which are enabled for the stream. See [Monitoring with CloudWatch](https://docs.aws.amazon.com/streams/latest/dev/monitoring-with-cloudwatch.html) for more.\n" }, "status": { "type": "string", "description": "The current status of the stream. The stream status is one of CREATING, DELETING, ACTIVE, or UPDATING.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assigned to the stream.\n" } }, "type": "object", "required": [ "arn", "closedShards", "creationTimestamp", "name", "openShards", "retentionPeriod", "shardLevelMetrics", "status", "tags", "id" ] } }, "aws:kms/getAlias:getAlias": { "description": "Use this data source to get the ARN of a KMS key alias.\nBy using this data source, you can reference key alias\nwithout having to hard code the ARN as input.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = pulumi.output(aws.kms.getAlias({\n name: \"alias/aws/s3\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.kms.get_alias(name=\"alias/aws/s3\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var s3 = Output.Create(Aws.Kms.GetAlias.InvokeAsync(new Aws.Kms.GetAliasArgs\n {\n Name = \"alias/aws/s3\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.LookupAlias(ctx, \u0026kms.LookupAliasArgs{\n\t\t\tName: \"alias/aws/s3\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAlias.\n", "properties": { "name": { "type": "string", "description": "The display name of the alias. The name must start with the word \"alias\" followed by a forward slash (alias/)\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getAlias.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the key alias.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "targetKeyArn": { "type": "string", "description": "ARN pointed to by the alias.\n" }, "targetKeyId": { "type": "string", "description": "Key identifier pointed to by the alias.\n" } }, "type": "object", "required": [ "arn", "name", "targetKeyArn", "targetKeyId", "id" ] } }, "aws:kms/getCipherText:getCipherText": { "description": "The KMS ciphertext data source allows you to encrypt plaintext into ciphertext\nby using an AWS KMS customer master key. The value returned by this data source\nchanges every apply. For a stable ciphertext value, see the `aws.kms.Ciphertext`\nresource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst oauthConfig = new aws.kms.Key(\"oauth_config\", {\n description: \"oauth config\",\n isEnabled: true,\n});\nconst oauth = oauthConfig.keyId.apply(keyId =\u003e aws.kms.getCipherText({\n keyId: keyId,\n plaintext: `{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n`,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\noauth_config = aws.kms.Key(\"oauthConfig\",\n description=\"oauth config\",\n is_enabled=True)\noauth = oauth_config.key_id.apply(lambda key_id: aws.kms.get_cipher_text(key_id=key_id,\n plaintext=\"\"\"{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n\n\"\"\"))\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var oauthConfig = new Aws.Kms.Key(\"oauthConfig\", new Aws.Kms.KeyArgs\n {\n Description = \"oauth config\",\n IsEnabled = true,\n });\n var oauth = oauthConfig.KeyId.Apply(keyId =\u003e Aws.Kms.GetCipherText.InvokeAsync(new Aws.Kms.GetCipherTextArgs\n {\n KeyId = keyId,\n Plaintext = @\"{\n \"\"client_id\"\": \"\"e587dbae22222f55da22\"\",\n \"\"client_secret\"\": \"\"8289575d00000ace55e1815ec13673955721b8a5\"\"\n}\n\n\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\toauthConfig, err := kms.NewKey(ctx, \"oauthConfig\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"oauth config\"),\n\t\t\tIsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCipherText.\n", "properties": { "context": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An optional mapping that makes up the encryption context.\n" }, "keyId": { "type": "string", "description": "Globally unique key ID for the customer master key.\n" }, "plaintext": { "type": "string", "description": "Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.\n" } }, "type": "object", "required": [ "keyId", "plaintext" ] }, "outputs": { "description": "A collection of values returned by getCipherText.\n", "properties": { "ciphertextBlob": { "type": "string", "description": "Base64 encoded ciphertext\n" }, "context": { "type": "object", "additionalProperties": { "type": "string" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "keyId": { "type": "string" }, "plaintext": { "type": "string" } }, "type": "object", "required": [ "ciphertextBlob", "keyId", "plaintext", "id" ] } }, "aws:kms/getKey:getKey": { "description": "Use this data source to get detailed information about\nthe specified KMS Key with flexible key id input.\nThis can be useful to reference key alias\nwithout having to hard code the ARN as input.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = pulumi.output(aws.kms.getKey({\n keyId: \"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.kms.get_key(key_id=\"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = Output.Create(Aws.Kms.GetKey.InvokeAsync(new Aws.Kms.GetKeyArgs\n {\n KeyId = \"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.LookupKey(ctx, \u0026kms.LookupKeyArgs{\n\t\t\tKeyId: \"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getKey.\n", "properties": { "grantTokens": { "type": "array", "items": { "type": "string" }, "description": "List of grant tokens\n" }, "keyId": { "type": "string", "description": "Key identifier which can be one of the following format:\n* Key ID. E.g: `1234abcd-12ab-34cd-56ef-1234567890ab`\n* Key ARN. E.g.: `arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n* Alias name. E.g.: `alias/my-key`\n* Alias ARN: E.g.: `arn:aws:kms:us-east-1:111122223333:alias/my-key`\n" } }, "type": "object", "required": [ "keyId" ] }, "outputs": { "description": "A collection of values returned by getKey.\n", "properties": { "arn": { "type": "string" }, "awsAccountId": { "type": "string" }, "creationDate": { "type": "string" }, "customerMasterKeySpec": { "type": "string" }, "deletionDate": { "type": "string" }, "description": { "type": "string" }, "enabled": { "type": "boolean" }, "expirationModel": { "type": "string" }, "grantTokens": { "type": "array", "items": { "type": "string" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "keyId": { "type": "string" }, "keyManager": { "type": "string" }, "keyState": { "type": "string" }, "keyUsage": { "type": "string" }, "origin": { "type": "string" }, "validTo": { "type": "string" } }, "type": "object", "required": [ "arn", "awsAccountId", "creationDate", "customerMasterKeySpec", "deletionDate", "description", "enabled", "expirationModel", "keyId", "keyManager", "keyState", "keyUsage", "origin", "validTo", "id" ] } }, "aws:kms/getSecret:getSecret": { "inputs": { "description": "A collection of arguments for invoking getSecret.\n", "properties": { "secrets": { "type": "array", "items": { "$ref": "#/types/aws:kms/getSecretSecret:getSecretSecret" } } }, "type": "object", "required": [ "secrets" ] }, "outputs": { "description": "A collection of values returned by getSecret.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "secrets": { "type": "array", "items": { "$ref": "#/types/aws:kms/getSecretSecret:getSecretSecret" } } }, "type": "object", "required": [ "secrets", "id" ] } }, "aws:kms/getSecrets:getSecrets": { "description": "Decrypt multiple secrets from data encrypted with the AWS KMS service.\n", "inputs": { "description": "A collection of arguments for invoking getSecrets.\n", "properties": { "secrets": { "type": "array", "items": { "$ref": "#/types/aws:kms/getSecretsSecret:getSecretsSecret" }, "description": "One or more encrypted payload definitions from the KMS service. See the Secret Definitions below.\n" } }, "type": "object", "required": [ "secrets" ] }, "outputs": { "description": "A collection of values returned by getSecrets.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "plaintext": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map containing each `secret` `name` as the key with its decrypted plaintext value\n" }, "secrets": { "type": "array", "items": { "$ref": "#/types/aws:kms/getSecretsSecret:getSecretsSecret" } } }, "type": "object", "required": [ "plaintext", "secrets", "id" ] } }, "aws:lambda/getAlias:getAlias": { "description": "Provides information about a Lambda Alias.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst production = pulumi.output(aws.lambda.getAlias({\n functionName: \"my-lambda-func\",\n name: \"production\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction = aws.lambda.get_alias(function_name=\"my-lambda-func\",\n name=\"production\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var production = Output.Create(Aws.Lambda.GetAlias.InvokeAsync(new Aws.Lambda.GetAliasArgs\n {\n FunctionName = \"my-lambda-func\",\n Name = \"production\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.LookupAlias(ctx, \u0026lambda.LookupAliasArgs{\n\t\t\tFunctionName: \"my-lambda-func\",\n\t\t\tName: \"production\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAlias.\n", "properties": { "functionName": { "type": "string", "description": "Name of the aliased Lambda function.\n" }, "name": { "type": "string", "description": "Name of the Lambda alias.\n" } }, "type": "object", "required": [ "functionName", "name" ] }, "outputs": { "description": "A collection of values returned by getAlias.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying the Lambda function alias.\n" }, "description": { "type": "string", "description": "Description of alias.\n" }, "functionName": { "type": "string" }, "functionVersion": { "type": "string", "description": "Lambda function version which the alias uses.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "invokeArn": { "type": "string", "description": "The ARN to be used for invoking Lambda Function from API Gateway - to be used in aws_api_gateway_integration's `uri`.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "arn", "description", "functionName", "functionVersion", "invokeArn", "name", "id" ] } }, "aws:lambda/getFunction:getFunction": { "description": "Provides information about a Lambda Function.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst functionName = config.require(\"functionName\");\n\nconst existing = pulumi.output(aws.lambda.getFunction({\n functionName: functionName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nfunction_name = config.require_object(\"functionName\")\nexisting = aws.lambda.get_function(function_name=function_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var functionName = config.RequireObject\u003cdynamic\u003e(\"functionName\");\n var existing = Output.Create(Aws.Lambda.GetFunction.InvokeAsync(new Aws.Lambda.GetFunctionArgs\n {\n FunctionName = functionName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.LookupFunction(ctx, \u0026lambda.LookupFunctionArgs{\n\t\t\tFunctionName: functionName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getFunction.\n", "properties": { "functionName": { "type": "string", "description": "Name of the lambda function.\n" }, "qualifier": { "type": "string", "description": "Alias name or version number of the lambda function. e.g. `$LATEST`, `my-alias`, or `1`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "functionName" ] }, "outputs": { "description": "A collection of values returned by getFunction.\n", "properties": { "arn": { "type": "string", "description": "Unqualified (no `:QUALIFIER` or `:VERSION` suffix) Amazon Resource Name (ARN) identifying your Lambda Function. See also `qualified_arn`.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:lambda/getFunctionDeadLetterConfig:getFunctionDeadLetterConfig", "description": "Configure the function's *dead letter queue*.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Function does.\n" }, "environment": { "$ref": "#/types/aws:lambda/getFunctionEnvironment:getFunctionEnvironment", "description": "The Lambda environment's configuration settings.\n" }, "fileSystemConfigs": { "type": "array", "items": { "$ref": "#/types/aws:lambda/getFunctionFileSystemConfig:getFunctionFileSystemConfig" }, "description": "The connection settings for an Amazon EFS file system.\n" }, "functionName": { "type": "string" }, "handler": { "type": "string", "description": "The function entrypoint in your code.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "invokeArn": { "type": "string", "description": "The ARN to be used for invoking Lambda Function from API Gateway.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "lastModified": { "type": "string", "description": "The date this resource was last modified.\n" }, "layers": { "type": "array", "items": { "type": "string" }, "description": "A list of Lambda Layer ARNs attached to your Lambda Function.\n" }, "memorySize": { "type": "integer", "description": "Amount of memory in MB your Lambda Function can use at runtime.\n" }, "qualifiedArn": { "type": "string", "description": "Qualified (`:QUALIFIER` or `:VERSION` suffix) Amazon Resource Name (ARN) identifying your Lambda Function. See also `arn`.\n" }, "qualifier": { "type": "string" }, "reservedConcurrentExecutions": { "type": "integer", "description": "The amount of reserved concurrent executions for this lambda function or `-1` if unreserved.\n" }, "role": { "type": "string", "description": "IAM role attached to the Lambda Function.\n" }, "runtime": { "type": "string", "description": "The runtime environment for the Lambda function..\n" }, "sourceCodeHash": { "type": "string", "description": "Base64-encoded representation of raw SHA-256 sum of the zip file.\n" }, "sourceCodeSize": { "type": "integer", "description": "The size in bytes of the function .zip file.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "timeout": { "type": "integer", "description": "The function execution time at which Lambda should terminate the function.\n" }, "tracingConfig": { "$ref": "#/types/aws:lambda/getFunctionTracingConfig:getFunctionTracingConfig", "description": "Tracing settings of the function.\n" }, "version": { "type": "string", "description": "The version of the Lambda function.\n" }, "vpcConfig": { "$ref": "#/types/aws:lambda/getFunctionVpcConfig:getFunctionVpcConfig", "description": "VPC configuration associated with your Lambda function.\n" } }, "type": "object", "required": [ "arn", "deadLetterConfig", "description", "environment", "fileSystemConfigs", "functionName", "handler", "invokeArn", "kmsKeyArn", "lastModified", "layers", "memorySize", "qualifiedArn", "reservedConcurrentExecutions", "role", "runtime", "sourceCodeHash", "sourceCodeSize", "tags", "timeout", "tracingConfig", "version", "vpcConfig", "id" ] } }, "aws:lambda/getInvocation:getInvocation": { "description": "Use this data source to invoke custom lambda functions as data source.\nThe lambda function is invoked with [RequestResponse](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax)\ninvocation type.\n", "inputs": { "description": "A collection of arguments for invoking getInvocation.\n", "properties": { "functionName": { "type": "string", "description": "The name of the lambda function.\n" }, "input": { "type": "string", "description": "A string in JSON format that is passed as payload to the lambda function.\n" }, "qualifier": { "type": "string", "description": "The qualifier (a.k.a version) of the lambda function. Defaults\nto `$LATEST`.\n" } }, "type": "object", "required": [ "functionName", "input" ] }, "outputs": { "description": "A collection of values returned by getInvocation.\n", "properties": { "functionName": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "input": { "type": "string" }, "qualifier": { "type": "string" }, "result": { "type": "string", "description": "String result of the lambda function invocation.\n" }, "resultMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "(**DEPRECATED**) This field is set only if result is a map of primitive types, where the map is string keys and string values.\n", "deprecationMessage": "use `result` attribute with jsondecode() function" } }, "type": "object", "required": [ "functionName", "input", "result", "resultMap", "id" ] } }, "aws:lambda/getLayerVersion:getLayerVersion": { "description": "Provides information about a Lambda Layer Version.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst layerName = config.require(\"layerName\");\n\nconst existing = pulumi.output(aws.lambda.getLayerVersion({\n layerName: layerName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlayer_name = config.require_object(\"layerName\")\nexisting = aws.lambda.get_layer_version(layer_name=layer_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var layerName = config.RequireObject\u003cdynamic\u003e(\"layerName\");\n var existing = Output.Create(Aws.Lambda.GetLayerVersion.InvokeAsync(new Aws.Lambda.GetLayerVersionArgs\n {\n LayerName = layerName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.LookupLayerVersion(ctx, \u0026lambda.LookupLayerVersionArgs{\n\t\t\tLayerName: layerName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLayerVersion.\n", "properties": { "compatibleRuntime": { "type": "string", "description": "Specific runtime the layer version must support. Conflicts with `version`. If specified, the latest available layer version supporting the provided runtime will be used.\n" }, "layerName": { "type": "string", "description": "Name of the lambda layer.\n" }, "version": { "type": "integer", "description": "Specific layer version. Conflicts with `compatible_runtime`. If omitted, the latest available layer version will be used.\n" } }, "type": "object", "required": [ "layerName" ] }, "outputs": { "description": "A collection of values returned by getLayerVersion.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lambda Layer with version.\n" }, "compatibleRuntime": { "type": "string" }, "compatibleRuntimes": { "type": "array", "items": { "type": "string" }, "description": "A list of [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersion.html#SSS-GetLayerVersion-response-CompatibleRuntimes) the specific Lambda Layer version is compatible with.\n" }, "createdDate": { "type": "string", "description": "The date this resource was created.\n" }, "description": { "type": "string", "description": "Description of the specific Lambda Layer version.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "layerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lambda Layer without version.\n" }, "layerName": { "type": "string" }, "licenseInfo": { "type": "string", "description": "License info associated with the specific Lambda Layer version.\n" }, "sourceCodeHash": { "type": "string", "description": "Base64-encoded representation of raw SHA-256 sum of the zip file.\n" }, "sourceCodeSize": { "type": "integer", "description": "The size in bytes of the function .zip file.\n" }, "version": { "type": "integer", "description": "This Lamba Layer version.\n" } }, "type": "object", "required": [ "arn", "compatibleRuntimes", "createdDate", "description", "layerArn", "layerName", "licenseInfo", "sourceCodeHash", "sourceCodeSize", "version", "id" ] } }, "aws:lb/getListener:getListener": { "description": "\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\nProvides information about a Load Balancer Listener.\n\nThis data source can prove useful when a module accepts an LB Listener as an\ninput variable and needs to know the LB it is attached to, or other\ninformation specific to the listener in question.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst listenerArn = config.require(\"listenerArn\");\n\nconst listener = pulumi.output(aws.lb.getListener({\n arn: listenerArn,\n}, { async: true }));\nconst selected = pulumi.output(aws.lb.getLoadBalancer({\n name: \"default-public\",\n}, { async: true }));\nconst selected443 = selected.apply(selected =\u003e aws.lb.getListener({\n loadBalancerArn: selected.arn!,\n port: 443,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlistener_arn = config.require_object(\"listenerArn\")\nlistener = aws.lb.get_listener(arn=listener_arn)\nselected = aws.lb.get_load_balancer(name=\"default-public\")\nselected443 = aws.lb.get_listener(load_balancer_arn=selected.arn,\n port=443)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var listenerArn = config.RequireObject\u003cdynamic\u003e(\"listenerArn\");\n var listener = Output.Create(Aws.LB.GetListener.InvokeAsync(new Aws.LB.GetListenerArgs\n {\n Arn = listenerArn,\n }));\n var selected = Output.Create(Aws.LB.GetLoadBalancer.InvokeAsync(new Aws.LB.GetLoadBalancerArgs\n {\n Name = \"default-public\",\n }));\n var selected443 = selected.Apply(selected =\u003e Output.Create(Aws.LB.GetListener.InvokeAsync(new Aws.LB.GetListenerArgs\n {\n LoadBalancerArn = selected.Arn,\n Port = 443,\n })));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := listenerArn\n\t\t_, err := lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tArn: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt1 := \"default-public\"\n\t\tselected, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt2 := selected.Arn\n\t\topt3 := 443\n\t\t_, err := lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tLoadBalancerArn: \u0026opt2,\n\t\t\tPort: \u0026opt3,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getListener.\n", "properties": { "arn": { "type": "string", "description": "The arn of the listener. Required if `load_balancer_arn` and `port` is not set.\n" }, "loadBalancerArn": { "type": "string", "description": "The arn of the load balancer. Required if `arn` is not set.\n" }, "port": { "type": "integer", "description": "The port of the listener. Required if `arn` is not set.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getListener.\n", "properties": { "arn": { "type": "string" }, "certificateArn": { "type": "string" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultAction:getListenerDefaultAction" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "loadBalancerArn": { "type": "string" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "sslPolicy": { "type": "string" } }, "type": "object", "required": [ "arn", "certificateArn", "defaultActions", "loadBalancerArn", "port", "protocol", "sslPolicy", "id" ] } }, "aws:lb/getLoadBalancer:getLoadBalancer": { "description": "\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\nProvides information about a Load Balancer.\n\nThis data source can prove useful when a module accepts an LB as an input\nvariable and needs to, for example, determine the security groups associated\nwith it, etc.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbArn = config.get(\"lbArn\") || \"\";\nconst lbName = config.get(\"lbName\") || \"\";\n\nconst test = pulumi.output(aws.lb.getLoadBalancer({\n arn: lbArn,\n name: lbName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_arn = config.get(\"lbArn\")\nif lb_arn is None:\n lb_arn = \"\"\nlb_name = config.get(\"lbName\")\nif lb_name is None:\n lb_name = \"\"\ntest = aws.lb.get_load_balancer(arn=lb_arn,\n name=lb_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var lbArn = config.Get(\"lbArn\") ?? \"\";\n var lbName = config.Get(\"lbName\") ?? \"\";\n var test = Output.Create(Aws.LB.GetLoadBalancer.InvokeAsync(new Aws.LB.GetLoadBalancerArgs\n {\n Arn = lbArn,\n Name = lbName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := lbArn\n\t\topt1 := lbName\n\t\t_, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tArn: \u0026opt0,\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLoadBalancer.\n", "properties": { "arn": { "type": "string", "description": "The full ARN of the load balancer.\n" }, "name": { "type": "string", "description": "The unique name of the load balancer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLoadBalancer.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:lb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs" }, "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "dnsName": { "type": "string" }, "dropInvalidHeaderFields": { "type": "boolean" }, "enableDeletionProtection": { "type": "boolean" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "idleTimeout": { "type": "integer" }, "internal": { "type": "boolean" }, "ipAddressType": { "type": "string" }, "loadBalancerType": { "type": "string" }, "name": { "type": "string" }, "securityGroups": { "type": "array", "items": { "type": "string" } }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:lb/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping" } }, "subnets": { "type": "array", "items": { "type": "string" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" }, "zoneId": { "type": "string" } }, "type": "object", "required": [ "accessLogs", "arn", "arnSuffix", "dnsName", "dropInvalidHeaderFields", "enableDeletionProtection", "idleTimeout", "internal", "ipAddressType", "loadBalancerType", "name", "securityGroups", "subnetMappings", "subnets", "tags", "vpcId", "zoneId", "id" ] } }, "aws:lb/getTargetGroup:getTargetGroup": { "description": "\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\nProvides information about a Load Balancer Target Group.\n\nThis data source can prove useful when a module accepts an LB Target Group as an\ninput variable and needs to know its attributes. It can also be used to get the ARN of\nan LB Target Group for use in other resources, given LB Target Group name.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbTgArn = config.get(\"lbTgArn\") || \"\";\nconst lbTgName = config.get(\"lbTgName\") || \"\";\n\nconst test = pulumi.output(aws.lb.getTargetGroup({\n arn: lbTgArn,\n name: lbTgName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_tg_arn = config.get(\"lbTgArn\")\nif lb_tg_arn is None:\n lb_tg_arn = \"\"\nlb_tg_name = config.get(\"lbTgName\")\nif lb_tg_name is None:\n lb_tg_name = \"\"\ntest = aws.lb.get_target_group(arn=lb_tg_arn,\n name=lb_tg_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var lbTgArn = config.Get(\"lbTgArn\") ?? \"\";\n var lbTgName = config.Get(\"lbTgName\") ?? \"\";\n var test = Output.Create(Aws.LB.GetTargetGroup.InvokeAsync(new Aws.LB.GetTargetGroupArgs\n {\n Arn = lbTgArn,\n Name = lbTgName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := lbTgArn\n\t\topt1 := lbTgName\n\t\t_, err := lb.LookupTargetGroup(ctx, \u0026lb.LookupTargetGroupArgs{\n\t\t\tArn: \u0026opt0,\n\t\t\tName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getTargetGroup.\n", "properties": { "arn": { "type": "string", "description": "The full ARN of the target group.\n" }, "name": { "type": "string", "description": "The unique name of the target group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTargetGroup.\n", "properties": { "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "deregistrationDelay": { "type": "integer" }, "healthCheck": { "$ref": "#/types/aws:lb/getTargetGroupHealthCheck:getTargetGroupHealthCheck" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean" }, "loadBalancingAlgorithmType": { "type": "string" }, "name": { "type": "string" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "proxyProtocolV2": { "type": "boolean" }, "slowStart": { "type": "integer" }, "stickiness": { "$ref": "#/types/aws:lb/getTargetGroupStickiness:getTargetGroupStickiness" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "targetType": { "type": "string" }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "arn", "arnSuffix", "deregistrationDelay", "healthCheck", "lambdaMultiValueHeadersEnabled", "loadBalancingAlgorithmType", "name", "port", "protocol", "proxyProtocolV2", "slowStart", "stickiness", "tags", "targetType", "vpcId", "id" ] } }, "aws:mq/getBroker:getBroker": { "description": "Provides information about a MQ Broker.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst brokerId = config.get(\"brokerId\") || \"\";\nconst brokerName = config.get(\"brokerName\") || \"\";\n\nconst byId = pulumi.output(aws.mq.getBroker({\n brokerId: brokerId,\n}, { async: true }));\nconst byName = pulumi.output(aws.mq.getBroker({\n brokerName: brokerName,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nbroker_id = config.get(\"brokerId\")\nif broker_id is None:\n broker_id = \"\"\nbroker_name = config.get(\"brokerName\")\nif broker_name is None:\n broker_name = \"\"\nby_id = aws.mq.get_broker(broker_id=broker_id)\nby_name = aws.mq.get_broker(broker_name=broker_name)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var config = new Config();\n var brokerId = config.Get(\"brokerId\") ?? \"\";\n var brokerName = config.Get(\"brokerName\") ?? \"\";\n var byId = Output.Create(Aws.Mq.GetBroker.InvokeAsync(new Aws.Mq.GetBrokerArgs\n {\n BrokerId = brokerId,\n }));\n var byName = Output.Create(Aws.Mq.GetBroker.InvokeAsync(new Aws.Mq.GetBrokerArgs\n {\n BrokerName = brokerName,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := brokerId\n\t\t_, err := mq.LookupBroker(ctx, \u0026mq.LookupBrokerArgs{\n\t\t\tBrokerId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt1 := brokerName\n\t\t_, err := mq.LookupBroker(ctx, \u0026mq.LookupBrokerArgs{\n\t\t\tBrokerName: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getBroker.\n", "properties": { "brokerId": { "type": "string", "description": "The unique id of the mq broker.\n" }, "brokerName": { "type": "string", "description": "The unique name of the mq broker.\n" }, "logs": { "$ref": "#/types/aws:mq/getBrokerLogs:getBrokerLogs" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getBroker.\n", "properties": { "arn": { "type": "string" }, "autoMinorVersionUpgrade": { "type": "boolean" }, "brokerId": { "type": "string" }, "brokerName": { "type": "string" }, "configuration": { "$ref": "#/types/aws:mq/getBrokerConfiguration:getBrokerConfiguration" }, "deploymentMode": { "type": "string" }, "encryptionOptions": { "type": "array", "items": { "$ref": "#/types/aws:mq/getBrokerEncryptionOption:getBrokerEncryptionOption" } }, "engineType": { "type": "string" }, "engineVersion": { "type": "string" }, "hostInstanceType": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "instances": { "type": "array", "items": { "$ref": "#/types/aws:mq/getBrokerInstance:getBrokerInstance" } }, "logs": { "$ref": "#/types/aws:mq/getBrokerLogs:getBrokerLogs" }, "maintenanceWindowStartTime": { "$ref": "#/types/aws:mq/getBrokerMaintenanceWindowStartTime:getBrokerMaintenanceWindowStartTime" }, "publiclyAccessible": { "type": "boolean" }, "securityGroups": { "type": "array", "items": { "type": "string" } }, "subnetIds": { "type": "array", "items": { "type": "string" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "users": { "type": "array", "items": { "$ref": "#/types/aws:mq/getBrokerUser:getBrokerUser" } } }, "type": "object", "required": [ "arn", "autoMinorVersionUpgrade", "brokerId", "brokerName", "configuration", "deploymentMode", "encryptionOptions", "engineType", "engineVersion", "hostInstanceType", "instances", "maintenanceWindowStartTime", "publiclyAccessible", "securityGroups", "subnetIds", "tags", "users", "id" ] } }, "aws:msk/getCluster:getCluster": { "description": "Get information on an Amazon MSK Cluster.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.msk.getCluster({\n clusterName: \"example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.get_cluster(cluster_name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Msk.GetCluster.InvokeAsync(new Aws.Msk.GetClusterArgs\n {\n ClusterName = \"example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := msk.LookupCluster(ctx, \u0026msk.LookupClusterArgs{\n\t\t\tClusterName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterName": { "type": "string", "description": "Name of the cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the cluster.\n" } }, "type": "object", "required": [ "clusterName" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the MSK cluster.\n" }, "bootstrapBrokers": { "type": "string", "description": "A comma separated list of one or more hostname:port pairs of Kafka brokers suitable to boostrap connectivity to the Kafka cluster.\n" }, "bootstrapBrokersTls": { "type": "string", "description": "A comma separated list of one or more DNS names (or IPs) and TLS port pairs kafka brokers suitable to boostrap connectivity to the kafka cluster.\n" }, "clusterName": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "kafkaVersion": { "type": "string", "description": "Apache Kafka version.\n" }, "numberOfBrokerNodes": { "type": "integer", "description": "Number of broker nodes in the cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the cluster.\n" }, "zookeeperConnectString": { "type": "string", "description": "A comma separated list of one or more hostname:port pairs to use to connect to the Apache Zookeeper cluster.\n" } }, "type": "object", "required": [ "arn", "bootstrapBrokers", "bootstrapBrokersTls", "clusterName", "kafkaVersion", "numberOfBrokerNodes", "tags", "zookeeperConnectString", "id" ] } }, "aws:msk/getConfiguration:getConfiguration": { "description": "Get information on an Amazon MSK Configuration.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.msk.getConfiguration({\n name: \"example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.get_configuration(name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Msk.GetConfiguration.InvokeAsync(new Aws.Msk.GetConfigurationArgs\n {\n Name = \"example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := msk.LookupConfiguration(ctx, \u0026msk.LookupConfigurationArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getConfiguration.\n", "properties": { "name": { "type": "string", "description": "Name of the configuration.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getConfiguration.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the configuration.\n" }, "description": { "type": "string", "description": "Description of the configuration.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "kafkaVersions": { "type": "array", "items": { "type": "string" }, "description": "List of Apache Kafka versions which can use this configuration.\n" }, "latestRevision": { "type": "integer", "description": "Latest revision of the configuration.\n" }, "name": { "type": "string" }, "serverProperties": { "type": "string", "description": "Contents of the server.properties file.\n" } }, "type": "object", "required": [ "arn", "description", "kafkaVersions", "latestRevision", "name", "serverProperties", "id" ] } }, "aws:organizations/getOrganization:getOrganization": { "description": "Get information about the organization that the user's account belongs to\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### List all account IDs for the organization\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.organizations.getOrganization({});\nexport const accountIds = example.then(example =\u003e example.accounts.map(__item =\u003e __item.id));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.get_organization()\npulumi.export(\"accountIds\", [__item[\"id\"] for __item in example.accounts])\n```\n```csharp\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Organizations.GetOrganization.InvokeAsync());\n this.AccountIds = example.Apply(example =\u003e example.Accounts.Select(__item =\u003e __item.Id).ToList());\n }\n\n [Output(\"accountIds\")]\n public Output\u003cstring\u003e AccountIds { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.LookupOrganization(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar splat0 []string\n\t\tfor _, val0 := range example.Accounts {\n\t\t\tsplat0 = append(splat0, val0.Id)\n\t\t}\n\t\tctx.Export(\"accountIds\", splat0)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### SNS topic that can be interacted by the organization only\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.organizations.getOrganization({ async: true }));\nconst snsTopic = new aws.sns.Topic(\"sns_topic\", {});\nconst snsTopicPolicyPolicyDocument = pulumi.all([example, snsTopic.arn]).apply(([example, arn]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"SNS:Subscribe\",\n \"SNS:Publish\",\n ],\n conditions: [{\n test: \"StringEquals\",\n values: [example.id],\n variable: \"aws:PrincipalOrgID\",\n }],\n effect: \"Allow\",\n principals: [{\n identifiers: [\"*\"],\n type: \"AWS\",\n }],\n resources: [arn],\n }],\n}, { async: true }));\nconst snsTopicPolicyTopicPolicy = new aws.sns.TopicPolicy(\"sns_topic_policy\", {\n arn: snsTopic.arn,\n policy: snsTopicPolicyPolicyDocument.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.get_organization()\nsns_topic = aws.sns.Topic(\"snsTopic\")\nsns_topic_policy_policy_document = sns_topic.arn.apply(lambda arn: aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"SNS:Subscribe\",\n \"SNS:Publish\",\n ],\n \"condition\": [{\n \"test\": \"StringEquals\",\n \"values\": [example.id],\n \"variable\": \"aws:PrincipalOrgID\",\n }],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"identifiers\": [\"*\"],\n \"type\": \"AWS\",\n }],\n \"resources\": [arn],\n}]))\nsns_topic_policy_topic_policy = aws.sns.TopicPolicy(\"snsTopicPolicyTopicPolicy\",\n arn=sns_topic.arn,\n policy=sns_topic_policy_policy_document.json)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Organizations.GetOrganization.InvokeAsync());\n var snsTopic = new Aws.Sns.Topic(\"snsTopic\", new Aws.Sns.TopicArgs\n {\n });\n var snsTopicPolicyPolicyDocument = Output.Tuple(example, snsTopic.Arn).Apply(values =\u003e\n {\n var example = values.Item1;\n var arn = values.Item2;\n return Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs\n {\n Statements = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs\n {\n Actions = \n {\n \"SNS:Subscribe\",\n \"SNS:Publish\",\n },\n Condition = \n {\n \n {\n { \"test\", \"StringEquals\" },\n { \"values\", \n {\n example.Id,\n } },\n { \"variable\", \"aws:PrincipalOrgID\" },\n },\n },\n Effect = \"Allow\",\n Principals = \n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs\n {\n Identifiers = \n {\n \"*\",\n },\n Type = \"AWS\",\n },\n },\n Resources = \n {\n arn,\n },\n },\n },\n });\n });\n var snsTopicPolicyTopicPolicy = new Aws.Sns.TopicPolicy(\"snsTopicPolicyTopicPolicy\", new Aws.Sns.TopicPolicyArgs\n {\n Arn = snsTopic.Arn,\n Policy = snsTopicPolicyPolicyDocument.Apply(snsTopicPolicyPolicyDocument =\u003e snsTopicPolicyPolicyDocument.Json),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.LookupOrganization(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsnsTopic, err := sns.NewTopic(ctx, \"snsTopic\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sns.NewTopicPolicy(ctx, \"snsTopicPolicyTopicPolicy\", \u0026sns.TopicPolicyArgs{\n\t\t\tArn: snsTopic.Arn,\n\t\t\tPolicy: pulumi.String(snsTopicPolicyPolicyDocument.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getOrganization.\n", "properties": { "accounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/getOrganizationAccount:getOrganizationAccount" }, "description": "List of organization accounts including the master account. For a list excluding the master account, see the `non_master_accounts` attribute. All elements have these attributes:\n" }, "arn": { "type": "string", "description": "ARN of the root\n" }, "awsServiceAccessPrincipals": { "type": "array", "items": { "type": "string" }, "description": "A list of AWS service principal names that have integration enabled with your organization. Organization must have `feature_set` set to `ALL`. For additional information, see the [AWS Organizations User Guide](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html).\n" }, "enabledPolicyTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of Organizations policy types that are enabled in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g. `SERVICE_CONTROL_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n" }, "featureSet": { "type": "string", "description": "The FeatureSet of the organization.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "masterAccountArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account that is designated as the master account for the organization.\n" }, "masterAccountEmail": { "type": "string", "description": "The email address that is associated with the AWS account that is designated as the master account for the organization.\n" }, "masterAccountId": { "type": "string", "description": "The unique identifier (ID) of the master account of an organization.\n" }, "nonMasterAccounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/getOrganizationNonMasterAccount:getOrganizationNonMasterAccount" }, "description": "List of organization accounts excluding the master account. For a list including the master account, see the `accounts` attribute. All elements have these attributes:\n" }, "roots": { "type": "array", "items": { "$ref": "#/types/aws:organizations/getOrganizationRoot:getOrganizationRoot" }, "description": "List of organization roots. All elements have these attributes:\n" } }, "type": "object", "required": [ "accounts", "arn", "awsServiceAccessPrincipals", "enabledPolicyTypes", "featureSet", "masterAccountArn", "masterAccountEmail", "masterAccountId", "nonMasterAccounts", "roots", "id" ] } }, "aws:organizations/getOrganizationalUnits:getOrganizationalUnits": { "description": "Get all direct child organizational units under a parent organizational unit. This only provides immediate children, not all children.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst org = aws.organizations.getOrganization({});\nconst ou = org.then(org =\u003e aws.organizations.getOrganizationalUnits({\n parentId: org.roots[0].id,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norg = aws.organizations.get_organization()\nou = aws.organizations.get_organizational_units(parent_id=org.roots[0][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var org = Output.Create(Aws.Organizations.GetOrganization.InvokeAsync());\n var ou = org.Apply(org =\u003e Output.Create(Aws.Organizations.GetOrganizationalUnits.InvokeAsync(new Aws.Organizations.GetOrganizationalUnitsArgs\n {\n ParentId = org.Roots[0].Id,\n })));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\torg, err := organizations.LookupOrganization(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err := organizations.GetOrganizationalUnits(ctx, \u0026organizations.GetOrganizationalUnitsArgs{\n\t\t\tParentId: org.Roots[0].Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getOrganizationalUnits.\n", "properties": { "parentId": { "type": "string", "description": "The parent ID of the organizational unit.\n" } }, "type": "object", "required": [ "parentId" ] }, "outputs": { "description": "A collection of values returned by getOrganizationalUnits.\n", "properties": { "childrens": { "type": "array", "items": { "$ref": "#/types/aws:organizations/getOrganizationalUnitsChildren:getOrganizationalUnitsChildren" }, "description": "List of child organizational units, which have the following attributes:\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "parentId": { "type": "string" } }, "type": "object", "required": [ "childrens", "parentId", "id" ] } }, "aws:outposts/getOutpost:getOutpost": { "description": "Provides details about an Outposts Outpost.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.outposts.getOutpost({\n name: \"example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_outpost(name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Outposts.GetOutpost.InvokeAsync(new Aws.Outposts.GetOutpostArgs\n {\n Name = \"example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"example\"\n\t\t_, err := outposts.GetOutpost(ctx, \u0026outposts.GetOutpostArgs{\n\t\t\tName: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getOutpost.\n", "properties": { "id": { "type": "string", "description": "Identifier of the Outpost.\n" }, "name": { "type": "string", "description": "Name of the Outpost.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOutpost.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN).\n" }, "availabilityZone": { "type": "string", "description": "Availability Zone name.\n" }, "availabilityZoneId": { "type": "string", "description": "Availability Zone identifier.\n" }, "description": { "type": "string", "description": "Description.\n" }, "id": { "type": "string" }, "name": { "type": "string" }, "ownerId": { "type": "string", "description": "AWS Account identifier of the Outpost owner.\n" }, "siteId": { "type": "string", "description": "Site identifier.\n" } }, "type": "object", "required": [ "arn", "availabilityZone", "availabilityZoneId", "description", "id", "name", "ownerId", "siteId" ] } }, "aws:outposts/getOutpostInstanceType:getOutpostInstanceType": { "description": "Information about single Outpost Instance Type.\n", "inputs": { "description": "A collection of arguments for invoking getOutpostInstanceType.\n", "properties": { "arn": { "type": "string", "description": "Outpost Amazon Resource Name (ARN).\n" }, "instanceType": { "type": "string", "description": "Desired instance type. Conflicts with `preferred_instance_types`.\n" }, "preferredInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred instance types. The first match in this list will be returned. If no preferred matches are found and the original search returned more than one result, an error is returned. Conflicts with `instance_type`.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getOutpostInstanceType.\n", "properties": { "arn": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "instanceType": { "type": "string" }, "preferredInstanceTypes": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "arn", "instanceType", "id" ] } }, "aws:outposts/getOutpostInstanceTypes:getOutpostInstanceTypes": { "description": "Information about Outposts Instance Types.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getOutpostInstanceTypes({\n arn: data.aws_outposts_outpost.example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_outpost_instance_types(arn=data[\"aws_outposts_outpost\"][\"example\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Outposts.GetOutpostInstanceTypes.InvokeAsync(new Aws.Outposts.GetOutpostInstanceTypesArgs\n {\n Arn = data.Aws_outposts_outpost.Example.Arn,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := outposts.GetOutpostInstanceTypes(ctx, \u0026outposts.GetOutpostInstanceTypesArgs{\n\t\t\tArn: data.Aws_outposts_outpost.Example.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getOutpostInstanceTypes.\n", "properties": { "arn": { "type": "string", "description": "Outpost Amazon Resource Name (ARN).\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getOutpostInstanceTypes.\n", "properties": { "arn": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "instanceTypes": { "type": "array", "items": { "type": "string" }, "description": "Set of instance types.\n" } }, "type": "object", "required": [ "arn", "instanceTypes", "id" ] } }, "aws:outposts/getOutposts:getOutposts": { "description": "Provides details about multiple Outposts.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getOutposts({\n siteId: data.aws_outposts_site.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_outposts(site_id=data[\"aws_outposts_site\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Outposts.GetOutposts.InvokeAsync(new Aws.Outposts.GetOutpostsArgs\n {\n SiteId = data.Aws_outposts_site.Id,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := data.Aws_outposts_site.Id\n\t\t_, err := outposts.GetOutposts(ctx, \u0026outposts.GetOutpostsArgs{\n\t\t\tSiteId: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getOutposts.\n", "properties": { "availabilityZone": { "type": "string", "description": "Availability Zone name.\n" }, "availabilityZoneId": { "type": "string", "description": "Availability Zone identifier.\n" }, "siteId": { "type": "string", "description": "Site identifier.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOutposts.\n", "properties": { "arns": { "type": "array", "items": { "type": "string" }, "description": "Set of Amazon Resource Names (ARNs).\n" }, "availabilityZone": { "type": "string" }, "availabilityZoneId": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "Set of identifiers.\n" }, "siteId": { "type": "string" } }, "type": "object", "required": [ "arns", "availabilityZone", "availabilityZoneId", "ids", "siteId", "id" ] } }, "aws:outposts/getSite:getSite": { "description": "Provides details about an Outposts Site.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.outposts.getSite({\n name: \"example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_site(name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Outposts.GetSite.InvokeAsync(new Aws.Outposts.GetSiteArgs\n {\n Name = \"example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"example\"\n\t\t_, err := outposts.GetSite(ctx, \u0026outposts.GetSiteArgs{\n\t\t\tName: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSite.\n", "properties": { "id": { "type": "string", "description": "Identifier of the Site.\n" }, "name": { "type": "string", "description": "Name of the Site.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSite.\n", "properties": { "accountId": { "type": "string", "description": "AWS Account identifier.\n" }, "description": { "type": "string", "description": "Description.\n" }, "id": { "type": "string" }, "name": { "type": "string" } }, "type": "object", "required": [ "accountId", "description", "id", "name" ] } }, "aws:outposts/getSites:getSites": { "description": "Provides details about multiple Outposts Sites.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst all = pulumi.output(aws.outposts.getSites({ async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nall = aws.outposts.get_sites()\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var all = Output.Create(Aws.Outposts.GetSites.InvokeAsync());\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := outposts.GetSites(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getSites.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ids": { "type": "array", "items": { "type": "string" }, "description": "Set of Outposts Site identifiers.\n" } }, "type": "object", "required": [ "ids", "id" ] } }, "aws:pricing/getProduct:getProduct": { "description": "Use this data source to get the pricing information of all products in AWS.\nThis data source is only available in a us-east-1 or ap-south-1 provider.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.pricing.getProduct({\n filters: [\n {\n field: \"instanceType\",\n value: \"c5.xlarge\",\n },\n {\n field: \"operatingSystem\",\n value: \"Linux\",\n },\n {\n field: \"location\",\n value: \"US East (N. Virginia)\",\n },\n {\n field: \"preInstalledSw\",\n value: \"NA\",\n },\n {\n field: \"licenseModel\",\n value: \"No License required\",\n },\n {\n field: \"tenancy\",\n value: \"Shared\",\n },\n {\n field: \"capacitystatus\",\n value: \"Used\",\n },\n ],\n serviceCode: \"AmazonEC2\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.pricing.get_product(filters=[\n {\n \"field\": \"instanceType\",\n \"value\": \"c5.xlarge\",\n },\n {\n \"field\": \"operatingSystem\",\n \"value\": \"Linux\",\n },\n {\n \"field\": \"location\",\n \"value\": \"US East (N. Virginia)\",\n },\n {\n \"field\": \"preInstalledSw\",\n \"value\": \"NA\",\n },\n {\n \"field\": \"licenseModel\",\n \"value\": \"No License required\",\n },\n {\n \"field\": \"tenancy\",\n \"value\": \"Shared\",\n },\n {\n \"field\": \"capacitystatus\",\n \"value\": \"Used\",\n },\n ],\n service_code=\"AmazonEC2\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Pricing.GetProduct.InvokeAsync(new Aws.Pricing.GetProductArgs\n {\n Filters = \n {\n new Aws.Pricing.Inputs.GetProductFilterArgs\n {\n Field = \"instanceType\",\n Value = \"c5.xlarge\",\n },\n new Aws.Pricing.Inputs.GetProductFilterArgs\n {\n Field = \"operatingSystem\",\n Value = \"Linux\",\n },\n new Aws.Pricing.Inputs.GetProductFilterArgs\n {\n Field = \"location\",\n Value = \"US East (N. Virginia)\",\n },\n new Aws.Pricing.Inputs.GetProductFilterArgs\n {\n Field = \"preInstalledSw\",\n Value = \"NA\",\n },\n new Aws.Pricing.Inputs.GetProductFilterArgs\n {\n Field = \"licenseModel\",\n Value = \"No License required\",\n },\n new Aws.Pricing.Inputs.GetProductFilterArgs\n {\n Field = \"tenancy\",\n Value = \"Shared\",\n },\n new Aws.Pricing.Inputs.GetProductFilterArgs\n {\n Field = \"capacitystatus\",\n Value = \"Used\",\n },\n },\n ServiceCode = \"AmazonEC2\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/pricing\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pricing.GetProduct(ctx, \u0026pricing.GetProductArgs{\n\t\t\tFilters: []pricing.GetProductFilter{\n\t\t\t\tpricing.GetProductFilter{\n\t\t\t\t\tField: \"instanceType\",\n\t\t\t\t\tValue: \"c5.xlarge\",\n\t\t\t\t},\n\t\t\t\tpricing.GetProductFilter{\n\t\t\t\t\tField: \"operatingSystem\",\n\t\t\t\t\tValue: \"Linux\",\n\t\t\t\t},\n\t\t\t\tpricing.GetProductFilter{\n\t\t\t\t\tField: \"location\",\n\t\t\t\t\tValue: \"US East (N. Virginia)\",\n\t\t\t\t},\n\t\t\t\tpricing.GetProductFilter{\n\t\t\t\t\tField: \"preInstalledSw\",\n\t\t\t\t\tValue: \"NA\",\n\t\t\t\t},\n\t\t\t\tpricing.GetProductFilter{\n\t\t\t\t\tField: \"licenseModel\",\n\t\t\t\t\tValue: \"No License required\",\n\t\t\t\t},\n\t\t\t\tpricing.GetProductFilter{\n\t\t\t\t\tField: \"tenancy\",\n\t\t\t\t\tValue: \"Shared\",\n\t\t\t\t},\n\t\t\t\tpricing.GetProductFilter{\n\t\t\t\t\tField: \"capacitystatus\",\n\t\t\t\t\tValue: \"Used\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceCode: \"AmazonEC2\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.pricing.getProduct({\n filters: [\n {\n field: \"instanceType\",\n value: \"ds1.xlarge\",\n },\n {\n field: \"location\",\n value: \"US East (N. Virginia)\",\n },\n ],\n serviceCode: \"AmazonRedshift\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.pricing.get_product(filters=[\n {\n \"field\": \"instanceType\",\n \"value\": \"ds1.xlarge\",\n },\n {\n \"field\": \"location\",\n \"value\": \"US East (N. Virginia)\",\n },\n ],\n service_code=\"AmazonRedshift\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Pricing.GetProduct.InvokeAsync(new Aws.Pricing.GetProductArgs\n {\n Filters = \n {\n new Aws.Pricing.Inputs.GetProductFilterArgs\n {\n Field = \"instanceType\",\n Value = \"ds1.xlarge\",\n },\n new Aws.Pricing.Inputs.GetProductFilterArgs\n {\n Field = \"location\",\n Value = \"US East (N. Virginia)\",\n },\n },\n ServiceCode = \"AmazonRedshift\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/pricing\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pricing.GetProduct(ctx, \u0026pricing.GetProductArgs{\n\t\t\tFilters: []pricing.GetProductFilter{\n\t\t\t\tpricing.GetProductFilter{\n\t\t\t\t\tField: \"instanceType\",\n\t\t\t\t\tValue: \"ds1.xlarge\",\n\t\t\t\t},\n\t\t\t\tpricing.GetProductFilter{\n\t\t\t\t\tField: \"location\",\n\t\t\t\t\tValue: \"US East (N. Virginia)\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceCode: \"AmazonRedshift\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getProduct.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:pricing/getProductFilter:getProductFilter" }, "description": "A list of filters. Passed directly to the API (see GetProducts API reference). These filters must describe a single product, this resource will fail if more than one product is returned by the API.\n" }, "serviceCode": { "type": "string", "description": "The code of the service. Available service codes can be fetched using the DescribeServices pricing API call.\n" } }, "type": "object", "required": [ "filters", "serviceCode" ] }, "outputs": { "description": "A collection of values returned by getProduct.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:pricing/getProductFilter:getProductFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "result": { "type": "string", "description": "Set to the product returned from the API.\n" }, "serviceCode": { "type": "string" } }, "type": "object", "required": [ "filters", "result", "serviceCode", "id" ] } }, "aws:qldb/getLedger:getLedger": { "description": "Use this data source to fetch information about a Quantum Ledger Database.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.qldb.getLedger({\n name: \"an_example_ledger\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.qldb.get_ledger(name=\"an_example_ledger\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Qldb.GetLedger.InvokeAsync(new Aws.Qldb.GetLedgerArgs\n {\n Name = \"an_example_ledger\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/qldb\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := qldb.LookupLedger(ctx, \u0026qldb.LookupLedgerArgs{\n\t\t\tName: \"an_example_ledger\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLedger.\n", "properties": { "name": { "type": "string", "description": "The friendly name of the ledger to match.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getLedger.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the ledger.\n" }, "deletionProtection": { "type": "boolean", "description": "Deletion protection on the QLDB Ledger instance. Set to `true` by default.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "arn", "deletionProtection", "name", "id" ] } }, "aws:ram/getResourceShare:getResourceShare": { "description": "`aws.ram.ResourceShare` Retrieve information about a RAM Resource Share.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.ram.getResourceShare({\n name: \"example\",\n resourceOwner: \"SELF\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ram.get_resource_share(name=\"example\",\n resource_owner=\"SELF\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Ram.GetResourceShare.InvokeAsync(new Aws.Ram.GetResourceShareArgs\n {\n Name = \"example\",\n ResourceOwner = \"SELF\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ram.LookupResourceShare(ctx, \u0026ram.LookupResourceShareArgs{\n\t\t\tName: \"example\",\n\t\t\tResourceOwner: \"SELF\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n## Search by filters\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tagFilter = pulumi.output(aws.ram.getResourceShare({\n filters: [{\n name: \"NameOfTag\",\n values: [\"exampleNameTagValue\"],\n }],\n name: \"MyResourceName\",\n resourceOwner: \"SELF\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntag_filter = aws.ram.get_resource_share(filters=[{\n \"name\": \"NameOfTag\",\n \"values\": [\"exampleNameTagValue\"],\n }],\n name=\"MyResourceName\",\n resource_owner=\"SELF\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var tagFilter = Output.Create(Aws.Ram.GetResourceShare.InvokeAsync(new Aws.Ram.GetResourceShareArgs\n {\n Filters = \n {\n new Aws.Ram.Inputs.GetResourceShareFilterArgs\n {\n Name = \"NameOfTag\",\n Values = \n {\n \"exampleNameTagValue\",\n },\n },\n },\n Name = \"MyResourceName\",\n ResourceOwner = \"SELF\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ram.LookupResourceShare(ctx, \u0026ram.LookupResourceShareArgs{\n\t\t\tFilters: []ram.GetResourceShareFilter{\n\t\t\t\tram.GetResourceShareFilter{\n\t\t\t\t\tName: \"NameOfTag\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"exampleNameTagValue\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: \"MyResourceName\",\n\t\t\tResourceOwner: \"SELF\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n", "inputs": { "description": "A collection of arguments for invoking getResourceShare.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ram/getResourceShareFilter:getResourceShareFilter" }, "description": "A filter used to scope the list e.g. by tags. See [related docs] (https://docs.aws.amazon.com/ram/latest/APIReference/API_TagFilter.html).\n" }, "name": { "type": "string", "description": "The name of the tag key to filter on.\n" }, "resourceOwner": { "type": "string", "description": "The owner of the resource share. Valid values are SELF or OTHER-ACCOUNTS\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Tags attached to the RAM share\n" } }, "type": "object", "required": [ "name", "resourceOwner" ] }, "outputs": { "description": "A collection of values returned by getResourceShare.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ram/getResourceShareFilter:getResourceShareFilter" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "owningAccountId": { "type": "string", "description": "The ID of the AWS account that owns the resource share.\n" }, "resourceOwner": { "type": "string" }, "status": { "type": "string", "description": "The Status of the RAM share.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Tags attached to the RAM share\n" } }, "type": "object", "required": [ "arn", "name", "owningAccountId", "resourceOwner", "status", "tags", "id" ] } }, "aws:rds/getCluster:getCluster": { "description": "Provides information about an RDS cluster.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst clusterName = pulumi.output(aws.rds.getCluster({\n clusterIdentifier: \"clusterName\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster_name = aws.rds.get_cluster(cluster_identifier=\"clusterName\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var clusterName = Output.Create(Aws.Rds.GetCluster.InvokeAsync(new Aws.Rds.GetClusterArgs\n {\n ClusterIdentifier = \"clusterName\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.LookupCluster(ctx, \u0026rds.LookupClusterArgs{\n\t\t\tClusterIdentifier: \"clusterName\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier of the RDS cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "clusterIdentifier" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "arn": { "type": "string" }, "availabilityZones": { "type": "array", "items": { "type": "string" } }, "backtrackWindow": { "type": "integer" }, "backupRetentionPeriod": { "type": "integer" }, "clusterIdentifier": { "type": "string" }, "clusterMembers": { "type": "array", "items": { "type": "string" } }, "clusterResourceId": { "type": "string" }, "databaseName": { "type": "string" }, "dbClusterParameterGroupName": { "type": "string" }, "dbSubnetGroupName": { "type": "string" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" } }, "endpoint": { "type": "string" }, "engine": { "type": "string" }, "engineVersion": { "type": "string" }, "finalSnapshotIdentifier": { "type": "string" }, "hostedZoneId": { "type": "string" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean" }, "iamRoles": { "type": "array", "items": { "type": "string" } }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "kmsKeyId": { "type": "string" }, "masterUsername": { "type": "string" }, "port": { "type": "integer" }, "preferredBackupWindow": { "type": "string" }, "preferredMaintenanceWindow": { "type": "string" }, "readerEndpoint": { "type": "string" }, "replicationSourceIdentifier": { "type": "string" }, "storageEncrypted": { "type": "boolean" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "arn", "availabilityZones", "backtrackWindow", "backupRetentionPeriod", "clusterIdentifier", "clusterMembers", "clusterResourceId", "databaseName", "dbClusterParameterGroupName", "dbSubnetGroupName", "enabledCloudwatchLogsExports", "endpoint", "engine", "engineVersion", "finalSnapshotIdentifier", "hostedZoneId", "iamDatabaseAuthenticationEnabled", "iamRoles", "kmsKeyId", "masterUsername", "port", "preferredBackupWindow", "preferredMaintenanceWindow", "readerEndpoint", "replicationSourceIdentifier", "storageEncrypted", "tags", "vpcSecurityGroupIds", "id" ] } }, "aws:rds/getClusterSnapshot:getClusterSnapshot": { "description": "Use this data source to get information about a DB Cluster Snapshot for use when provisioning DB clusters.\n\n\u003e **NOTE:** This data source does not apply to snapshots created on DB Instances. \nSee the `aws.rds.Snapshot` data source for DB Instance snapshots.\n", "inputs": { "description": "A collection of arguments for invoking getClusterSnapshot.\n", "properties": { "dbClusterIdentifier": { "type": "string", "description": "Returns the list of snapshots created by the specific db_cluster\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "Returns information on a specific snapshot_id.\n" }, "includePublic": { "type": "boolean", "description": "Set this value to true to include manual DB Cluster Snapshots that are public and can be\ncopied or restored by any AWS account, otherwise set this value to false. The default is `false`.\n" }, "includeShared": { "type": "boolean", "description": "Set this value to true to include shared manual DB Cluster Snapshots from other\nAWS accounts that this AWS account has been given permission to copy or restore, otherwise set this value to false.\nThe default is `false`.\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most recent Snapshot.\n" }, "snapshotType": { "type": "string", "description": "The type of snapshots to be returned. If you don't specify a SnapshotType\nvalue, then both automated and manual DB cluster snapshots are returned. Shared and public DB Cluster Snapshots are not\nincluded in the returned results by default. Possible values are, `automated`, `manual`, `shared` and `public`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getClusterSnapshot.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "Specifies the DB cluster identifier of the DB cluster that this DB cluster snapshot was created from.\n" }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DB cluster snapshot.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "includePublic": { "type": "boolean" }, "includeShared": { "type": "boolean" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DB cluster snapshot.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB cluster.\n" }, "mostRecent": { "type": "boolean" }, "port": { "type": "integer", "description": "Port that the DB cluster was listening on at the time of the snapshot.\n" }, "snapshotCreateTime": { "type": "string", "description": "Time when the snapshot was taken, in Universal Coordinated Time (UTC).\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster snapshot is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the resource.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DB cluster snapshot.\n" } }, "type": "object", "required": [ "allocatedStorage", "availabilityZones", "dbClusterSnapshotArn", "engine", "engineVersion", "kmsKeyId", "licenseModel", "port", "snapshotCreateTime", "sourceDbClusterSnapshotArn", "status", "storageEncrypted", "tags", "vpcId", "id" ] } }, "aws:rds/getEventCategories:getEventCategories": { "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\nList the event categories of all the RDS resources. \n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleEventCategories = pulumi.output(aws.rds.getEventCategories({ async: true }));\n\nexport const example = exampleEventCategories.eventCategories;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_event_categories = aws.rds.get_event_categories()\npulumi.export(\"example\", example_event_categories.event_categories)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleEventCategories = Output.Create(Aws.Rds.GetEventCategories.InvokeAsync());\n this.Example = exampleEventCategories.Apply(exampleEventCategories =\u003e exampleEventCategories.EventCategories);\n }\n\n [Output(\"example\")]\n public Output\u003cstring\u003e Example { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleEventCategories, err := rds.GetEventCategories(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"example\", exampleEventCategories.EventCategories)\n\t\treturn nil\n\t})\n}\n```\n\nList the event categories specific to the RDS resource `db-snapshot`.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleEventCategories = pulumi.output(aws.rds.getEventCategories({\n sourceType: \"db-snapshot\",\n}, { async: true }));\n\nexport const example = exampleEventCategories.eventCategories;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_event_categories = aws.rds.get_event_categories(source_type=\"db-snapshot\")\npulumi.export(\"example\", example_event_categories.event_categories)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleEventCategories = Output.Create(Aws.Rds.GetEventCategories.InvokeAsync(new Aws.Rds.GetEventCategoriesArgs\n {\n SourceType = \"db-snapshot\",\n }));\n this.Example = exampleEventCategories.Apply(exampleEventCategories =\u003e exampleEventCategories.EventCategories);\n }\n\n [Output(\"example\")]\n public Output\u003cstring\u003e Example { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"db-snapshot\"\n\t\texampleEventCategories, err := rds.GetEventCategories(ctx, \u0026rds.GetEventCategoriesArgs{\n\t\t\tSourceType: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"example\", exampleEventCategories.EventCategories)\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getEventCategories.\n", "properties": { "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are db-instance, db-security-group, db-parameter-group, db-snapshot, db-cluster or db-cluster-snapshot.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEventCategories.\n", "properties": { "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of the event categories.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "sourceType": { "type": "string" } }, "type": "object", "required": [ "eventCategories", "id" ] } }, "aws:rds/getInstance:getInstance": { "description": "Use this data source to get information about an RDS instance\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst database = pulumi.output(aws.rds.getInstance({\n dbInstanceIdentifier: \"my-test-database\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndatabase = aws.rds.get_instance(db_instance_identifier=\"my-test-database\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var database = Output.Create(Aws.Rds.GetInstance.InvokeAsync(new Aws.Rds.GetInstanceArgs\n {\n DbInstanceIdentifier = \"my-test-database\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.LookupInstance(ctx, \u0026rds.LookupInstanceArgs{\n\t\t\tDbInstanceIdentifier: \"my-test-database\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getInstance.\n", "properties": { "dbInstanceIdentifier": { "type": "string", "description": "The name of the RDS instance\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "dbInstanceIdentifier" ] }, "outputs": { "description": "A collection of values returned by getInstance.\n", "properties": { "address": { "type": "string", "description": "The hostname of the RDS instance. See also `endpoint` and `port`.\n" }, "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size specified in gigabytes.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor version patches are applied automatically.\n" }, "availabilityZone": { "type": "string", "description": "Specifies the name of the Availability Zone the DB instance is located in.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "Specifies the number of days for which automatic DB snapshots are retained.\n" }, "caCertIdentifier": { "type": "string", "description": "Specifies the identifier of the CA certificate for the DB instance.\n" }, "dbClusterIdentifier": { "type": "string", "description": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.\n" }, "dbInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB instance.\n" }, "dbInstanceClass": { "type": "string", "description": "Contains the name of the compute and memory capacity class of the DB instance.\n" }, "dbInstanceIdentifier": { "type": "string" }, "dbInstancePort": { "type": "integer", "description": "Specifies the port that the DB instance listens on.\n" }, "dbName": { "type": "string", "description": "Contains the name of the initial database of this instance that was provided at create time, if one was specified when the DB instance was created. This same name is returned for the life of the DB instance.\n" }, "dbParameterGroups": { "type": "array", "items": { "type": "string" }, "description": "Provides the list of DB parameter groups applied to this DB instance.\n" }, "dbSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "Provides List of DB security groups associated to this DB instance.\n" }, "dbSubnetGroup": { "type": "string", "description": "Specifies the name of the subnet group associated with the DB instance.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to export to cloudwatch.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint in `address:port` format.\n" }, "engine": { "type": "string", "description": "Provides the name of the database engine to be used for this DB instance.\n" }, "engineVersion": { "type": "string", "description": "Indicates the database engine version.\n" }, "hostedZoneId": { "type": "string", "description": "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record).\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "iops": { "type": "integer", "description": "Specifies the Provisioned IOPS (I/O operations per second) value.\n" }, "kmsKeyId": { "type": "string", "description": "If StorageEncrypted is true, the KMS key identifier for the encrypted DB instance.\n" }, "licenseModel": { "type": "string", "description": "License model information for this DB instance.\n" }, "masterUsername": { "type": "string", "description": "Contains the master username for the DB instance.\n" }, "monitoringInterval": { "type": "integer", "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance.\n" }, "monitoringRoleArn": { "type": "string", "description": "The ARN for the IAM role that permits RDS to send Enhanced Monitoring metrics to CloudWatch Logs.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the DB instance is a Multi-AZ deployment.\n" }, "optionGroupMemberships": { "type": "array", "items": { "type": "string" }, "description": "Provides the list of option group memberships for this DB instance.\n" }, "port": { "type": "integer", "description": "The database port.\n" }, "preferredBackupWindow": { "type": "string", "description": "Specifies the daily time range during which automated backups are created.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Specifies the weekly time range during which system maintenance can occur in UTC.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Specifies the accessibility options for the DB instance.\n" }, "replicateSourceDb": { "type": "string", "description": "The identifier of the source DB that this is a replica of.\n" }, "resourceId": { "type": "string", "description": "The RDS Resource ID of this instance.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB instance is encrypted.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type associated with DB instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "timezone": { "type": "string", "description": "The time zone of the DB instance.\n" }, "vpcSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "Provides a list of VPC security group elements that the DB instance belongs to.\n" } }, "type": "object", "required": [ "address", "allocatedStorage", "autoMinorVersionUpgrade", "availabilityZone", "backupRetentionPeriod", "caCertIdentifier", "dbClusterIdentifier", "dbInstanceArn", "dbInstanceClass", "dbInstanceIdentifier", "dbInstancePort", "dbName", "dbParameterGroups", "dbSecurityGroups", "dbSubnetGroup", "enabledCloudwatchLogsExports", "endpoint", "engine", "engineVersion", "hostedZoneId", "iops", "kmsKeyId", "licenseModel", "masterUsername", "monitoringInterval", "monitoringRoleArn", "multiAz", "optionGroupMemberships", "port", "preferredBackupWindow", "preferredMaintenanceWindow", "publiclyAccessible", "replicateSourceDb", "resourceId", "storageEncrypted", "storageType", "tags", "timezone", "vpcSecurityGroups", "id" ] } }, "aws:rds/getSnapshot:getSnapshot": { "description": "Use this data source to get information about a DB Snapshot for use when provisioning DB instances\n\n\u003e **NOTE:** This data source does not apply to snapshots created on Aurora DB clusters.\nSee the `aws.rds.ClusterSnapshot` data source for DB Cluster snapshots.\n", "inputs": { "description": "A collection of arguments for invoking getSnapshot.\n", "properties": { "dbInstanceIdentifier": { "type": "string", "description": "Returns the list of snapshots created by the specific db_instance\n" }, "dbSnapshotIdentifier": { "type": "string", "description": "Returns information on a specific snapshot_id.\n" }, "includePublic": { "type": "boolean", "description": "Set this value to true to include manual DB snapshots that are public and can be\ncopied or restored by any AWS account, otherwise set this value to false. The default is `false`.\n" }, "includeShared": { "type": "boolean", "description": "Set this value to true to include shared manual DB snapshots from other\nAWS accounts that this AWS account has been given permission to copy or restore, otherwise set this value to false.\nThe default is `false`.\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most\nrecent Snapshot.\n" }, "snapshotType": { "type": "string", "description": "The type of snapshots to be returned. If you don't specify a SnapshotType\nvalue, then both automated and manual snapshots are returned. Shared and public DB snapshots are not\nincluded in the returned results by default. Possible values are, `automated`, `manual`, `shared` and `public`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSnapshot.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZone": { "type": "string", "description": "Specifies the name of the Availability Zone the DB instance was located in at the time of the DB snapshot.\n" }, "dbInstanceIdentifier": { "type": "string" }, "dbSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB snapshot.\n" }, "dbSnapshotIdentifier": { "type": "string" }, "encrypted": { "type": "boolean", "description": "Specifies whether the DB snapshot is encrypted.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Specifies the version of the database engine.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "includePublic": { "type": "boolean" }, "includeShared": { "type": "boolean" }, "iops": { "type": "integer", "description": "Specifies the Provisioned IOPS (I/O operations per second) value of the DB instance at the time of the snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB instance.\n" }, "mostRecent": { "type": "boolean" }, "optionGroupName": { "type": "string", "description": "Provides the option group name for the DB snapshot.\n" }, "port": { "type": "integer" }, "snapshotCreateTime": { "type": "string", "description": "Provides the time when the snapshot was taken, in Universal Coordinated Time (UTC).\n" }, "snapshotType": { "type": "string" }, "sourceDbSnapshotIdentifier": { "type": "string", "description": "The DB snapshot Arn that the DB snapshot was copied from. It only has value in case of cross customer or cross region copy.\n" }, "sourceRegion": { "type": "string", "description": "The region that the DB snapshot was created in or copied from.\n" }, "status": { "type": "string", "description": "Specifies the status of this DB snapshot.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type associated with DB snapshot.\n" }, "vpcId": { "type": "string", "description": "Specifies the ID of the VPC associated with the DB snapshot.\n" } }, "type": "object", "required": [ "allocatedStorage", "availabilityZone", "dbSnapshotArn", "encrypted", "engine", "engineVersion", "iops", "kmsKeyId", "licenseModel", "optionGroupName", "port", "snapshotCreateTime", "sourceDbSnapshotIdentifier", "sourceRegion", "status", "storageType", "vpcId", "id" ] } }, "aws:redshift/getCluster:getCluster": { "description": "Provides details about a specific redshift cluster.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = pulumi.output(aws.redshift.getCluster({\n clusterIdentifier: \"test-cluster\",\n}, { async: true }));\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n destination: \"redshift\",\n redshiftConfiguration: {\n clusterJdbcurl: pulumi.interpolate`jdbc:redshift://${testCluster.endpoint}/${testCluster.databaseName}`,\n copyOptions: \"delimiter '|'\", // the default delimiter\n dataTableColumns: \"test-col\",\n dataTableName: \"test-table\",\n password: \"T3stPass\",\n roleArn: aws_iam_role_firehose_role.arn,\n username: \"testuser\",\n },\n s3Configuration: {\n bucketArn: aws_s3_bucket_bucket.arn,\n bufferInterval: 400,\n bufferSize: 10,\n compressionFormat: \"GZIP\",\n roleArn: aws_iam_role_firehose_role.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.redshift.get_cluster(cluster_identifier=\"test-cluster\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"testStream\",\n destination=\"redshift\",\n redshift_configuration={\n \"clusterJdbcurl\": f\"jdbc:redshift://{test_cluster.endpoint}/{test_cluster.database_name}\",\n \"copyOptions\": \"delimiter '|'\",\n \"dataTableColumns\": \"test-col\",\n \"dataTableName\": \"test-table\",\n \"password\": \"T3stPass\",\n \"role_arn\": aws_iam_role[\"firehose_role\"][\"arn\"],\n \"username\": \"testuser\",\n },\n s3_configuration={\n \"bucketArn\": aws_s3_bucket[\"bucket\"][\"arn\"],\n \"bufferInterval\": 400,\n \"bufferSize\": 10,\n \"compressionFormat\": \"GZIP\",\n \"role_arn\": aws_iam_role[\"firehose_role\"][\"arn\"],\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var testCluster = Output.Create(Aws.RedShift.GetCluster.InvokeAsync(new Aws.RedShift.GetClusterArgs\n {\n ClusterIdentifier = \"test-cluster\",\n }));\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"testStream\", new Aws.Kinesis.FirehoseDeliveryStreamArgs\n {\n Destination = \"redshift\",\n RedshiftConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationArgs\n {\n ClusterJdbcurl = Output.Tuple(testCluster, testCluster).Apply(values =\u003e\n {\n var testCluster = values.Item1;\n var testCluster1 = values.Item2;\n return $\"jdbc:redshift://{testCluster.Endpoint}/{testCluster1.DatabaseName}\";\n }),\n CopyOptions = \"delimiter '|'\",\n DataTableColumns = \"test-col\",\n DataTableName = \"test-table\",\n Password = \"T3stPass\",\n RoleArn = aws_iam_role.Firehose_role.Arn,\n Username = \"testuser\",\n },\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamS3ConfigurationArgs\n {\n BucketArn = aws_s3_bucket.Bucket.Arn,\n BufferInterval = 400,\n BufferSize = 10,\n CompressionFormat = \"GZIP\",\n RoleArn = aws_iam_role.Firehose_role.Arn,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := redshift.LookupCluster(ctx, \u0026redshift.LookupClusterArgs{\n\t\t\tClusterIdentifier: \"test-cluster\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"testStream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tDestination: pulumi.String(\"redshift\"),\n\t\t\tRedshiftConfiguration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationArgs{\n\t\t\t\tClusterJdbcurl: pulumi.String(fmt.Sprintf(\"%v%v%v%v\", \"jdbc:redshift://\", testCluster.Endpoint, \"/\", testCluster.DatabaseName)),\n\t\t\t\tCopyOptions: pulumi.String(\"delimiter '|'\"),\n\t\t\t\tDataTableColumns: pulumi.String(\"test-col\"),\n\t\t\t\tDataTableName: pulumi.String(\"test-table\"),\n\t\t\t\tPassword: pulumi.String(\"T3stPass\"),\n\t\t\t\tRoleArn: pulumi.String(aws_iam_role.Firehose_role.Arn),\n\t\t\t\tUsername: pulumi.String(\"testuser\"),\n\t\t\t},\n\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamS3ConfigurationArgs{\n\t\t\t\tBucketArn: pulumi.String(aws_s3_bucket.Bucket.Arn),\n\t\t\t\tBufferInterval: pulumi.Int(400),\n\t\t\t\tBufferSize: pulumi.Int(10),\n\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\tRoleArn: pulumi.String(aws_iam_role.Firehose_role.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags associated to the cluster\n" } }, "type": "object", "required": [ "clusterIdentifier" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "allowVersionUpgrade": { "type": "boolean", "description": "Whether major version upgrades can be applied during maintenance period\n" }, "automatedSnapshotRetentionPeriod": { "type": "integer", "description": "The backup retention period\n" }, "availabilityZone": { "type": "string", "description": "The availability zone of the cluster\n" }, "bucketName": { "type": "string", "description": "The name of the S3 bucket where the log files are to be stored\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier\n" }, "clusterParameterGroupName": { "type": "string", "description": "The name of the parameter group to be associated with this cluster\n" }, "clusterPublicKey": { "type": "string", "description": "The public key for the cluster\n" }, "clusterRevisionNumber": { "type": "string", "description": "The cluster revision number\n" }, "clusterSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups associated with the cluster\n" }, "clusterSubnetGroupName": { "type": "string", "description": "The name of a cluster subnet group to be associated with this cluster\n" }, "clusterType": { "type": "string", "description": "The cluster type\n" }, "clusterVersion": { "type": "string" }, "databaseName": { "type": "string", "description": "The name of the default database in the cluster\n" }, "elasticIp": { "type": "string", "description": "The Elastic IP of the cluster\n" }, "enableLogging": { "type": "boolean", "description": "Whether cluster logging is enabled\n" }, "encrypted": { "type": "boolean", "description": "Whether the cluster data is encrypted\n" }, "endpoint": { "type": "string", "description": "The cluster endpoint\n" }, "enhancedVpcRouting": { "type": "boolean", "description": "Whether enhanced VPC routing is enabled\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "The IAM roles associated to the cluster\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "kmsKeyId": { "type": "string", "description": "The KMS encryption key associated to the cluster\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user\n" }, "nodeType": { "type": "string", "description": "The cluster node type\n" }, "numberOfNodes": { "type": "integer", "description": "The number of nodes in the cluster\n" }, "port": { "type": "integer", "description": "The port the cluster responds on\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The maintenance window\n" }, "publiclyAccessible": { "type": "boolean", "description": "Whether the cluster is publicly accessible\n" }, "s3KeyPrefix": { "type": "string", "description": "The folder inside the S3 bucket where the log files are stored\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags associated to the cluster\n" }, "vpcId": { "type": "string", "description": "The VPC Id associated with the cluster\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The VPC security group Ids associated with the cluster\n" } }, "type": "object", "required": [ "allowVersionUpgrade", "automatedSnapshotRetentionPeriod", "availabilityZone", "bucketName", "clusterIdentifier", "clusterParameterGroupName", "clusterPublicKey", "clusterRevisionNumber", "clusterSecurityGroups", "clusterSubnetGroupName", "clusterType", "clusterVersion", "databaseName", "elasticIp", "enableLogging", "encrypted", "endpoint", "enhancedVpcRouting", "iamRoles", "kmsKeyId", "masterUsername", "nodeType", "numberOfNodes", "port", "preferredMaintenanceWindow", "publiclyAccessible", "s3KeyPrefix", "vpcId", "vpcSecurityGroupIds", "id" ] } }, "aws:redshift/getServiceAccount:getServiceAccount": { "description": "Use this data source to get the Account ID of the [AWS Redshift Service Account](http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging)\nin a given region for the purpose of allowing Redshift to store audit data in S3.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = pulumi.output(aws.redshift.getServiceAccount({ async: true }));\nconst bucket = new aws.s3.Bucket(\"bucket\", {\n forceDestroy: true,\n policy: pulumi.interpolate`{\n\t\"Version\": \"2008-10-17\",\n\t\"Statement\": [\n\t\t{\n \t\t\t\"Sid\": \"Put bucket policy needed for audit logging\",\n \t\t\t\"Effect\": \"Allow\",\n \t\t\t\"Principal\": {\n\t\t\t\t\t\t\"AWS\": \"${main.arn}\"\n \t\t\t},\n \t\t\t\"Action\": \"s3:PutObject\",\n \t\t\t\"Resource\": \"arn:aws:s3:::tf-redshift-logging-test-bucket/*\"\n \t\t},\n \t\t{\n \t\t\t\"Sid\": \"Get bucket policy needed for audit logging \",\n \t\t\t\"Effect\": \"Allow\",\n \t\t\t\"Principal\": {\n\t\t\t\t\t\t\"AWS\": \"${main.arn}\"\n \t\t\t},\n \t\t\t\"Action\": \"s3:GetBucketAcl\",\n \t\t\t\"Resource\": \"arn:aws:s3:::tf-redshift-logging-test-bucket\"\n \t\t}\n\t]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.redshift.get_service_account()\nbucket = aws.s3.Bucket(\"bucket\",\n force_destroy=True,\n policy=f\"\"\"{{\n\t\"Version\": \"2008-10-17\",\n\t\"Statement\": [\n\t\t{{\n \t\t\t\"Sid\": \"Put bucket policy needed for audit logging\",\n \t\t\t\"Effect\": \"Allow\",\n \t\t\t\"Principal\": {{\n\t\t\t\t\t\t\"AWS\": \"{main.arn}\"\n \t\t\t}},\n \t\t\t\"Action\": \"s3:PutObject\",\n \t\t\t\"Resource\": \"arn:aws:s3:::tf-redshift-logging-test-bucket/*\"\n \t\t}},\n \t\t{{\n \t\t\t\"Sid\": \"Get bucket policy needed for audit logging \",\n \t\t\t\"Effect\": \"Allow\",\n \t\t\t\"Principal\": {{\n\t\t\t\t\t\t\"AWS\": \"{main.arn}\"\n \t\t\t}},\n \t\t\t\"Action\": \"s3:GetBucketAcl\",\n \t\t\t\"Resource\": \"arn:aws:s3:::tf-redshift-logging-test-bucket\"\n \t\t}}\n\t]\n}}\n\n\"\"\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = Output.Create(Aws.RedShift.GetServiceAccount.InvokeAsync());\n var bucket = new Aws.S3.Bucket(\"bucket\", new Aws.S3.BucketArgs\n {\n ForceDestroy = true,\n Policy = Output.Tuple(main, main).Apply(values =\u003e\n {\n var main = values.Item1;\n var main1 = values.Item2;\n return @$\"{{\n\t\"\"Version\"\": \"\"2008-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{{\n \t\t\t\"\"Sid\"\": \"\"Put bucket policy needed for audit logging\"\",\n \t\t\t\"\"Effect\"\": \"\"Allow\"\",\n \t\t\t\"\"Principal\"\": {{\n\t\t\t\t\t\t\"\"AWS\"\": \"\"{main.Arn}\"\"\n \t\t\t}},\n \t\t\t\"\"Action\"\": \"\"s3:PutObject\"\",\n \t\t\t\"\"Resource\"\": \"\"arn:aws:s3:::tf-redshift-logging-test-bucket/*\"\"\n \t\t}},\n \t\t{{\n \t\t\t\"\"Sid\"\": \"\"Get bucket policy needed for audit logging \"\",\n \t\t\t\"\"Effect\"\": \"\"Allow\"\",\n \t\t\t\"\"Principal\"\": {{\n\t\t\t\t\t\t\"\"AWS\"\": \"\"{main1.Arn}\"\"\n \t\t\t}},\n \t\t\t\"\"Action\"\": \"\"s3:GetBucketAcl\"\",\n \t\t\t\"\"Resource\"\": \"\"arn:aws:s3:::tf-redshift-logging-test-bucket\"\"\n \t\t}}\n\t]\n}}\n\n\";\n }),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := redshift.GetServiceAccount(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucket(ctx, \"bucket\", \u0026s3.BucketArgs{\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(\"%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v\", \"{\\n\", \"\t\\\"Version\\\": \\\"2008-10-17\\\",\\n\", \"\t\\\"Statement\\\": [\\n\", \"\t\t{\\n\", \" \t\t\t\\\"Sid\\\": \\\"Put bucket policy needed for audit logging\\\",\\n\", \" \t\t\t\\\"Effect\\\": \\\"Allow\\\",\\n\", \" \t\t\t\\\"Principal\\\": {\\n\", \"\t\t\t\t\t\t\\\"AWS\\\": \\\"\", main.Arn, \"\\\"\\n\", \" \t\t\t},\\n\", \" \t\t\t\\\"Action\\\": \\\"s3:PutObject\\\",\\n\", \" \t\t\t\\\"Resource\\\": \\\"arn:aws:s3:::tf-redshift-logging-test-bucket/*\\\"\\n\", \" \t\t},\\n\", \" \t\t{\\n\", \" \t\t\t\\\"Sid\\\": \\\"Get bucket policy needed for audit logging \\\",\\n\", \" \t\t\t\\\"Effect\\\": \\\"Allow\\\",\\n\", \" \t\t\t\\\"Principal\\\": {\\n\", \"\t\t\t\t\t\t\\\"AWS\\\": \\\"\", main.Arn, \"\\\"\\n\", \" \t\t\t},\\n\", \" \t\t\t\\\"Action\\\": \\\"s3:GetBucketAcl\\\",\\n\", \" \t\t\t\\\"Resource\\\": \\\"arn:aws:s3:::tf-redshift-logging-test-bucket\\\"\\n\", \" \t\t}\\n\", \"\t]\\n\", \"}\\n\", \"\\n\")),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getServiceAccount.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS Redshift account ID is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getServiceAccount.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the AWS Redshift service account in the selected region.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "region": { "type": "string" } }, "type": "object", "required": [ "arn", "id" ] } }, "aws:route53/getDelegationSet:getDelegationSet": { "description": "`aws.route53.DelegationSet` provides details about a specific Route 53 Delegation Set.\n\nThis data source allows to find a list of name servers associated with a specific delegation set.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example shows how to get a delegation set from its id.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dset = pulumi.output(aws.route53.getDelegationSet({\n id: \"MQWGHCBFAKEID\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndset = aws.route53.get_delegation_set(id=\"MQWGHCBFAKEID\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var dset = Output.Create(Aws.Route53.GetDelegationSet.InvokeAsync(new Aws.Route53.GetDelegationSetArgs\n {\n Id = \"MQWGHCBFAKEID\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.LookupDelegationSet(ctx, \u0026route53.LookupDelegationSetArgs{\n\t\t\tId: \"MQWGHCBFAKEID\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getDelegationSet.\n", "properties": { "id": { "type": "string", "description": "The Hosted Zone id of the desired delegation set.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getDelegationSet.\n", "properties": { "callerReference": { "type": "string" }, "id": { "type": "string" }, "nameServers": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "callerReference", "id", "nameServers" ] } }, "aws:route53/getResolverRule:getResolverRule": { "description": "`aws.route53.ResolverRule` provides details about a specific Route53 Resolver rule.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example shows how to get a Route53 Resolver rule based on its associated domain name and rule type.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.route53.getResolverRule({\n domainName: \"subdomain.example.com\",\n ruleType: \"SYSTEM\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_rule(domain_name=\"subdomain.example.com\",\n rule_type=\"SYSTEM\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Route53.GetResolverRule.InvokeAsync(new Aws.Route53.GetResolverRuleArgs\n {\n DomainName = \"subdomain.example.com\",\n RuleType = \"SYSTEM\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"subdomain.example.com\"\n\t\topt1 := \"SYSTEM\"\n\t\t_, err := route53.LookupResolverRule(ctx, \u0026route53.LookupResolverRuleArgs{\n\t\t\tDomainName: \u0026opt0,\n\t\t\tRuleType: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getResolverRule.\n", "properties": { "domainName": { "type": "string", "description": "The domain name the desired resolver rule forwards DNS queries for. Conflicts with `resolver_rule_id`.\n" }, "name": { "type": "string", "description": "The friendly name of the desired resolver rule. Conflicts with `resolver_rule_id`.\n" }, "resolverEndpointId": { "type": "string", "description": "The ID of the outbound resolver endpoint of the desired resolver rule. Conflicts with `resolver_rule_id`.\n" }, "resolverRuleId": { "type": "string", "description": "The ID of the desired resolver rule. Conflicts with `domain_name`, `name`, `resolver_endpoint_id` and `rule_type`.\n" }, "ruleType": { "type": "string", "description": "The rule type of the desired resolver rule. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`. Conflicts with `resolver_rule_id`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resolver rule.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getResolverRule.\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) for the resolver rule.\n" }, "domainName": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "ownerId": { "type": "string", "description": "When a rule is shared with another AWS account, the account ID of the account that the rule is shared with.\n" }, "resolverEndpointId": { "type": "string" }, "resolverRuleId": { "type": "string" }, "ruleType": { "type": "string" }, "shareStatus": { "type": "string", "description": "Whether the rules is shared and, if so, whether the current account is sharing the rule with another account, or another account is sharing the rule with the current account.\nValues are `NOT_SHARED`, `SHARED_BY_ME` or `SHARED_WITH_ME`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resolver rule.\n" } }, "type": "object", "required": [ "arn", "domainName", "name", "ownerId", "resolverEndpointId", "resolverRuleId", "ruleType", "shareStatus", "tags", "id" ] } }, "aws:route53/getResolverRules:getResolverRules": { "description": "`aws.route53.getResolverRules` provides details about a set of Route53 Resolver rules.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example shows how to get Route53 Resolver rules based on tags.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.route53.getResolverRules({\n tags: [{\n Environment: \"dev\",\n }],\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_rules(tags=[{\n \"Environment\": \"dev\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Route53.GetResolverRules.InvokeAsync(new Aws.Route53.GetResolverRulesArgs\n {\n Tags = \n {\n \n {\n { \"Environment\", \"dev\" },\n },\n },\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.GetResolverRules(ctx, \u0026route53.GetResolverRulesArgs{\n\t\t\tTags: []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Environment\": \"dev\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getResolverRules.\n", "properties": { "ownerId": { "type": "string", "description": "When the desired resolver rules are shared with another AWS account, the account ID of the account that the rules are shared with.\n" }, "resolverEndpointId": { "type": "string", "description": "The ID of the outbound resolver endpoint for the desired resolver rules.\n" }, "ruleType": { "type": "string", "description": "The rule type of the desired resolver rules. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`.\n" }, "shareStatus": { "type": "string", "description": "Whether the desired resolver rules are shared and, if so, whether the current account is sharing the rules with another account, or another account is sharing the rules with the current account.\nValues are `NOT_SHARED`, `SHARED_BY_ME` or `SHARED_WITH_ME`\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getResolverRules.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ownerId": { "type": "string" }, "resolverEndpointId": { "type": "string" }, "resolverRuleIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the matched resolver rules.\n" }, "ruleType": { "type": "string" }, "shareStatus": { "type": "string" } }, "type": "object", "required": [ "resolverRuleIds", "id" ] } }, "aws:route53/getZone:getZone": { "description": "`aws.route53.Zone` provides details about a specific Route 53 Hosted Zone.\n\nThis data source allows to find a Hosted Zone ID given Hosted Zone name and certain search criteria.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example shows how to get a Hosted Zone from its name and from this data how to create a Record Set.\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = pulumi.output(aws.route53.getZone({\n name: \"test.com.\",\n privateZone: true,\n}, { async: true }));\nconst www = new aws.route53.Record(\"www\", {\n name: pulumi.interpolate`www.${selected.name!}`,\n records: [\"10.0.0.1\"],\n ttl: 300,\n type: \"A\",\n zoneId: selected.zoneId!,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.route53.get_zone(name=\"test.com.\",\n private_zone=True)\nwww = aws.route53.Record(\"www\",\n name=f\"www.{selected.name}\",\n records=[\"10.0.0.1\"],\n ttl=\"300\",\n type=\"A\",\n zone_id=selected.zone_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var selected = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs\n {\n Name = \"test.com.\",\n PrivateZone = true,\n }));\n var www = new Aws.Route53.Record(\"www\", new Aws.Route53.RecordArgs\n {\n Name = selected.Apply(selected =\u003e $\"www.{selected.Name}\"),\n Records = \n {\n \"10.0.0.1\",\n },\n Ttl = 300,\n Type = \"A\",\n ZoneId = selected.Apply(selected =\u003e selected.ZoneId),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"test.com.\"\n\t\topt1 := true\n\t\tselected, err := route53.LookupZone(ctx, \u0026route53.LookupZoneArgs{\n\t\t\tName: \u0026opt0,\n\t\t\tPrivateZone: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v%v\", \"www.\", selected.Name)),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.1\"),\n\t\t\t},\n\t\t\tTtl: pulumi.Int(300),\n\t\t\tType: pulumi.String(\"A\"),\n\t\t\tZoneId: pulumi.String(selected.ZoneId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getZone.\n", "properties": { "name": { "type": "string", "description": "The Hosted Zone name of the desired Hosted Zone.\n" }, "privateZone": { "type": "boolean", "description": "Used with `name` field to get a private Hosted Zone.\n" }, "resourceRecordSetCount": { "type": "integer", "description": "The number of Record Set in the Hosted Zone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.\n" }, "vpcId": { "type": "string", "description": "Used with `name` field to get a private Hosted Zone associated with the vpc_id (in this case, private_zone is not mandatory).\n" }, "zoneId": { "type": "string", "description": "The Hosted Zone id of the desired Hosted Zone.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getZone.\n", "properties": { "callerReference": { "type": "string", "description": "Caller Reference of the Hosted Zone.\n" }, "comment": { "type": "string", "description": "The comment field of the Hosted Zone.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "linkedServiceDescription": { "type": "string", "description": "The description provided by the service that created the Hosted Zone (e.g. `arn:aws:servicediscovery:us-east-1:1234567890:namespace/ns-xxxxxxxxxxxxxxxx`).\n" }, "linkedServicePrincipal": { "type": "string", "description": "The service that created the Hosted Zone (e.g. `servicediscovery.amazonaws.com`).\n" }, "name": { "type": "string" }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "The list of DNS name servers for the Hosted Zone.\n" }, "privateZone": { "type": "boolean" }, "resourceRecordSetCount": { "type": "integer", "description": "The number of Record Set in the Hosted Zone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "vpcId": { "type": "string" }, "zoneId": { "type": "string" } }, "type": "object", "required": [ "callerReference", "comment", "linkedServiceDescription", "linkedServicePrincipal", "name", "nameServers", "resourceRecordSetCount", "tags", "vpcId", "zoneId", "id" ] } }, "aws:s3/getBucket:getBucket": { "description": "Provides details about a specific S3 bucket.\n\nThis resource may prove useful when setting up a Route53 record, or an origin for a CloudFront\nDistribution.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Route53 Record\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = pulumi.output(aws.s3.getBucket({\n bucket: \"bucket.test.com\",\n}, { async: true }));\nconst testZone = pulumi.output(aws.route53.getZone({\n name: \"test.com.\",\n}, { async: true }));\nconst example = new aws.route53.Record(\"example\", {\n aliases: [{\n name: selected.websiteDomain,\n zoneId: selected.hostedZoneId,\n }],\n name: \"bucket\",\n type: \"A\",\n zoneId: testZone.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.s3.get_bucket(bucket=\"bucket.test.com\")\ntest_zone = aws.route53.get_zone(name=\"test.com.\")\nexample = aws.route53.Record(\"example\",\n aliases=[{\n \"name\": selected.website_domain,\n \"zone_id\": selected.hosted_zone_id,\n }],\n name=\"bucket\",\n type=\"A\",\n zone_id=test_zone.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var selected = Output.Create(Aws.S3.GetBucket.InvokeAsync(new Aws.S3.GetBucketArgs\n {\n Bucket = \"bucket.test.com\",\n }));\n var testZone = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs\n {\n Name = \"test.com.\",\n }));\n var example = new Aws.Route53.Record(\"example\", new Aws.Route53.RecordArgs\n {\n Aliases = \n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n Name = selected.Apply(selected =\u003e selected.WebsiteDomain),\n ZoneId = selected.Apply(selected =\u003e selected.HostedZoneId),\n },\n },\n Name = \"bucket\",\n Type = \"A\",\n ZoneId = testZone.Apply(testZone =\u003e testZone.Id),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tselected, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"bucket.test.com\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt0 := \"test.com.\"\n\t\ttestZone, err := route53.LookupZone(ctx, \u0026route53.LookupZoneArgs{\n\t\t\tName: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"example\", \u0026route53.RecordArgs{\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tName: pulumi.String(selected.WebsiteDomain),\n\t\t\t\t\tZoneId: pulumi.String(selected.HostedZoneId),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"bucket\"),\n\t\t\tType: pulumi.String(\"A\"),\n\t\t\tZoneId: pulumi.String(testZone.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### CloudFront Origin\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = pulumi.output(aws.s3.getBucket({\n bucket: \"a-test-bucket\",\n}, { async: true }));\nconst test = new aws.cloudfront.Distribution(\"test\", {\n origins: [{\n domainName: selected.bucketDomainName,\n originId: \"s3-selected-bucket\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.s3.get_bucket(bucket=\"a-test-bucket\")\ntest = aws.cloudfront.Distribution(\"test\", origins=[{\n \"domain_name\": selected.bucket_domain_name,\n \"originId\": \"s3-selected-bucket\",\n}])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var selected = Output.Create(Aws.S3.GetBucket.InvokeAsync(new Aws.S3.GetBucketArgs\n {\n Bucket = \"a-test-bucket\",\n }));\n var test = new Aws.CloudFront.Distribution(\"test\", new Aws.CloudFront.DistributionArgs\n {\n Origins = \n {\n new Aws.CloudFront.Inputs.DistributionOriginArgs\n {\n DomainName = selected.Apply(selected =\u003e selected.BucketDomainName),\n OriginId = \"s3-selected-bucket\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tselected, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"a-test-bucket\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfront.NewDistribution(ctx, \"test\", \u0026cloudfront.DistributionArgs{\n\t\t\tOrigins: cloudfront.DistributionOriginArray{\n\t\t\t\t\u0026cloudfront.DistributionOriginArgs{\n\t\t\t\t\tDomainName: pulumi.String(selected.BucketDomainName),\n\t\t\t\t\tOriginId: pulumi.String(\"s3-selected-bucket\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getBucket.\n", "properties": { "bucket": { "type": "string", "description": "The name of the bucket\n" } }, "type": "object", "required": [ "bucket" ] }, "outputs": { "description": "A collection of values returned by getBucket.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n" }, "bucket": { "type": "string" }, "bucketDomainName": { "type": "string", "description": "The bucket domain name. Will be of format `bucketname.s3.amazonaws.com`.\n" }, "bucketRegionalDomainName": { "type": "string", "description": "The bucket region-specific domain name. The bucket domain name including the region name, please refer [here](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent [redirect issues](https://forums.aws.amazon.com/thread.jspa?threadID=216814) from CloudFront to S3 Origin URL.\n" }, "hostedZoneId": { "type": "string", "description": "The [Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "region": { "type": "string", "description": "The AWS region this bucket resides in.\n" }, "websiteDomain": { "type": "string", "description": "The domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records.\n" }, "websiteEndpoint": { "type": "string", "description": "The website endpoint, if the bucket is configured with a website. If not, this will be an empty string.\n" } }, "type": "object", "required": [ "arn", "bucket", "bucketDomainName", "bucketRegionalDomainName", "hostedZoneId", "region", "websiteDomain", "websiteEndpoint", "id" ] } }, "aws:s3/getBucketObject:getBucketObject": { "description": "The S3 object data source allows access to the metadata and\n_optionally_ (see below) content of an object stored inside S3 bucket.\n\n\u003e **Note:** The content of an object (`body` field) is available only for objects which have a human-readable `Content-Type` (`text/*` and `application/json`). This is to prevent printing unsafe characters and potentially downloading large amount of data which would be thrown away in favour of metadata.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThe following example retrieves a text object (which must have a `Content-Type`\nvalue starting with `text/`) and uses it as the `user_data` for an EC2 instance:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bootstrapScript = pulumi.output(aws.s3.getBucketObject({\n bucket: \"ourcorp-deploy-config\",\n key: \"ec2-bootstrap-script.sh\",\n}, { async: true }));\nconst example = new aws.ec2.Instance(\"example\", {\n ami: \"ami-2757f631\",\n instanceType: \"t2.micro\",\n userData: bootstrapScript.body,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbootstrap_script = aws.s3.get_bucket_object(bucket=\"ourcorp-deploy-config\",\n key=\"ec2-bootstrap-script.sh\")\nexample = aws.ec2.Instance(\"example\",\n ami=\"ami-2757f631\",\n instance_type=\"t2.micro\",\n user_data=bootstrap_script.body)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var bootstrapScript = Output.Create(Aws.S3.GetBucketObject.InvokeAsync(new Aws.S3.GetBucketObjectArgs\n {\n Bucket = \"ourcorp-deploy-config\",\n Key = \"ec2-bootstrap-script.sh\",\n }));\n var example = new Aws.Ec2.Instance(\"example\", new Aws.Ec2.InstanceArgs\n {\n Ami = \"ami-2757f631\",\n InstanceType = \"t2.micro\",\n UserData = bootstrapScript.Apply(bootstrapScript =\u003e bootstrapScript.Body),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbootstrapScript, err := s3.LookupBucketObject(ctx, \u0026s3.LookupBucketObjectArgs{\n\t\t\tBucket: \"ourcorp-deploy-config\",\n\t\t\tKey: \"ec2-bootstrap-script.sh\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"example\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-2757f631\"),\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tUserData: pulumi.String(bootstrapScript.Body),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nThe following, more-complex example retrieves only the metadata for a zip\nfile stored in S3, which is then used to pass the most recent `version_id`\nto AWS Lambda for use as a function implementation. More information about\nLambda functions is available in the documentation for\n`aws.lambda.Function`.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda = pulumi.output(aws.s3.getBucketObject({\n bucket: \"ourcorp-lambda-functions\",\n key: \"hello-world.zip\",\n}, { async: true }));\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n handler: \"exports.test\",\n role: aws_iam_role_iam_for_lambda.arn, // (not shown)\n s3Bucket: lambda.bucket,\n s3Key: lambda.key,\n s3ObjectVersion: lambda.versionId!,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_ = aws.s3.get_bucket_object(bucket=\"ourcorp-lambda-functions\",\n key=\"hello-world.zip\")\ntest_lambda = aws.lambda_.Function(\"testLambda\",\n handler=\"exports.test\",\n role=aws_iam_role[\"iam_for_lambda\"][\"arn\"],\n s3_bucket=lambda_.bucket,\n s3_key=lambda_.key,\n s3_object_version=lambda_.version_id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lambda = Output.Create(Aws.S3.GetBucketObject.InvokeAsync(new Aws.S3.GetBucketObjectArgs\n {\n Bucket = \"ourcorp-lambda-functions\",\n Key = \"hello-world.zip\",\n }));\n var testLambda = new Aws.Lambda.Function(\"testLambda\", new Aws.Lambda.FunctionArgs\n {\n Handler = \"exports.test\",\n Role = aws_iam_role.Iam_for_lambda.Arn,\n S3Bucket = lambda.Apply(lambda =\u003e lambda.Bucket),\n S3Key = lambda.Apply(lambda =\u003e lambda.Key),\n S3ObjectVersion = lambda.Apply(lambda =\u003e lambda.VersionId),\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlambda, err := s3.LookupBucketObject(ctx, \u0026s3.LookupBucketObjectArgs{\n\t\t\tBucket: \"ourcorp-lambda-functions\",\n\t\t\tKey: \"hello-world.zip\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"testLambda\", \u0026lambda.FunctionArgs{\n\t\t\tHandler: pulumi.String(\"exports.test\"),\n\t\t\tRole: pulumi.String(aws_iam_role.Iam_for_lambda.Arn),\n\t\t\tS3Bucket: pulumi.String(lambda.Bucket),\n\t\t\tS3Key: pulumi.String(lambda.Key),\n\t\t\tS3ObjectVersion: pulumi.String(lambda.VersionId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getBucketObject.\n", "properties": { "bucket": { "type": "string", "description": "The name of the bucket to read the object from. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified\n" }, "key": { "type": "string", "description": "The full path to the object inside the bucket\n" }, "range": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the object.\n" }, "versionId": { "type": "string", "description": "Specific version ID of the object returned (defaults to latest version)\n" } }, "type": "object", "required": [ "bucket", "key" ] }, "outputs": { "description": "A collection of values returned by getBucketObject.\n", "properties": { "body": { "type": "string", "description": "Object data (see **limitations above** to understand cases in which this field is actually available)\n" }, "bucket": { "type": "string" }, "cacheControl": { "type": "string", "description": "Specifies caching behavior along the request/reply chain.\n" }, "contentDisposition": { "type": "string", "description": "Specifies presentational information for the object.\n" }, "contentEncoding": { "type": "string", "description": "Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.\n" }, "contentLanguage": { "type": "string", "description": "The language the content is in.\n" }, "contentLength": { "type": "integer", "description": "Size of the body in bytes.\n" }, "contentType": { "type": "string", "description": "A standard MIME type describing the format of the object data.\n" }, "etag": { "type": "string", "description": "[ETag](https://en.wikipedia.org/wiki/HTTP_ETag) generated for the object (an MD5 sum of the object content in case it's not encrypted)\n" }, "expiration": { "type": "string", "description": "If the object expiration is configured (see [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html)), the field includes this header. It includes the expiry-date and rule-id key value pairs providing object expiration information. The value of the rule-id is URL encoded.\n" }, "expires": { "type": "string", "description": "The date and time at which the object is no longer cacheable.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "key": { "type": "string" }, "lastModified": { "type": "string", "description": "Last modified date of the object in RFC1123 format (e.g. `Mon, 02 Jan 2006 15:04:05 MST`)\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of metadata stored with the object in S3\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "Indicates whether this object has an active [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds). This field is only returned if you have permission to view an object's legal hold status.\n" }, "objectLockMode": { "type": "string", "description": "The object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) currently in place for this object.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "The date and time when this object's object lock will expire.\n" }, "range": { "type": "string" }, "serverSideEncryption": { "type": "string", "description": "If the object is stored using server-side encryption (KMS or Amazon S3-managed encryption key), this field includes the chosen encryption and algorithm used.\n" }, "sseKmsKeyId": { "type": "string", "description": "If present, specifies the ID of the Key Management Service (KMS) master encryption key that was used for the object.\n" }, "storageClass": { "type": "string", "description": "[Storage class](http://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) information of the object. Available for all objects except for `Standard` storage class objects.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the object.\n" }, "versionId": { "type": "string", "description": "The latest version ID of the object returned.\n" }, "websiteRedirectLocation": { "type": "string", "description": "If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.\n" } }, "type": "object", "required": [ "body", "bucket", "cacheControl", "contentDisposition", "contentEncoding", "contentLanguage", "contentLength", "contentType", "etag", "expiration", "expires", "key", "lastModified", "metadata", "objectLockLegalHoldStatus", "objectLockMode", "objectLockRetainUntilDate", "serverSideEncryption", "sseKmsKeyId", "storageClass", "tags", "versionId", "websiteRedirectLocation", "id" ] } }, "aws:s3/getBucketObjects:getBucketObjects": { "description": "\u003e **NOTE on `max_keys`:** Retrieving very large numbers of keys can adversely affect this provider's performance.\n\nThe bucket-objects data source returns keys (i.e., file names) and other metadata about objects in an S3 bucket.\n", "inputs": { "description": "A collection of arguments for invoking getBucketObjects.\n", "properties": { "bucket": { "type": "string", "description": "Lists object keys in this S3 bucket. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified\n" }, "delimiter": { "type": "string", "description": "A character used to group keys (Default: none)\n" }, "encodingType": { "type": "string", "description": "Encodes keys using this method (Default: none; besides none, only \"url\" can be used)\n" }, "fetchOwner": { "type": "boolean", "description": "Boolean specifying whether to populate the owner list (Default: false)\n" }, "maxKeys": { "type": "integer", "description": "Maximum object keys to return (Default: 1000)\n" }, "prefix": { "type": "string", "description": "Limits results to object keys with this prefix (Default: none)\n" }, "startAfter": { "type": "string", "description": "Returns key names lexicographically after a specific object key in your bucket (Default: none; S3 lists object keys in UTF-8 character encoding in lexicographical order)\n" } }, "type": "object", "required": [ "bucket" ] }, "outputs": { "description": "A collection of values returned by getBucketObjects.\n", "properties": { "bucket": { "type": "string" }, "commonPrefixes": { "type": "array", "items": { "type": "string" }, "description": "List of any keys between `prefix` and the next occurrence of `delimiter` (i.e., similar to subdirectories of the `prefix` \"directory\"); the list is only returned when you specify `delimiter`\n" }, "delimiter": { "type": "string" }, "encodingType": { "type": "string" }, "fetchOwner": { "type": "boolean" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "keys": { "type": "array", "items": { "type": "string" }, "description": "List of strings representing object keys\n" }, "maxKeys": { "type": "integer" }, "owners": { "type": "array", "items": { "type": "string" }, "description": "List of strings representing object owner IDs (see `fetch_owner` above)\n" }, "prefix": { "type": "string" }, "startAfter": { "type": "string" } }, "type": "object", "required": [ "bucket", "commonPrefixes", "keys", "owners", "id" ] } }, "aws:secretsmanager/getSecret:getSecret": { "description": "Retrieve metadata information about a Secrets Manager secret. To retrieve a secret value, see the `aws.secretsmanager.SecretVersion`.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### ARN\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst by_arn = pulumi.output(aws.secretsmanager.getSecret({\n arn: \"arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_arn = aws.secretsmanager.get_secret(arn=\"arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var by_arn = Output.Create(Aws.SecretsManager.GetSecret.InvokeAsync(new Aws.SecretsManager.GetSecretArgs\n {\n Arn = \"arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\"\n\t\t_, err := secretsmanager.LookupSecret(ctx, \u0026secretsmanager.LookupSecretArgs{\n\t\t\tArn: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Name\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst by_name = pulumi.output(aws.secretsmanager.getSecret({\n name: \"example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_name = aws.secretsmanager.get_secret(name=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var by_name = Output.Create(Aws.SecretsManager.GetSecret.InvokeAsync(new Aws.SecretsManager.GetSecretArgs\n {\n Name = \"example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"example\"\n\t\t_, err := secretsmanager.LookupSecret(ctx, \u0026secretsmanager.LookupSecretArgs{\n\t\t\tName: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSecret.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the secret to retrieve.\n" }, "name": { "type": "string", "description": "The name of the secret to retrieve.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSecret.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the secret.\n" }, "description": { "type": "string", "description": "A description of the secret.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "kmsKeyId": { "type": "string", "description": "The Key Management Service (KMS) Customer Master Key (CMK) associated with the secret.\n" }, "name": { "type": "string" }, "policy": { "type": "string", "description": "The resource-based policy document that's attached to the secret.\n" }, "rotationEnabled": { "type": "boolean", "description": "Whether rotation is enabled or not.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation data source instead" }, "rotationLambdaArn": { "type": "string", "description": "Rotation Lambda function Amazon Resource Name (ARN) if rotation is enabled.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation data source instead" }, "rotationRules": { "type": "array", "items": { "$ref": "#/types/aws:secretsmanager/getSecretRotationRule:getSecretRotationRule" }, "description": "Rotation rules if rotation is enabled.\n", "deprecationMessage": "Use the aws_secretsmanager_secret_rotation data source instead" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags of the secret.\n" } }, "type": "object", "required": [ "arn", "description", "kmsKeyId", "name", "policy", "rotationEnabled", "rotationLambdaArn", "rotationRules", "tags", "id" ] } }, "aws:secretsmanager/getSecretRotation:getSecretRotation": { "description": "Retrieve information about a Secrets Manager secret rotation. To retrieve secret metadata, see the [`aws.secretsmanager.Secret` data source](https://www.terraform.io/docs/providers/aws/d/secretsmanager_secret.html). To retrieve a secret value, see the [`aws.secretsmanager.SecretVersion` data source](https://www.terraform.io/docs/providers/aws/d/secretsmanager_secret_version.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Retrieve Secret Rotation Configuration\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws_secretsmanager_secret_example.id.apply(id =\u003e aws.secretsmanager.getSecretRotation({\n secretId: id,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.get_secret_rotation(secret_id=data[\"aws_secretsmanager_secret\"][\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.SecretsManager.GetSecretRotation.InvokeAsync(new Aws.SecretsManager.GetSecretRotationArgs\n {\n SecretId = data.Aws_secretsmanager_secret.Example.Id,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.LookupSecretRotation(ctx, \u0026secretsmanager.LookupSecretRotationArgs{\n\t\t\tSecretId: data.Aws_secretsmanager_secret.Example.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSecretRotation.\n", "properties": { "secretId": { "type": "string", "description": "Specifies the secret containing the version that you want to retrieve. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.\n" } }, "type": "object", "required": [ "secretId" ] }, "outputs": { "description": "A collection of values returned by getSecretRotation.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "rotationEnabled": { "type": "boolean", "description": "The ARN of the secret.\n" }, "rotationLambdaArn": { "type": "string", "description": "The decrypted part of the protected secret information that was originally provided as a string.\n" }, "rotationRules": { "type": "array", "items": { "$ref": "#/types/aws:secretsmanager/getSecretRotationRotationRule:getSecretRotationRotationRule" }, "description": "The decrypted part of the protected secret information that was originally provided as a binary. Base64 encoded.\n" }, "secretId": { "type": "string" } }, "type": "object", "required": [ "rotationEnabled", "rotationLambdaArn", "rotationRules", "secretId", "id" ] } }, "aws:secretsmanager/getSecretVersion:getSecretVersion": { "description": "Retrieve information about a Secrets Manager secret version, including its secret value. To retrieve secret metadata, see the `aws.secretsmanager.Secret` data source.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Retrieve Current Secret Version\n\nBy default, this data sources retrieves information based on the `AWSCURRENT` staging label.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws_secretsmanager_secret_example.id.apply(id =\u003e aws.secretsmanager.getSecretVersion({\n secretId: id,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.get_secret_version(secret_id=data[\"aws_secretsmanager_secret\"][\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.SecretsManager.GetSecretVersion.InvokeAsync(new Aws.SecretsManager.GetSecretVersionArgs\n {\n SecretId = data.Aws_secretsmanager_secret.Example.Id,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.LookupSecretVersion(ctx, \u0026secretsmanager.LookupSecretVersionArgs{\n\t\t\tSecretId: data.Aws_secretsmanager_secret.Example.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% example %}}\n### Retrieve Specific Secret Version\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst by_version_stage = aws_secretsmanager_secret_example.id.apply(id =\u003e aws.secretsmanager.getSecretVersion({\n secretId: id,\n versionStage: \"example\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_version_stage = aws.secretsmanager.get_secret_version(secret_id=data[\"aws_secretsmanager_secret\"][\"example\"][\"id\"],\n version_stage=\"example\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var by_version_stage = Output.Create(Aws.SecretsManager.GetSecretVersion.InvokeAsync(new Aws.SecretsManager.GetSecretVersionArgs\n {\n SecretId = data.Aws_secretsmanager_secret.Example.Id,\n VersionStage = \"example\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"example\"\n\t\t_, err := secretsmanager.LookupSecretVersion(ctx, \u0026secretsmanager.LookupSecretVersionArgs{\n\t\t\tSecretId: data.Aws_secretsmanager_secret.Example.Id,\n\t\t\tVersionStage: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getSecretVersion.\n", "properties": { "secretId": { "type": "string", "description": "Specifies the secret containing the version that you want to retrieve. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.\n" }, "versionId": { "type": "string", "description": "Specifies the unique identifier of the version of the secret that you want to retrieve. Overrides `version_stage`.\n" }, "versionStage": { "type": "string", "description": "Specifies the secret version that you want to retrieve by the staging label attached to the version. Defaults to `AWSCURRENT`.\n" } }, "type": "object", "required": [ "secretId" ] }, "outputs": { "description": "A collection of values returned by getSecretVersion.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the secret.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "secretBinary": { "type": "string", "description": "The decrypted part of the protected secret information that was originally provided as a binary. Base64 encoded.\n" }, "secretId": { "type": "string" }, "secretString": { "type": "string", "description": "The decrypted part of the protected secret information that was originally provided as a string.\n" }, "versionId": { "type": "string", "description": "The unique identifier of this version of the secret.\n" }, "versionStage": { "type": "string" }, "versionStages": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "arn", "secretBinary", "secretId", "secretString", "versionId", "versionStages", "id" ] } }, "aws:servicequotas/getService:getService": { "description": "Retrieve information about a Service Quotas Service.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.servicequotas.getService({\n serviceName: \"Amazon Virtual Private Cloud (Amazon VPC)\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicequotas.get_service(service_name=\"Amazon Virtual Private Cloud (Amazon VPC)\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.ServiceQuotas.GetService.InvokeAsync(new Aws.ServiceQuotas.GetServiceArgs\n {\n ServiceName = \"Amazon Virtual Private Cloud (Amazon VPC)\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/servicequotas\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicequotas.GetService(ctx, \u0026servicequotas.GetServiceArgs{\n\t\t\tServiceName: \"Amazon Virtual Private Cloud (Amazon VPC)\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getService.\n", "properties": { "serviceName": { "type": "string", "description": "Service name to lookup within Service Quotas. Available values can be found with the [AWS CLI service-quotas list-services command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-services.html).\n" } }, "type": "object", "required": [ "serviceName" ] }, "outputs": { "description": "A collection of values returned by getService.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "serviceCode": { "type": "string", "description": "Code of the service.\n" }, "serviceName": { "type": "string" } }, "type": "object", "required": [ "serviceCode", "serviceName", "id" ] } }, "aws:servicequotas/getServiceQuota:getServiceQuota": { "description": "Retrieve information about a Service Quota.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byQuotaCode = pulumi.output(aws.servicequotas.getServiceQuota({\n quotaCode: \"L-F678F1CE\",\n serviceCode: \"vpc\",\n}, { async: true }));\nconst byQuotaName = pulumi.output(aws.servicequotas.getServiceQuota({\n quotaName: \"VPCs per Region\",\n serviceCode: \"vpc\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_quota_code = aws.servicequotas.get_service_quota(quota_code=\"L-F678F1CE\",\n service_code=\"vpc\")\nby_quota_name = aws.servicequotas.get_service_quota(quota_name=\"VPCs per Region\",\n service_code=\"vpc\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var byQuotaCode = Output.Create(Aws.ServiceQuotas.GetServiceQuota.InvokeAsync(new Aws.ServiceQuotas.GetServiceQuotaArgs\n {\n QuotaCode = \"L-F678F1CE\",\n ServiceCode = \"vpc\",\n }));\n var byQuotaName = Output.Create(Aws.ServiceQuotas.GetServiceQuota.InvokeAsync(new Aws.ServiceQuotas.GetServiceQuotaArgs\n {\n QuotaName = \"VPCs per Region\",\n ServiceCode = \"vpc\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/servicequotas\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"L-F678F1CE\"\n\t\t_, err := servicequotas.LookupServiceQuota(ctx, \u0026servicequotas.LookupServiceQuotaArgs{\n\t\t\tQuotaCode: \u0026opt0,\n\t\t\tServiceCode: \"vpc\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\topt1 := \"VPCs per Region\"\n\t\t_, err := servicequotas.LookupServiceQuota(ctx, \u0026servicequotas.LookupServiceQuotaArgs{\n\t\t\tQuotaName: \u0026opt1,\n\t\t\tServiceCode: \"vpc\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getServiceQuota.\n", "properties": { "quotaCode": { "type": "string", "description": "Quota code within the service. When configured, the data source directly looks up the service quota. Available values can be found with the [AWS CLI service-quotas list-service-quotas command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html).\n" }, "quotaName": { "type": "string", "description": "Quota name within the service. When configured, the data source searches through all service quotas to find the matching quota name. Available values can be found with the [AWS CLI service-quotas list-service-quotas command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html).\n" }, "serviceCode": { "type": "string", "description": "Service code for the quota. Available values can be found with the `aws.servicequotas.getService` data source or [AWS CLI service-quotas list-services command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-services.html).\n" } }, "type": "object", "required": [ "serviceCode" ] }, "outputs": { "description": "A collection of values returned by getServiceQuota.\n", "properties": { "adjustable": { "type": "boolean", "description": "Whether the service quota is adjustable.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the service quota.\n" }, "defaultValue": { "type": "number", "description": "Default value of the service quota.\n" }, "globalQuota": { "type": "boolean", "description": "Whether the service quota is global for the AWS account.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "quotaCode": { "type": "string" }, "quotaName": { "type": "string" }, "serviceCode": { "type": "string" }, "serviceName": { "type": "string", "description": "Name of the service.\n" }, "value": { "type": "number", "description": "Current value of the service quota.\n" } }, "type": "object", "required": [ "adjustable", "arn", "defaultValue", "globalQuota", "quotaCode", "quotaName", "serviceCode", "serviceName", "value", "id" ] } }, "aws:sfn/getActivity:getActivity": { "description": "Provides a Step Functions Activity data source\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sfnActivity = pulumi.output(aws.sfn.getActivity({\n name: \"my-activity\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsfn_activity = aws.sfn.get_activity(name=\"my-activity\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var sfnActivity = Output.Create(Aws.Sfn.GetActivity.InvokeAsync(new Aws.Sfn.GetActivityArgs\n {\n Name = \"my-activity\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"my-activity\"\n\t\t_, err := sfn.LookupActivity(ctx, \u0026sfn.LookupActivityArgs{\n\t\t\tName: \u0026opt0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getActivity.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the activity.\n" }, "name": { "type": "string", "description": "The name that identifies the activity.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getActivity.\n", "properties": { "arn": { "type": "string" }, "creationDate": { "type": "string", "description": "The date the activity was created.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "arn", "creationDate", "name", "id" ] } }, "aws:sfn/getStateMachine:getStateMachine": { "description": "Use this data source to get the ARN of a State Machine in AWS Step\nFunction (SFN). By using this data source, you can reference a\nstate machine without having to hard code the ARNs as input.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.sfn.getStateMachine({\n name: \"an_example_sfn_name\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sfn.get_state_machine(name=\"an_example_sfn_name\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Sfn.GetStateMachine.InvokeAsync(new Aws.Sfn.GetStateMachineArgs\n {\n Name = \"an_example_sfn_name\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sfn.LookupStateMachine(ctx, \u0026sfn.LookupStateMachineArgs{\n\t\t\tName: \"an_example_sfn_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getStateMachine.\n", "properties": { "name": { "type": "string", "description": "The friendly name of the state machine to match.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getStateMachine.\n", "properties": { "arn": { "type": "string", "description": "Set to the arn of the state function.\n" }, "creationDate": { "type": "string", "description": "The date the state machine was created.\n" }, "definition": { "type": "string", "description": "Set to the state machine definition.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "roleArn": { "type": "string", "description": "Set to the role_arn used by the state function.\n" }, "status": { "type": "string", "description": "Set to the current status of the state machine.\n" } }, "type": "object", "required": [ "arn", "creationDate", "definition", "name", "roleArn", "status", "id" ] } }, "aws:sns/getTopic:getTopic": { "description": "Use this data source to get the ARN of a topic in AWS Simple Notification\nService (SNS). By using this data source, you can reference SNS topics\nwithout having to hard code the ARNs as input.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.sns.getTopic({\n name: \"an_example_topic\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sns.get_topic(name=\"an_example_topic\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Sns.GetTopic.InvokeAsync(new Aws.Sns.GetTopicArgs\n {\n Name = \"an_example_topic\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.LookupTopic(ctx, \u0026sns.LookupTopicArgs{\n\t\t\tName: \"an_example_topic\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getTopic.\n", "properties": { "name": { "type": "string", "description": "The friendly name of the topic to match.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getTopic.\n", "properties": { "arn": { "type": "string", "description": "Set to the ARN of the found topic, suitable for referencing in other resources that support SNS topics.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "arn", "name", "id" ] } }, "aws:sqs/getQueue:getQueue": { "description": "Use this data source to get the ARN and URL of queue in AWS Simple Queue Service (SQS).\nBy using this data source, you can reference SQS queues without having to hardcode\nthe ARNs as input.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.sqs.getQueue({\n name: \"queue\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sqs.get_queue(name=\"queue\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Sqs.GetQueue.InvokeAsync(new Aws.Sqs.GetQueueArgs\n {\n Name = \"queue\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sqs.LookupQueue(ctx, \u0026sqs.LookupQueueArgs{\n\t\t\tName: \"queue\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getQueue.\n", "properties": { "name": { "type": "string", "description": "The name of the queue to match.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getQueue.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the queue.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the resource.\n" }, "url": { "type": "string", "description": "The URL of the queue.\n" } }, "type": "object", "required": [ "arn", "name", "tags", "url", "id" ] } }, "aws:ssm/getDocument:getDocument": { "description": "Gets the contents of the specified Systems Manager document.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nTo get the contents of the document owned by AWS.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = pulumi.output(aws.ssm.getDocument({\n documentFormat: \"YAML\",\n name: \"AWS-GatherSoftwareInventory\",\n}, { async: true }));\n\nexport const content = foo.content;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ssm.get_document(document_format=\"YAML\",\n name=\"AWS-GatherSoftwareInventory\")\npulumi.export(\"content\", foo.content)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = Output.Create(Aws.Ssm.GetDocument.InvokeAsync(new Aws.Ssm.GetDocumentArgs\n {\n DocumentFormat = \"YAML\",\n Name = \"AWS-GatherSoftwareInventory\",\n }));\n this.Content = foo.Apply(foo =\u003e foo.Content);\n }\n\n [Output(\"content\")]\n public Output\u003cstring\u003e Content { get; set; }\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"YAML\"\n\t\tfoo, err := ssm.LookupDocument(ctx, \u0026ssm.LookupDocumentArgs{\n\t\t\tDocumentFormat: \u0026opt0,\n\t\t\tName: \"AWS-GatherSoftwareInventory\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"content\", foo.Content)\n\t\treturn nil\n\t})\n}\n```\n\nTo get the contents of the custom document.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws_ssm_document_test.name.apply(name =\u003e aws.ssm.getDocument({\n documentFormat: \"JSON\",\n name: name,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ssm.get_document(document_format=\"JSON\",\n name=aws_ssm_document[\"test\"][\"name\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.Ssm.GetDocument.InvokeAsync(new Aws.Ssm.GetDocumentArgs\n {\n DocumentFormat = \"JSON\",\n Name = aws_ssm_document.Test.Name,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"JSON\"\n\t\t_, err := ssm.LookupDocument(ctx, \u0026ssm.LookupDocumentArgs{\n\t\t\tDocumentFormat: \u0026opt0,\n\t\t\tName: aws_ssm_document.Test.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getDocument.\n", "properties": { "documentFormat": { "type": "string", "description": "Returns the document in the specified format. The document format can be either JSON or YAML. JSON is the default format.\n" }, "documentVersion": { "type": "string", "description": "The document version for which you want information.\n" }, "name": { "type": "string", "description": "The name of the Systems Manager document.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getDocument.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the document.\n" }, "content": { "type": "string", "description": "The contents of the document.\n" }, "documentFormat": { "type": "string" }, "documentType": { "type": "string", "description": "The type of the document.\n" }, "documentVersion": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "arn", "content", "documentType", "name", "id" ] } }, "aws:ssm/getParameter:getParameter": { "description": "Provides an SSM Parameter data source.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = pulumi.output(aws.ssm.getParameter({\n name: \"foo\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ssm.get_parameter(name=\"foo\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var foo = Output.Create(Aws.Ssm.GetParameter.InvokeAsync(new Aws.Ssm.GetParameterArgs\n {\n Name = \"foo\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.LookupParameter(ctx, \u0026ssm.LookupParameterArgs{\n\t\t\tName: \"foo\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n\n\u003e **Note:** The data source is currently following the behavior of the [SSM API](https://docs.aws.amazon.com/sdk-for-go/api/service/ssm/#Parameter) to return a string value, regardless of parameter type.\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getParameter.\n", "properties": { "name": { "type": "string", "description": "The name of the parameter.\n" }, "withDecryption": { "type": "boolean", "description": "Whether to return decrypted `SecureString` value. Defaults to `true`.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getParameter.\n", "properties": { "arn": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "type": { "type": "string" }, "value": { "type": "string" }, "version": { "type": "integer" }, "withDecryption": { "type": "boolean" } }, "type": "object", "required": [ "arn", "name", "type", "value", "version", "id" ] } }, "aws:ssm/getPatchBaseline:getPatchBaseline": { "description": "Provides an SSM Patch Baseline data source. Useful if you wish to reuse the default baselines provided.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nTo retrieve a baseline provided by AWS:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst centos = pulumi.output(aws.ssm.getPatchBaseline({\n namePrefix: \"AWS-\",\n operatingSystem: \"CENTOS\",\n owner: \"AWS\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncentos = aws.ssm.get_patch_baseline(name_prefix=\"AWS-\",\n operating_system=\"CENTOS\",\n owner=\"AWS\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var centos = Output.Create(Aws.Ssm.GetPatchBaseline.InvokeAsync(new Aws.Ssm.GetPatchBaselineArgs\n {\n NamePrefix = \"AWS-\",\n OperatingSystem = \"CENTOS\",\n Owner = \"AWS\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"AWS-\"\n\t\topt1 := \"CENTOS\"\n\t\t_, err := ssm.LookupPatchBaseline(ctx, \u0026ssm.LookupPatchBaselineArgs{\n\t\t\tNamePrefix: \u0026opt0,\n\t\t\tOperatingSystem: \u0026opt1,\n\t\t\tOwner: \"AWS\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\nTo retrieve a baseline on your account:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCustom = pulumi.output(aws.ssm.getPatchBaseline({\n defaultBaseline: true,\n namePrefix: \"MyCustomBaseline\",\n operatingSystem: \"WINDOWS\",\n owner: \"Self\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_custom = aws.ssm.get_patch_baseline(default_baseline=True,\n name_prefix=\"MyCustomBaseline\",\n operating_system=\"WINDOWS\",\n owner=\"Self\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var defaultCustom = Output.Create(Aws.Ssm.GetPatchBaseline.InvokeAsync(new Aws.Ssm.GetPatchBaselineArgs\n {\n DefaultBaseline = true,\n NamePrefix = \"MyCustomBaseline\",\n OperatingSystem = \"WINDOWS\",\n Owner = \"Self\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := true\n\t\topt1 := \"MyCustomBaseline\"\n\t\topt2 := \"WINDOWS\"\n\t\t_, err := ssm.LookupPatchBaseline(ctx, \u0026ssm.LookupPatchBaselineArgs{\n\t\t\tDefaultBaseline: \u0026opt0,\n\t\t\tNamePrefix: \u0026opt1,\n\t\t\tOperatingSystem: \u0026opt2,\n\t\t\tOwner: \"Self\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getPatchBaseline.\n", "properties": { "defaultBaseline": { "type": "boolean", "description": "Filters the results against the baselines default_baseline field.\n" }, "namePrefix": { "type": "string", "description": "Filter results by the baseline name prefix.\n" }, "operatingSystem": { "type": "string", "description": "The specified OS for the baseline.\n" }, "owner": { "type": "string", "description": "The owner of the baseline. Valid values: `All`, `AWS`, `Self` (the current account).\n" } }, "type": "object", "required": [ "owner" ] }, "outputs": { "description": "A collection of values returned by getPatchBaseline.\n", "properties": { "defaultBaseline": { "type": "boolean" }, "description": { "type": "string", "description": "The description of the baseline.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string", "description": "The name of the baseline.\n" }, "namePrefix": { "type": "string" }, "operatingSystem": { "type": "string" }, "owner": { "type": "string" } }, "type": "object", "required": [ "description", "name", "owner", "id" ] } }, "aws:storagegateway/getLocalDisk:getLocalDisk": { "description": "Retrieve information about a Storage Gateway local disk. The disk identifier is useful for adding the disk as a cache or upload buffer to a gateway.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = pulumi.all([aws_volume_attachment_test.deviceName, aws_storagegateway_gateway_test.arn]).apply(([deviceName, arn]) =\u003e aws.storagegateway.getLocalDisk({\n diskPath: deviceName,\n gatewayArn: arn,\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.storagegateway.get_local_disk(disk_path=aws_volume_attachment[\"test\"][\"device_name\"],\n gateway_arn=aws_storagegateway_gateway[\"test\"][\"arn\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var test = Output.Create(Aws.StorageGateway.GetLocalDisk.InvokeAsync(new Aws.StorageGateway.GetLocalDiskArgs\n {\n DiskPath = aws_volume_attachment.Test.Device_name,\n GatewayArn = aws_storagegateway_gateway.Test.Arn,\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := aws_volume_attachment.Test.Device_name\n\t\t_, err := storagegateway.GetLocalDisk(ctx, \u0026storagegateway.GetLocalDiskArgs{\n\t\t\tDiskPath: \u0026opt0,\n\t\t\tGatewayArn: aws_storagegateway_gateway.Test.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getLocalDisk.\n", "properties": { "diskNode": { "type": "string", "description": "The device node of the local disk to retrieve. For example, `/dev/sdb`.\n" }, "diskPath": { "type": "string", "description": "The device path of the local disk to retrieve. For example, `/dev/xvdb` or `/dev/nvme1n1`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "type": "object", "required": [ "gatewayArn" ] }, "outputs": { "description": "A collection of values returned by getLocalDisk.\n", "properties": { "diskId": { "type": "string", "description": "The disk identifier. e.g. `pci-0000:03:00.0-scsi-0:0:0:0`\n" }, "diskNode": { "type": "string" }, "diskPath": { "type": "string" }, "gatewayArn": { "type": "string" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" } }, "type": "object", "required": [ "diskId", "gatewayArn", "id" ] } }, "aws:transfer/getServer:getServer": { "description": "Use this data source to get the ARN of an AWS Transfer Server for use in other\nresources.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.transfer.getServer({\n serverId: \"s-1234567\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.get_server(server_id=\"s-1234567\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Transfer.GetServer.InvokeAsync(new Aws.Transfer.GetServerArgs\n {\n ServerId = \"s-1234567\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.LookupServer(ctx, \u0026transfer.LookupServerArgs{\n\t\t\tServerId: \"s-1234567\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getServer.\n", "properties": { "serverId": { "type": "string", "description": "ID for an SFTP server.\n" } }, "type": "object", "required": [ "serverId" ] }, "outputs": { "description": "A collection of values returned by getServer.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Transfer Server\n" }, "endpoint": { "type": "string", "description": "The endpoint of the Transfer Server (e.g. `s-12345678.server.transfer.REGION.amazonaws.com`)\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "identityProviderType": { "type": "string", "description": "The mode of authentication enabled for this service. The default value is `SERVICE_MANAGED`, which allows you to store and access SFTP user credentials within the service. `API_GATEWAY` indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice.\n" }, "invocationRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role used to authenticate the user account with an `identity_provider_type` of `API_GATEWAY`.\n" }, "loggingRole": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to write your SFTP users’ activity to your Amazon CloudWatch logs for monitoring and auditing purposes.\n" }, "serverId": { "type": "string" }, "url": { "type": "string", "description": "URL of the service endpoint used to authenticate users with an `identity_provider_type` of `API_GATEWAY`.\n" } }, "type": "object", "required": [ "arn", "endpoint", "identityProviderType", "invocationRole", "loggingRole", "serverId", "url", "id" ] } }, "aws:waf/getIpset:getIpset": { "description": "`aws.waf.IpSet` Retrieves a WAF IP Set Resource Id.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.waf.getIpset({\n name: \"tfWAFIPSet\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.get_ipset(name=\"tfWAFIPSet\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Waf.GetIpset.InvokeAsync(new Aws.Waf.GetIpsetArgs\n {\n Name = \"tfWAFIPSet\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.GetIpset(ctx, \u0026waf.GetIpsetArgs{\n\t\t\tName: \"tfWAFIPSet\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getIpset.\n", "properties": { "name": { "type": "string", "description": "The name of the WAF IP set.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getIpset.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "name", "id" ] } }, "aws:waf/getRateBasedRule:getRateBasedRule": { "description": "`aws.waf.RateBasedRule` Retrieves a WAF Rate Based Rule Resource Id.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.waf.getRateBasedRule({\n name: \"tfWAFRateBasedRule\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.get_rate_based_rule(name=\"tfWAFRateBasedRule\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Waf.GetRateBasedRule.InvokeAsync(new Aws.Waf.GetRateBasedRuleArgs\n {\n Name = \"tfWAFRateBasedRule\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.LookupRateBasedRule(ctx, \u0026waf.LookupRateBasedRuleArgs{\n\t\t\tName: \"tfWAFRateBasedRule\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRateBasedRule.\n", "properties": { "name": { "type": "string", "description": "The name of the WAF rate based rule.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRateBasedRule.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "name", "id" ] } }, "aws:waf/getRule:getRule": { "description": "`aws.waf.Rule` Retrieves a WAF Rule Resource Id.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.waf.getRule({\n name: \"tfWAFRule\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.get_rule(name=\"tfWAFRule\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Waf.GetRule.InvokeAsync(new Aws.Waf.GetRuleArgs\n {\n Name = \"tfWAFRule\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.LookupRule(ctx, \u0026waf.LookupRuleArgs{\n\t\t\tName: \"tfWAFRule\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRule.\n", "properties": { "name": { "type": "string", "description": "The name of the WAF rule.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRule.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "name", "id" ] } }, "aws:waf/getWebAcl:getWebAcl": { "description": "`aws.waf.WebAcl` Retrieves a WAF Web ACL Resource Id.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.waf.getWebAcl({\n name: \"tfWAFWebACL\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.get_web_acl(name=\"tfWAFWebACL\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Waf.GetWebAcl.InvokeAsync(new Aws.Waf.GetWebAclArgs\n {\n Name = \"tfWAFWebACL\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.LookupWebAcl(ctx, \u0026waf.LookupWebAclArgs{\n\t\t\tName: \"tfWAFWebACL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getWebAcl.\n", "properties": { "name": { "type": "string", "description": "The name of the WAF Web ACL.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getWebAcl.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "name", "id" ] } }, "aws:wafregional/getIpset:getIpset": { "description": "`aws.wafregional.IpSet` Retrieves a WAF Regional IP Set Resource Id.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.wafregional.getIpset({\n name: \"tfWAFRegionalIPSet\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.get_ipset(name=\"tfWAFRegionalIPSet\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.WafRegional.GetIpset.InvokeAsync(new Aws.WafRegional.GetIpsetArgs\n {\n Name = \"tfWAFRegionalIPSet\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.GetIpset(ctx, \u0026wafregional.GetIpsetArgs{\n\t\t\tName: \"tfWAFRegionalIPSet\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getIpset.\n", "properties": { "name": { "type": "string", "description": "The name of the WAF Regional IP set.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getIpset.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "name", "id" ] } }, "aws:wafregional/getRateBasedMod:getRateBasedMod": { "description": "`aws.wafregional.RateBasedRule` Retrieves a WAF Regional Rate Based Rule Resource Id.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.wafregional.getRateBasedMod({\n name: \"tfWAFRegionalRateBasedRule\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.get_rate_based_mod(name=\"tfWAFRegionalRateBasedRule\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.WafRegional.GetRateBasedMod.InvokeAsync(new Aws.WafRegional.GetRateBasedModArgs\n {\n Name = \"tfWAFRegionalRateBasedRule\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.GetRateBasedMod(ctx, \u0026wafregional.GetRateBasedModArgs{\n\t\t\tName: \"tfWAFRegionalRateBasedRule\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRateBasedMod.\n", "properties": { "name": { "type": "string", "description": "The name of the WAF Regional rate based rule.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRateBasedMod.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "name", "id" ] } }, "aws:wafregional/getRule:getRule": { "description": "`aws.wafregional.Rule` Retrieves a WAF Regional Rule Resource Id.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.wafregional.getRule({\n name: \"tfWAFRegionalRule\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.get_rule(name=\"tfWAFRegionalRule\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.WafRegional.GetRule.InvokeAsync(new Aws.WafRegional.GetRuleArgs\n {\n Name = \"tfWAFRegionalRule\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.LookupRule(ctx, \u0026wafregional.LookupRuleArgs{\n\t\t\tName: \"tfWAFRegionalRule\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRule.\n", "properties": { "name": { "type": "string", "description": "The name of the WAF Regional rule.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRule.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "name", "id" ] } }, "aws:wafregional/getWebAcl:getWebAcl": { "description": "`aws.wafregional.WebAcl` Retrieves a WAF Regional Web ACL Resource Id.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.wafregional.getWebAcl({\n name: \"tfWAFRegionalWebACL\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.get_web_acl(name=\"tfWAFRegionalWebACL\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.WafRegional.GetWebAcl.InvokeAsync(new Aws.WafRegional.GetWebAclArgs\n {\n Name = \"tfWAFRegionalWebACL\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.LookupWebAcl(ctx, \u0026wafregional.LookupWebAclArgs{\n\t\t\tName: \"tfWAFRegionalWebACL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getWebAcl.\n", "properties": { "name": { "type": "string", "description": "The name of the WAF Regional Web ACL.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getWebAcl.\n", "properties": { "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "name", "id" ] } }, "aws:wafv2/getIpSet:getIpSet": { "description": "Retrieves the summary of a WAFv2 IP Set.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.wafv2.getIpSet({\n name: \"some-ip-set\",\n scope: \"REGIONAL\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.get_ip_set(name=\"some-ip-set\",\n scope=\"REGIONAL\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.WafV2.GetIpSet.InvokeAsync(new Aws.WafV2.GetIpSetArgs\n {\n Name = \"some-ip-set\",\n Scope = \"REGIONAL\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.LookupIpSet(ctx, \u0026wafv2.LookupIpSetArgs{\n\t\t\tName: \"some-ip-set\",\n\t\t\tScope: \"REGIONAL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getIpSet.\n", "properties": { "name": { "type": "string", "description": "The name of the WAFv2 IP Set.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" } }, "type": "object", "required": [ "name", "scope" ] }, "outputs": { "description": "A collection of values returned by getIpSet.\n", "properties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that specify one or more IP addresses or blocks of IP addresses in Classless Inter-Domain Routing (CIDR) notation.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the entity.\n" }, "description": { "type": "string", "description": "The description of the set that helps with identification.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "ipAddressVersion": { "type": "string", "description": "The IP address version of the set.\n" }, "name": { "type": "string" }, "scope": { "type": "string" } }, "type": "object", "required": [ "addresses", "arn", "description", "ipAddressVersion", "name", "scope", "id" ] } }, "aws:wafv2/getRegexPatternSet:getRegexPatternSet": { "description": "Retrieves the summary of a WAFv2 Regex Pattern Set.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.wafv2.getRegexPatternSet({\n name: \"some-regex-pattern-set\",\n scope: \"REGIONAL\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.get_regex_pattern_set(name=\"some-regex-pattern-set\",\n scope=\"REGIONAL\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.WafV2.GetRegexPatternSet.InvokeAsync(new Aws.WafV2.GetRegexPatternSetArgs\n {\n Name = \"some-regex-pattern-set\",\n Scope = \"REGIONAL\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.LookupRegexPatternSet(ctx, \u0026wafv2.LookupRegexPatternSetArgs{\n\t\t\tName: \"some-regex-pattern-set\",\n\t\t\tScope: \"REGIONAL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getRegexPatternSet.\n", "properties": { "name": { "type": "string", "description": "The name of the WAFv2 Regex Pattern Set.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" } }, "type": "object", "required": [ "name", "scope" ] }, "outputs": { "description": "A collection of values returned by getRegexPatternSet.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the entity.\n" }, "description": { "type": "string", "description": "The description of the set that helps with identification.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "regularExpressions": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/getRegexPatternSetRegularExpression:getRegexPatternSetRegularExpression" }, "description": "One or more blocks of regular expression patterns that AWS WAF is searching for. See Regular Expression below for details.\n" }, "scope": { "type": "string" } }, "type": "object", "required": [ "arn", "description", "name", "regularExpressions", "scope", "id" ] } }, "aws:wafv2/getWebAcl:getWebAcl": { "description": "Retrieves the summary of a WAFv2 Web ACL.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.wafv2.getWebAcl({\n name: \"some-web-acl\",\n scope: \"REGIONAL\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.get_web_acl(name=\"some-web-acl\",\n scope=\"REGIONAL\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.WafV2.GetWebAcl.InvokeAsync(new Aws.WafV2.GetWebAclArgs\n {\n Name = \"some-web-acl\",\n Scope = \"REGIONAL\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.GetWebAcl(ctx, \u0026wafv2.GetWebAclArgs{\n\t\t\tName: \"some-web-acl\",\n\t\t\tScope: \"REGIONAL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getWebAcl.\n", "properties": { "name": { "type": "string", "description": "The name of the WAFv2 Web ACL.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" } }, "type": "object", "required": [ "name", "scope" ] }, "outputs": { "description": "A collection of values returned by getWebAcl.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the entity.\n" }, "description": { "type": "string", "description": "The description of the WebACL that helps with identification.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string" }, "scope": { "type": "string" } }, "type": "object", "required": [ "arn", "description", "name", "scope", "id" ] } }, "aws:workspaces/getBundle:getBundle": { "description": "Use this data source to get information about a WorkSpaces Bundle.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = pulumi.output(aws.workspaces.getBundle({\n name: \"Value with Windows 10 and Office 2016\",\n owner: \"AMAZON\",\n}, { async: true }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.workspaces.get_bundle(name=\"Value with Windows 10 and Office 2016\",\n owner=\"AMAZON\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var example = Output.Create(Aws.Workspaces.GetBundle.InvokeAsync(new Aws.Workspaces.GetBundleArgs\n {\n Name = \"Value with Windows 10 and Office 2016\",\n Owner = \"AMAZON\",\n }));\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v2/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\topt0 := \"Value with Windows 10 and Office 2016\"\n\t\topt1 := \"AMAZON\"\n\t\t_, err := workspaces.GetBundle(ctx, \u0026workspaces.GetBundleArgs{\n\t\t\tName: \u0026opt0,\n\t\t\tOwner: \u0026opt1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getBundle.\n", "properties": { "bundleId": { "type": "string", "description": "The ID of the bundle.\n" }, "name": { "type": "string", "description": "The name of the bundle. You cannot combine this parameter with `bundle_id`.\n" }, "owner": { "type": "string", "description": "The owner of the bundles. You have to leave it blank for own bundles. You cannot combine this parameter with `bundle_id`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getBundle.\n", "properties": { "bundleId": { "type": "string", "description": "The ID of the bundle.\n" }, "computeTypes": { "type": "array", "items": { "$ref": "#/types/aws:workspaces/getBundleComputeType:getBundleComputeType" }, "description": "The compute type. See supported fields below.\n" }, "description": { "type": "string", "description": "The description of the bundle.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, "name": { "type": "string", "description": "The name of the compute type.\n" }, "owner": { "type": "string", "description": "The owner of the bundle.\n" }, "rootStorages": { "type": "array", "items": { "$ref": "#/types/aws:workspaces/getBundleRootStorage:getBundleRootStorage" }, "description": "The root volume. See supported fields below.\n" }, "userStorages": { "type": "array", "items": { "$ref": "#/types/aws:workspaces/getBundleUserStorage:getBundleUserStorage" }, "description": "The user storage. See supported fields below.\n" } }, "type": "object", "required": [ "computeTypes", "description", "rootStorages", "userStorages", "id" ] } } }, "language": { "csharp": { "namespaces": { "accessanalyzer": "AccessAnalyzer", "acm": "Acm", "acmpca": "Acmpca", "alb": "Alb", "apigateway": "ApiGateway", "apigatewayv2": "ApiGatewayV2", "appautoscaling": "AppAutoScaling", "applicationloadbalancing": "ApplicationLoadBalancing", "appmesh": "AppMesh", "appsync": "AppSync", "athena": "Athena", "autoscaling": "AutoScaling", "aws": "Aws", "backup": "Backup", "batch": "Batch", "budgets": "Budgets", "cfg": "Cfg", "cloud9": "Cloud9", "cloudformation": "CloudFormation", "cloudfront": "CloudFront", "cloudhsmv2": "CloudHsmV2", "cloudtrail": "CloudTrail", "cloudwatch": "CloudWatch", "codebuild": "CodeBuild", "codecommit": "CodeCommit", "codedeploy": "CodeDeploy", "codepipeline": "CodePipeline", "codestarnotifications": "CodeStarNotifications", "cognito": "Cognito", "cur": "Cur", "datapipeline": "DataPipeline", "datasync": "DataSync", "dax": "Dax", "devicefarm": "DeviceFarm", "directconnect": "DirectConnect", "directoryservice": "DirectoryService", "dlm": "Dlm", "dms": "Dms", "docdb": "DocDB", "dynamodb": "DynamoDB", "ebs": "Ebs", "ec2": "Ec2", "ec2clientvpn": "Ec2ClientVpn", "ec2transitgateway": "Ec2TransitGateway", "ecr": "Ecr", "ecs": "Ecs", "efs": "Efs", "eks": "Eks", "elasticache": "ElastiCache", "elasticbeanstalk": "ElasticBeanstalk", "elasticloadbalancing": "ElasticLoadBalancing", "elasticloadbalancingv2": "ElasticLoadBalancingV2", "elasticsearch": "ElasticSearch", "elastictranscoder": "ElasticTranscoder", "elb": "Elb", "emr": "Emr", "fms": "Fms", "fsx": "Fsx", "gamelift": "GameLift", "glacier": "Glacier", "globalaccelerator": "GlobalAccelerator", "glue": "Glue", "guardduty": "GuardDuty", "iam": "Iam", "index": "index", "inspector": "Inspector", "iot": "Iot", "kinesis": "Kinesis", "kms": "Kms", "lambda": "Lambda", "lb": "LB", "licensemanager": "LicenseManager", "lightsail": "LightSail", "macie": "Macie", "mediaconvert": "MediaConvert", "mediapackage": "MediaPackage", "mediastore": "MediaStore", "mq": "Mq", "msk": "Msk", "neptune": "Neptune", "opsworks": "OpsWorks", "organizations": "Organizations", "outposts": "Outposts", "pinpoint": "Pinpoint", "pricing": "Pricing", "qldb": "Qldb", "quicksight": "Quicksight", "ram": "Ram", "rds": "Rds", "redshift": "RedShift", "resourcegroups": "ResourceGroups", "route53": "Route53", "s3": "S3", "sagemaker": "Sagemaker", "secretsmanager": "SecretsManager", "securityhub": "SecurityHub", "servicecatalog": "ServiceCatalog", "servicediscovery": "ServiceDiscovery", "servicequotas": "ServiceQuotas", "ses": "Ses", "sfn": "Sfn", "shield": "Shield", "simpledb": "SimpleDB", "sns": "Sns", "sqs": "Sqs", "ssm": "Ssm", "storagegateway": "StorageGateway", "swf": "Swf", "transfer": "Transfer", "waf": "Waf", "wafregional": "WafRegional", "wafv2": "WafV2", "worklink": "WorkLink", "workspaces": "Workspaces", "xray": "Xray" }, "packageReferences": { "Pulumi": "2.*", "System.Collections.Immutable": "1.6.0" } }, "nodejs": { "dependencies": { "@pulumi/pulumi": "^2.0.0", "aws-sdk": "^2.0.0", "builtin-modules": "3.0.0", "mime": "^2.0.0", "read-package-tree": "^5.2.1", "resolve": "^1.7.1" }, "devDependencies": { "@types/mime": "^2.0.0", "@types/node": "^8.0.0" }, "disableUnionOutputTypes": true, "packageDescription": "A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.", "packageName": "", "readme": "\u003e This provider is a derived work of the [Terraform Provider](https://github.com/terraform-providers/terraform-provider-aws)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi/pulumi-aws` repo](https://github.com/pulumi/pulumi-aws/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-providers/terraform-provider-aws` repo](https://github.com/terraform-providers/terraform-provider-aws/issues).", "typescriptVersion": "" }, "python": { "readme": "\u003e This provider is a derived work of the [Terraform Provider](https://github.com/terraform-providers/terraform-provider-aws)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi/pulumi-aws` repo](https://github.com/pulumi/pulumi-aws/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-providers/terraform-provider-aws` repo](https://github.com/terraform-providers/terraform-provider-aws/issues).", "requires": { "pulumi": "\u003e=2.0.0,\u003c3.0.0" }, "usesIOClasses": true } } }